Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(181)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/effects/SkTableColorFilter.cpp

Issue 116773002: Fixed more fuzzer issues (Closed) Base URL: https://skia.googlesource.com/skia.git@master
Patch Set: Changed isAvailable for validateAvailable Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« src/effects/SkDisplacementMapEffect.cpp ('K') | « src/effects/SkMergeImageFilter.cpp ('k') | src/effects/gradients/SkGradientShader.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/effects/SkTableColorFilter.cpp
diff --git a/src/effects/SkTableColorFilter.cpp b/src/effects/SkTableColorFilter.cpp
index e15baf69284334681925bce517e71c25abfcc3de..203f0583642c6cd7f2ad4d67599a6870d5da8694 100644
--- a/src/effects/SkTableColorFilter.cpp
+++ b/src/effects/SkTableColorFilter.cpp
@@ -189,6 +189,7 @@ SkTable_ColorFilter::SkTable_ColorFilter(SkFlattenableReadBuffer& buffer) : INHE
size_t size = buffer.getArrayCount();
SkASSERT(size <= sizeof(storage));
+ buffer.validate(size <= sizeof(storage));
buffer.readByteArray(storage, size);
SkDEBUGCODE(size_t raw = ) SkPackBits::Unpack8(storage, size, fStorage);
« src/effects/SkDisplacementMapEffect.cpp ('K') | « src/effects/SkMergeImageFilter.cpp ('k') | src/effects/gradients/SkGradientShader.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698