From f4b89044f075038d29089435f7620a068507d80e Mon Sep 17 00:00:00 2001 From: Joseph Bisch Date: Thu, 2 Nov 2017 11:48:30 -0400 Subject: Fix malloc parameter in fe-fuzz It is fairly safe to assume that sizeof(char) will always be 1 anyway and replace the size calculation with a comment explaining the calculation. --- src/fe-fuzz/irc/core/event-get-params.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/fe-fuzz') diff --git a/src/fe-fuzz/irc/core/event-get-params.c b/src/fe-fuzz/irc/core/event-get-params.c index fc21bbeb..f8060ffe 100644 --- a/src/fe-fuzz/irc/core/event-get-params.c +++ b/src/fe-fuzz/irc/core/event-get-params.c @@ -52,7 +52,8 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { return 0; } uint8_t count = *data; - char *copy = malloc(sizeof(char)*(size-1+1)); + /* malloc(size) instead of size+1, because we already used one byte of data */ + char *copy = malloc(size); memcpy(copy, data+1, size-1); copy[size-1] = '\0'; -- cgit v1.2.3