removed previous double free crash, used new crash function

This commit is contained in:
Paul Cruz 2017-06-09 13:57:18 -07:00
parent be9b0ae627
commit 37e1b1488b

View File

@ -68,9 +68,8 @@ static size_t checkBuffers(const void* buff1, const void* buff2, size_t buffSize
return pos;
}
static void crashWithMessage(const char* message, int errorCode){
static void crash(int errorCode){
/* abort if AFL/libfuzzer, exit otherwise */
fprintf(stderr, "%s", message);
#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION /* could also use __AFL_COMPILER */
abort();
#else
@ -83,7 +82,6 @@ static void roundTripCheck(const void* srcBuff, size_t srcBuffSize)
size_t const cBuffSize = ZSTD_compressBound(srcBuffSize);
void* cBuff = malloc(cBuffSize);
void* rBuff = malloc(cBuffSize);
#define CRASH { free(cBuff); free(cBuff); } /* double free, to crash program */
if (!cBuff || !rBuff) {
fprintf(stderr, "not enough memory ! \n");
@ -93,15 +91,15 @@ static void roundTripCheck(const void* srcBuff, size_t srcBuffSize)
{ size_t const result = roundTripTest(rBuff, cBuffSize, cBuff, cBuffSize, srcBuff, srcBuffSize);
if (ZSTD_isError(result)) {
fprintf(stderr, "roundTripTest error : %s \n", ZSTD_getErrorName(result));
CRASH;
crash(1);
}
if (result != srcBuffSize) {
fprintf(stderr, "Incorrect regenerated size : %u != %u\n", (unsigned)result, (unsigned)srcBuffSize);
CRASH;
crash(1);
}
if (checkBuffers(srcBuff, rBuff, srcBuffSize) != srcBuffSize) {
fprintf(stderr, "Silent decoding corruption !!!");
CRASH;
crash(1);
}
}