From b3b24538e02ead0c3f5bc528818982475890efd6 Mon Sep 17 00:00:00 2001
From: Leon Scroggins III <scroggo@google.com>
Date: Wed, 18 Jan 2017 12:39:07 -0500
Subject: Use fixed size buffer for RLE bmps

An RLE bmp reports how many bytes it should contain. This number may be
incorrect, or it may be a very large number. Previously, we buffered
all bytes in a single allocation. Instead, use a fixed size buffer and
only read what fits into the buffer. We already have code to refill the
buffer if there is more data, so rely on that to keep reading.

Choose an arbitrary size for the buffer. It is larger than the maximum
possible number of bytes we need to read at once.

Add a test with a test image that reports a very large number for
the number of bytes it should contain. With the old method, we would
allocate 4 gigs of memory to decode this image, which is unnecessary
and may result in OOM.

BUG=b/33251605

Change-Id: I6d66eace626002725f62237617140cab99ce42f3
Reviewed-on: https://skia-review.googlesource.com/7028
Commit-Queue: Leon Scroggins <scroggo@google.com>
Reviewed-by: Matt Sarett <msarett@google.com>
---
 resources/invalid_images/b33251605.bmp | Bin 0 -> 125 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 resources/invalid_images/b33251605.bmp

(limited to 'resources')

diff --git a/resources/invalid_images/b33251605.bmp b/resources/invalid_images/b33251605.bmp
new file mode 100644
index 0000000000..0060ff48dd
Binary files /dev/null and b/resources/invalid_images/b33251605.bmp differ
-- 
cgit v1.2.3