Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / skqp / c0b7e10c6a68f59e1653e6c18e6bc954b3c3f0cf^! / . / src / effects / SkLightingImageFilter.cpp
commitc0b7e10c6a68f59e1653e6c18e6bc954b3c3f0cf[log] [tgz]
authorcommit-bot@chromium.org <commit-bot@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81>Wed Oct 23 17:06:21 2013 +0000
committercommit-bot@chromium.org <commit-bot@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81>Wed Oct 23 17:06:21 2013 +0000
tree6a0bb372e8e3dfe22909629962e95d9c11ece4a9
parent759befb72c558202de65a480c44d7b27428ec312 [diff] [blame]
Initial error handling code

I made it as simple as possible. The impact seems minimal and it should do what's necessary to make this code secure.

BUG=

Committed: http://code.google.com/p/skia/source/detail?r=11247

R=reed@google.com, scroggo@google.com, djsollen@google.com, sugoi@google.com, bsalomon@google.com, mtklein@google.com, senorblanco@google.com, senorblanco@chromium.org

Author: sugoi@chromium.org

Review URL: https://codereview.chromium.org/23021015

git-svn-id: http://skia.googlecode.com/svn/trunk@11922 2bbb7eff-a529-9590-31e7-b0007b416f81

diff --git a/src/effects/SkLightingImageFilter.cpp b/src/effects/SkLightingImageFilter.cpp
index 4f05d25..dd23532 100644
--- a/src/effects/SkLightingImageFilter.cpp
+++ b/src/effects/SkLightingImageFilter.cpp

@@ -248,6 +248,9 @@
     point.fX = buffer.readScalar();
     point.fY = buffer.readScalar();
     point.fZ = buffer.readScalar();
+    buffer.validate(SkScalarIsFinite(point.fX) &&
+                    SkScalarIsFinite(point.fY) &&
+                    SkScalarIsFinite(point.fZ));
     return point;
 };
 
@@ -732,6 +735,10 @@
         fCosInnerConeAngle = buffer.readScalar();
         fConeScale = buffer.readScalar();
         fS = readPoint3(buffer);
+        buffer.validate(SkScalarIsFinite(fSpecularExponent) &&
+                        SkScalarIsFinite(fCosOuterConeAngle) &&
+                        SkScalarIsFinite(fCosInnerConeAngle) &&
+                        SkScalarIsFinite(fConeScale));
     }
 protected:
     SkSpotLight(const SkPoint3& location, const SkPoint3& target, SkScalar specularExponent, SkScalar cosOuterConeAngle, SkScalar cosInnerConeAngle, SkScalar coneScale, const SkPoint3& s, const SkPoint3& color)
@@ -876,13 +883,14 @@
 }
 
 SkLightingImageFilter::~SkLightingImageFilter() {
-    fLight->unref();
+    SkSafeUnref(fLight);
 }
 
 SkLightingImageFilter::SkLightingImageFilter(SkFlattenableReadBuffer& buffer)
   : INHERITED(buffer) {
     fLight = SkLight::UnflattenLight(buffer);
     fSurfaceScale = buffer.readScalar();
+    buffer.validate(SkScalarIsFinite(fSurfaceScale));
 }
 
 void SkLightingImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {
@@ -903,6 +911,7 @@
   : INHERITED(buffer)
 {
     fKD = buffer.readScalar();
+    buffer.validate(SkScalarIsFinite(fKD));
 }
 
 void SkDiffuseLightingImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {
@@ -986,6 +995,8 @@
 {
     fKS = buffer.readScalar();
     fShininess = buffer.readScalar();
+    buffer.validate(SkScalarIsFinite(fKS) &&
+                    SkScalarIsFinite(fShininess));
 }
 
 void SkSpecularLightingImageFilter::flatten(SkFlattenableWriteBuffer& buffer) const {