Possibly uninitialized SkRgnBuilder fStorage.

fStorage needs to be initialized regardless of SkRgnBuilder::init()'s
outcome - otherwise the destructor can end up freeing garbage.

BUG=330293
R=reed@google.com, fmalita@google.com

Author: fmalita@chromium.org

Review URL: https://codereview.chromium.org/122313002

git-svn-id: http://skia.googlecode.com/svn/trunk@12846 2bbb7eff-a529-9590-31e7-b0007b416f81

diff --git a/src/core/SkRegion_path.cpp b/src/core/SkRegion_path.cpp
index 95247f4..03830e6 100644 (file)
--- a/src/core/SkRegion_path.cpp
+++ b/src/core/SkRegion_path.cpp
@@ -15,6 +15,7 @@
 
 class SkRgnBuilder : public SkBlitter {
 public:
+    SkRgnBuilder();
     virtual ~SkRgnBuilder();
 
     // returns true if it could allocate the working storage needed
@@ -98,6 +99,10 @@ private:
     }
 };
 
+SkRgnBuilder::SkRgnBuilder()
+    : fStorage(NULL) {
+}
+
 SkRgnBuilder::~SkRgnBuilder() {
     sk_free(fStorage);
 }