encounter
/
dawn-cmake
mirror of https://github.com/encounter/dawn-cmake.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fuzzers: Fix memcpy in Reader::read 

We were copying to the address-of the `out` pointer parameter, not the actual pointer.
It's seriously troubling that the fuzzers didn't fail sooner on this.

Fixed: chromium:1230266
Fixed: chromium:1230352
Fixed: chromium:1230356
Fixed: chromium:1230358
Fixed: chromium:1230376
Fixed: chromium:1230377
Fixed: chromium:1230378
Fixed: chromium:1230384
Fixed: chromium:1230395
Fixed: chromium:1230406
Change-Id: I4f67f10127e89f873ab628e5af76b7455d113276
Reviewed-on: https://dawn-review.googlesource.com/c/tint/+/58681
Auto-Submit: Ben Clayton <bclayton@google.com>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Commit-Queue: Ben Clayton <bclayton@google.com>
Kokoro: Kokoro <noreply+kokoro@google.com>
This commit is contained in:
Ben Clayton 2021-07-19 10:38:39 +00:00 committed by Tint LUCI CQ
parent 890363145a
commit 73f0dde6d0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fuzzers/tint_common_fuzzer.cc
View File

@ -115,7 +115,7 @@ void Reader::read(void* out, size_t n) {
mark_failed(); mark_failed();
return; return;
} }
memcpy(&out, data_, n); memcpy(out, data_, n);
data_ += n; data_ += n;
size_ -= n; size_ -= n;
} }