Set a limit on the size for BMP images

This limit matches the limit used by Chromium. I am not aware of any real world BMPs that are larger than this (or even close to it), but there are some invalid BMPs that are larger than this, leading to crashes when we try to read a row. BUG:34778578 BUG=skia:3617 Change-Id: I0f662e8d0d7bc0b084e86d0c9288b831e1b296d7 Reviewed-on: https://skia-review.googlesource.com/8966 Reviewed-by: Matt Sarett <msarett@google.com> Commit-Queue: Leon Scroggins <scroggo@google.com>
author: Leon Scroggins III <scroggo@google.com> 2017-02-24 15:33:24 -0500
committer: Skia Commit-Bot <skia-commit-bot@chromium.org> 2017-02-24 21:25:44 +0000
commit: 0354c62e0bb89607a29ce2150e77e3308a795cc4 (patch)
tree: d2a93f2b6e6a6db51422ae1b69d5661bc4a0573a /src/codec/SkBmpCodec.cpp
parent: c5eabe7d22834189c77fe95ebaf72fed0ef2bb8e (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/src/codec/SkBmpCodec.cpp b/src/codec/SkBmpCodec.cpp
index cd46a5495c..354bee6f74 100644
--- a/src/codec/SkBmpCodec.cpp
+++ b/src/codec/SkBmpCodec.cpp
@@ -280,9 +280,10 @@ bool SkBmpCodec::ReadHeader(SkStream* stream, bool inIco, SkCodec** codecOut) {
     if (inIco) {
         height /= 2;
     }
-    if (width <= 0 || height <= 0) {
-        // TODO: Decide if we want to disable really large bmps as well.
-        // https://code.google.com/p/skia/issues/detail?id=3617
+
+    // Arbitrary maximum. Matches Chromium.
+    constexpr int kMaxDim = 1 << 16;
+    if (width <= 0 || height <= 0 || width >= kMaxDim || height >= kMaxDim) {
         SkCodecPrintf("Error: invalid bitmap dimensions.\n");
         return false;
     }
author	Leon Scroggins III <scroggo@google.com>	2017-02-24 15:33:24 -0500
committer	Skia Commit-Bot <skia-commit-bot@chromium.org>	2017-02-24 21:25:44 +0000
commit	0354c62e0bb89607a29ce2150e77e3308a795cc4 (patch)
tree	d2a93f2b6e6a6db51422ae1b69d5661bc4a0573a /src/codec/SkBmpCodec.cpp
parent	c5eabe7d22834189c77fe95ebaf72fed0ef2bb8e (diff)