diff options
author | Kevin Lubick <kjlubick@google.com> | 2018-05-17 11:29:10 -0400 |
---|---|---|
committer | Skia Commit-Bot <skia-commit-bot@chromium.org> | 2018-05-17 15:50:53 +0000 |
commit | daebae965b530039efcc508f50b42c3e6ecb70e4 (patch) | |
tree | ae89fc820b58ee2c54302d38726a7a3b2da1f52c /src/core/SkReadBuffer.cpp | |
parent | a33b67c36bcdf70221c459a5fcfec48055f66505 (diff) |
Return nullptr when ReadBuffer becomes invalid
This especially helps in SkDrawLooper because we can bail out early
instead of looping for a potentially long time, e.g. when fuzzed
input says count is a large number.
This also cleans up validate in a few spots, and adds validateCanReadN
as a helper function.
Bug: skia:7937
Change-Id: Ic5eff357c8cadc91eeafc6e39c78c570ba74df2f
Reviewed-on: https://skia-review.googlesource.com/128847
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Commit-Queue: Mike Klein <mtklein@google.com>
Reviewed-by: Mike Klein <mtklein@google.com>
Reviewed-by: Florin Malita <fmalita@chromium.org>
Diffstat (limited to 'src/core/SkReadBuffer.cpp')
-rw-r--r-- | src/core/SkReadBuffer.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/core/SkReadBuffer.cpp b/src/core/SkReadBuffer.cpp index d41f2902f2..0c2edf622d 100644 --- a/src/core/SkReadBuffer.cpp +++ b/src/core/SkReadBuffer.cpp @@ -317,7 +317,7 @@ sk_sp<SkImage> SkReadBuffer::readImage() { // Preflight check to make sure there's enough stuff in the buffer before // we allocate the memory. This helps the fuzzer avoid OOM when it creates // bad/corrupt input. - if (!this->validate(((size_t)size) <= this->available())) { + if (!this->validateCanReadN<uint8_t>(size)) { return nullptr; } |