src/core/SkMallocPixelRef.cpp - Issue 107003006: Fixing crash found by fuzzer

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: src/core/SkMallocPixelRef.cpp

Issue 107003006: Fixing crash found by fuzzer (Closed) Base URL: https://skia.googlesource.com/skia.git@master

Patch Set: Created 7 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * Copyright 2011 Google Inc.	2 * Copyright 2011 Google Inc.

3 *	3 *

4 * Use of this source code is governed by a BSD-style license that can be	4 * Use of this source code is governed by a BSD-style license that can be

5 * found in the LICENSE file.	5 * found in the LICENSE file.

6 */	6 */

7	7

8 #include "SkMallocPixelRef.h"	8 #include "SkMallocPixelRef.h"

9 #include "SkBitmap.h"	9 #include "SkBitmap.h"

10 #include "SkFlattenableBuffers.h"	10 #include "SkFlattenableBuffers.h"

(...skipping 124 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
135 if (fCTable) {	135 if (fCTable) {

136 fCTable->writeToBuffer(buffer);	136 fCTable->writeToBuffer(buffer);

137 }	137 }

138 }	138 }

139	139

140 SkMallocPixelRef::SkMallocPixelRef(SkFlattenableReadBuffer& buffer)	140 SkMallocPixelRef::SkMallocPixelRef(SkFlattenableReadBuffer& buffer)

141 : INHERITED(buffer, NULL)	141 : INHERITED(buffer, NULL)

142 , fOwnPixels(true)	142 , fOwnPixels(true)

143 {	143 {

144 fRB = buffer.read32();	144 fRB = buffer.read32();

145 size_t size = this->info().getSafeSize(fRB);	145 size_t size = buffer.isValid() ? this->info().getSafeSize(fRB) : 0;

146 if (buffer.validateAvailable(size)) {	146 if (buffer.validateAvailable(size)) {

147 fStorage = sk_malloc_throw(size);	147 fStorage = sk_malloc_throw(size);

148 buffer.readByteArray(fStorage, size);	148 buffer.readByteArray(fStorage, size);

149 } else {	149 } else {

150 fStorage = NULL;	150 fStorage = NULL;

151 }	151 }

152	152

153 if (buffer.readBool()) {	153 if (buffer.readBool()) {

154 fCTable = SkNEW_ARGS(SkColorTable, (buffer));	154 fCTable = SkNEW_ARGS(SkColorTable, (buffer));

155 } else {	155 } else {

156 fCTable = NULL;	156 fCTable = NULL;

157 }	157 }

158	158

159 this->setPreLocked(fStorage, fCTable);	159 this->setPreLocked(fStorage, fCTable);

160 }	160 }

OLD	NEW

« no previous file with comments | « no previous file | no next file » | no next file with comments »