From f44166ebd015cc504c7d6d4e94b5bb167988f49d Mon Sep 17 00:00:00 2001
From: Andreas Kling <andreas@ladybird.org>
Date: Wed, 18 Dec 2024 08:49:25 +0100
Subject: [PATCH] LibGfx: Allow IPC encode/decode of empty BitmapSequence

This would fail with EINVAL earlier, due to an attempt to create a
zero-length Core::AnonymousBuffer.

We fix this by transferring the buffer length separately, and only
going down the AnonymousBuffer allocation path if the length is
non-zero.
---
 Libraries/LibGfx/BitmapSequence.cpp | 33 ++++++++++++++++++-----------
 1 file changed, 21 insertions(+), 12 deletions(-)

diff --git a/Libraries/LibGfx/BitmapSequence.cpp b/Libraries/LibGfx/BitmapSequence.cpp
index 84dfd12e80..721559a61d 100644
--- a/Libraries/LibGfx/BitmapSequence.cpp
+++ b/Libraries/LibGfx/BitmapSequence.cpp
@@ -76,20 +76,24 @@ ErrorOr<void> encode(Encoder& encoder, Gfx::BitmapSequence const& bitmap_sequenc
 
     TRY(encoder.encode(metadata));
 
-    // collate all of the bitmap data into one contiguous buffer
-    auto collated_buffer = TRY(Core::AnonymousBuffer::create_with_size(total_buffer_size));
+    TRY(encoder.encode(total_buffer_size));
 
-    Bytes buffer_bytes = { collated_buffer.data<u8>(), collated_buffer.size() };
-    size_t write_offset = 0;
-    for (auto const& bitmap_option : bitmaps) {
-        if (bitmap_option.has_value()) {
-            auto const& bitmap = bitmap_option.value();
-            buffer_bytes.overwrite(write_offset, bitmap->scanline(0), bitmap->size_in_bytes());
-            write_offset += bitmap->size_in_bytes();
+    if (total_buffer_size > 0) {
+        // collate all of the bitmap data into one contiguous buffer
+        auto collated_buffer = TRY(Core::AnonymousBuffer::create_with_size(total_buffer_size));
+
+        Bytes buffer_bytes = { collated_buffer.data<u8>(), collated_buffer.size() };
+        size_t write_offset = 0;
+        for (auto const& bitmap_option : bitmaps) {
+            if (bitmap_option.has_value()) {
+                auto const& bitmap = bitmap_option.value();
+                buffer_bytes.overwrite(write_offset, bitmap->scanline(0), bitmap->size_in_bytes());
+                write_offset += bitmap->size_in_bytes();
+            }
         }
-    }
 
-    TRY(encoder.encode(collated_buffer));
+        TRY(encoder.encode(collated_buffer));
+    }
 
     return {};
 }
@@ -98,7 +102,12 @@ template<>
 ErrorOr<Gfx::BitmapSequence> decode(Decoder& decoder)
 {
     auto metadata_list = TRY(decoder.decode<Vector<Optional<Gfx::BitmapMetadata>>>());
-    auto collated_buffer = TRY(decoder.decode<Core::AnonymousBuffer>());
+
+    auto total_buffer_size = TRY(decoder.decode<size_t>());
+
+    Core::AnonymousBuffer collated_buffer;
+    if (total_buffer_size > 0)
+        collated_buffer = TRY(decoder.decode<Core::AnonymousBuffer>());
 
     Gfx::BitmapSequence result = {};
     auto& bitmaps = result.bitmaps;