Fix undefined behavior in DifferenceEstimator.
It is illegal to use pointers outside of the array. So I added
length checks to prevent it.
TEST= none
BUG= none
Review URL: https://codereview.chromium.org/1003643003
Cr-Commit-Position: refs/heads/master@{#320458}
diff --git a/courgette/difference_estimator.cc b/courgette/difference_estimator.cc
index f2f09e1..82c23ee 100644
--- a/courgette/difference_estimator.cc
+++ b/courgette/difference_estimator.cc
@@ -41,6 +41,8 @@
explicit Base(const Region& region) : region_(region) { }
void Init() {
+ if (region_.length() < kTupleSize)
+ return;
const uint8* start = region_.start();
const uint8* end = region_.end() - (kTupleSize - 1);
for (const uint8* p = start; p < end; ++p) {
@@ -96,16 +98,18 @@
size_t DifferenceEstimator::Measure(Base* base, Subject* subject) {
size_t mismatches = 0;
- const uint8* start = subject->region().start();
- const uint8* end = subject->region().end() - (kTupleSize - 1);
+ if (subject->region().length() >= kTupleSize) {
+ const uint8* start = subject->region().start();
+ const uint8* end = subject->region().end() - (kTupleSize - 1);
- const uint8* p = start;
- while (p < end) {
- size_t hash = HashTuple(p);
- if (base->hashes_.find(hash) == base->hashes_.end()) {
- ++mismatches;
+ const uint8* p = start;
+ while (p < end) {
+ size_t hash = HashTuple(p);
+ if (base->hashes_.find(hash) == base->hashes_.end()) {
+ ++mismatches;
+ }
+ p += 1;
}
- p += 1;
}
if (mismatches == 0) {
