Merge "Restrict domain of transact codes in fuzzService" am: 2f9a0e8220 am: 672c2c2de8 am: 8e338e081c Original change: https://android-review.googlesource.com/c/platform/frameworks/native/+/2334431 Change-Id: I6773a60b3718e90d503a0e58dbb92ec1835d514e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

commit: ff9c00ddc930794bd69efe277ec96cecf6faf7d3 [log] [tgz]
author: Steven Moreland <smoreland@google.com> Fri Dec 09 03:25:46 2022 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Fri Dec 09 03:25:46 2022 +0000
tree: 30bbbb4c2a47b45a27b3f8616e3b2aeace9333b1
parent: 1612a4ed8bf5e885cb6b58335e72039c5aed4f40 [diff]
parent: 8e338e081cd445ea1a7285ba06d107e75de4f7c2 [diff]
diff --git a/libs/binder/tests/parcel_fuzzer/libbinder_driver.cpp b/libs/binder/tests/parcel_fuzzer/libbinder_driver.cpp
index 86461c8..8bef33f 100644
--- a/libs/binder/tests/parcel_fuzzer/libbinder_driver.cpp
+++ b/libs/binder/tests/parcel_fuzzer/libbinder_driver.cpp

@@ -37,7 +37,9 @@
     }
 
     while (provider.remaining_bytes() > 0) {
-        uint32_t code = provider.ConsumeIntegral<uint32_t>();
+        // Most of the AIDL services will have small set of transaction codes.
+        uint32_t code = provider.ConsumeBool() ? provider.ConsumeIntegral<uint32_t>()
+                                               : provider.ConsumeIntegralInRange<uint32_t>(0, 100);
         uint32_t flags = provider.ConsumeIntegral<uint32_t>();
         Parcel data;
         // for increased fuzz coverage
commit	ff9c00ddc930794bd69efe277ec96cecf6faf7d3	[log] [tgz]
author	Steven Moreland <smoreland@google.com>	Fri Dec 09 03:25:46 2022 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	Fri Dec 09 03:25:46 2022 +0000
tree	30bbbb4c2a47b45a27b3f8616e3b2aeace9333b1
parent	1612a4ed8bf5e885cb6b58335e72039c5aed4f40 [diff]
parent	8e338e081cd445ea1a7285ba06d107e75de4f7c2 [diff]