ofz short read considered as a successful full block read
i.e StgDataStrm::Read takes the bool of no error and multiplies it by the block size to report the length read. A short read isn't an error so full buffer is considered valid. To keep #i73846# working and get deterministic fuzzing results, zero out the trailing space of a successful but short read. Changing this to return the truthful number of bytes read makes #i73846# stop working. There's wonderful nonsense here calculating nPg2, determining nBytes to read derived from this, reading nBytes into the buffer and then considering it an error if nPg2 is not 1 after the presumably potentially fatal buffer overflow if nPg2 wasn't initially 1, but this doesn't seem possible in practice Change-Id: I2bac6066deb8a2902677e04696367ba2c351b325 Reviewed-on: https://gerrit.libreoffice.org/44310Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com>
Showing
Please
register
or
sign in
to comment