Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1638)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1893423002: Fix ImageFilter fuzzer issue (Closed)

Created:
4 years, 8 months ago by robertphillips
Modified:
4 years, 8 months ago
Reviewers:
msarett, reed1
CC:
reviews_skia.org, kjlubick
Base URL:
https://skia.googlesource.com/skia.git@master
Target Ref:
refs/heads/master
Project:
skia
Visibility:
Public.

Description

Fix ImageFilter fuzzer issue What appears to be happening in this fuzz is that a paint index inside the picture of an SkPictureImageFilter is getting changed to be out of range. BUG=skia:5192 GOLD_TRYBOT_URL= https://gold.skia.org/search2?unt=true&query=source_type%3Dgm&master=false&issue=1893423002 Committed: https://skia.googlesource.com/skia/+/9ca06c4b00bfb9bb1a7f352efd264185e5a95fbc

Patch Set 1 #

Patch Set 2 : Fix ImageFilter fuzzer issue #

Patch Set 3 : Switch SkReader32 to SkReadBuffer #

Patch Set 4 : Switch SkReader32 to SkReadBuffer #

Total comments: 8

Patch Set 5 : Address code review comments #

Total comments: 4

Patch Set 6 : make setOffset virtual #

Patch Set 7 : Remove setOffset #

Unified diffs Side-by-side diffs Delta from patch set Stats (+103 lines, -62 lines) Patch
M src/core/SkPictureData.h View 1 2 3 4 2 chunks +19 lines, -21 lines 0 comments Download
M src/core/SkPicturePlayback.h View 1 2 1 chunk +2 lines, -2 lines 0 comments Download
M src/core/SkPicturePlayback.cpp View 1 2 3 4 5 6 17 chunks +64 lines, -38 lines 0 comments Download
M src/core/SkReadBuffer.h View 1 2 3 4 5 6 3 chunks +6 lines, -1 line 0 comments Download
M src/core/SkReadBuffer.cpp View 1 2 1 chunk +4 lines, -0 lines 0 comments Download
M src/core/SkValidatingReadBuffer.h View 1 2 3 4 6 1 chunk +1 line, -0 lines 0 comments Download
M src/core/SkValidatingReadBuffer.cpp View 1 2 6 1 chunk +7 lines, -0 lines 0 comments Download

Messages

Total messages: 27 (10 generated)
robertphillips
4 years, 8 months ago (2016-04-18 17:00:05 UTC) #4
commit-bot: I haz the power
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1893423002/20001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1893423002/20001
4 years, 8 months ago (2016-04-18 17:00:24 UTC) #6
commit-bot: I haz the power
Dry run: This issue passed the CQ dry run.
4 years, 8 months ago (2016-04-18 17:10:24 UTC) #8
reed1
Wonder if we should change the param type to readbuffer, and also mark the buffer ...
4 years, 8 months ago (2016-04-18 17:53:49 UTC) #9
robertphillips
PTAL, here is what a SkReadBuffer approach would look like
4 years, 8 months ago (2016-04-18 22:46:27 UTC) #10
reed1
https://codereview.chromium.org/1893423002/diff/60001/src/core/SkPictureData.h File src/core/SkPictureData.h (right): https://codereview.chromium.org/1893423002/diff/60001/src/core/SkPictureData.h#newcode92 src/core/SkPictureData.h:92: if (index < 0 || index >= fBitmaps.count()) { ...
4 years, 8 months ago (2016-04-19 12:54:11 UTC) #11
robertphillips
https://codereview.chromium.org/1893423002/diff/60001/src/core/SkPictureData.h File src/core/SkPictureData.h (right): https://codereview.chromium.org/1893423002/diff/60001/src/core/SkPictureData.h#newcode92 src/core/SkPictureData.h:92: if (index < 0 || index >= fBitmaps.count()) { ...
4 years, 8 months ago (2016-04-19 14:34:42 UTC) #12
robertphillips
ping
4 years, 8 months ago (2016-04-20 11:39:23 UTC) #13
reed1
+matt who is also tweaking buffers for flattenables https://codereview.chromium.org/1893423002/diff/80001/src/core/SkPicturePlayback.cpp File src/core/SkPicturePlayback.cpp (right): https://codereview.chromium.org/1893423002/diff/80001/src/core/SkPicturePlayback.cpp#newcode148 src/core/SkPicturePlayback.cpp:148: reader->readRect(&rect); ...
4 years, 8 months ago (2016-04-20 13:26:38 UTC) #15
robertphillips
https://codereview.chromium.org/1893423002/diff/80001/src/core/SkPicturePlayback.cpp File src/core/SkPicturePlayback.cpp (right): https://codereview.chromium.org/1893423002/diff/80001/src/core/SkPicturePlayback.cpp#newcode148 src/core/SkPicturePlayback.cpp:148: reader->readRect(&rect); On 2016/04/20 13:26:37, reed1 wrote: > I presume ...
4 years, 8 months ago (2016-04-20 17:09:40 UTC) #16
robertphillips
PTAL - now w/o setOffset
4 years, 8 months ago (2016-04-20 18:03:49 UTC) #17
reed1
lgtm matt, do you see any conflicts etc. w.r.t. your CL on flattenables?
4 years, 8 months ago (2016-04-20 18:15:29 UTC) #18
msarett
Looks fine to me lgtm
4 years, 8 months ago (2016-04-20 18:16:35 UTC) #19
commit-bot: I haz the power
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1893423002/120001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1893423002/120001
4 years, 8 months ago (2016-04-20 18:32:13 UTC) #21
commit-bot: I haz the power
Dry run: This issue passed the CQ dry run.
4 years, 8 months ago (2016-04-20 18:41:52 UTC) #23
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1893423002/120001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1893423002/120001
4 years, 8 months ago (2016-04-20 18:42:41 UTC) #25
commit-bot: I haz the power
4 years, 8 months ago (2016-04-20 18:43:36 UTC) #27
Message was sent while issue was closed. 
Committed patchset #7 (id:120001) as
https://skia.googlesource.com/skia/+/9ca06c4b00bfb9bb1a7f352efd264185e5a95fbc

Powered by Google App Engine
This is Rietveld 408576698