Google Git
Sign in
android / platform / external / skia / refs/tags/android-7.1.2_r23^1..refs/tags/android-7.1.2_r23 / .
commit728f9885f5cd922a5f63687649f972da7bfc3b37[log] [tgz]
authorandroid-build-team Robot <android-build-team-robot@google.com>Tue May 30 19:20:13 2017 +0000
committerandroid-build-team Robot <android-build-team-robot@google.com>Tue May 30 19:20:13 2017 +0000
tree6a326255fe35f9807b36f36f9cb07dcb0d2b410c
parent042ec713958d0d1c9b6f8f57559fbe4861926c2c [diff]
parent251e2585c30bd3b9b162f1f3feb59927b77a935b [diff]
Merge cherrypicks of [2331043, 2330986, 2331024, 2331025, 2330859, 2330970, 2331044, 2330893, 2330950, 2330951, 2330940, 2331045, 2330954, 2330799, 2330987, 2331004, 2331061, 2331005, 2331047, 2330955, 2331030, 2331031, 2331101, 2330972, 2330956, 2331032, 2331006, 2330894, 2331063, 2331064, 2330895, 2331048, 2331102, 2331035, 2331007, 2331083, 2331103, 2331104, 2330897, 2331084, 2331067, 2331009, 2331010, 2330898, 2330989, 2331105, 2330899, 2331011, 2331069, 2330990, 2331121, 2331122, 2331086] into nyc-mr2-security-a-release

Change-Id: I3bfaa598e002641f9bdefd2de8bba04a09d3d203

diff --git a/resources/invalid_images/b34778578.bmp b/resources/invalid_images/b34778578.bmp
new file mode 100644
index 0000000..4a08a61
--- /dev/null
+++ b/resources/invalid_images/b34778578.bmp
Binary files differ

diff --git a/src/codec/SkBmpCodec.cpp b/src/codec/SkBmpCodec.cpp
index 5274ec4..7eb1baf 100644
--- a/src/codec/SkBmpCodec.cpp
+++ b/src/codec/SkBmpCodec.cpp

@@ -269,9 +269,10 @@
     if (inIco) {
         height /= 2;
     }
-    if (width <= 0 || height <= 0) {
-        // TODO: Decide if we want to disable really large bmps as well.
-        // https://code.google.com/p/skia/issues/detail?id=3617
+
+    // Arbitrary maximum. Matches Chromium.
+    constexpr int kMaxDim = 1 << 16;
+    if (width <= 0 || height <= 0 || width >= kMaxDim || height >= kMaxDim) {
         SkCodecPrintf("Error: invalid bitmap dimensions.\n");
         return false;
     }

diff --git a/tests/CodexTest.cpp b/tests/CodexTest.cpp
index ead6795..342c369 100644
--- a/tests/CodexTest.cpp
+++ b/tests/CodexTest.cpp

@@ -13,6 +13,7 @@
 #include "SkData.h"
 #include "SkFrontBufferedStream.h"
 #include "SkMD5.h"
+#include "SkOSFile.h"
 #include "SkRandom.h"
 #include "SkStream.h"
 #include "SkStreamPriv.h"
@@ -20,6 +21,7 @@
 #include "Test.h"
 
 #include "png.h"
+#include <initializer_list>
 
 static SkStreamAsset* resource(const char path[]) {
     SkString fullPath = GetResourcePath(path);
@@ -1004,6 +1006,21 @@
     REPORTER_ASSERT(r, SkCodec::kSuccess == result);
 }
 
+DEF_TEST(Codec_InvalidBmp, r) {
+    // These files report values that have caused problems with SkFILEStreams.
+    // They are invalid, and should not create SkCodecs.
+    for (auto* bmp : { "b34778578.bmp" } ) {
+        SkString path = SkOSPath::Join("invalid_images", bmp);
+        path = GetResourcePath(path.c_str());
+        SkAutoTDelete<SkFILEStream> stream(new SkFILEStream(path.c_str()));
+        if (!stream->isValid()) {
+            return;
+        }
+        SkAutoTDelete<SkCodec> codec(SkCodec::NewFromStream(stream.release()));
+        REPORTER_ASSERT(r, !codec);
+    }
+}
+
 DEF_TEST(Codec_InvalidRLEBmp, r) {
     auto* stream = GetResourceAsStream("invalid_images/b33251605.bmp");
     if (!stream) {