Use actual consumed buffer length to call AParcel_unmarshal Test: m binder_parcel_fuzzer && out/host/linux-x86/fuzz/x86_64/binder_parcel_fuzzer/binder_parcel_fuzzer Bug: 264746958 Change-Id: I379d04b0e25d5f9f475352abb9a078542cb0eb5d

commit: 396171846d20198bada9dd3b80af8a5c96244e45 [log] [tgz]
author: Pawan Wagh <waghpawan@google.com> Mon Jan 09 23:43:06 2023 +0000
committer: Pawan Wagh <waghpawan@google.com> Tue Jan 10 00:20:39 2023 +0000
tree: 0c0b6252525707bea81cf8209439d6736c0da1fd
parent: 4cd0373251a9841920d26ccd6b0b50583b9ad026 [diff]
diff --git a/libs/binder/tests/parcel_fuzzer/binder_ndk.cpp b/libs/binder/tests/parcel_fuzzer/binder_ndk.cpp
index fa0cc81..08eb27a 100644
--- a/libs/binder/tests/parcel_fuzzer/binder_ndk.cpp
+++ b/libs/binder/tests/parcel_fuzzer/binder_ndk.cpp

@@ -213,8 +213,9 @@
             size_t len = provider.ConsumeIntegralInRange<size_t>(0, provider.remaining_bytes());
             std::vector<uint8_t> parcelData = provider.ConsumeBytes<uint8_t>(len);
             const uint8_t* buffer = parcelData.data();
+            const size_t bufferLen = parcelData.size();
             NdkParcelAdapter adapter;
-            binder_status_t status = AParcel_unmarshal(adapter.aParcel(), buffer, len);
+            binder_status_t status = AParcel_unmarshal(adapter.aParcel(), buffer, bufferLen);
             FUZZ_LOG() << "status: " << status;
         },
commit	396171846d20198bada9dd3b80af8a5c96244e45	[log] [tgz]
author	Pawan Wagh <waghpawan@google.com>	Mon Jan 09 23:43:06 2023 +0000
committer	Pawan Wagh <waghpawan@google.com>	Tue Jan 10 00:20:39 2023 +0000
tree	0c0b6252525707bea81cf8209439d6736c0da1fd
parent	4cd0373251a9841920d26ccd6b0b50583b9ad026 [diff]