b45d0caa55
This should fix the chrome roll. Change-Id: I2de68f972996bf6124cf5cc27dfd538aa1161057 Reviewed-on: https://skia-review.googlesource.com/c/skia/+/316877 Auto-Submit: Kevin Lubick <kjlubick@google.com> Reviewed-by: Leon Scroggins <scroggo@google.com> Commit-Queue: Kevin Lubick <kjlubick@google.com>
48 lines
1.3 KiB
C++
48 lines
1.3 KiB
C++
/*
|
|
* Copyright 2018 Google Inc.
|
|
*
|
|
* Use of this source code is governed by a BSD-style license that can be
|
|
* found in the LICENSE file.
|
|
*/
|
|
|
|
#include "include/core/SkCanvas.h"
|
|
#include "include/core/SkPaint.h"
|
|
#include "include/core/SkPath.h"
|
|
#include "include/core/SkSurface.h"
|
|
#include "src/core/SkReadBuffer.h"
|
|
|
|
void FuzzPathDeserialize(SkReadBuffer& buf) {
|
|
SkPath path;
|
|
buf.readPath(&path);
|
|
if (!buf.isValid()) {
|
|
return;
|
|
}
|
|
|
|
auto s = SkSurface::MakeRasterN32Premul(128, 128);
|
|
if (!s) {
|
|
// May return nullptr in memory-constrained fuzzing environments
|
|
return;
|
|
}
|
|
s->getCanvas()->drawPath(path, SkPaint());
|
|
}
|
|
|
|
// TODO(kjlubick): remove IS_FUZZING... after https://crrev.com/c/2410304 lands
|
|
#if defined(SK_BUILD_FOR_LIBFUZZER) || defined(IS_FUZZING_WITH_LIBFUZZER)
|
|
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
|
if (size < 4 || size > 2000) {
|
|
return 0;
|
|
}
|
|
uint32_t packed;
|
|
memcpy(&packed, data, 4);
|
|
unsigned version = packed & 0xFF;
|
|
if (version != 4) {
|
|
// Chrome only will produce version 4, so guide the fuzzer to
|
|
// only focus on those branches.
|
|
return 0;
|
|
}
|
|
SkReadBuffer buf(data, size);
|
|
FuzzPathDeserialize(buf);
|
|
return 0;
|
|
}
|
|
#endif
|