Fix PickleTest.GetReadPointerAndAdvance not to produce wild addresses while checking for overflows. BUG=117704 TBR=willchan Review URL: https://chromiumcodereview.appspot.com/9694034 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@126413 0039d316-1c4b-4281-b951-d872f2087c98

commit: 2d936058f70e65bc7751d1bc3adbf5df84a14fb0 [log] [tgz]
author: glider@chromium.org <glider@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Tue Mar 13 17:17:56 2012
committer: glider@chromium.org <glider@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Tue Mar 13 17:17:56 2012
tree: 23e894c7b9fc19d26dc61a61647e565747650217
parent: 451c89d68b41da87c3a549f5d3f84f9146018492 [diff] [blame]
diff --git a/base/pickle.cc b/base/pickle.cc
index a095e3593..3b8e0ce 100644
--- a/base/pickle.cc
+++ b/base/pickle.cc

@@ -45,13 +45,9 @@
 }
 
 const char* PickleIterator::GetReadPointerAndAdvance(int num_bytes) {
+  if (num_bytes < 0 || read_end_ptr_ - read_ptr_ < num_bytes)
+    return NULL;
   const char* current_read_ptr = read_ptr_;
-  const char* end_data_ptr = read_ptr_ + num_bytes;
-  if (num_bytes < 0)
-    return NULL;
-  // Check for enough space and for wrapping.
-  if (end_data_ptr > read_end_ptr_ || end_data_ptr < current_read_ptr)
-    return NULL;
   read_ptr_ += AlignInt(num_bytes, sizeof(uint32));
   return current_read_ptr;
 }
commit	2d936058f70e65bc7751d1bc3adbf5df84a14fb0	[log] [tgz]
author	glider@chromium.org <glider@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	Tue Mar 13 17:17:56 2012
committer	glider@chromium.org <glider@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	Tue Mar 13 17:17:56 2012
tree	23e894c7b9fc19d26dc61a61647e565747650217
parent	451c89d68b41da87c3a549f5d3f84f9146018492 [diff] [blame]