Merge "Proto filter: fix check on FilterBytecodeParser::Query" am: 4d6da8b4b2 am: 2188ab759d

Original change: https://android-review.googlesource.com/c/platform/external/perfetto/+/1708471

Change-Id: I65b99b2469dff6d8fe40ca2c04d346c60eda8a8a

2 files changed, 4 insertions, 1 deletions

diff --git a/src/protozero/filtering/filter_bytecode_parser.cc b/src/protozero/filtering/filter_bytecode_parser.cc
index 6bd1e769f..1a1d32fe8 100644
--- a/src/protozero/filtering/filter_bytecode_parser.cc
+++ b/src/protozero/filtering/filter_bytecode_parser.cc
@@ -172,8 +172,10 @@ FilterBytecodeParser::QueryResult FilterBytecodeParser::Query(
     uint32_t msg_index,
     uint32_t field_id) {
   FilterBytecodeParser::QueryResult res{false, 0u};
-  if (msg_index >= message_offset_.size() - 1)
+  if (static_cast<uint64_t>(msg_index) + 1 >=
+      static_cast<uint64_t>(message_offset_.size())) {
     return res;
+  }
   const uint32_t start_offset = message_offset_[msg_index];
   // These are DCHECKs and not just CHECKS because the |words_| is populated
   // by the LoadInternal call above. These cannot be violated with a malformed
diff --git a/src/protozero/filtering/filter_bytecode_parser_unittest.cc b/src/protozero/filtering/filter_bytecode_parser_unittest.cc
index 40c4aee76..28e4e4b28 100644
--- a/src/protozero/filtering/filter_bytecode_parser_unittest.cc
+++ b/src/protozero/filtering/filter_bytecode_parser_unittest.cc
@@ -47,6 +47,7 @@ TEST(FilterBytecodeParserTest, ParserSimpleFields) {
 
   EXPECT_TRUE(LoadBytecode(&parser, {}));
   EXPECT_FALSE(parser.Query(0, 0).allowed);
+  EXPECT_FALSE(parser.Query(0, 0xffffffff).allowed);
   EXPECT_FALSE(parser.Query(1, 0).allowed);
   EXPECT_FALSE(parser.Query(0, 1).allowed);
   EXPECT_FALSE(parser.Query(1, 1).allowed);