Google Git
Sign in
android / platform / external / skia.git / c7fa8ee54ec707f12c51c4627fd041ebb8a598c7^1..c7fa8ee54ec707f12c51c4627fd041ebb8a598c7 / .
commitc7fa8ee54ec707f12c51c4627fd041ebb8a598c7[log] [tgz]
authorandroid-build-team Robot <android-build-team-robot@google.com>Wed May 31 20:31:33 2017 +0000
committerandroid-build-team Robot <android-build-team-robot@google.com>Wed May 31 20:31:33 2017 +0000
tree6a326255fe35f9807b36f36f9cb07dcb0d2b410c
parent042ec713958d0d1c9b6f8f57559fbe4861926c2c [diff]
parent89e1a4326d4332c6dd6c5aa3182b999de8ac9448 [diff]
Merge cherrypicks of [2338295, 2338197, 2338407, 2338385, 2338425, 2338465, 2338447, 2338426, 2338386, 2338387, 2338466, 2338368, 2338296, 2338198, 2338450, 2338470, 2338429, 2338390, 2338430, 2338315, 2338452, 2338453, 2338431, 2338297, 2338354, 2338200, 2338391, 2338392, 2338482, 2338357, 2338411, 2338394, 2338318, 2338370, 2338434, 2338472, 2338473, 2338395, 2338299, 2338412, 2338413, 2338454, 2338396, 2338474, 2338397, 2338360, 2338455] into nyc-mr2-security-b-release

Change-Id: I43f358bde1dd9ae2d703b3c92d70465fddab94a0

diff --git a/resources/invalid_images/b34778578.bmp b/resources/invalid_images/b34778578.bmp
new file mode 100644
index 0000000..4a08a61
--- /dev/null
+++ b/resources/invalid_images/b34778578.bmp
Binary files differ

diff --git a/src/codec/SkBmpCodec.cpp b/src/codec/SkBmpCodec.cpp
index 5274ec4..7eb1baf 100644
--- a/src/codec/SkBmpCodec.cpp
+++ b/src/codec/SkBmpCodec.cpp

@@ -269,9 +269,10 @@
     if (inIco) {
         height /= 2;
     }
-    if (width <= 0 || height <= 0) {
-        // TODO: Decide if we want to disable really large bmps as well.
-        // https://code.google.com/p/skia/issues/detail?id=3617
+
+    // Arbitrary maximum. Matches Chromium.
+    constexpr int kMaxDim = 1 << 16;
+    if (width <= 0 || height <= 0 || width >= kMaxDim || height >= kMaxDim) {
         SkCodecPrintf("Error: invalid bitmap dimensions.\n");
         return false;
     }

diff --git a/tests/CodexTest.cpp b/tests/CodexTest.cpp
index ead6795..342c369 100644
--- a/tests/CodexTest.cpp
+++ b/tests/CodexTest.cpp

@@ -13,6 +13,7 @@
 #include "SkData.h"
 #include "SkFrontBufferedStream.h"
 #include "SkMD5.h"
+#include "SkOSFile.h"
 #include "SkRandom.h"
 #include "SkStream.h"
 #include "SkStreamPriv.h"
@@ -20,6 +21,7 @@
 #include "Test.h"
 
 #include "png.h"
+#include <initializer_list>
 
 static SkStreamAsset* resource(const char path[]) {
     SkString fullPath = GetResourcePath(path);
@@ -1004,6 +1006,21 @@
     REPORTER_ASSERT(r, SkCodec::kSuccess == result);
 }
 
+DEF_TEST(Codec_InvalidBmp, r) {
+    // These files report values that have caused problems with SkFILEStreams.
+    // They are invalid, and should not create SkCodecs.
+    for (auto* bmp : { "b34778578.bmp" } ) {
+        SkString path = SkOSPath::Join("invalid_images", bmp);
+        path = GetResourcePath(path.c_str());
+        SkAutoTDelete<SkFILEStream> stream(new SkFILEStream(path.c_str()));
+        if (!stream->isValid()) {
+            return;
+        }
+        SkAutoTDelete<SkCodec> codec(SkCodec::NewFromStream(stream.release()));
+        REPORTER_ASSERT(r, !codec);
+    }
+}
+
 DEF_TEST(Codec_InvalidRLEBmp, r) {
     auto* stream = GetResourceAsStream("invalid_images/b33251605.bmp");
     if (!stream) {