libldac-encode_fuzzer: Bug Fix am: b0b2df3f09 am: 31aa7ddc23 am: a01f8664df

Original change: https://android-review.googlesource.com/c/platform/external/libldac/+/2015996

Change-Id: Ic3613de9cfc6b3e9368728a16d4a2165fcd6054b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

1 files changed, 14 insertions, 1 deletions

diff --git a/fuzzer/libldac_encode_fuzzer.cc b/fuzzer/libldac_encode_fuzzer.cc
index 2f293f1..51d8729 100644
--- a/fuzzer/libldac_encode_fuzzer.cc
+++ b/fuzzer/libldac_encode_fuzzer.cc
@@ -6,7 +6,13 @@
 #include <stddef.h>
 #include "ldacBT.h"
 
+#include <string.h>
+#include <vector>
+
 #define TESTFUNC_TYPE extern "C" int
+constexpr int32_t kMaxWlValue = 4;
+constexpr int32_t kMaxChValue = 2;
+constexpr int32_t kMaxFrameSize = LDACBT_ENC_LSU * kMaxWlValue * kMaxChValue;
 
 TESTFUNC_TYPE
 LLVMFuzzerTestOneInput(const uint8_t *buf, size_t size)
@@ -27,10 +33,17 @@ LLVMFuzzerTestOneInput(const uint8_t *buf, size_t size)
         LDACBT_CHANNEL_MODE_DUAL_CHANNEL,
         LDACBT_SMPL_FMT_S16,
         48000);
+    uint8_t *readPointer = const_cast<uint8_t *>(buf);
+    std::vector<uint8_t> tmpData(kMaxFrameSize);
+
+    if (size < kMaxFrameSize) {
+      memcpy(tmpData.data(), buf, size);
+      readPointer = tmpData.data();
+    }
 
     ldacBT_encode(
         hLdacBt,
-        (void *)(&buf + 44),
+        readPointer,
         &pcm_used,
         p_stream,
         &stream_sz,