skia2

Author	SHA1	Message	Date
skia.committer@gmail.com	8491d24bdc	Sanitizing source files in Housekeeper-Nightly git-svn-id: http://skia.googlecode.com/svn/trunk@12499 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-12-05 07:02:16 +00:00
commit-bot@chromium.org	cd3b15ca63	Fixed bad bitmap size crashes There were 2 issues : 1 ) If the size of an SkBitmap's underlying SkPixelRef's alocated memory is too small to fit the bitmap, then the deserialization will now check this and set an error appropriately. 2 ) If a device fails to allocate its pixels, the device will be deleted and NULL will be returned to avoid attempting to draw on a bad device. BUG= R=senorblanco@chromium.org, reed@google.com, sugoi@google.com, halcanary@google.com, mtklein@google.com Author: sugoi@chromium.org Review URL: https://codereview.chromium.org/92793002 git-svn-id: http://skia.googlecode.com/svn/trunk@12484 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-12-04 17:06:49 +00:00
rmistry@google.com	d6bab02386	Reverting r12427 git-svn-id: http://skia.googlecode.com/svn/trunk@12428 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-12-02 13:50:38 +00:00
skia.committer@gmail.com	5b39f5ba9c	Sanitizing source files in Housekeeper-Nightly git-svn-id: http://skia.googlecode.com/svn/trunk@12427 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-12-02 13:36:22 +00:00
bungeman@google.com	a9a4b04a98	Fix Valgrind reports of test branching on uninitialized data. Fixes reports like: [07:10:01.235147] [ 71/188] (9) Serialization [07:10:01.235186] ==20052== Thread 3: [07:10:01.235223] ==20052== Conditional jump or move depends on uninitialised value(s) [07:10:01.235259] ==20052== at 0x546632: SkRRect::setRectRadii(SkRect const&, SkPoint const) (SkRect.h:426) [07:10:01.735876] ==20052== by 0x546FB7: SkRRect::readFromMemory(void const, unsigned long) (SkRRect.cpp:362) [07:10:01.735965] ==20052== by 0x47F87F: Tests(skiatest::Reporter) (SerializationTest.cpp:20) [07:10:01.736007] ==20052== by 0x480367: skiatest::SerializationClass::onRun(skiatest::Reporter) (SerializationTest.cpp:212) [07:10:01.736048] ==20052== by 0x4881DA: skiatest::Test::run() (Test.cpp:109) [07:10:01.736086] ==20052== by 0x482516: SkTestRunnable::run() (skia_test.cpp:155) [07:10:01.736122] ==20052== by 0x6236E5: SkThreadPool::Loop(void) (SkThreadPool.cpp:97) [07:10:01.736158] ==20052== by 0x62DDB2: thread_start(void) (SkThreadUtils_pthread.cpp:66) [07:10:01.736192] ==20052== by 0x4E39E99: start_thread (pthread_create.c:308) [07:10:01.736228] ==20052== by 0x6A5BCCC: clone (clone.S:112) [07:10:01.736262] ==20052== Uninitialised value was created by a stack allocation [07:10:01.736296] ==20052== at 0x47EC6A: Tests(skiatest::Reporter*) (SerializationTest.cpp:155) git-svn-id: http://skia.googlecode.com/svn/trunk@12419 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-11-27 17:00:12 +00:00
commit-bot@chromium.org	8f457e3230	Adding error checks to SkRBuffer BUG= R=robertphillips@google.com, bsalomon@google.com, reed@google.com Author: sugoi@chromium.org Review URL: https://codereview.chromium.org/61913002 git-svn-id: http://skia.googlecode.com/svn/trunk@12202 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-11-08 19:22:57 +00:00
commit-bot@chromium.org	4faa869cda	Checking structure sizes before reading them from memory to avoid overflowing the buffer's stream. BUG= R=reed@google.com, mtklein@google.com, senorblanco@chromium.org Committed: https://code.google.com/p/skia/source/detail?r=12114 Committed: https://code.google.com/p/skia/source/detail?r=12119 Author: sugoi@chromium.org Review URL: https://codereview.chromium.org/41253002 git-svn-id: http://skia.googlecode.com/svn/trunk@12130 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-11-05 15:46:56 +00:00
reed@google.com	12a23866fe	Revert "Checking structure sizes before reading them from memory to avoid overflowing the buffer's stream." This reverts commit 6bc22e8ef1ea70a1b58409aa21254358c50f149a. git-svn-id: http://skia.googlecode.com/svn/trunk@12124 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-11-04 21:35:55 +00:00
sugoi@google.com	b48a59ae81	Checking structure sizes before reading them from memory to avoid overflowing the buffer's stream. BUG= R=reed@google.com Committed: https://code.google.com/p/skia/source/detail?r=12114 Review URL: https://codereview.chromium.org/41253002 git-svn-id: http://skia.googlecode.com/svn/trunk@12119 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-11-04 20:28:23 +00:00
epoger@google.com	eb221268ab	Revert r12114 due to https://code.google.com/p/skia/issues/detail?id=1794 ('Assertion failures on various buildbots as of r12114') git-svn-id: http://skia.googlecode.com/svn/trunk@12115 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-11-04 18:06:12 +00:00
sugoi@google.com	305f78e8c1	Checking structure sizes before reading them from memory to avoid overflowing the buffer's stream. BUG= R=reed@google.com Review URL: https://codereview.chromium.org/41253002 git-svn-id: http://skia.googlecode.com/svn/trunk@12114 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-11-04 16:18:15 +00:00
commit-bot@chromium.org	0251288112	Adding size parameter to read array functions In some cases, the allocated array into which the data will be read is using getArrayCount() to allocate itself, which should be safe, but some cases use fixed length arrays or compute the array size before reading, which could overflow if the stream is compromised. To prevent that from happening, I added a check that will verify that the number of bytes to read will not exceed the capacity of the input buffer argument passed to all the read...Array() functions. I chose to use the byte array for this initial version, so that "size" represents the same value across all read...Array() functions, but I could also use the element count, if it is preferred. Note : readPointArray and writePointArray are unused, so I could also remove them BUG= R=reed@google.com, mtklein@google.com, senorblanco@chromium.org Author: sugoi@chromium.org Review URL: https://codereview.chromium.org/37803002 git-svn-id: http://skia.googlecode.com/svn/trunk@12058 2bbb7eff-a529-9590-31e7-b0007b416f81	2013-10-31 18:37:50 +00:00

12 Commits