From 5bb9d06dac7f5a31b9514ed91fd84ab712929426 Mon Sep 17 00:00:00 2001
From: Mike Aizatsky <aizatsky@chromium.org>
Date: Fri, 8 Apr 2016 23:32:24 +0000
Subject: [PATCH] [libfuzzer] defensive assert

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@265866 91177308-0d34-0410-b5e6-96231b3b80d8
---
 lib/Fuzzer/FuzzerLoop.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/Fuzzer/FuzzerLoop.cpp b/lib/Fuzzer/FuzzerLoop.cpp
index f09ac058a8d..afdc9fa8540 100644
--- a/lib/Fuzzer/FuzzerLoop.cpp
+++ b/lib/Fuzzer/FuzzerLoop.cpp
@@ -503,8 +503,9 @@ void Fuzzer::MutateAndTestOne() {
 
   auto &U = ChooseUnitToMutate();
   MutateInPlaceHere.resize(Options.MaxLen);
-  memcpy(MutateInPlaceHere.data(), U.data(), U.size());
   size_t Size = U.size();
+  assert(Size <= Options.MaxLen && "Oversized Unit");
+  memcpy(MutateInPlaceHere.data(), U.data(), Size);
 
   for (int i = 0; i < Options.MutateDepth; i++) {
     size_t NewSize = 0;