[libFuzzer] fix a recent bugs (buffer overflow)

llvm-svn: 283021
author: Kostya Serebryany <kcc@google.com> 2016-10-01 07:13:25 +0000
committer: Kostya Serebryany <kcc@google.com> 2016-10-01 07:13:25 +0000
commit: d1f31d0a4918dc9eacb2cb4ceaa7c9b8df6277de (patch)
tree: f4f1b04a75f2ab5e2a86d9642c8a2de26dee4703
parent: 5eb5ade894cae8cb454264a1ba524e34b46c77e1 (diff)
download: bcm5719-llvm-d1f31d0a4918dc9eacb2cb4ceaa7c9b8df6277de.tar.gz
bcm5719-llvm-d1f31d0a4918dc9eacb2cb4ceaa7c9b8df6277de.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerTracePC.cpp b/llvm/lib/Fuzzer/FuzzerTracePC.cpp
index f02b71dc9de..07e3264f720 100644
--- a/llvm/lib/Fuzzer/FuzzerTracePC.cpp
+++ b/llvm/lib/Fuzzer/FuzzerTracePC.cpp
@@ -92,7 +92,7 @@ bool TracePC::FinalizeTrace(size_t InputSize) {
         else if (Counter >= 2) Bit = 1;
         size_t Feature = i * 8 + Bit;
         CounterMap.AddValue(Feature);
-        uint32_t *SizePtr = &InputSizesPerFeature[Feature];
+        uint32_t *SizePtr = &InputSizesPerFeature[Feature % kFeatureSetSize];
         if (!*SizePtr || *SizePtr > InputSize) {
           *SizePtr = InputSize;
           Res = true;
author	Kostya Serebryany <kcc@google.com>	2016-10-01 07:13:25 +0000
committer	Kostya Serebryany <kcc@google.com>	2016-10-01 07:13:25 +0000
commit	d1f31d0a4918dc9eacb2cb4ceaa7c9b8df6277de (patch)
tree	f4f1b04a75f2ab5e2a86d9642c8a2de26dee4703
parent	5eb5ade894cae8cb454264a1ba524e34b46c77e1 (diff)
download	bcm5719-llvm-d1f31d0a4918dc9eacb2cb4ceaa7c9b8df6277de.tar.gz bcm5719-llvm-d1f31d0a4918dc9eacb2cb4ceaa7c9b8df6277de.zip