Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / skqp / ec84612c09ec60a93d7a736e6b0818cab6a5c8ec
commitec84612c09ec60a93d7a736e6b0818cab6a5c8ec[log] [tgz]
authorMike Klein <mtklein@chromium.org>Mon Feb 26 11:56:30 2018 -0500
committerSkia Commit-Bot <skia-commit-bot@chromium.org>Mon Feb 26 18:27:58 2018 +0000
tree2b153b3536118d4fe6928f7f0746f697abaa043c
parenta77c253a1de8e7f1e8ba1614159101f0b5891547 [diff]
fix mask address calculation

Switching the math from using fMaskPtr.stride to using mask.fRowBytes
fixes the integer overflow here.  However, if done naively it'd still do
the math wrong, as mask.fRowBytes is stored as a uint32_t, and the
32-bit overflow still happens, silently.  So we explicitly promote to
size_t too.

As a follow up we should consider turning on 'integer' sanitizer, which
treats unsigned integer overflow as an error.  Even though it's
technically defined, it's likely not intended.

Bug: skia:7563

Change-Id: Ia579d4f5615ed28180e6aaf3d4c3b54f516e655c
Reviewed-on: https://skia-review.googlesource.com/110260
Commit-Queue: Mike Klein <mtklein@chromium.org>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
1 file changed
tree: 2b153b3536118d4fe6928f7f0746f697abaa043c
  1. animations/
  2. bench/
  3. bin/
  4. debugger/
  5. dm/
  6. docs/
  7. example/
  8. experimental/
  9. fuzz/
  10. gm/
  11. gn/
  12. include/
  13. infra/
  14. platform_tools/
  15. resources/
  16. samplecode/
  17. site/
  18. src/
  19. tests/
  20. third_party/
  21. tools/
  22. .clang-format
  23. .gitignore
  24. .gn
  25. AUTHORS
  26. BUILD.gn
  27. codereview.settings
  28. CONTRIBUTING
  29. CQ_COMMITTERS
  30. DEPS
  31. Doxyfile
  32. LICENSE
  33. OWNERS
  34. PRESUBMIT.py
  35. public.bzl
  36. README
  37. README.chromium
  38. whitespace.txt