Bug 705681: Enclose code in begin/end operation.

Previously the contents of pdf_set_annot_appearance()
is enclosed in begin/end annotation operation calls, while
pdf_set_annot_appearance_from_display_list() does not.

This causes a problem when a user tries to set an annotation
appearance using a display list that causes a new external
graphics state PDF object to be created in pdf_dev_alpha().

When pdf_add_object() is called without being bracketed by
begin/end operation which it continues to call
pdf_create_object() which ends up calling
pdf_add_journal_fragment(). This function will segfault because
it assumes doc->journal->current being non-NULL, which is not
true unless the call is enclosed by begin/end operation.

This commit fixes the issue by adding calls to being_annot_op()
and end_annot_op() to the top-level function
pdf_set_annot_appearance_from_display_list().

diff --git a/source/pdf/pdf-annot.c b/source/pdf/pdf-annot.c
index e9ab1233edb3ac0a61c7576fb50caabb09956de0..349443e9228ba69deadee012de967ff6414d7381 100644 (file)
--- a/source/pdf/pdf-annot.c
+++ b/source/pdf/pdf-annot.c
@@ -2806,6 +2806,8 @@ pdf_set_annot_appearance_from_display_list(fz_context *ctx, pdf_annot *annot, co
        fz_var(contents);
        fz_var(res);
 
+       begin_annot_op(ctx, annot, "Set appearance stream");
+
        fz_try(ctx)
        {
                res = pdf_new_dict(ctx, doc, 1);
@@ -2823,6 +2825,7 @@ pdf_set_annot_appearance_from_display_list(fz_context *ctx, pdf_annot *annot, co
                fz_drop_device(ctx, dev);
                fz_drop_buffer(ctx, contents);
                pdf_drop_obj(ctx, res);
+               end_annot_op(ctx, annot);
        }
        fz_catch(ctx)
                fz_rethrow(ctx);