readCString: no ubsan sub-overflow Bug: 132650049 Test: fuzzer Change-Id: I1f6dcad6906951ab505a7500573b74b210a68705 Merged-In: I1f6dcad6906951ab505a7500573b74b210a68705 (cherry picked from commit 1086548c6ceb141e2852d2690db8386911a014dd)

commit: 09b9d9f92e6d907cc5a85d675aa668932284b8c6 [log] [tgz]
author: Steven Moreland <smoreland@google.com> Fri May 17 13:11:30 2019 -0700
committer: Nikoli Cartagena <dargeren@google.com> Mon Jun 10 15:55:19 2019 -0700
tree: d5b669af21169a1171d7db344f32641a1e84b243
parent: 4090b75b5b78e9a60b2e50cd1ec2e9a38385e8cb [diff]
diff --git a/Parcel.cpp b/Parcel.cpp
index efddf74..9f6bd56 100644
--- a/Parcel.cpp
+++ b/Parcel.cpp

@@ -1332,8 +1332,8 @@
 
 const char* Parcel::readCString() const
 {
-    const size_t avail = mDataSize-mDataPos;
-    if (avail > 0) {
+    if (mDataPos < mDataSize) {
+        const size_t avail = mDataSize-mDataPos;
         const char* str = reinterpret_cast<const char*>(mData+mDataPos);
         // is the string's trailing NUL within the parcel's valid bounds?
         const char* eos = reinterpret_cast<const char*>(memchr(str, 0, avail));
commit	09b9d9f92e6d907cc5a85d675aa668932284b8c6	[log] [tgz]
author	Steven Moreland <smoreland@google.com>	Fri May 17 13:11:30 2019 -0700
committer	Nikoli Cartagena <dargeren@google.com>	Mon Jun 10 15:55:19 2019 -0700
tree	d5b669af21169a1171d7db344f32641a1e84b243
parent	4090b75b5b78e9a60b2e50cd1ec2e9a38385e8cb [diff]