Chrome added a public method to validate SkPathRef,
but always called it when validating SkPath. We did too.
Remove the SkPathRef entry point, validate SkPathRef
when validating SkPath, and remove Skia's callers.
(Chrome has already been fixed.)
TBR=reed@google.comR=fmalita@chromium.org
Bug:913930
Change-Id: I0828b00b42cc1f031b4216ddeace50f80aa21e62
Reviewed-on: https://skia-review.googlesource.com/c/177065
Commit-Queue: Cary Clark <caryclark@skia.org>
Auto-Submit: Cary Clark <caryclark@skia.org>
Reviewed-by: Florin Malita <fmalita@chromium.org>
Change-Id: I3fd20d2b69d5c3b4b7163c239d65185ce9099c41
Reviewed-on: https://skia-review.googlesource.com/c/171783
Commit-Queue: Hal Canary <halcanary@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Auto-Submit: Hal Canary <halcanary@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Doesn't look like we need to distinguish these if we just
write them as the simple
1) load the right number of bytes
2) clamp to [min,max]
This makes enum fuzzing independent of its underlying type, and may make
it easier to see the mapping from fuzzed byte stream to
nextRange()/nextEnum() values.
Change-Id: I9f785f94f513a0087ad7151b5e7bc14ddbe9314a
Reviewed-on: https://skia-review.googlesource.com/c/171820
Commit-Queue: Mike Klein <mtklein@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Auto-Submit: Mike Klein <mtklein@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
This reverts commit 6bd19df9fa.
Restores original CL, but adds guards for flutter.
Bug: skia:
Change-Id: I380b4ea87d293355026d734249aa2b8c397da144
Reviewed-on: https://skia-review.googlesource.com/c/169345
Reviewed-by: Florin Malita <fmalita@chromium.org>
Commit-Queue: Mike Reed <reed@google.com>
Auto-Submit: Mike Reed <reed@google.com>
I think this originally was done due to int / unsigned
differences between Linux in Windows. In hindsight, that
was short-sighted.
Bug: oss-fuzz:11281,oss-fuzz:11282,oss-fuzz:11283
Change-Id: I06e38cb663f84278f479eb7fee3118c1068eeaa8
Reviewed-on: https://skia-review.googlesource.com/c/169244
Reviewed-by: Mike Klein <mtklein@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Bug: skia:5679
Change-Id: I8658099707aab34b047d697b011e741da9019091
Reviewed-on: https://skia-review.googlesource.com/c/165525
Reviewed-by: Michael Ludwig <michaelludwig@google.com>
Commit-Queue: Brian Salomon <bsalomon@google.com>
This will hopefully be more interesting logic.
Bug: skia:
Change-Id: I8aa6ab3d66ece4a6c1042701e1aae06d96247f32
Reviewed-on: https://skia-review.googlesource.com/c/164600
Reviewed-by: Cary Clark <caryclark@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Make FuzzEnum always use uint32_t to make it consistent
(we were seeing some Windows setups have underlying type return
int and not unsigned int that we saw on Linux)
Bug: 897455
Change-Id: Ia8c97e59bb498d959a9a30abcb61731f4bd145cf
Reviewed-on: https://skia-review.googlesource.com/c/164240
Reviewed-by: Cary Clark <caryclark@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Fuzz SkAndroidCodec to help to catch errors in both incrementalDecode
and scanlineDecode. Try a variety of sample sizes, but cap it at 64.
Though sometimes larger sample sizes are used, the lower ones tend to
more common. Also draw the resulting bitmap to verify that we
initialized all pixels.
Independently test incrementalDecode to ensure that it initializes
rowsDecoded.
Change-Id: I20d8a408cd280262fdc62f902a6f04f0f57f5ad2
Reviewed-on: https://skia-review.googlesource.com/c/162025
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Auto-Submit: Leon Scroggins <scroggo@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
This CL renames FuzzPath() to FuzzNicePath() to remind us that it's
meant to create paths that a user could reasonably want to create
in good faith, to pass to Skia via its API, etc.
Then, add fuzz_nice_rect(), and have FuzzNicePath() use that to create
its rectangles and use FuzzNiceMatrix() to create its matrices, just
like we already use FuzzNiceRRect() to create rounded rectangles and
FuzzNicePath() itself to create sub-paths.
Using fuzz_nice_rect() should be the fix for the attached bug.
Using FuzzNiceMatrix() is by analogy, more preemptive.
While we're at it, rename BuildPath to FuzzEvilPath, so the contrast
with FuzzNicePath is more clear.
Update the assertions that we create a valid path in FuzzNicePath()
to tell us where things went wrong if they do.
Bug: oss-fuzz:10667, skia:8384
Change-Id: I6d802182a62815cd969c65cf0479609f64b1da55
Reviewed-on: https://skia-review.googlesource.com/156840
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Auto-Submit: Mike Klein <mtklein@google.com>
This will point out if something's gone screwy earlier in Debug builds.
Bug: oss-fuzz:10488
Change-Id: Ib091ada75344140bbe2932e5c2f1e2257f05019b
Reviewed-on: https://skia-review.googlesource.com/156660
Auto-Submit: Mike Klein <mtklein@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Commit-Queue: Mike Klein <mtklein@google.com>
As far as I can tell, the attached bugs are self-inflicted wounds.
Bug: skia:8383, oss-fuzz:10378
Change-Id: Ie0bee292982d9e56193b90c04fef5e43bb2e36d4
Reviewed-on: https://skia-review.googlesource.com/156249
Commit-Queue: Mike Klein <mtklein@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Nothing's using it except test tools.
I'd like to make that a bit clearer by getting it out of src.
Disabled the fuzzer.
Removed the bench so Android's building nanobench doesn't block this.
Bug: chromium:886713
Change-Id: I761f52c40171c27ff4b699409b32647e84684ec3
Reviewed-on: https://skia-review.googlesource.com/156240
Commit-Queue: Mike Klein <mtklein@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Some oss-fuzz bugs (like the linked one) would not reproduce
in Skia proper due to the fact that there were subtle overloads
of the various Fuzz::next() methods in FuzzCanvas.cpp that
were pulled in in Skia proper, but not oss-fuzz.
This puts all of them in to FuzzCommon.h and makes the
matrix and rrect ones opt-in (fuzz_matrix, fuzz_rrect).
Additionally, this renames fuzz.cpp -> FuzzMain.cpp so we
can properly include Fuzz.cpp in oss-fuzz without
having two mains.
Bug: oss-fuzz:10378
Change-Id: I6cf9afb471781b9fadb689482109a1e5662358b5
Reviewed-on: https://skia-review.googlesource.com/154900
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Robert Phillips <robertphillips@google.com>
Bug: skia:
Change-Id: I0ca1f3b60d05ce02d1e53bb8b989c9dc1babddd1
Reviewed-on: https://skia-review.googlesource.com/150915
Reviewed-by: Robert Phillips <robertphillips@google.com>
Commit-Queue: Jim Van Verth <jvanverth@google.com>
With the fixes in https://skia-review.googlesource.com/c/skia/+/150465
this should allow us to fuzz Pathop on oss-fuzz.
Bug: skia:
Change-Id: Id5df511f850f23b5aad0bcb39664d18f639ddb69
Reviewed-on: https://skia-review.googlesource.com/150560
Auto-Submit: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Cary Clark <caryclark@google.com>
Commit-Queue: Cary Clark <caryclark@google.com>
Change-Id: Ieac05047826b1fb80950d65573d38494a1a5c5e7
Reviewed-on: https://skia-review.googlesource.com/148383
Commit-Queue: Hal Canary <halcanary@google.com>
Commit-Queue: Ben Wagner <bungeman@google.com>
Auto-Submit: Hal Canary <halcanary@google.com>
Reviewed-by: Ben Wagner <bungeman@google.com>
AFAICT none of our clients are using this feature
This will change the occludedrrectblur GM.
Change-Id: I7e5b8fa67db0373dee11a1467d2b2b6a414a1574
Reviewed-on: https://skia-review.googlesource.com/147561
Reviewed-by: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Mike Reed <reed@google.com>
Reviewed-by: Brian Osman <brianosman@google.com>
Commit-Queue: Robert Phillips <robertphillips@google.com>
Prepare SkRegion.h, SkShader.h, SkStream.h for documentation.
Name params, add trailing commas to enum member list,
move or remove some public SkRegion.h stuff.
SkRegion gets a minor overhaul to move some pieces
to private: or SkRegionPriv. The intent is to preserve the
current code so that the fixes for documentation do not impact
performance or code size.
R=djsollen@google.com,reed@google.com
Docs-Preview: https://skia.org/?cl=141284
Bug: skia:6818
Change-Id: I0d82794081b8739a9e8af0d1cd4a0e5d32d04f04
Reviewed-on: https://skia-review.googlesource.com/141284
Commit-Queue: Cary Clark <caryclark@skia.org>
Reviewed-by: Mike Reed <reed@google.com>
