From d1f31d0a4918dc9eacb2cb4ceaa7c9b8df6277de Mon Sep 17 00:00:00 2001
From: Kostya Serebryany <kcc@google.com>
Date: Sat, 1 Oct 2016 07:13:25 +0000
Subject: [libFuzzer] fix a recent bugs (buffer overflow)

llvm-svn: 283021
---
 llvm/lib/Fuzzer/FuzzerTracePC.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'llvm/lib/Fuzzer/FuzzerTracePC.cpp')

diff --git a/llvm/lib/Fuzzer/FuzzerTracePC.cpp b/llvm/lib/Fuzzer/FuzzerTracePC.cpp
index f02b71dc9de..07e3264f720 100644
--- a/llvm/lib/Fuzzer/FuzzerTracePC.cpp
+++ b/llvm/lib/Fuzzer/FuzzerTracePC.cpp
@@ -92,7 +92,7 @@ bool TracePC::FinalizeTrace(size_t InputSize) {
         else if (Counter >= 2) Bit = 1;
         size_t Feature = i * 8 + Bit;
         CounterMap.AddValue(Feature);
-        uint32_t *SizePtr = &InputSizesPerFeature[Feature];
+        uint32_t *SizePtr = &InputSizesPerFeature[Feature % kFeatureSetSize];
         if (!*SizePtr || *SizePtr > InputSize) {
           *SizePtr = InputSize;
           Res = true;
-- 
cgit v1.2.3