From 97b611492f15b0c0a2ec0a817c5befdae29c4c63 Mon Sep 17 00:00:00 2001
From: ShiJie <shijie20@huawei.com>
Date: Fri, 4 Nov 2022 21:46:52 +0800
Subject: [PATCH] test: FUZZ use case tests for buffer overflow

Signed-off-by: ShiJie <shijie20@huawei.com>
Change-Id: I75b3738681558698b15dd073cd11bdec51d9b638
---
 test/unittest/common/display_fuzzer/display_fuzzer.cpp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/test/unittest/common/display_fuzzer/display_fuzzer.cpp b/test/unittest/common/display_fuzzer/display_fuzzer.cpp
index 9ee7ff8..6a07b4f 100644
--- a/test/unittest/common/display_fuzzer/display_fuzzer.cpp
+++ b/test/unittest/common/display_fuzzer/display_fuzzer.cpp
@@ -88,7 +88,7 @@ static void SetBrightness(const uint8_t* data)
     g_displayMgrClient.SetBrightness(type[0]);
 }
 
-static void AdjustBrightness(const uint8_t* data)
+static void AdjustBrightness(const uint8_t* data, size_t size)
 {
     int32_t type[1];
     int32_t duration[1];
@@ -96,8 +96,8 @@ static void AdjustBrightness(const uint8_t* data)
     if ((memcpy_s(type, sizeof(type), data, idSize)) != EOK) {
         return;
     }
-    if ((memcpy_s(duration, sizeof(duration), (data+DATANUM), idSize)) != EOK) {
-        return;
+    if (size <= (idSize + DATANUM) || (memcpy_s(duration, sizeof(duration), (data + DATANUM), idSize) != EOK)) {
+        duration[INDEX_0] = type[INDEX_0];
     }
 
     g_displayMgrClient.AdjustBrightness(type[0], duration[0]);
@@ -228,7 +228,7 @@ bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size)
                 SetBrightness(data);
                 break;
             case ApiNumber::NUM_FIVE:
-                AdjustBrightness(data);
+                AdjustBrightness(data, size);
                 break;
             case ApiNumber::NUM_SIX:
                 AutoAdjustBrightness(data);
-- 
Gitee