Prevent malformed ICO files from recursively decoding

R=reed@google.com, scroggo@google.com

Author: djsollen@google.com

Review URL: https://codereview.chromium.org/511453002
This commit is contained in:
djsollen 2014-08-26 11:35:14 -07:00 committed by Commit bot
parent ad726a3196
commit 6a9c7b1dbd

View File

@ -164,6 +164,10 @@ bool SkICOImageDecoder::onDecode(SkStream* stream, SkBitmap* bm, Mode mode)
SkMemoryStream subStream(buf + offset, size, false);
SkAutoTDelete<SkImageDecoder> otherDecoder(SkImageDecoder::Factory(&subStream));
if (otherDecoder.get() != NULL) {
// Disallow nesting ICO files within one another
if (otherDecoder->getFormat() == SkImageDecoder::kICO_Format) {
return false;
}
// Set fields on the other decoder to be the same as this one.
this->copyFieldsToOther(otherDecoder.get());
if(otherDecoder->decode(&subStream, bm, this->getDefaultPref(), mode)) {