From 7effa7a29a04fb417c5e4abbe6aabf576a2aede0 Mon Sep 17 00:00:00 2001 From: ethannicholas Date: Fri, 14 Oct 2016 09:56:33 -0700 Subject: [PATCH] more SkSL fuzzer crash fixes BUG=skia: GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2414413002 Review-Url: https://codereview.chromium.org/2414413002 --- src/sksl/SkSLIRGenerator.cpp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/sksl/SkSLIRGenerator.cpp b/src/sksl/SkSLIRGenerator.cpp index 9a42379065..b93cbfbe99 100644 --- a/src/sksl/SkSLIRGenerator.cpp +++ b/src/sksl/SkSLIRGenerator.cpp @@ -525,6 +525,9 @@ std::unique_ptr IRGenerator::convertInterfaceBlock(const ASTInte std::unique_ptr decl = this->convertVarDeclarations( *intf.fDeclarations[i], Variable::kGlobal_Storage); + if (!decl) { + return nullptr; + } for (const auto& var : decl->fVars) { fields.push_back(Type::Field(var.fVar->fModifiers, var.fVar->fName, &var.fVar->fType)); @@ -1024,11 +1027,17 @@ std::unique_ptr IRGenerator::convertConstructor( int rows = args[i]->fType.rows(); args[i] = this->coerce(std::move(args[i]), type.componentType().toCompound(fContext, columns, rows)); + if (!args[i]) { + return nullptr; + } actual += args[i]->fType.rows() * args[i]->fType.columns(); } else if (args[i]->fType.kind() == Type::kScalar_Kind) { actual += 1; if (type.kind() != Type::kScalar_Kind) { args[i] = this->coerce(std::move(args[i]), type.componentType()); + if (!args[i]) { + return nullptr; + } } } else { fErrors.error(position, "'" + args[i]->fType.description() + "' is not a valid "