Fixed more fuzzer issues
- Added the "isAvailable" function to check how much bytes are remaining in the stream before doing potentially large mallocs. That way, we can signal a bad stream instead of crashing.
- Added data validation in SkImageInfo.cpp
- Added NULL pointer check in displacement
- Modified the fuzzer for randomized bitmap types
BUG=328934,329254
R=senorblanco@google.com, senorblanco@chromium.org, reed@google.com, sugoi@google.com
Author: sugoi@chromium.org
Review URL: https://codereview.chromium.org/116773002
git-svn-id: http://skia.googlecode.com/svn/trunk@12723 2bbb7eff-a529-9590-31e7-b0007b416f81
diff --git a/samplecode/SampleFilterFuzz.cpp b/samplecode/SampleFilterFuzz.cpp
index 06e14f0..8fa147a 100644
--- a/samplecode/SampleFilterFuzz.cpp
+++ b/samplecode/SampleFilterFuzz.cpp
@@ -111,8 +111,10 @@
}
static void make_g_bitmap(SkBitmap& bitmap) {
- bitmap.setConfig(SkBitmap::kARGB_8888_Config, kBitmapSize, kBitmapSize);
- bitmap.allocPixels();
+ bitmap.setConfig((SkBitmap::Config)R(SkBitmap::kConfigCount), kBitmapSize, kBitmapSize);
+ while (!bitmap.allocPixels()) {
+ bitmap.setConfig((SkBitmap::Config)R(SkBitmap::kConfigCount), kBitmapSize, kBitmapSize);
+ }
SkBitmapDevice device(bitmap);
SkCanvas canvas(&device);
canvas.clear(0x00000000);
@@ -126,8 +128,10 @@
}
static void make_checkerboard_bitmap(SkBitmap& bitmap) {
- bitmap.setConfig(SkBitmap::kARGB_8888_Config, kBitmapSize, kBitmapSize);
- bitmap.allocPixels();
+ bitmap.setConfig((SkBitmap::Config)R(SkBitmap::kConfigCount), kBitmapSize, kBitmapSize);
+ while (!bitmap.allocPixels()) {
+ bitmap.setConfig((SkBitmap::Config)R(SkBitmap::kConfigCount), kBitmapSize, kBitmapSize);
+ }
SkBitmapDevice device(bitmap);
SkCanvas canvas(&device);
canvas.clear(0x00000000);
@@ -312,18 +316,24 @@
}
static void do_fuzz(SkCanvas* canvas) {
+ SkImageFilter* filter = make_serialized_image_filter();
+
#ifdef SK_FUZZER_IS_VERBOSE
- static uint32_t filterId = 0;
- if (0 == filterId) {
+ static uint32_t numFilters = 0;
+ static uint32_t numValidFilters = 0;
+ if (0 == numFilters) {
printf("Fuzzing with %u\n", kSeed);
}
- printf("Filter no %u\r", filterId);
+ numFilters++;
+ if (NULL != filter) {
+ numValidFilters++;
+ }
+ printf("Filter no : %u. Valid filters so far : %u\r", numFilters, numValidFilters);
fflush(stdout);
- filterId++;
#endif
SkPaint paint;
- SkSafeUnref(paint.setImageFilter(make_serialized_image_filter()));
+ SkSafeUnref(paint.setImageFilter(filter));
drawClippedBitmap(canvas, 0, 0, paint);
}