Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5a77e63f authored by S Vasudev Prasad's avatar S Vasudev Prasad
Browse files

Fix Stack-use-after-scope error in mediametrics_service_fuzzer.cpp 

In C2Fuzzer, the lambda variable 'value' was declared on stack and
accessed after the function went out of scope leading to
Stack-use-after-scope error. It is now been declared as a member
of the fuzzer object.

Bug: 192502871
Test: Tested with ASAN:
      Stack-use-after-scope error without the fix and
      no errors reported with fix

Change-Id: I9a23bd6c801092ae64101313f5dc96225fd64f2c
parent 086eb84e

services/mediametrics/fuzzer/mediametrics_service_fuzzer.cpp

+2 −2
Original line number Diff line number Diff line
@@ -48,6 +48,7 @@ class MediaMetricsServiceFuzzer { 
    void invokeAudioAnalytics(const uint8_t *data, size_t size);

    void invokeTimedAction(const uint8_t *data, size_t size);

    void process(const uint8_t *data, size_t size);

    std::atomic_int mValue = 0;

};



void MediaMetricsServiceFuzzer::invokeStartsWith(const uint8_t *data, size_t size) {
@@ -340,11 +341,10 @@ void MediaMetricsServiceFuzzer::invokeAudioAnalytics(const uint8_t *data, size_t 
void MediaMetricsServiceFuzzer::invokeTimedAction(const uint8_t *data, size_t size) {

    FuzzedDataProvider fdp = FuzzedDataProvider(data, size);

    android::mediametrics::TimedAction timedAction;

    std::atomic_int value = 0;



    while (fdp.remaining_bytes()) {

        timedAction.postIn(std::chrono::seconds(fdp.ConsumeIntegral<int32_t>()),

                           [&value] { ++value; });

                           [this] { ++mValue; });

        timedAction.size();

    }

}