Fixed more fuzzer issues

- Added the "isAvailable" function to check how much bytes are remaining in the stream before doing potentially large mallocs. That way, we can signal a bad stream instead of crashing.
- Added data validation in SkImageInfo.cpp
- Added NULL pointer check in displacement
- Modified the fuzzer for randomized bitmap types

BUG=328934,329254
R=senorblanco@google.com, senorblanco@chromium.org, reed@google.com, sugoi@google.com

Author: sugoi@chromium.org

Review URL: https://codereview.chromium.org/116773002

git-svn-id: http://skia.googlecode.com/svn/trunk@12723 2bbb7eff-a529-9590-31e7-b0007b416f81

1 files changed, 4 insertions, 0 deletions

diff --git a/src/core/SkValidatingReadBuffer.cpp b/src/core/SkValidatingReadBuffer.cpp
index 692d0dd4d1..ab6a04a1cf 100644
--- a/src/core/SkValidatingReadBuffer.cpp
+++ b/src/core/SkValidatingReadBuffer.cpp
@@ -228,6 +228,10 @@ SkTypeface* SkValidatingReadBuffer::readTypeface() {
     return NULL;
 }
 
+bool SkValidatingReadBuffer::validateAvailable(size_t size) {
+    return this->validate((size <= SK_MaxU32) && fReader.isAvailable(static_cast<uint32_t>(size)));
+}
+
 SkFlattenable* SkValidatingReadBuffer::readFlattenable(SkFlattenable::Type type) {
     SkString name;
     this->readString(&name);