diff options
| author | Joey Jiao <joeyjiaojg@gmail.com> | 2021-03-23 15:34:26 +0800 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2021-03-23 16:01:33 +0100 |
| commit | e613994b8bbf6c2f1a76a1a49a9752482b582923 (patch) | |
| tree | 849bd18351d650cea911f96643091cb184465eac /executor | |
| parent | 8092f30df01f3443831725509ef5a3dae26122c0 (diff) | |
syz-manager, executor: fix out-of-bound access
There is an out-of-bound array access when cov filter enabled.
Diffstat (limited to 'executor')
| -rw-r--r-- | executor/cov_filter.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/executor/cov_filter.h b/executor/cov_filter.h index 8c7531d1f..f43b57738 100644 --- a/executor/cov_filter.h +++ b/executor/cov_filter.h @@ -31,7 +31,7 @@ static void init_coverage_filter(char* filename) cov_filter = (cov_filter_t*)mmap(preferred, st.st_size, PROT_READ, MAP_PRIVATE, f, 0); if (cov_filter != preferred) failmsg("failed to mmap coverage filter bitmap", "want=%p, got=%p", preferred, cov_filter); - if ((uint32)st.st_size != sizeof(uint32) * 2 + ((cov_filter->pcsize >> 4) + 7) / 8) + if ((uint32)st.st_size != sizeof(uint32) * 2 + ((cov_filter->pcsize >> 4) / 8 + 1)) fail("bad coverage filter bitmap size"); close(f); } |