1 /*
2 * Copyright 2013 Google Inc.
3 *
4 * Use of this source code is governed by a BSD-style license that can be
5 * found in the LICENSE file.
6 */
7
8 #include "SkBitmap.h"
9 #include "SkErrorInternals.h"
10 #include "SkValidatingReadBuffer.h"
11 #include "SkStream.h"
12 #include "SkTypeface.h"
13
SkValidatingReadBuffer(const void * data,size_t size)14 SkValidatingReadBuffer::SkValidatingReadBuffer(const void* data, size_t size) :
15 fError(false) {
16 this->setMemory(data, size);
17 this->setFlags(SkReadBuffer::kValidation_Flag);
18 }
19
~SkValidatingReadBuffer()20 SkValidatingReadBuffer::~SkValidatingReadBuffer() {
21 }
22
validate(bool isValid)23 bool SkValidatingReadBuffer::validate(bool isValid) {
24 if (!fError && !isValid) {
25 // When an error is found, send the read cursor to the end of the stream
26 fReader.skip(fReader.available());
27 fError = true;
28 }
29 return !fError;
30 }
31
isValid() const32 bool SkValidatingReadBuffer::isValid() const {
33 return !fError;
34 }
35
setMemory(const void * data,size_t size)36 void SkValidatingReadBuffer::setMemory(const void* data, size_t size) {
37 this->validate(IsPtrAlign4(data) && (SkAlign4(size) == size));
38 if (!fError) {
39 fReader.setMemory(data, size);
40 }
41 }
42
skip(size_t size)43 const void* SkValidatingReadBuffer::skip(size_t size) {
44 size_t inc = SkAlign4(size);
45 const void* addr = fReader.peek();
46 this->validate(IsPtrAlign4(addr) && fReader.isAvailable(inc));
47 if (!fError) {
48 fReader.skip(size);
49 }
50 return addr;
51 }
52
53 // All the methods in this file funnel down into either readInt(), readScalar() or skip(),
54 // followed by a memcpy. So we've got all our validation in readInt(), readScalar() and skip();
55 // if they fail they'll return a zero value or skip nothing, respectively, and set fError to
56 // true, which the caller should check to see if an error occurred during the read operation.
57
readBool()58 bool SkValidatingReadBuffer::readBool() {
59 uint32_t value = this->readInt();
60 // Boolean value should be either 0 or 1
61 this->validate(!(value & ~1));
62 return value != 0;
63 }
64
readColor()65 SkColor SkValidatingReadBuffer::readColor() {
66 return this->readInt();
67 }
68
readFixed()69 SkFixed SkValidatingReadBuffer::readFixed() {
70 return this->readInt();
71 }
72
readInt()73 int32_t SkValidatingReadBuffer::readInt() {
74 const size_t inc = sizeof(int32_t);
75 this->validate(IsPtrAlign4(fReader.peek()) && fReader.isAvailable(inc));
76 return fError ? 0 : fReader.readInt();
77 }
78
readScalar()79 SkScalar SkValidatingReadBuffer::readScalar() {
80 const size_t inc = sizeof(SkScalar);
81 this->validate(IsPtrAlign4(fReader.peek()) && fReader.isAvailable(inc));
82 return fError ? 0 : fReader.readScalar();
83 }
84
readUInt()85 uint32_t SkValidatingReadBuffer::readUInt() {
86 return this->readInt();
87 }
88
read32()89 int32_t SkValidatingReadBuffer::read32() {
90 return this->readInt();
91 }
92
readString(SkString * string)93 void SkValidatingReadBuffer::readString(SkString* string) {
94 const size_t len = this->readUInt();
95 const void* ptr = fReader.peek();
96 const char* cptr = (const char*)ptr;
97
98 // skip over the string + '\0' and then pad to a multiple of 4
99 const size_t alignedSize = SkAlign4(len + 1);
100 this->skip(alignedSize);
101 if (!fError) {
102 this->validate(cptr[len] == '\0');
103 }
104 if (!fError) {
105 string->set(cptr, len);
106 }
107 }
108
readEncodedString(size_t * length,SkPaint::TextEncoding encoding)109 void* SkValidatingReadBuffer::readEncodedString(size_t* length, SkPaint::TextEncoding encoding) {
110 const int32_t encodingType = this->readInt();
111 this->validate(encodingType == encoding);
112 *length = this->readInt();
113 const void* ptr = this->skip(SkAlign4(*length));
114 void* data = nullptr;
115 if (!fError) {
116 data = sk_malloc_throw(*length);
117 memcpy(data, ptr, *length);
118 }
119 return data;
120 }
121
readPoint(SkPoint * point)122 void SkValidatingReadBuffer::readPoint(SkPoint* point) {
123 point->fX = this->readScalar();
124 point->fY = this->readScalar();
125 }
126
readMatrix(SkMatrix * matrix)127 void SkValidatingReadBuffer::readMatrix(SkMatrix* matrix) {
128 size_t size = 0;
129 if (!fError) {
130 size = matrix->readFromMemory(fReader.peek(), fReader.available());
131 this->validate((SkAlign4(size) == size) && (0 != size));
132 }
133 if (!fError) {
134 (void)this->skip(size);
135 }
136 }
137
readIRect(SkIRect * rect)138 void SkValidatingReadBuffer::readIRect(SkIRect* rect) {
139 const void* ptr = this->skip(sizeof(SkIRect));
140 if (!fError) {
141 memcpy(rect, ptr, sizeof(SkIRect));
142 }
143 }
144
readRect(SkRect * rect)145 void SkValidatingReadBuffer::readRect(SkRect* rect) {
146 const void* ptr = this->skip(sizeof(SkRect));
147 if (!fError) {
148 memcpy(rect, ptr, sizeof(SkRect));
149 }
150 }
151
readRegion(SkRegion * region)152 void SkValidatingReadBuffer::readRegion(SkRegion* region) {
153 size_t size = 0;
154 if (!fError) {
155 size = region->readFromMemory(fReader.peek(), fReader.available());
156 this->validate((SkAlign4(size) == size) && (0 != size));
157 }
158 if (!fError) {
159 (void)this->skip(size);
160 }
161 }
162
readPath(SkPath * path)163 void SkValidatingReadBuffer::readPath(SkPath* path) {
164 size_t size = 0;
165 if (!fError) {
166 size = path->readFromMemory(fReader.peek(), fReader.available());
167 this->validate((SkAlign4(size) == size) && (0 != size));
168 }
169 if (!fError) {
170 (void)this->skip(size);
171 }
172 }
173
readArray(void * value,size_t size,size_t elementSize)174 bool SkValidatingReadBuffer::readArray(void* value, size_t size, size_t elementSize) {
175 const uint32_t count = this->getArrayCount();
176 this->validate(size == count);
177 (void)this->skip(sizeof(uint32_t)); // Skip array count
178 const uint64_t byteLength64 = sk_64_mul(count, elementSize);
179 const size_t byteLength = count * elementSize;
180 this->validate(byteLength == byteLength64);
181 const void* ptr = this->skip(SkAlign4(byteLength));
182 if (!fError) {
183 memcpy(value, ptr, byteLength);
184 return true;
185 }
186 return false;
187 }
188
readByteArray(void * value,size_t size)189 bool SkValidatingReadBuffer::readByteArray(void* value, size_t size) {
190 return readArray(static_cast<unsigned char*>(value), size, sizeof(unsigned char));
191 }
192
readColorArray(SkColor * colors,size_t size)193 bool SkValidatingReadBuffer::readColorArray(SkColor* colors, size_t size) {
194 return readArray(colors, size, sizeof(SkColor));
195 }
196
readIntArray(int32_t * values,size_t size)197 bool SkValidatingReadBuffer::readIntArray(int32_t* values, size_t size) {
198 return readArray(values, size, sizeof(int32_t));
199 }
200
readPointArray(SkPoint * points,size_t size)201 bool SkValidatingReadBuffer::readPointArray(SkPoint* points, size_t size) {
202 return readArray(points, size, sizeof(SkPoint));
203 }
204
readScalarArray(SkScalar * values,size_t size)205 bool SkValidatingReadBuffer::readScalarArray(SkScalar* values, size_t size) {
206 return readArray(values, size, sizeof(SkScalar));
207 }
208
getArrayCount()209 uint32_t SkValidatingReadBuffer::getArrayCount() {
210 const size_t inc = sizeof(uint32_t);
211 fError = fError || !IsPtrAlign4(fReader.peek()) || !fReader.isAvailable(inc);
212 return fError ? 0 : *(uint32_t*)fReader.peek();
213 }
214
readTypeface()215 SkTypeface* SkValidatingReadBuffer::readTypeface() {
216 SkASSERT(false);
217 // TODO: Implement this (securely) when needed
218 return nullptr;
219 }
220
validateAvailable(size_t size)221 bool SkValidatingReadBuffer::validateAvailable(size_t size) {
222 return this->validate((size <= SK_MaxU32) && fReader.isAvailable(static_cast<uint32_t>(size)));
223 }
224
readFlattenable(SkFlattenable::Type type)225 SkFlattenable* SkValidatingReadBuffer::readFlattenable(SkFlattenable::Type type) {
226 SkString name;
227 this->readString(&name);
228 if (fError) {
229 return nullptr;
230 }
231
232 // Is this the type we wanted ?
233 const char* cname = name.c_str();
234 SkFlattenable::Type baseType;
235 if (!SkFlattenable::NameToType(cname, &baseType) || (baseType != type)) {
236 return nullptr;
237 }
238
239 SkFlattenable::Factory factory = SkFlattenable::NameToFactory(cname);
240 if (nullptr == factory) {
241 return nullptr; // writer failed to give us the flattenable
242 }
243
244 // if we get here, factory may still be null, but if that is the case, the
245 // failure was ours, not the writer.
246 SkFlattenable* obj = nullptr;
247 uint32_t sizeRecorded = this->readUInt();
248 if (factory) {
249 size_t offset = fReader.offset();
250 obj = (*factory)(*this);
251 // check that we read the amount we expected
252 size_t sizeRead = fReader.offset() - offset;
253 this->validate(sizeRecorded == sizeRead);
254 if (fError) {
255 // we could try to fix up the offset...
256 SkSafeUnref(obj);
257 obj = nullptr;
258 }
259 } else {
260 // we must skip the remaining data
261 this->skip(sizeRecorded);
262 SkASSERT(false);
263 }
264 return obj;
265 }
266
skipFlattenable()267 void SkValidatingReadBuffer::skipFlattenable() {
268 SkString name;
269 this->readString(&name);
270 if (fError) {
271 return;
272 }
273 uint32_t sizeRecorded = this->readUInt();
274 this->skip(sizeRecorded);
275 }
276