Add ObservedPtr to catch Widget being killed by JS Another case of a call causing JS to run, which can remove a widget that is called later. BUG=chromium:771979 Change-Id: I5f25a38097662b70cfb777f76f0e3d50e7c11b1b Reviewed-on: https://pdfium-review.googlesource.com/15610 Commit-Queue: Ryan Harrison <rharrison@chromium.org> Reviewed-by: Henrique Nakashima <hnakashima@chromium.org>

commit: 569817cfffe7410765c97c6deebef3a795bac0f6 [log] [tgz]
author: Ryan Harrison <rharrison@chromium.org> Thu Oct 05 14:14:03 2017 -0400
committer: Chromium commit bot <commit-bot@chromium.org> Thu Oct 05 18:41:55 2017 +0000
tree: 1883255ec29b390a35d91b5ee4dc3b087fa06bc2
parent: 1a45ce380ec6776ac100017c68a4b8643983d2db [diff]
diff --git a/fpdfsdk/javascript/Field.cpp b/fpdfsdk/javascript/Field.cpp
index a89df16..da0e60c 100644
--- a/fpdfsdk/javascript/Field.cpp
+++ b/fpdfsdk/javascript/Field.cpp

@@ -324,16 +324,21 @@
   CPDFSDK_Widget* pWidget = pForm->GetWidget(pFormControl);
 
   if (pWidget) {
+    CPDFSDK_Widget::ObservedPtr observed_widget(pWidget);
     if (bResetAP) {
       int nFieldType = pWidget->GetFieldType();
       if (nFieldType == FIELDTYPE_COMBOBOX ||
           nFieldType == FIELDTYPE_TEXTFIELD) {
         bool bFormatted = false;
         WideString sValue = pWidget->OnFormat(bFormatted);
+        if (!observed_widget)
+          return;
         pWidget->ResetAppearance(bFormatted ? &sValue : nullptr, false);
       } else {
         pWidget->ResetAppearance(nullptr, false);
       }
+      if (!observed_widget)
+        return;
     }
 
     if (bRefresh) {
commit	569817cfffe7410765c97c6deebef3a795bac0f6	[log] [tgz]
author	Ryan Harrison <rharrison@chromium.org>	Thu Oct 05 14:14:03 2017 -0400
committer	Chromium commit bot <commit-bot@chromium.org>	Thu Oct 05 18:41:55 2017 +0000
tree	1883255ec29b390a35d91b5ee4dc3b087fa06bc2
parent	1a45ce380ec6776ac100017c68a4b8643983d2db [diff]