Index: third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp |
diff --git a/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp b/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp |
index 336309c7cf909d644187a332dfbc4e6ed85ed6f5..da5d1837e3d47a6a3704c5bf8f5a8a4319e476b0 100644 |
--- a/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp |
+++ b/third_party/WebKit/Source/bindings/core/v8/serialization/SerializedScriptValueFuzzer.cpp |
@@ -68,10 +68,12 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { |
// Used to control what kind of extra data is provided to the deserializer. |
unsigned hash = StringHasher::hashMemory(data, size); |
+ SerializedScriptValue::DeserializeOptions options; |
+ |
// If message ports are requested, make some. |
MessagePortArray* messagePorts = nullptr; |
if (hash & kFuzzMessagePorts) { |
- messagePorts = new MessagePortArray(3); |
+ options.messagePorts = new MessagePortArray(3); |
std::generate(messagePorts->begin(), messagePorts->end(), []() { |
WebMessagePortChannelUniquePtr channel(new WebMessagePortChannelImpl()); |
MessagePort* port = MessagePort::create(pageHolder->document()); |
@@ -81,7 +83,7 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { |
} |
// If blobs are requested, supply blob info. |
- const auto* blobs = (hash & kFuzzBlobInfo) ? blobInfoArray : nullptr; |
+ options.blobInfo = (hash & kFuzzBlobInfo) ? blobInfoArray : nullptr; |
// Set up. |
ScriptState* scriptState = ScriptState::forMainWorld(&pageHolder->frame()); |
@@ -92,7 +94,7 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { |
// Deserialize. |
RefPtr<SerializedScriptValue> serializedScriptValue = |
SerializedScriptValue::create(reinterpret_cast<const char*>(data), size); |
- serializedScriptValue->deserialize(isolate, messagePorts, blobs); |
+ serializedScriptValue->deserialize(isolate, options); |
CHECK(!tryCatch.HasCaught()) |
<< "deserialize() should return null rather than throwing an exception."; |