abort really big path fuzzing

This adds a couple of special cases
to stop the fuzzer from timing out.

The first occurs when the fuzzer generates
a very large path with very large quads.
Count the subdivisions and stop after a while.

The second occurs with a normal path and
1D path effect with a very small advance.
Count the points and stop after a while.

R=reed@google.com,bsalomon@google.com,kjlubick@google.com
Bug: oss-fuzz:8349,oss-fuzz:8805
Change-Id: I86130e3f512f48e5a39335412435eabc245ed193
Reviewed-on: https://skia-review.googlesource.com/135709
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Mike Reed <reed@google.com>
Commit-Queue: Mike Reed <reed@google.com>
Auto-Submit: Cary Clark <caryclark@skia.org>

1 files changed, 3 insertions, 1 deletions

diff --git a/include/core/SkPathMeasure.h b/include/core/SkPathMeasure.h
index 287c292aeb..e506c42298 100644
--- a/include/core/SkPathMeasure.h
+++ b/include/core/SkPathMeasure.h
@@ -90,7 +90,9 @@ private:
     unsigned        fFirstPtIndex;      // relative to the current contour
     bool            fIsClosed;          // relative to the current contour
     bool            fForceClosed;
-
+#if defined(IS_FUZZING_WITH_LIBFUZZER)
+    int             fSubdivisionsMax;
+#endif
     struct Segment {
         SkScalar    fDistance;  // total distance up to this point
         unsigned    fPtIndex; // index into the fPts array