Avoid a write to NULL in ReadFieldBinary

what happens is that we use vector_as_array(&data) which returns null if data is empty, but we don't check |size| whichcan be 0 so data.resize(size) still an empty vector. This is currently happening for browser_tests.exe in the waterfall. There might be a better fix but lots of tests are having exceptions so I want to stop that. TBR=mnissler BUG=none TEST=logs are clean Review URL: https://codereview.chromium.org/23961004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@222177 0039d316-1c4b-4281-b951-d872f2087c98

Avoid a write to NULL in ReadFieldBinary
what happens is that we use vector_as_array(&data) which returns null if data is empty, but we don't check |size| whichcan be 0 so data.resize(size) still an empty vector. This is currently happening for browser_tests.exe in the waterfall. There might be a better fix but lots of tests are having exceptions so I want to stop that. TBR=mnissler BUG=none TEST=logs are clean Review URL: https://codereview.chromium.org/23961004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@222177 0039d316-1c4b-4281-b951-d872f2087c98
ddfb7dce · cpu@chromium.org · 3ea28302 · ddfb7dce
Commit ddfb7dce authored Sep 10, 2013 by cpu@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

chrome/browser/policy/preg_parser_win.cc chrome/browser/policy/preg_parser_win.cc +2 -0

No files found.
--- a/chrome/browser/policy/preg_parser_win.cc
+++ b/chrome/browser/policy/preg_parser_win.cc
@@ -66,6 +66,8 @@ bool ReadFieldBinary(const uint8** cursor,
                     const uint8* end,
                     int size,
                     uint8* data) {
+  if (!size)
+    return false;
  const uint8* field_end = *cursor + size;
  if (field_end > end)
    return false;