michael@0: /* michael@0: * Copyright 2013 Google Inc. michael@0: * michael@0: * Use of this source code is governed by a BSD-style license that can be michael@0: * found in the LICENSE file. michael@0: */ michael@0: michael@0: #include "SkBitmap.h" michael@0: #include "SkErrorInternals.h" michael@0: #include "SkValidatingReadBuffer.h" michael@0: #include "SkStream.h" michael@0: #include "SkTypeface.h" michael@0: michael@0: SkValidatingReadBuffer::SkValidatingReadBuffer(const void* data, size_t size) : michael@0: fError(false) { michael@0: this->setMemory(data, size); michael@0: this->setFlags(SkReadBuffer::kValidation_Flag); michael@0: } michael@0: michael@0: SkValidatingReadBuffer::~SkValidatingReadBuffer() { michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::validate(bool isValid) { michael@0: if (!fError && !isValid) { michael@0: // When an error is found, send the read cursor to the end of the stream michael@0: fReader.skip(fReader.available()); michael@0: fError = true; michael@0: } michael@0: return !fError; michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::isValid() const { michael@0: return !fError; michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::setMemory(const void* data, size_t size) { michael@0: this->validate(IsPtrAlign4(data) && (SkAlign4(size) == size)); michael@0: if (!fError) { michael@0: fReader.setMemory(data, size); michael@0: } michael@0: } michael@0: michael@0: const void* SkValidatingReadBuffer::skip(size_t size) { michael@0: size_t inc = SkAlign4(size); michael@0: const void* addr = fReader.peek(); michael@0: this->validate(IsPtrAlign4(addr) && fReader.isAvailable(inc)); michael@0: if (!fError) { michael@0: fReader.skip(size); michael@0: } michael@0: return addr; michael@0: } michael@0: michael@0: // All the methods in this file funnel down into either readInt(), readScalar() or skip(), michael@0: // followed by a memcpy. So we've got all our validation in readInt(), readScalar() and skip(); michael@0: // if they fail they'll return a zero value or skip nothing, respectively, and set fError to michael@0: // true, which the caller should check to see if an error occurred during the read operation. michael@0: michael@0: bool SkValidatingReadBuffer::readBool() { michael@0: uint32_t value = this->readInt(); michael@0: // Boolean value should be either 0 or 1 michael@0: this->validate(!(value & ~1)); michael@0: return value != 0; michael@0: } michael@0: michael@0: SkColor SkValidatingReadBuffer::readColor() { michael@0: return this->readInt(); michael@0: } michael@0: michael@0: SkFixed SkValidatingReadBuffer::readFixed() { michael@0: return this->readInt(); michael@0: } michael@0: michael@0: int32_t SkValidatingReadBuffer::readInt() { michael@0: const size_t inc = sizeof(int32_t); michael@0: this->validate(IsPtrAlign4(fReader.peek()) && fReader.isAvailable(inc)); michael@0: return fError ? 0 : fReader.readInt(); michael@0: } michael@0: michael@0: SkScalar SkValidatingReadBuffer::readScalar() { michael@0: const size_t inc = sizeof(SkScalar); michael@0: this->validate(IsPtrAlign4(fReader.peek()) && fReader.isAvailable(inc)); michael@0: return fError ? 0 : fReader.readScalar(); michael@0: } michael@0: michael@0: uint32_t SkValidatingReadBuffer::readUInt() { michael@0: return this->readInt(); michael@0: } michael@0: michael@0: int32_t SkValidatingReadBuffer::read32() { michael@0: return this->readInt(); michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::readString(SkString* string) { michael@0: const size_t len = this->readInt(); michael@0: const void* ptr = fReader.peek(); michael@0: const char* cptr = (const char*)ptr; michael@0: michael@0: // skip over the string + '\0' and then pad to a multiple of 4 michael@0: const size_t alignedSize = SkAlign4(len + 1); michael@0: this->skip(alignedSize); michael@0: if (!fError) { michael@0: this->validate(cptr[len] == '\0'); michael@0: } michael@0: if (!fError) { michael@0: string->set(cptr, len); michael@0: } michael@0: } michael@0: michael@0: void* SkValidatingReadBuffer::readEncodedString(size_t* length, SkPaint::TextEncoding encoding) { michael@0: const int32_t encodingType = this->readInt(); michael@0: this->validate(encodingType == encoding); michael@0: *length = this->readInt(); michael@0: const void* ptr = this->skip(SkAlign4(*length)); michael@0: void* data = NULL; michael@0: if (!fError) { michael@0: data = sk_malloc_throw(*length); michael@0: memcpy(data, ptr, *length); michael@0: } michael@0: return data; michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::readPoint(SkPoint* point) { michael@0: point->fX = this->readScalar(); michael@0: point->fY = this->readScalar(); michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::readMatrix(SkMatrix* matrix) { michael@0: size_t size = 0; michael@0: if (!fError) { michael@0: size = matrix->readFromMemory(fReader.peek(), fReader.available()); michael@0: this->validate((SkAlign4(size) == size) && (0 != size)); michael@0: } michael@0: if (!fError) { michael@0: (void)this->skip(size); michael@0: } michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::readIRect(SkIRect* rect) { michael@0: const void* ptr = this->skip(sizeof(SkIRect)); michael@0: if (!fError) { michael@0: memcpy(rect, ptr, sizeof(SkIRect)); michael@0: } michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::readRect(SkRect* rect) { michael@0: const void* ptr = this->skip(sizeof(SkRect)); michael@0: if (!fError) { michael@0: memcpy(rect, ptr, sizeof(SkRect)); michael@0: } michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::readRegion(SkRegion* region) { michael@0: size_t size = 0; michael@0: if (!fError) { michael@0: size = region->readFromMemory(fReader.peek(), fReader.available()); michael@0: this->validate((SkAlign4(size) == size) && (0 != size)); michael@0: } michael@0: if (!fError) { michael@0: (void)this->skip(size); michael@0: } michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::readPath(SkPath* path) { michael@0: size_t size = 0; michael@0: if (!fError) { michael@0: size = path->readFromMemory(fReader.peek(), fReader.available()); michael@0: this->validate((SkAlign4(size) == size) && (0 != size)); michael@0: } michael@0: if (!fError) { michael@0: (void)this->skip(size); michael@0: } michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::readArray(void* value, size_t size, size_t elementSize) { michael@0: const uint32_t count = this->getArrayCount(); michael@0: this->validate(size == count); michael@0: (void)this->skip(sizeof(uint32_t)); // Skip array count michael@0: const size_t byteLength = count * elementSize; michael@0: const void* ptr = this->skip(SkAlign4(byteLength)); michael@0: if (!fError) { michael@0: memcpy(value, ptr, byteLength); michael@0: return true; michael@0: } michael@0: return false; michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::readByteArray(void* value, size_t size) { michael@0: return readArray(static_cast(value), size, sizeof(unsigned char)); michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::readColorArray(SkColor* colors, size_t size) { michael@0: return readArray(colors, size, sizeof(SkColor)); michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::readIntArray(int32_t* values, size_t size) { michael@0: return readArray(values, size, sizeof(int32_t)); michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::readPointArray(SkPoint* points, size_t size) { michael@0: return readArray(points, size, sizeof(SkPoint)); michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::readScalarArray(SkScalar* values, size_t size) { michael@0: return readArray(values, size, sizeof(SkScalar)); michael@0: } michael@0: michael@0: uint32_t SkValidatingReadBuffer::getArrayCount() { michael@0: const size_t inc = sizeof(uint32_t); michael@0: fError = fError || !IsPtrAlign4(fReader.peek()) || !fReader.isAvailable(inc); michael@0: return fError ? 0 : *(uint32_t*)fReader.peek(); michael@0: } michael@0: michael@0: void SkValidatingReadBuffer::readBitmap(SkBitmap* bitmap) { michael@0: const int width = this->readInt(); michael@0: const int height = this->readInt(); michael@0: const bool useBitmapHeap = this->readBool(); michael@0: const size_t length = this->readUInt(); michael@0: // A size of zero means the SkBitmap was simply flattened. michael@0: if (!this->validate(!useBitmapHeap && (0 == length))) { michael@0: return; michael@0: } michael@0: bitmap->unflatten(*this); michael@0: this->validate((bitmap->width() == width) && (bitmap->height() == height)); michael@0: } michael@0: michael@0: SkTypeface* SkValidatingReadBuffer::readTypeface() { michael@0: // TODO: Implement this (securely) when needed michael@0: return NULL; michael@0: } michael@0: michael@0: bool SkValidatingReadBuffer::validateAvailable(size_t size) { michael@0: return this->validate((size <= SK_MaxU32) && fReader.isAvailable(static_cast(size))); michael@0: } michael@0: michael@0: SkFlattenable* SkValidatingReadBuffer::readFlattenable(SkFlattenable::Type type) { michael@0: SkString name; michael@0: this->readString(&name); michael@0: if (fError) { michael@0: return NULL; michael@0: } michael@0: michael@0: // Is this the type we wanted ? michael@0: const char* cname = name.c_str(); michael@0: SkFlattenable::Type baseType; michael@0: if (!SkFlattenable::NameToType(cname, &baseType) || (baseType != type)) { michael@0: return NULL; michael@0: } michael@0: michael@0: SkFlattenable::Factory factory = SkFlattenable::NameToFactory(cname); michael@0: if (NULL == factory) { michael@0: return NULL; // writer failed to give us the flattenable michael@0: } michael@0: michael@0: // if we get here, factory may still be null, but if that is the case, the michael@0: // failure was ours, not the writer. michael@0: SkFlattenable* obj = NULL; michael@0: uint32_t sizeRecorded = this->readUInt(); michael@0: if (factory) { michael@0: uint32_t offset = fReader.offset(); michael@0: obj = (*factory)(*this); michael@0: // check that we read the amount we expected michael@0: uint32_t sizeRead = fReader.offset() - offset; michael@0: this->validate(sizeRecorded == sizeRead); michael@0: if (fError) { michael@0: // we could try to fix up the offset... michael@0: delete obj; michael@0: obj = NULL; michael@0: } michael@0: } else { michael@0: // we must skip the remaining data michael@0: this->skip(sizeRecorded); michael@0: SkASSERT(false); michael@0: } michael@0: return obj; michael@0: }