Fix image decoder memory overwrite bug.

Fix image decoder memory overwrite bug.

In SkPNGImageDecoder::onDecodeSubset, use png_read_rows to write to
the scratch memory provided. This is what we should have been doing
anyway. Further, writing directly to the bitmap can cause writing
to the wrong memory since the bitmap may not be as big as the
scratch memory in the case of sampling with a short bitmap.

Bug=b/13921093

Committed: https://skia.googlesource.com/skia/+/fc7063b3a50f4cf0801301f7b7b7b119f6b41cf8

[djsollen, 2014-07-25 16:10:06]

lgtm pending the trybots producing the results we expect.

[scroggo, 2014-07-25 17:09:09]

On 2014/07/25 16:10:06, djsollen wrote:
> lgtm pending the trybots producing the results we expect.

FWIW, I expect that the trybots might fail, but the new images should actually
be more correct.

[scroggo, 2014-07-25 20:41:42]

On 2014/07/25 17:09:09, scroggo wrote:
> On 2014/07/25 16:10:06, djsollen wrote:
> > lgtm pending the trybots producing the results we expect.
> 
> FWIW, I expect that the trybots might fail, but the new images should actually
> be more correct.

All the failures appear to be in render PDFs, which do not call decodeSubset
(which is the only function this CL modifies).

[scroggo, 2014-07-25 20:41:48]

The CQ bit was checked by scroggo@google.com

[commit-bot: I haz the power, 2014-07-25 20:42:24]

CQ is trying da patch. Follow status at
 https://skia-tree-status.appspot.com/cq/scroggo@google.com/423473003/1

[commit-bot: I haz the power, 2014-07-25 20:54:53]

Change committed as fc7063b3a50f4cf0801301f7b7b7b119f6b41cf8