The fuzzer triggered relatively new code that
missized the split cubic array, i.e., if a cubic
is split in three places it makes four cubics.
The fuzzer triggered other relative new code
that permits a contour to be empty. This happens
when a line crosses over itself but doesn't
enclose anything.
R=kjlubick@google.com
BUG=skia:6061
Change-Id: I0c04d0d390ff1092f7b3bb28ebbfca517451f497
Reviewed-on: https://skia-review.googlesource.com/6223
Commit-Queue: Cary Clark <caryclark@google.com>
Reviewed-by: Kevin Lubick <kjlubick@google.com>
#include "SkTSort.h"
void SkOpContour::toPath(SkPathWriter* path) const {
+ if (!this->count()) {
+ return;
+ }
const SkOpSegment* segment = &fHead;
do {
SkAssertResult(segment->addCurveTo(segment->head(), segment->tail(), path));
SkPoint fReduced[4];
SkPath::Verb fVerb;
bool fCanAdd;
- } splits[3];
- SkASSERT(SK_ARRAY_COUNT(splits) == SK_ARRAY_COUNT(splitT));
+ } splits[4];
+ SkASSERT(SK_ARRAY_COUNT(splits) == SK_ARRAY_COUNT(splitT) + 1);
+ SkTQSort(splitT, &splitT[breaks - 1]);
for (int index = 0; index <= breaks; ++index) {
Splitsville* split = &splits[index];
split->fT[0] = index ? splitT[index - 1] : 0;
}
SkOpSpan* SkOpContour::findSortableTop(SkOpContour* contourHead) {
- SkOpSegment* testSegment = &fHead;
bool allDone = true;
- do {
- if (testSegment->done()) {
- continue;
- }
- allDone = false;
- SkOpSpan* result = testSegment->findSortableTop(contourHead);
- if (result) {
- return result;
- }
- } while ((testSegment = testSegment->next()));
+ if (fCount) {
+ SkOpSegment* testSegment = &fHead;
+ do {
+ if (testSegment->done()) {
+ continue;
+ }
+ allDone = false;
+ SkOpSpan* result = testSegment->findSortableTop(contourHead);
+ if (result) {
+ return result;
+ }
+ } while ((testSegment = testSegment->next()));
+ }
if (allDone) {
fDone = true;
}
projects / platform / upstream / libSkiaSharp.git / commitdiff