Fix leaks due to created popup annotations
When we create popup annotations, we also create the dictionary
associated with it. For regular annotations, the dictionary
associated with an annotation is not owned by annotation,
and will be released separately. But our created dictionary is not
associated with any other data structure, it would be leaked if not
released by the associated annotation.
Add a boolean to indicate the ownership to the dictionary, and release
the owned dictionary during the destruction of an annotation.
BUG=pdfium:242
Review-Url: https://codereview.chromium.org/2301613002
diff --git a/core/fpdfdoc/cpdf_annot.cpp b/core/fpdfdoc/cpdf_annot.cpp
index 6525ff6..942d334 100644
--- a/core/fpdfdoc/cpdf_annot.cpp
+++ b/core/fpdfdoc/cpdf_annot.cpp
@@ -18,8 +18,11 @@
#include "core/fxge/include/cfx_pathdata.h"
#include "core/fxge/include/cfx_renderdevice.h"
-CPDF_Annot::CPDF_Annot(CPDF_Dictionary* pDict, CPDF_Document* pDocument)
- : m_pAnnotDict(pDict),
+CPDF_Annot::CPDF_Annot(CPDF_Dictionary* pDict,
+ CPDF_Document* pDocument,
+ bool bToOwnDict)
+ : m_bOwnedAnnotDict(bToOwnDict),
+ m_pAnnotDict(pDict),
m_pDocument(pDocument),
m_bOpenState(false),
m_pPopupAnnot(nullptr) {
@@ -28,6 +31,8 @@
}
CPDF_Annot::~CPDF_Annot() {
+ if (m_bOwnedAnnotDict)
+ m_pAnnotDict->Release();
ClearCachedAP();
}
diff --git a/core/fpdfdoc/cpdf_annotlist.cpp b/core/fpdfdoc/cpdf_annotlist.cpp
index 61122ed..6319781 100644
--- a/core/fpdfdoc/cpdf_annotlist.cpp
+++ b/core/fpdfdoc/cpdf_annotlist.cpp
@@ -43,7 +43,7 @@
pAnnotDict->SetAtInteger("F", 0);
std::unique_ptr<CPDF_Annot> pPopupAnnot(
- new CPDF_Annot(pAnnotDict, pDocument));
+ new CPDF_Annot(pAnnotDict, pDocument, true));
pAnnot->SetPopupAnnot(pPopupAnnot.get());
return pPopupAnnot;
}
@@ -83,7 +83,7 @@
continue;
m_AnnotList.push_back(
- std::unique_ptr<CPDF_Annot>(new CPDF_Annot(pDict, m_pDocument)));
+ std::unique_ptr<CPDF_Annot>(new CPDF_Annot(pDict, m_pDocument, false)));
if (bRegenerateAP && pDict->GetStringBy("Subtype") == "Widget" &&
CPDF_InterForm::IsUpdateAPEnabled()) {
FPDF_GenerateAP(m_pDocument, pDict);
diff --git a/core/fpdfdoc/include/cpdf_annot.h b/core/fpdfdoc/include/cpdf_annot.h
index 82b3d3c..eb9f02a 100644
--- a/core/fpdfdoc/include/cpdf_annot.h
+++ b/core/fpdfdoc/include/cpdf_annot.h
@@ -72,7 +72,7 @@
const CFX_ByteString& sSubtype);
static CFX_ByteString AnnotSubtypeToString(CPDF_Annot::Subtype nSubtype);
- CPDF_Annot(CPDF_Dictionary* pDict, CPDF_Document* pDocument);
+ CPDF_Annot(CPDF_Dictionary* pDict, CPDF_Document* pDocument, bool bToOwnDict);
~CPDF_Annot();
CPDF_Annot::Subtype GetSubtype() const;
@@ -101,7 +101,11 @@
private:
void GenerateAPIfNeeded();
- CPDF_Dictionary* const m_pAnnotDict;
+ // For regular annotations, |m_pAnnotDict| is not owned. For
+ // our artificially created popup annotations, |m_pAnnotDict|
+ // is owned by this class.
+ bool m_bOwnedAnnotDict;
+ CPDF_Dictionary* m_pAnnotDict;
CPDF_Document* const m_pDocument;
CPDF_Annot::Subtype m_nSubtype;
std::map<CPDF_Stream*, std::unique_ptr<CPDF_Form>> m_APMap;
