diff options
author | commit-bot@chromium.org <commit-bot@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81> | 2013-12-17 20:49:46 +0000 |
---|---|---|
committer | commit-bot@chromium.org <commit-bot@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81> | 2013-12-17 20:49:46 +0000 |
commit | ef74fa189b738e13295d6a96f86a6e10223505a8 (patch) | |
tree | 3434cb996555b725b71a520a93c8781923bc04ec /samplecode | |
parent | 7d0b6131918c1b8d458a95f6b5e79f92f958b78f (diff) |
Fixed more fuzzer issues
- Added the "isAvailable" function to check how much bytes are remaining in the stream before doing potentially large mallocs. That way, we can signal a bad stream instead of crashing.
- Added data validation in SkImageInfo.cpp
- Added NULL pointer check in displacement
- Modified the fuzzer for randomized bitmap types
BUG=328934,329254
R=senorblanco@google.com, senorblanco@chromium.org, reed@google.com, sugoi@google.com
Author: sugoi@chromium.org
Review URL: https://codereview.chromium.org/116773002
git-svn-id: http://skia.googlecode.com/svn/trunk@12723 2bbb7eff-a529-9590-31e7-b0007b416f81
Diffstat (limited to 'samplecode')
-rw-r--r-- | samplecode/SampleFilterFuzz.cpp | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/samplecode/SampleFilterFuzz.cpp b/samplecode/SampleFilterFuzz.cpp index 06e14f0e7d..8fa147aca4 100644 --- a/samplecode/SampleFilterFuzz.cpp +++ b/samplecode/SampleFilterFuzz.cpp @@ -111,8 +111,10 @@ static SkDisplacementMapEffect::ChannelSelectorType make_channel_selector_type() } static void make_g_bitmap(SkBitmap& bitmap) { - bitmap.setConfig(SkBitmap::kARGB_8888_Config, kBitmapSize, kBitmapSize); - bitmap.allocPixels(); + bitmap.setConfig((SkBitmap::Config)R(SkBitmap::kConfigCount), kBitmapSize, kBitmapSize); + while (!bitmap.allocPixels()) { + bitmap.setConfig((SkBitmap::Config)R(SkBitmap::kConfigCount), kBitmapSize, kBitmapSize); + } SkBitmapDevice device(bitmap); SkCanvas canvas(&device); canvas.clear(0x00000000); @@ -126,8 +128,10 @@ static void make_g_bitmap(SkBitmap& bitmap) { } static void make_checkerboard_bitmap(SkBitmap& bitmap) { - bitmap.setConfig(SkBitmap::kARGB_8888_Config, kBitmapSize, kBitmapSize); - bitmap.allocPixels(); + bitmap.setConfig((SkBitmap::Config)R(SkBitmap::kConfigCount), kBitmapSize, kBitmapSize); + while (!bitmap.allocPixels()) { + bitmap.setConfig((SkBitmap::Config)R(SkBitmap::kConfigCount), kBitmapSize, kBitmapSize); + } SkBitmapDevice device(bitmap); SkCanvas canvas(&device); canvas.clear(0x00000000); @@ -312,18 +316,24 @@ static void drawClippedBitmap(SkCanvas* canvas, int x, int y, const SkPaint& pai } static void do_fuzz(SkCanvas* canvas) { + SkImageFilter* filter = make_serialized_image_filter(); + #ifdef SK_FUZZER_IS_VERBOSE - static uint32_t filterId = 0; - if (0 == filterId) { + static uint32_t numFilters = 0; + static uint32_t numValidFilters = 0; + if (0 == numFilters) { printf("Fuzzing with %u\n", kSeed); } - printf("Filter no %u\r", filterId); + numFilters++; + if (NULL != filter) { + numValidFilters++; + } + printf("Filter no : %u. Valid filters so far : %u\r", numFilters, numValidFilters); fflush(stdout); - filterId++; #endif SkPaint paint; - SkSafeUnref(paint.setImageFilter(make_serialized_image_filter())); + SkSafeUnref(paint.setImageFilter(filter)); drawClippedBitmap(canvas, 0, 0, paint); } |