diff options
-rw-r--r-- | gfx/skia/skia/src/gpu/GrBufferAllocPool.cpp | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/gfx/skia/skia/src/gpu/GrBufferAllocPool.cpp b/gfx/skia/skia/src/gpu/GrBufferAllocPool.cpp index 993e1c59dc..c6097b03bb 100644 --- a/gfx/skia/skia/src/gpu/GrBufferAllocPool.cpp +++ b/gfx/skia/skia/src/gpu/GrBufferAllocPool.cpp @@ -152,13 +152,18 @@ void* GrBufferAllocPool::makeSpace(size_t size, BufferBlock& back = fBlocks.back(); size_t usedBytes = back.fBuffer->gpuMemorySize() - back.fBytesFree; size_t pad = GrSizeAlignUpPad(usedBytes, alignment); - if ((size + pad) <= back.fBytesFree) { + SkSafeMath safeMath; + size_t alignedSize = safeMath.add(pad, size); + if (!safeMath.ok()) { + return nullptr; + } + if (alignedSize <= back.fBytesFree) { memset((void*)(reinterpret_cast<intptr_t>(fBufferPtr) + usedBytes), 0, pad); usedBytes += pad; *offset = usedBytes; *buffer = back.fBuffer; - back.fBytesFree -= size + pad; - fBytesInUse += size + pad; + back.fBytesFree -= alignedSize; + fBytesInUse += alignedSize; VALIDATE(); return (void*)(reinterpret_cast<intptr_t>(fBufferPtr) + usedBytes); } |