Issue 255693003: Fixed issue found by clusterfuzz

Issue 255693003: Fixed issue found by clusterfuzz (Closed)

Created:
6 years, 7 months ago by sugoi1

Modified:
6 years, 7 months ago

Reviewers:
borenet, Stephen White, senorblanco, reed1

CC:
skia-review_googlegroups.com

Base URL:
https://skia.googlesource.com/skia.git@master

Visibility:
Public.

More Reviews

Description

Fixed issue found by clusterfuzz An integer overflow was causing an issue when reading a string with a very large (or negative) size. BUG=367764 Committed: http://code.google.com/p/skia/source/detail?r=14434

Patch Set 1 #

Total comments: 2

Patch Set 2 : Fixed SkReader32::isAvailable #

Total comments: 6

Patch Set 3 : Fixed nit #

Created: 6 years, 7 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+40 lines, -6 lines)			Patch
M	include/core/SkReader32.h	View	1 2	1 chunk	+1 line, -1 line	0 comments	Download
M	src/core/SkValidatingReadBuffer.cpp	View	1	1 chunk	+1 line, -1 line	0 comments	Download
M	src/core/SkWriter32.cpp	View	1	1 chunk	+1 line, -1 line	0 comments	Download
M	tests/SerializationTest.cpp	View		5 chunks	+37 lines, -3 lines	0 comments	Download

Messages

Total messages: 14 (0 generated)

Expand Messages | Collapse Messages

Stephen White

https://codereview.chromium.org/255693003/diff/1/src/core/SkValidatingReadBuffer.cpp File src/core/SkValidatingReadBuffer.cpp (right): https://codereview.chromium.org/255693003/diff/1/src/core/SkValidatingReadBuffer.cpp#newcode94 src/core/SkValidatingReadBuffer.cpp:94: const int32_t len32 = this->readInt(); I think we should ...

6 years, 7 months ago (2014-04-28 19:48:32 UTC) #2

sugoi1

6 years, 7 months ago (2014-04-28 20:15:20 UTC) #3

reed1

https://codereview.chromium.org/255693003/diff/20001/include/core/SkReader32.h File include/core/SkReader32.h (right): https://codereview.chromium.org/255693003/diff/20001/include/core/SkReader32.h#newcode43 include/core/SkReader32.h:43: bool isAvailable(size_t size) const { return size <= available(); ...

6 years, 7 months ago (2014-04-28 20:18:02 UTC) #4

sugoi1

6 years, 7 months ago (2014-04-28 20:25:05 UTC) #5

reed1

Lets make the both readU32() now, or file a bug so we don't forget. This ...

6 years, 7 months ago (2014-04-28 20:49:52 UTC) #7

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://skia-tree-status.appspot.com/cq/sugoi@chromium.org/255693003/40001

6 years, 7 months ago (2014-04-29 14:17:28 UTC) #10

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://skia-tree-status.appspot.com/cq/sugoi@chromium.org/255693003/40001

6 years, 7 months ago (2014-04-29 15:29:09 UTC) #13

Message was sent while issue was closed.

Change committed as 14434

Expand Messages | Collapse Messages