From bbc75e3e81b49c3e1fb6ac2e2daf0e3fdb887507 Mon Sep 17 00:00:00 2001
From: Axel Souchet <1476421+0vercl0k@users.noreply.github.com>
Date: Thu, 5 Aug 2021 21:30:40 -0700
Subject: [PATCH] Fix hevd module (#16)

This PR fixes a bug in the `fuzzer_hevd.cc logic` where the out buffer pointer was getting overwritten instead of the out buffer size.
---
 src/wtf/fuzzer_hevd.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/wtf/fuzzer_hevd.cc b/src/wtf/fuzzer_hevd.cc
index 23048c7..a56d2b6 100644
--- a/src/wtf/fuzzer_hevd.cc
+++ b/src/wtf/fuzzer_hevd.cc
@@ -50,7 +50,7 @@ bool InsertTestcase(const uint8_t *Buffer, const size_t BufferSize) {
 
   g_Backend->R9(IoctlBufferSize);
   const Gva_t Rsp = Gva_t(g_Backend->Rsp());
-  const Gva_t OutBufferSizePtr = Rsp + Gva_t(4 * sizeof(uint64_t));
+  const Gva_t OutBufferSizePtr = Rsp + Gva_t(5 * sizeof(uint64_t));
   if (!g_Backend->VirtWriteStructDirty(OutBufferSizePtr, &IoctlBufferSize)) {
     DebugPrint("VirtWriteStructDirty failed\n");
     return false;