Initial error handling code
I made it as simple as possible. The impact seems minimal and it should do what's necessary to make this code secure.
BUG=
Committed: http://code.google.com/p/skia/source/detail?r=11247
R=reed@google.com, scroggo@google.com, djsollen@google.com, sugoi@google.com, bsalomon@google.com, mtklein@google.com, senorblanco@google.com, senorblanco@chromium.org
Author: sugoi@chromium.org
Review URL: https://codereview.chromium.org/23021015
git-svn-id: http://skia.googlecode.com/svn/trunk@11922 2bbb7eff-a529-9590-31e7-b0007b416f81
diff --git a/src/effects/SkBicubicImageFilter.cpp b/src/effects/SkBicubicImageFilter.cpp
index 02e706f..778df3f 100644
--- a/src/effects/SkBicubicImageFilter.cpp
+++ b/src/effects/SkBicubicImageFilter.cpp
@@ -45,6 +45,10 @@
SkASSERT(readSize == 16);
fScale.fWidth = buffer.readScalar();
fScale.fHeight = buffer.readScalar();
+ buffer.validate(SkScalarIsFinite(fScale.fWidth) &&
+ SkScalarIsFinite(fScale.fHeight) &&
+ (fScale.fWidth >= 0) &&
+ (fScale.fHeight >= 0));
}
void SkBicubicImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {
diff --git a/src/effects/SkBlurImageFilter.cpp b/src/effects/SkBlurImageFilter.cpp
index abbf971..a820152 100644
--- a/src/effects/SkBlurImageFilter.cpp
+++ b/src/effects/SkBlurImageFilter.cpp
@@ -19,6 +19,10 @@
: INHERITED(buffer) {
fSigma.fWidth = buffer.readScalar();
fSigma.fHeight = buffer.readScalar();
+ buffer.validate(SkScalarIsFinite(fSigma.fWidth) &&
+ SkScalarIsFinite(fSigma.fHeight) &&
+ (fSigma.fWidth >= 0) &&
+ (fSigma.fHeight >= 0));
}
SkBlurImageFilter::SkBlurImageFilter(SkScalar sigmaX,
diff --git a/src/effects/SkColorFilters.cpp b/src/effects/SkColorFilters.cpp
index 66ddb02..d53e20c 100644
--- a/src/effects/SkColorFilters.cpp
+++ b/src/effects/SkColorFilters.cpp
@@ -13,6 +13,7 @@
#include "SkFlattenableBuffers.h"
#include "SkUtils.h"
#include "SkString.h"
+#include "SkValidationUtils.h"
#define ILLEGAL_XFERMODE_MODE ((SkXfermode::Mode)-1)
@@ -101,6 +102,7 @@
fColor = buffer.readColor();
fMode = (SkXfermode::Mode)buffer.readUInt();
this->updateCache();
+ buffer.validate(SkIsValidMode(fMode));
}
private:
diff --git a/src/effects/SkColorMatrixFilter.cpp b/src/effects/SkColorMatrixFilter.cpp
index 1e3c779..f7b283e 100644
--- a/src/effects/SkColorMatrixFilter.cpp
+++ b/src/effects/SkColorMatrixFilter.cpp
@@ -310,6 +310,9 @@
SkASSERT(buffer.getArrayCount() == 20);
buffer.readScalarArray(fMatrix.fMat);
this->initState(fMatrix.fMat);
+ for (int i = 0; i < 20; ++i) {
+ buffer.validate(SkScalarIsFinite(fMatrix.fMat[i]));
+ }
}
bool SkColorMatrixFilter::asColorMatrix(SkScalar matrix[20]) const {
diff --git a/src/effects/SkDisplacementMapEffect.cpp b/src/effects/SkDisplacementMapEffect.cpp
index ff2e837..15ac627 100644
--- a/src/effects/SkDisplacementMapEffect.cpp
+++ b/src/effects/SkDisplacementMapEffect.cpp
@@ -126,6 +126,20 @@
}
}
+bool channel_selector_type_is_valid(SkDisplacementMapEffect::ChannelSelectorType cst) {
+ switch (cst) {
+ case SkDisplacementMapEffect::kUnknown_ChannelSelectorType:
+ case SkDisplacementMapEffect::kR_ChannelSelectorType:
+ case SkDisplacementMapEffect::kG_ChannelSelectorType:
+ case SkDisplacementMapEffect::kB_ChannelSelectorType:
+ case SkDisplacementMapEffect::kA_ChannelSelectorType:
+ return true;
+ default:
+ break;
+ }
+ return false;
+}
+
} // end namespace
///////////////////////////////////////////////////////////////////////////////
@@ -152,6 +166,9 @@
fXChannelSelector = (SkDisplacementMapEffect::ChannelSelectorType) buffer.readInt();
fYChannelSelector = (SkDisplacementMapEffect::ChannelSelectorType) buffer.readInt();
fScale = buffer.readScalar();
+ buffer.validate(channel_selector_type_is_valid(fXChannelSelector) &&
+ channel_selector_type_is_valid(fYChannelSelector) &&
+ SkScalarIsFinite(fScale));
}
void SkDisplacementMapEffect::flatten(SkFlattenableWriteBuffer& buffer) const {
diff --git a/src/effects/SkDropShadowImageFilter.cpp b/src/effects/SkDropShadowImageFilter.cpp
index 75a8668..4fc29ba 100644
--- a/src/effects/SkDropShadowImageFilter.cpp
+++ b/src/effects/SkDropShadowImageFilter.cpp
@@ -29,6 +29,9 @@
fDy = buffer.readScalar();
fSigma = buffer.readScalar();
fColor = buffer.readColor();
+ buffer.validate(SkScalarIsFinite(fDx) &&
+ SkScalarIsFinite(fDy) &&
+ SkScalarIsFinite(fSigma));
}
void SkDropShadowImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const
diff --git a/src/effects/SkLightingImageFilter.cpp b/src/effects/SkLightingImageFilter.cpp
index 4f05d25..dd23532 100644
--- a/src/effects/SkLightingImageFilter.cpp
+++ b/src/effects/SkLightingImageFilter.cpp
@@ -248,6 +248,9 @@
point.fX = buffer.readScalar();
point.fY = buffer.readScalar();
point.fZ = buffer.readScalar();
+ buffer.validate(SkScalarIsFinite(point.fX) &&
+ SkScalarIsFinite(point.fY) &&
+ SkScalarIsFinite(point.fZ));
return point;
};
@@ -732,6 +735,10 @@
fCosInnerConeAngle = buffer.readScalar();
fConeScale = buffer.readScalar();
fS = readPoint3(buffer);
+ buffer.validate(SkScalarIsFinite(fSpecularExponent) &&
+ SkScalarIsFinite(fCosOuterConeAngle) &&
+ SkScalarIsFinite(fCosInnerConeAngle) &&
+ SkScalarIsFinite(fConeScale));
}
protected:
SkSpotLight(const SkPoint3& location, const SkPoint3& target, SkScalar specularExponent, SkScalar cosOuterConeAngle, SkScalar cosInnerConeAngle, SkScalar coneScale, const SkPoint3& s, const SkPoint3& color)
@@ -876,13 +883,14 @@
}
SkLightingImageFilter::~SkLightingImageFilter() {
- fLight->unref();
+ SkSafeUnref(fLight);
}
SkLightingImageFilter::SkLightingImageFilter(SkFlattenableReadBuffer& buffer)
: INHERITED(buffer) {
fLight = SkLight::UnflattenLight(buffer);
fSurfaceScale = buffer.readScalar();
+ buffer.validate(SkScalarIsFinite(fSurfaceScale));
}
void SkLightingImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {
@@ -903,6 +911,7 @@
: INHERITED(buffer)
{
fKD = buffer.readScalar();
+ buffer.validate(SkScalarIsFinite(fKD));
}
void SkDiffuseLightingImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {
@@ -986,6 +995,8 @@
{
fKS = buffer.readScalar();
fShininess = buffer.readScalar();
+ buffer.validate(SkScalarIsFinite(fKS) &&
+ SkScalarIsFinite(fShininess));
}
void SkSpecularLightingImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {
diff --git a/src/effects/SkMagnifierImageFilter.cpp b/src/effects/SkMagnifierImageFilter.cpp
index 8b16516..7ac5249 100644
--- a/src/effects/SkMagnifierImageFilter.cpp
+++ b/src/effects/SkMagnifierImageFilter.cpp
@@ -9,6 +9,7 @@
#include "SkMagnifierImageFilter.h"
#include "SkColorPriv.h"
#include "SkFlattenableBuffers.h"
+#include "SkValidationUtils.h"
////////////////////////////////////////////////////////////////////////////////
#if SK_SUPPORT_GPU
@@ -238,6 +239,8 @@
float height = buffer.readScalar();
fSrcRect = SkRect::MakeXYWH(x, y, width, height);
fInset = buffer.readScalar();
+
+ buffer.validate(SkIsValidRect(fSrcRect) && SkScalarIsFinite(fInset));
}
// FIXME: implement single-input semantics
diff --git a/src/effects/SkMatrixConvolutionImageFilter.cpp b/src/effects/SkMatrixConvolutionImageFilter.cpp
index c89b9dc..909facb 100644
--- a/src/effects/SkMatrixConvolutionImageFilter.cpp
+++ b/src/effects/SkMatrixConvolutionImageFilter.cpp
@@ -20,6 +20,18 @@
#include "SkMatrix.h"
#endif
+static bool tile_mode_is_valid(SkMatrixConvolutionImageFilter::TileMode tileMode) {
+ switch (tileMode) {
+ case SkMatrixConvolutionImageFilter::kClamp_TileMode:
+ case SkMatrixConvolutionImageFilter::kRepeat_TileMode:
+ case SkMatrixConvolutionImageFilter::kClampToBlack_TileMode:
+ return true;
+ default:
+ break;
+ }
+ return false;
+}
+
SkMatrixConvolutionImageFilter::SkMatrixConvolutionImageFilter(
const SkISize& kernelSize,
const SkScalar* kernel,
@@ -59,6 +71,9 @@
fTarget.fY = buffer.readInt();
fTileMode = (TileMode) buffer.readInt();
fConvolveAlpha = buffer.readBool();
+ buffer.validate(SkScalarIsFinite(fGain) &&
+ SkScalarIsFinite(fBias) &&
+ tile_mode_is_valid(fTileMode));
}
void SkMatrixConvolutionImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {
diff --git a/src/effects/SkMergeImageFilter.cpp b/src/effects/SkMergeImageFilter.cpp
index 7d12ebe..a5c32ac 100755
--- a/src/effects/SkMergeImageFilter.cpp
+++ b/src/effects/SkMergeImageFilter.cpp
@@ -9,6 +9,7 @@
#include "SkCanvas.h"
#include "SkDevice.h"
#include "SkFlattenableBuffers.h"
+#include "SkValidationUtils.h"
///////////////////////////////////////////////////////////////////////////////
@@ -159,8 +160,12 @@
bool hasModes = buffer.readBool();
if (hasModes) {
this->initAllocModes();
- SkASSERT(buffer.getArrayCount() == countInputs() * sizeof(fModes[0]));
+ int nbInputs = countInputs();
+ SkASSERT(buffer.getArrayCount() == nbInputs * sizeof(fModes[0]));
buffer.readByteArray(fModes);
+ for (int i = 0; i < nbInputs; ++i) {
+ buffer.validate(SkIsValidMode((SkXfermode::Mode)fModes[i]));
+ }
} else {
fModes = 0;
}
diff --git a/src/effects/SkMorphologyImageFilter.cpp b/src/effects/SkMorphologyImageFilter.cpp
index d02e8ca..08e0ab2 100644
--- a/src/effects/SkMorphologyImageFilter.cpp
+++ b/src/effects/SkMorphologyImageFilter.cpp
@@ -23,6 +23,8 @@
: INHERITED(buffer) {
fRadius.fWidth = buffer.readInt();
fRadius.fHeight = buffer.readInt();
+ buffer.validate((fRadius.fWidth >= 0) &&
+ (fRadius.fHeight >= 0));
}
SkMorphologyImageFilter::SkMorphologyImageFilter(int radiusX, int radiusY, SkImageFilter* input, const CropRect* cropRect)
diff --git a/src/effects/SkOffsetImageFilter.cpp b/src/effects/SkOffsetImageFilter.cpp
index d684ded..fc8e71c 100644
--- a/src/effects/SkOffsetImageFilter.cpp
+++ b/src/effects/SkOffsetImageFilter.cpp
@@ -77,4 +77,6 @@
SkOffsetImageFilter::SkOffsetImageFilter(SkFlattenableReadBuffer& buffer) : INHERITED(buffer) {
buffer.readPoint(&fOffset);
+ buffer.validate(SkScalarIsFinite(fOffset.fX) &&
+ SkScalarIsFinite(fOffset.fY));
}
diff --git a/src/effects/SkTestImageFilters.cpp b/src/effects/SkTestImageFilters.cpp
index 788c33a..d0e21a3 100755
--- a/src/effects/SkTestImageFilters.cpp
+++ b/src/effects/SkTestImageFilters.cpp
@@ -78,4 +78,5 @@
SkDownSampleImageFilter::SkDownSampleImageFilter(SkFlattenableReadBuffer& buffer) : INHERITED(buffer) {
fScale = buffer.readScalar();
+ buffer.validate(SkScalarIsFinite(fScale));
}
diff --git a/src/effects/SkTileImageFilter.cpp b/src/effects/SkTileImageFilter.cpp
index a7374ad..8cc096c 100644
--- a/src/effects/SkTileImageFilter.cpp
+++ b/src/effects/SkTileImageFilter.cpp
@@ -13,6 +13,7 @@
#include "SkMatrix.h"
#include "SkPaint.h"
#include "SkShader.h"
+#include "SkValidationUtils.h"
bool SkTileImageFilter::onFilterImage(Proxy* proxy, const SkBitmap& src, const SkMatrix& ctm,
SkBitmap* dst, SkIPoint* offset) {
@@ -56,6 +57,7 @@
SkTileImageFilter::SkTileImageFilter(SkFlattenableReadBuffer& buffer) : INHERITED(buffer) {
buffer.readRect(&fSrcRect);
buffer.readRect(&fDstRect);
+ buffer.validate(SkIsValidRect(fSrcRect) && SkIsValidRect(fDstRect));
}
void SkTileImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {