Add assertions to ServerInlineMemoryTransferService to catch corrupted states while fuzzing with DawnWireServerFuzzer and tests.

Bug: chromium:1340654,chromium:1374495
Change-Id: Icfb008a1cd6dbd8af32f3aedc90ef29e29a0465b
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/106041
Commit-Queue: Brendon Tiszka <tiszka@chromium.org>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Reviewed-by: Austin Eng <enga@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
This commit is contained in:
Brendon Tiszka 2022-10-18 15:15:02 +00:00 committed by Dawn LUCI CQ
parent 333be21162
commit f3666c45f3
1 changed files with 2 additions and 0 deletions

View File

@ -51,6 +51,8 @@ class InlineMemoryTransferService : public MemoryTransferService {
size_t deserializeSize, size_t deserializeSize,
size_t offset, size_t offset,
size_t size) override { size_t size) override {
ASSERT(offset <= mDataLength);
ASSERT(size <= mDataLength - offset);
if (deserializeSize != size || mTargetData == nullptr || if (deserializeSize != size || mTargetData == nullptr ||
deserializePointer == nullptr) { deserializePointer == nullptr) {
return false; return false;