skia: Add runtime option to disable picture IO security precautions

src/core/SkPicture.cpp

Index: src/core/SkPicture.cpp
diff --git a/src/core/SkPicture.cpp b/src/core/SkPicture.cpp
index 6c1f6cb759ee5f9338877e2bf3ea5bb37dc03ae8..c0bc19ffd5289f9c653c3db8148f2d2eac9c801e 100644
--- a/src/core/SkPicture.cpp
+++ b/src/core/SkPicture.cpp
@@ -13,6 +13,15 @@
 #include "SkPictureRecord.h"
 #include "SkPictureRecorder.h"
 
+namespace {
+#if defined(SK_DISALLOW_CROSSPROCESS_PICTUREIMAGEFILTERS) || \
+    defined(SK_ENABLE_PICTURE_IO_SECURITY_PRECAUTIONS)
+bool gAllPictureIOSecurityPrecautionsEnabled = true;

[mtklein, 2015/06/16 15:57:49]

Skia tends to use static where possible instead of namespace {} and name them
g_like_this, so

static bool g_all_picture_io_security_precautions_enabled

[hendrikw, 2015/06/16 16:09:37]

Done.

+#else
+bool gAllPictureIOSecurityPrecautionsEnabled = false;
+#endif
+}  // namespac
+
 DECLARE_SKMESSAGEBUS_MESSAGE(SkPicture::DeletionMessage);
 
 /* SkPicture impl.  This handles generic responsibilities like unique IDs and serialization. */
@@ -196,3 +205,12 @@ bool SkPicture::suitableForGpuRasterization(GrContext*, const char** whyNot) con
     }
     return true;
 }
+
+// Global setting to disable security precautions for serialization.
+void SkPicture::setPictureIOSecurityPrecautionsEnabled_Dangerous(bool set) {
+    gAllPictureIOSecurityPrecautionsEnabled = set;
+}
+
+bool SkPicture::pictureIOSecurityPrecautionsEnabled() {
+    return gAllPictureIOSecurityPrecautionsEnabled;
+}