From 2a6d6e504712dcddd030a6007d9dfbb089258619 Mon Sep 17 00:00:00 2001 From: Leon Scroggins III Date: Wed, 17 Jun 2015 11:56:43 -0400 Subject: Fixes for Region_writeToParcel. Check the return value of Parcel::writeInplace. If it is NULL, there was a failure, so do not attempt to write to it. Instead, report the error and return false. If SkRegion::writeToMemory claims to have written a different amount of memory than it claimed it needed, report that error as well. Change uses of NULL in this function to nullptr. BUG:21271229 BUG:20666821 Change-Id: Ia6160f74f30bf42f5ff97f716dadb01d1f0d6961 --- core/jni/android/graphics/Region.cpp | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'core') diff --git a/core/jni/android/graphics/Region.cpp b/core/jni/android/graphics/Region.cpp index 3bab2df..e99bdfc 100644 --- a/core/jni/android/graphics/Region.cpp +++ b/core/jni/android/graphics/Region.cpp @@ -231,15 +231,24 @@ static jlong Region_createFromParcel(JNIEnv* env, jobject clazz, jobject parcel) static jboolean Region_writeToParcel(JNIEnv* env, jobject clazz, jlong regionHandle, jobject parcel) { const SkRegion* region = reinterpret_cast(regionHandle); - if (parcel == NULL) { + if (parcel == nullptr) { return JNI_FALSE; } android::Parcel* p = android::parcelForJavaObject(env, parcel); - size_t size = region->writeToMemory(NULL); + const size_t size = region->writeToMemory(nullptr); p->writeInt32(size); - region->writeToMemory(p->writeInplace(size)); + void* dst = p->writeInplace(size); + if (dst == nullptr) { + ALOGE("Region.writeToParcel could not write %zi bytes", size); + return JNI_FALSE; + } + const size_t sizeWritten = region->writeToMemory(dst); + if (sizeWritten != size) { + ALOGE("SkRegion::writeToMemory should have written %zi bytes but wrote %zi", + size, sizeWritten); + } return JNI_TRUE; } -- cgit v1.1