[libfuzzer] defensive assert

llvm-svn: 265866
author: Mike Aizatsky <aizatsky@chromium.org> 2016-04-08 23:32:24 +0000
committer: Mike Aizatsky <aizatsky@chromium.org> 2016-04-08 23:32:24 +0000
commit: 94e29668b0e53d9792c40671308cae8320325405 (patch)
tree: 5f7e012ad6d7783793888bbed811d0b39451acb8 /llvm/lib/Fuzzer/FuzzerLoop.cpp
parent: f96fd0dd1d2b55af1e4347ad4c23a91e713a55b0 (diff)
download: llvm-94e29668b0e53d9792c40671308cae8320325405.zip
llvm-94e29668b0e53d9792c40671308cae8320325405.tar.gz
llvm-94e29668b0e53d9792c40671308cae8320325405.tar.bz2
1 files changed, 2 insertions, 1 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerLoop.cpp b/llvm/lib/Fuzzer/FuzzerLoop.cpp
index f09ac05..afdc9fa 100644
--- a/llvm/lib/Fuzzer/FuzzerLoop.cpp
+++ b/llvm/lib/Fuzzer/FuzzerLoop.cpp
@@ -503,8 +503,9 @@ void Fuzzer::MutateAndTestOne() {
 
   auto &U = ChooseUnitToMutate();
   MutateInPlaceHere.resize(Options.MaxLen);
-  memcpy(MutateInPlaceHere.data(), U.data(), U.size());
   size_t Size = U.size();
+  assert(Size <= Options.MaxLen && "Oversized Unit");
+  memcpy(MutateInPlaceHere.data(), U.data(), Size);
 
   for (int i = 0; i < Options.MutateDepth; i++) {
     size_t NewSize = 0;
author	Mike Aizatsky <aizatsky@chromium.org>	2016-04-08 23:32:24 +0000
committer	Mike Aizatsky <aizatsky@chromium.org>	2016-04-08 23:32:24 +0000
commit	94e29668b0e53d9792c40671308cae8320325405 (patch)
tree	5f7e012ad6d7783793888bbed811d0b39451acb8 /llvm/lib/Fuzzer/FuzzerLoop.cpp
parent	f96fd0dd1d2b55af1e4347ad4c23a91e713a55b0 (diff)
download	llvm-94e29668b0e53d9792c40671308cae8320325405.zip llvm-94e29668b0e53d9792c40671308cae8320325405.tar.gz llvm-94e29668b0e53d9792c40671308cae8320325405.tar.bz2