Add some "fuzzing" tests for deserialization, and fixes for all of the problems discovered. Change-Id: I050344f6c6d0a19b7f3304d23729b4ca71c05042

commit: f2282b3c6690ccfaa7878886f01693ef4f0b3bed [log] [tgz]
author: Shawn Willden <swillden@google.com> Mon Aug 25 06:49:54 2014 -0600
committer: Shawn Willden <swillden@google.com> Mon Aug 25 06:49:54 2014 -0600
tree: 9ae51eb456740ac028e73bbf1a28cfa44b912dbc
parent: b663b61f00b1a51a2535520aa726f788fffdf34b [diff] [blame]
diff --git a/authorization_set.cpp b/authorization_set.cpp
index 9d26968..f6a38ee 100644
--- a/authorization_set.cpp
+++ b/authorization_set.cpp

@@ -344,10 +344,12 @@
 }
 
 bool AuthorizationSet::DeserializeIndirectData(const uint8_t** buf_ptr, const uint8_t* end) {
-    if (!copy_size_and_data_from_buf(buf_ptr, end, &indirect_data_size_, &indirect_data_)) {
+    UniquePtr<uint8_t[]> indirect_buf;
+    if (!copy_size_and_data_from_buf(buf_ptr, end, &indirect_data_size_, &indirect_buf)) {
         set_invalid(MALFORMED_DATA);
         return false;
     }
+    indirect_data_ = indirect_buf.release();
     return true;
 }
commit	f2282b3c6690ccfaa7878886f01693ef4f0b3bed	[log] [tgz]
author	Shawn Willden <swillden@google.com>	Mon Aug 25 06:49:54 2014 -0600
committer	Shawn Willden <swillden@google.com>	Mon Aug 25 06:49:54 2014 -0600
tree	9ae51eb456740ac028e73bbf1a28cfa44b912dbc
parent	b663b61f00b1a51a2535520aa726f788fffdf34b [diff] [blame]