From 9bac6ac04671938299c3acb92a3331c05994ed64 Mon Sep 17 00:00:00 2001
From: Kevin Lubick <kjlubick@users.noreply.github.com>
Date: Thu, 30 Aug 2018 18:03:06 -0400
Subject: [PATCH] [skia] Add Pathop fuzzer (#1775)

---
 projects/skia/BUILD.gn.diff | 12 ++++++++++++
 projects/skia/Dockerfile    |  9 ++++++---
 projects/skia/build.sh      |  6 +++++-
 projects/skia/skia.diff     | 14 +++++++-------
 4 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/projects/skia/BUILD.gn.diff b/projects/skia/BUILD.gn.diff
index 1817d6488..b1feb902c 100644
--- a/projects/skia/BUILD.gn.diff
+++ b/projects/skia/BUILD.gn.diff
@@ -143,6 +143,18 @@ test_app("api_path_measure") {
   ]
 }
 
+test_app("api_pathop") {
+  sources = [
+    "fuzz/FuzzCommon.cpp",
+    "fuzz/FuzzPathop.cpp",
+    "fuzz/oss_fuzz/FuzzPathop.cpp",
+  ]
+  deps = [
+    ":flags",
+    ":skia",
+  ]
+}
+
 test_app("api_raster_n32_canvas") {
   include_dirs = [
     "tools",
diff --git a/projects/skia/Dockerfile b/projects/skia/Dockerfile
index 0b06d46c9..677fc8dc5 100644
--- a/projects/skia/Dockerfile
+++ b/projects/skia/Dockerfile
@@ -58,6 +58,8 @@ RUN wget -O $SRC/skia/api_image_filter_seed_corpus.zip https://storage.googleapi
 
 RUN wget -O $SRC/skia/api_path_measure_seed_corpus.zip https://storage.googleapis.com/skia-fuzzer/oss-fuzz/api_path_measure_seed_corpus.zip
 
+RUN wget -O $SRC/skia/api_pathop_seed_corpus.zip https://storage.googleapis.com/skia-fuzzer/oss-fuzz/api_pathop_seed_corpus.zip
+
 RUN wget -O $SRC/skia/canvas_seed_corpus.zip https://storage.googleapis.com/skia-fuzzer/oss-fuzz/canvas_seed_corpus.zip
 
 RUN wget -O $SRC/skia/encoder_seed_corpus.zip https://storage.googleapis.com/skia-fuzzer/oss-fuzz/encoder_seed_corpus.zip
@@ -85,10 +87,11 @@ COPY encoder.options $SRC/skia/encoder.options
 COPY api_fuzzers.options $SRC/skia/api_draw_functions.options
 COPY api_fuzzers.options $SRC/skia/api_gradients.options
 COPY api_fuzzers.options $SRC/skia/api_image_filter.options
-COPY api_fuzzers.options $SRC/skia/api_path_measure.options
-COPY api_fuzzers.options $SRC/skia/api_raster_n32_canvas.options
-COPY api_fuzzers.options $SRC/skia/api_null_canvas.options
 COPY api_fuzzers.options $SRC/skia/api_mock_gpu_canvas.options
+COPY api_fuzzers.options $SRC/skia/api_null_canvas.options
+COPY api_fuzzers.options $SRC/skia/api_path_measure.options
+COPY api_fuzzers.options $SRC/skia/api_pathop.options
+COPY api_fuzzers.options $SRC/skia/api_raster_n32_canvas.options
 
 COPY json.dict $SRC/skia/json.dict
 
diff --git a/projects/skia/build.sh b/projects/skia/build.sh
index 4d88edc16..f9dbd647b 100644
--- a/projects/skia/build.sh
+++ b/projects/skia/build.sh
@@ -93,7 +93,7 @@ $SRC/depot_tools/ninja -C out/Fuzz region_deserialize region_set_path \
                                    api_gradients api_path_measure png_encoder \
                                    jpeg_encoder webp_encoder skottie_json \
                                    textblob_deserialize skjson \
-                                   api_null_canvas api_image_filter
+                                   api_null_canvas api_image_filter api_pathop
 
 $SRC/depot_tools/ninja -C out/Fuzz_mem_constraints image_filter_deserialize \
                                                    api_raster_n32_canvas \
@@ -149,6 +149,10 @@ cp out/Fuzz/api_path_measure $OUT/api_path_measure
 cp ./api_path_measure.options $OUT/api_path_measure.options
 cp ./api_path_measure_seed_corpus.zip $OUT/api_path_measure_seed_corpus.zip
 
+cp out/Fuzz/api_pathop $OUT/api_pathop
+cp ./api_pathop.options $OUT/api_pathop.options
+cp ./api_pathop_seed_corpus.zip $OUT/api_pathop_seed_corpus.zip
+
 cp out/Fuzz/png_encoder $OUT/png_encoder
 cp ./encoder.options $OUT/png_encoder.options
 cp ./encoder_seed_corpus.zip $OUT/png_encoder_seed_corpus.zip
diff --git a/projects/skia/skia.diff b/projects/skia/skia.diff
index 2029a6eda..5552f370c 100644
--- a/projects/skia/skia.diff
+++ b/projects/skia/skia.diff
@@ -13,7 +13,7 @@ index e6933a856f..f802cc2250 100644
      SkPathMeasure measure(path, bits & 1, resScale);
      SkPoint position;
 diff --git a/src/core/SkAAClip.cpp b/src/core/SkAAClip.cpp
-index 24a8e58e96..3339cd0e5f 100644
+index 33947382c4..543f51244c 100644
 --- a/src/core/SkAAClip.cpp
 +++ b/src/core/SkAAClip.cpp
 @@ -1549,6 +1549,12 @@ static void operateY(SkAAClip::Builder& builder, const SkAAClip& A,
@@ -30,7 +30,7 @@ index 24a8e58e96..3339cd0e5f 100644
          const uint8_t* rowA = nullptr;
          const uint8_t* rowB = nullptr;
 diff --git a/src/core/SkDraw.cpp b/src/core/SkDraw.cpp
-index 945b8580e0..c1cdcfecba 100644
+index 0a7b12729c..f8dedcc6b7 100644
 --- a/src/core/SkDraw.cpp
 +++ b/src/core/SkDraw.cpp
 @@ -1101,6 +1101,12 @@ void SkDraw::drawPath(const SkPath& origSrcPath, const SkPaint& origPaint,
@@ -47,7 +47,7 @@ index 945b8580e0..c1cdcfecba 100644
  }
  
 diff --git a/src/core/SkImageFilter.cpp b/src/core/SkImageFilter.cpp
-index e6ea213146..3eecbc36bb 100644
+index b6ed9b316d..d0bcfd1f2a 100644
 --- a/src/core/SkImageFilter.cpp
 +++ b/src/core/SkImageFilter.cpp
 @@ -88,6 +88,12 @@ bool SkImageFilter::Common::unflatten(SkReadBuffer& buffer, int expectedCount) {
@@ -80,7 +80,7 @@ index 8bef6c355c..3ecc3bcaf9 100644
      if (nullptr == addr) {
          return nullptr;
 diff --git a/src/core/SkMaskFilter.cpp b/src/core/SkMaskFilter.cpp
-index e001f58250..8c65cfaaee 100644
+index 470f98468a..7fa1b7c97c 100644
 --- a/src/core/SkMaskFilter.cpp
 +++ b/src/core/SkMaskFilter.cpp
 @@ -261,6 +261,11 @@ bool SkMaskFilterBase::filterPath(const SkPath& devPath, const SkMatrix& matrix,
@@ -96,7 +96,7 @@ index e001f58250..8c65cfaaee 100644
                              SkMask::kComputeBoundsAndRenderImage_CreateMode,
                              style)) {
 diff --git a/src/core/SkPaint.cpp b/src/core/SkPaint.cpp
-index 15aa44eebc..92bba3f6c8 100644
+index ae56f2ebf8..063be43489 100644
 --- a/src/core/SkPaint.cpp
 +++ b/src/core/SkPaint.cpp
 @@ -1277,6 +1277,13 @@ bool SkPaint::getFillPath(const SkPath& src, SkPath* dst, const SkRect* cullRect
@@ -148,7 +148,7 @@ index e1c9d02ec0..1d98600921 100644
  
  /*  Format:
 diff --git a/src/core/SkScan_AAAPath.cpp b/src/core/SkScan_AAAPath.cpp
-index 9dbb271890..1f2602d159 100644
+index 16ecb91dac..b8c9ee8f37 100644
 --- a/src/core/SkScan_AAAPath.cpp
 +++ b/src/core/SkScan_AAAPath.cpp
 @@ -1588,6 +1588,11 @@ static SK_ALWAYS_INLINE void aaa_fill_path(const SkPath& path, const SkIRect& cl
@@ -226,7 +226,7 @@ index 72a128d16e..78716de1bb 100644
          int governor = MAX_REASONABLE_ITERATIONS;
          SkScalar    length = meas.getLength();
 diff --git a/src/effects/Sk2DPathEffect.cpp b/src/effects/Sk2DPathEffect.cpp
-index 24586827c4..9f5661c382 100644
+index fb6a88e0fb..8253a1284d 100644
 --- a/src/effects/Sk2DPathEffect.cpp
 +++ b/src/effects/Sk2DPathEffect.cpp
 @@ -51,6 +51,11 @@ void Sk2DPathEffect::nextSpan(int x, int y, int count, SkPath* path) const {