Possibly uninitialized SkRgnBuilder fStorage. fStorage needs to be initialized regardless of SkRgnBuilder::init()'s outcome - otherwise the destructor can end up freeing garbage. BUG=330293 R=reed@google.com, fmalita@google.com Author: fmalita@chromium.org Review URL: https://codereview.chromium.org/122313002 git-svn-id: http://skia.googlecode.com/svn/trunk@12846 2bbb7eff-a529-9590-31e7-b0007b416f81

commit: 73be1fc2b02757e3d98621d7cf735591aa6dffdb [log] [tgz]
author: commit-bot@chromium.org <commit-bot@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81> Mon Dec 30 16:21:06 2013 +0000
committer: commit-bot@chromium.org <commit-bot@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81> Mon Dec 30 16:21:06 2013 +0000
tree: ff9df578ab29497845a423f9b6585448eddca1d4
parent: 85e143c33c214e54187aa28146aa7666961a0d17 [diff]
diff --git a/src/core/SkRegion_path.cpp b/src/core/SkRegion_path.cpp
index 95247f4..03830e6 100644
--- a/src/core/SkRegion_path.cpp
+++ b/src/core/SkRegion_path.cpp

@@ -15,6 +15,7 @@
 
 class SkRgnBuilder : public SkBlitter {
 public:
+    SkRgnBuilder();
     virtual ~SkRgnBuilder();
 
     // returns true if it could allocate the working storage needed
@@ -98,6 +99,10 @@
     }
 };
 
+SkRgnBuilder::SkRgnBuilder()
+    : fStorage(NULL) {
+}
+
 SkRgnBuilder::~SkRgnBuilder() {
     sk_free(fStorage);
 }
commit	73be1fc2b02757e3d98621d7cf735591aa6dffdb	[log] [tgz]
author	commit-bot@chromium.org <commit-bot@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81>	Mon Dec 30 16:21:06 2013 +0000
committer	commit-bot@chromium.org <commit-bot@chromium.org@2bbb7eff-a529-9590-31e7-b0007b416f81>	Mon Dec 30 16:21:06 2013 +0000
tree	ff9df578ab29497845a423f9b6585448eddca1d4
parent	85e143c33c214e54187aa28146aa7666961a0d17 [diff]