From 310ee92edd0846a3d8ca99665f12bd79c6b10acd Mon Sep 17 00:00:00 2001
From: Henry Lin <henryharry93@gmail.com>
Date: Tue, 4 Jul 2023 14:01:17 +0200
Subject: [PATCH] jpeg-js: Initial integration (#10636)

Integrating jpeg-js into OSS-Fuzz.
---
 projects/jpeg-js/Dockerfile     | 26 ++++++++++++++++++++++
 projects/jpeg-js/build.sh       | 23 ++++++++++++++++++++
 projects/jpeg-js/fuzz_decode.js | 33 ++++++++++++++++++++++++++++
 projects/jpeg-js/fuzz_encode.js | 38 +++++++++++++++++++++++++++++++++
 projects/jpeg-js/project.yaml   | 14 ++++++++++++
 5 files changed, 134 insertions(+)
 create mode 100644 projects/jpeg-js/Dockerfile
 create mode 100644 projects/jpeg-js/build.sh
 create mode 100644 projects/jpeg-js/fuzz_decode.js
 create mode 100644 projects/jpeg-js/fuzz_encode.js
 create mode 100644 projects/jpeg-js/project.yaml

diff --git a/projects/jpeg-js/Dockerfile b/projects/jpeg-js/Dockerfile
new file mode 100644
index 000000000..f82d5a58f
--- /dev/null
+++ b/projects/jpeg-js/Dockerfile
@@ -0,0 +1,26 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder-javascript
+
+COPY build.sh $SRC/
+
+RUN git clone --depth 1 https://github.com/jpeg-js/jpeg-js
+
+COPY fuzz_encode.js $SRC/jpeg-js
+COPY fuzz_decode.js $SRC/jpeg-js
+
+WORKDIR $SRC/jpeg-js
\ No newline at end of file
diff --git a/projects/jpeg-js/build.sh b/projects/jpeg-js/build.sh
new file mode 100644
index 000000000..2ee131e77
--- /dev/null
+++ b/projects/jpeg-js/build.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+npm install --save-dev @jazzer.js/core 
+npm i
+
+# Build Fuzzers.
+compile_javascript_fuzzer jpeg-js fuzz_encode.js -i jpeg-js --sync
+compile_javascript_fuzzer jpeg-js fuzz_decode.js -i jpeg-js --sync
\ No newline at end of file
diff --git a/projects/jpeg-js/fuzz_decode.js b/projects/jpeg-js/fuzz_decode.js
new file mode 100644
index 000000000..5c065d590
--- /dev/null
+++ b/projects/jpeg-js/fuzz_decode.js
@@ -0,0 +1,33 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+const { FuzzedDataProvider } = require('@jazzer.js/core');
+const jpeg = require("./index");
+
+module.exports.fuzz = function (data) {
+    const provider = new FuzzedDataProvider(data);
+
+    try {
+        jpeg.decode(provider.consumeBytes(provider.consumeIntegralInRange(0, 2**48-1)),
+            {useTArray: provider.consumeBoolean(),
+                colorTransform: provider.consumeBoolean(),
+                formatAsRGBA: provider.consumeBoolean(),
+                tolerantDecoding: provider.consumeBoolean()}
+        );
+    } catch (error) {
+        // Catch all errors to find more critical bugs.
+    }
+};
diff --git a/projects/jpeg-js/fuzz_encode.js b/projects/jpeg-js/fuzz_encode.js
new file mode 100644
index 000000000..1d2aadb4e
--- /dev/null
+++ b/projects/jpeg-js/fuzz_encode.js
@@ -0,0 +1,38 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+const { FuzzedDataProvider } = require('@jazzer.js/core');
+const jpeg = require("./index");
+
+module.exports.fuzz = function (data) {
+    const provider = new FuzzedDataProvider(data);
+
+    var width = provider.consumeIntegralInRange(0, 2**48-1),
+        height = provider.consumeIntegralInRange(0, 2**48-1),
+        quality = provider.consumeIntegralInRange(0, 2**48-1);
+    var frameData = provider.consumeRemainingAsBytes();
+    var rawImageData = {
+        data: frameData,
+        width: width,
+        height: height,
+    };
+
+    try {
+        var jpegImageData = jpeg.encode(rawImageData, quality);
+    } catch (error) {
+        // Catch all errors to find critical bugs.
+    }
+};
\ No newline at end of file
diff --git a/projects/jpeg-js/project.yaml b/projects/jpeg-js/project.yaml
new file mode 100644
index 000000000..fbe1bac8d
--- /dev/null
+++ b/projects/jpeg-js/project.yaml
@@ -0,0 +1,14 @@
+homepage: https://github.com/jpeg-js/jpeg-js
+language: javascript
+main_repo: https://github.com/jpeg-js/jpeg-js
+fuzzing_engines:
+- libfuzzer
+sanitizers:
+- none
+vendor_ccs:
+  - "wagner@code-intelligence.com"
+  - "yakdan@code-intelligence.com"
+  - "patrice.salathe@code-intelligence.com"
+  - "hlin@code-intelligence.com"
+  - "christopher.krah@code-intelligence.com"
+  - "bug-disclosure@code-intelligence.com"
\ No newline at end of file