Don't iterate past the item in CheckCallSite am: 128e41a29a

Original change: https://android-review.googlesource.com/c/platform/art/+/3456241 Change-Id: I36ecf7889040eec651320229f013dbf738a1ee8c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Santiago Aboy Solanes <solanes@google.com> 2025-01-28 03:13:26 -0800
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2025-01-28 03:13:26 -0800
commit: c3670a7340134fd9adf13d155c61a8ed1acb3efc (patch)
tree: 772b0d002fec5026308362a0514915dc6b11a365
parent: 5e1e2cf87242565122ec1d3994af4ea91e7acdad (diff)
parent: 128e41a29a5f75bbb0b69fd57e4bd0a1b9a2cf37 (diff)
2 files changed, 5 insertions, 1 deletions
diff --git a/runtime/verifier/method_verifier.cc b/runtime/verifier/method_verifier.cc
index bf5ec7b745..06b95428cc 100644
--- a/runtime/verifier/method_verifier.cc
+++ b/runtime/verifier/method_verifier.cc
@@ -4501,7 +4501,11 @@ bool MethodVerifierImpl::CheckCallSite(uint32_t call_site_idx) {
                                         << index[i] << " >= " << type_and_max[i].second;
       return false;
     }
-    it.Next();
+
+    // Don't increase if we are going to read past the item.
+    if (i != kRequiredArguments - 1) {
+      it.Next();
+    }
   }
 
   // Check method handle kind is valid.
diff --git a/tools/fuzzer/class-verifier-corpus/b391852978.dex b/tools/fuzzer/class-verifier-corpus/b391852978.dex
new file mode 100644
index 0000000000..5f21123335
--- /dev/null
+++ b/tools/fuzzer/class-verifier-corpus/b391852978.dex
author	Santiago Aboy Solanes <solanes@google.com>	2025-01-28 03:13:26 -0800
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2025-01-28 03:13:26 -0800
commit	c3670a7340134fd9adf13d155c61a8ed1acb3efc (patch)
tree	772b0d002fec5026308362a0514915dc6b11a365
parent	5e1e2cf87242565122ec1d3994af4ea91e7acdad (diff)
parent	128e41a29a5f75bbb0b69fd57e4bd0a1b9a2cf37 (diff)