Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[lcms] Add new fuzzer (#4109) 

* added new cms_transform_fuzzer, getting code instrumentation error

* build working, renamed new fuzzer
This commit is contained in:
Ravi Jotwani 2020-07-10 19:26:12 -07:00 committed by GitHub
parent cd665e2a82
commit 07fbdfb29b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 43 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
projects/lcms/Dockerfile
View File

@ -18,4 +18,4 @@ FROM gcr.io/oss-fuzz-base/base-builder
RUN apt-get update && apt-get install -y make autoconf automake libtool
RUN git clone --depth 1 https://github.com/mm2/Little-CMS.git lcms
WORKDIR lcms
COPY build.sh cmsIT8_load_fuzzer.* cms_transform_fuzzer.* icc.dict $SRC/
COPY build.sh cmsIT8_load_fuzzer.* cms_transform_fuzzer.* cms_overwrite_transform_fuzzer.* icc.dict $SRC/

2
projects/lcms/build.sh
View File

@ -20,7 +20,7 @@
make -j$(nproc) all
# build your fuzzer(s)
FUZZERS="cmsIT8_load_fuzzer cms_transform_fuzzer"
FUZZERS="cmsIT8_load_fuzzer cms_transform_fuzzer cms_overwrite_transform_fuzzer"
for F in $FUZZERS; do
$CC $CFLAGS -c -Iinclude \
$SRC/$F.c -o $SRC/$F.o

39
projects/lcms/cms_overwrite_transform_fuzzer.c Normal file
View File

@ -0,0 +1,39 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <stdint.h>
#include "lcms2.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
if (size < 2) {
return 0;
}
size_t mid = size / 2;
cmsHPROFILE hInProfile, hOutProfile;
cmsHTRANSFORM hTransform;
hInProfile = cmsOpenProfileFromMem(data, mid);
hOutProfile = cmsOpenProfileFromMem(data + mid, size - mid);
hTransform = cmsCreateTransform(hInProfile, TYPE_BGR_8, hOutProfile,
TYPE_BGR_8, INTENT_PERCEPTUAL, 0);
cmsCloseProfile(hInProfile);
cmsCloseProfile(hOutProfile);
if (hTransform) {
cmsDeleteTransform(hTransform);
}
return 0;
}

2
projects/lcms/cms_overwrite_transform_fuzzer.options Normal file
View File

@ -0,0 +1,2 @@
[libfuzzer]
dict = icc.dict