Add assertions to ServerInlineMemoryTransferService to catch corrupted states while fuzzing with DawnWireServerFuzzer and tests.
Bug: chromium:1340654,chromium:1374495 Change-Id: Icfb008a1cd6dbd8af32f3aedc90ef29e29a0465b Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106041 Commit-Queue: Brendon Tiszka <tiszka@chromium.org> Reviewed-by: Corentin Wallez <cwallez@chromium.org> Reviewed-by: Austin Eng <enga@chromium.org> Kokoro: Kokoro <noreply+kokoro@google.com>
This commit is contained in:
parent
333be21162
commit
f3666c45f3
|
@ -51,6 +51,8 @@ class InlineMemoryTransferService : public MemoryTransferService {
|
||||||
size_t deserializeSize,
|
size_t deserializeSize,
|
||||||
size_t offset,
|
size_t offset,
|
||||||
size_t size) override {
|
size_t size) override {
|
||||||
|
ASSERT(offset <= mDataLength);
|
||||||
|
ASSERT(size <= mDataLength - offset);
|
||||||
if (deserializeSize != size || mTargetData == nullptr ||
|
if (deserializeSize != size || mTargetData == nullptr ||
|
||||||
deserializePointer == nullptr) {
|
deserializePointer == nullptr) {
|
||||||
return false;
|
return false;
|
||||||
|
|
Loading…
Reference in New Issue