Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / pdfium / 0704e9b8772e89290fa262a044ea0f6db4a58641^! / .
commit0704e9b8772e89290fa262a044ea0f6db4a58641[log] [tgz]
authorTom Sepez <tsepez@chromium.org>Tue May 30 10:11:49 2017 -0700
committerChromium commit bot <commit-bot@chromium.org>Tue May 30 17:24:59 2017 +0000
tree9c7d6926b41ff9a6cd57b2ba68e6545df6090f7c
parent9a505796f3fe8c1d0cbc3f7e4e7db41fc1fde137 [diff]
Release unowned m_pTiffContext before deleting through it

Workaround for murky ownership. Note the member will now get cleared
as a consequence of Release()

Bug: 726887
Change-Id: I3eac3d1aa915497f66a57c5effa892a15d10f583
Reviewed-on: https://pdfium-review.googlesource.com/6079
Reviewed-by: dsinclair <dsinclair@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>

diff --git a/core/fxcodec/codec/ccodec_progressivedecoder.h b/core/fxcodec/codec/ccodec_progressivedecoder.h
index 6dd7357..42d0ee3 100644
--- a/core/fxcodec/codec/ccodec_progressivedecoder.h
+++ b/core/fxcodec/codec/ccodec_progressivedecoder.h

@@ -129,6 +129,8 @@
 
   CFX_RetainPtr<IFX_SeekableReadStream> m_pFile;
   CFX_UnownedPtr<CCodec_ModuleMgr> m_pCodecMgr;
+
+  // TODO(tsepez): All these contexts probably should be unique_ptrs.
   FXJPEG_Context* m_pJpegContext;
   FXPNG_Context* m_pPngContext;
   std::unique_ptr<CGifContext> m_pGifContext;

diff --git a/core/fxcodec/codec/fx_codec_progress.cpp b/core/fxcodec/codec/fx_codec_progress.cpp
index 209a973..dba0e20 100644
--- a/core/fxcodec/codec/fx_codec_progress.cpp
+++ b/core/fxcodec/codec/fx_codec_progress.cpp

@@ -302,7 +302,7 @@
   if (m_pPngContext)
     m_pCodecMgr->GetPngModule()->Finish(m_pPngContext);
   if (m_pTiffContext)
-    m_pCodecMgr->GetTiffModule()->DestroyDecoder(m_pTiffContext.Get());
+    m_pCodecMgr->GetTiffModule()->DestroyDecoder(m_pTiffContext.Release());
   FX_Free(m_pSrcBuf);
   FX_Free(m_pDecodeBuf);
   FX_Free(m_pSrcPalette);
@@ -1219,8 +1219,7 @@
       m_SrcComponents = 4;
       m_clipBox = FX_RECT(0, 0, m_SrcWidth, m_SrcHeight);
       if (!ret) {
-        pTiffModule->DestroyDecoder(m_pTiffContext.Get());
-        m_pTiffContext = nullptr;
+        pTiffModule->DestroyDecoder(m_pTiffContext.Release());
         m_status = FXCODEC_STATUS_ERR_FORMAT;
         return false;
       }