Checking structure sizes before reading them from memory to avoid overflowing the buffer's stream.

src/core/SkBuffer.cpp

 
 /*
  * Copyright 2006 The Android Open Source Project
  *
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  */
 
 
 #include "SkBuffer.h"
@@ skipping 16 matching lines @@
 }
 
 size_t SkRBuffer::skipToAlign4()
 {
     size_t pos = this->pos();
     size_t n = SkAlign4(pos) - pos;
     fPos += n;
     return n;
 }
 
+void SkRBufferWithSizeCheck::read(void* buffer, size_t size) {
+    fError = fError || (fPos + size > fStop);
+    if (!fError && (size > 0)) {
+        readNoSizeCheck(buffer, size);
+    }
+}
+
 void* SkWBuffer::skip(size_t size)
 {
     void* result = fPos;
     writeNoSizeCheck(NULL, size);
     return fData == NULL ? NULL : result;
 }
 
 void SkWBuffer::writeNoSizeCheck(const void* buffer, size_t size)
 {
     SkASSERT(fData == 0 || fStop == 0 || fPos + size <= fStop);
@@ skipping 73 matching lines @@
 
 const void* sk_buffer_read_ptr(const void* buffer, void** ptr)
 {
     AssertBuffer32(buffer);
     if (ptr)
         *ptr = *(void**)buffer;
     return (const char*)buffer + sizeof(void*);
 }
 
 #endif