Fix hit test query fuzzer

This patch fixes a bug in previous fuzzer patch. We need to use "and" operand to make sure the flag contains kHitTestAsk. Bug: 905463 Change-Id: I13935185756dfef4474b94975bfec833469bdac1 Reviewed-on: https://chromium-review.googlesource.com/c/1351271Reviewed-by: Ria Jiang <riajiang@chromium.org> Commit-Queue: Xianda Sun <sunxd@chromium.org> Cr-Commit-Position: refs/heads/master@{#610871}

Fix hit test query fuzzer
This patch fixes a bug in previous fuzzer patch. We need to use "and" operand to make sure the flag contains kHitTestAsk. Bug: 905463 Change-Id: I13935185756dfef4474b94975bfec833469bdac1 Reviewed-on: https://chromium-review.googlesource.com/c/1351271Reviewed-by: Ria Jiang <riajiang@chromium.org> Commit-Queue: Xianda Sun <sunxd@chromium.org> Cr-Commit-Position: refs/heads/master@{#610871}
bacac8f7 · Xianda Sun · Commit Bot · 798c47c8 · bacac8f7
Commit bacac8f7 authored Nov 26, 2018 by Xianda Sun Committed by Commit Bot Nov 26, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

components/viz/host/hit_test/hit_test_query_fuzzer.cc components/viz/host/hit_test/hit_test_query_fuzzer.cc +1 -1

No files found.
--- a/components/viz/host/hit_test/hit_test_query_fuzzer.cc
+++ b/components/viz/host/hit_test/hit_test_query_fuzzer.cc
@@ -30,7 +30,7 @@ void AddHitTestRegion(base::FuzzedDataProvider* fuzz,
  uint32_t flags = GetNextUInt32(fuzz);
  // The reasons' value is kNotAsyncHitTest if the flag's value is kHitTestAsk.
  uint32_t reasons =
-      (flags | viz::HitTestRegionFlags::kHitTestAsk)
+      (flags & viz::HitTestRegionFlags::kHitTestAsk)
          ? fuzz->ConsumeUint32InRange(1, std::numeric_limits<uint32_t>::max())
          : viz::AsyncHitTestReasons::kNotAsyncHitTest;
  gfx::Rect rect(fuzz->ConsumeUint8(), fuzz->ConsumeUint8(),