1 files changed, 13 insertions, 4 deletions

diff --git a/src/libfuzzer/libfuzzer_macro.cc b/src/libfuzzer/libfuzzer_macro.cc
index c37276d..b2a5302 100644
--- a/src/libfuzzer/libfuzzer_macro.cc
+++ b/src/libfuzzer/libfuzzer_macro.cc
@@ -14,6 +14,8 @@
 
 #include "src/libfuzzer/libfuzzer_macro.h"
 
+#include <algorithm>
+
 #include "src/binary_format.h"
 #include "src/libfuzzer/libfuzzer_mutator.h"
 #include "src/text_format.h"
@@ -94,13 +96,19 @@ Mutator* GetMutator() {
   return &mutator;
 }
 
+size_t GetMaxSize(const InputReader& input, const OutputWriter& output,
+                  const protobuf::Message& message) {
+  size_t max_size = message.ByteSizeLong() + output.size();
+  max_size -= std::min(max_size, input.size());
+  return max_size;
+}
+
 size_t MutateMessage(unsigned int seed, const InputReader& input,
                      OutputWriter* output, protobuf::Message* message) {
   GetMutator()->Seed(seed);
   input.Read(message);
-  GetMutator()->Mutate(message, output->size() > input.size()
-                                    ? (output->size() - input.size())
-                                    : 0);
+  size_t max_size = GetMaxSize(input, *output, *message);
+  GetMutator()->Mutate(message, max_size);
   if (size_t new_size = output->Write(*message)) {
     assert(new_size <= output->size());
     return new_size;
@@ -115,7 +123,8 @@ size_t CrossOverMessages(unsigned int seed, const InputReader& input1,
   GetMutator()->Seed(seed);
   input1.Read(message1);
   input2.Read(message2);
-  GetMutator()->CrossOver(*message2, message1);
+  size_t max_size = GetMaxSize(input1, *output, *message1);
+  GetMutator()->CrossOver(*message2, message1, max_size);
   if (size_t new_size = output->Write(*message1)) {
     assert(new_size <= output->size());
     return new_size;