diff options
| author |  wjmaclean@chromium.org <wjmaclean@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81> | 2011-02-22 22:32:14 +0000 |
|---|---|---|
| committer | wjmaclean@chromium.org <wjmaclean@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81> | 2011-02-22 22:32:14 +0000 |
| commit | 3f0260d0f7692f28057cfcf7121829285e972e28 (patch) | |
| tree | bfe512efd526c1f8acd1167a594e3aa3db9d0e50 /src/core/SkBitmap.cpp | |
| parent | fa63fd66b5147e8dee79019c8eb1c83c58cbd697 (diff) | |
Cleanup issues related to SkBitmap getSize()/extractSubset().
Some minor revisions to do cleanup regarding getSize() and extractSubset(). All
are related to avoid read/write past end of the pixel buffer when getSize() is
used on a bitmap that is the result of a call to extractSubset().
git-svn-id: http://skia.googlecode.com/svn/trunk@835 2bbb7eff-a529-9590-31e7-b0007b416f81
Diffstat (limited to 'src/core/SkBitmap.cpp')
| -rw-r--r-- | src/core/SkBitmap.cpp | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/src/core/SkBitmap.cpp b/src/core/SkBitmap.cpp index 3e26639d0e..a0ab52d0b7 100644 --- a/src/core/SkBitmap.cpp +++ b/src/core/SkBitmap.cpp @@ -1321,7 +1321,14 @@ void SkBitmap::flatten(SkFlattenableWriteBuffer& buffer) const { } else { buffer.write8(SERIALIZE_PIXELTYPE_RAW_NO_CTABLE); } - buffer.writePad(fPixels, this->getSize()); + buffer.writePad(fPixels, this->getSafeSize()); + // There is no writeZeroPad() fcn, so write individual bytes. + if (this->getSize() > this->getSafeSize()) { + size_t deltaSize = this->getSize() - this->getSafeSize(); + // Need aligned pointer to write into due to internal implementa- + // tion of SkWriter32. + memset(buffer.reserve(SkAlign4(deltaSize)), 0, deltaSize); + } } else { buffer.write8(SERIALIZE_PIXELTYPE_NONE); } @@ -1338,7 +1345,6 @@ void SkBitmap::unflatten(SkFlattenableReadBuffer& buffer) { this->setConfig((Config)config, width, height, rowBytes); this->setIsOpaque(buffer.readBool()); - size_t size = this->getSize(); int reftype = buffer.readU8(); switch (reftype) { case SERIALIZE_PIXELTYPE_REF_PTR: { @@ -1360,10 +1366,13 @@ void SkBitmap::unflatten(SkFlattenableReadBuffer& buffer) { if (SERIALIZE_PIXELTYPE_RAW_WITH_CTABLE == reftype) { ctable = SkNEW_ARGS(SkColorTable, (buffer)); } + size_t size = this->getSize(); if (this->allocPixels(ctable)) { this->lockPixels(); - buffer.read(this->getPixels(), this->getSafeSize()); // Just read what we need. - buffer.skip(size - this->getSafeSize()); // Keep aligned for subsequent reads. + // Just read what we need. + buffer.read(this->getPixels(), this->getSafeSize()); + // Keep aligned for subsequent reads. + buffer.skip(size - this->getSafeSize()); this->unlockPixels(); } else { buffer.skip(size); // Still skip the full-sized buffer though. |