Reduce VPX_MAX_ALLOCABLE_MEMORY in msan builds as it has a higher overhead causing more frequent OOMs in this configuration. This matches the limits in libaom.
Remove the build directory to ensure dot files are deleted.
Skip 'make clean' because the build directory was just cleaned. This removes
a lot of log spam.
* libvpx: Add project
Added projects/libvpx
* libvpx: Use local ivf_read_frame
ivf_read_frame inside libvpx results in lot of prints due to invalid
frame size. This clutters output prints.
* libvpx: Do not return error for incomplete frame read in read_frame
* libvpx: Initialize threads using 32nd byte instead of 1st
In most cases, the first byte in corpus of *.ivf files is 'D'.
So using first byte results in same thread count in most cases.
Using 32nd byte in the data (one of the bytes that signals size of
the frame) will help in testing for different thread configurations.
* libvpx: Updated configure options and removed redundant cflags
Removed generic-gnu as target
Added --disable-webm-io as that is not needed here
Added --enable-debug to enable asserts
Removed redundant cflags and cxxflags
* libvpx: Removed threaded mode from build.sh
vpx_dec_fuzzer.cc in libvpx now tests both single and multi-thread
configurations using a single binary.
* libvpx: Removed vpx_dec_fuzzer.cc and README.md
Removed vpx_dec_fuzzer.cc and README.md from projects/libvpx
vpx_dec_fuzzer.cc is now part of libvpx
Add a check for the recently added routines to combine crc32 checksums. This
change adds more code coverage, however the checksum_fuzzer still does not pass
the complexity check: (the threshold is at 100)
oss-fuzz$ build/out/zlib/checksum_fuzzer -runs=10 2>&1 | grep -Po "INFO: Loaded [[:digit:]]+ module.*\(.*(counters|guards)\):[[:space:]]+\K[[:digit:]]+"
92
* dav1d/coverage: exclude include/common/dump.h
It includes only functions used during development and is expected to be
unused.
* dav1d: remove experimental flag
OSS fuzzing currently is done without DTLS support. As of
4.2.0-rc2, libcoap's configuration builds against OpenSSL by
default and thus `--disable-dtls` must be passed to the
configuration script.
Fixes issue 11309
When `libFuzzer` is used as a fuzzing engine it conveniently puts
everything it finds into its working directory, which happens to
be $OUT. When any other engine is used, the output is sent to /tmp,
which disappears as soon as the container stops. That makes it
unnecessarily hard to extract reproducers found by afl for further analysis
without joining the mount namespace of a running container and
almost impossible with `honggfuzz`, that exits immediately after a crash.
* Add new fuzz target for encoding and misc
- Add fuzz_webp_enc_dec and adapt Dockerfile, build.sh
- Lint existing targets
- Add license headers
- Increase fuzz.dict
* webp_enc_dec: Convert input images to inline C arrays
Local files are not available on oss-fuzz servers.
* webp_enc_dec: Fix timeout by skipping crusher
The target fuzz_webp_enc_dec with msan crashes (timeout)
on a 128*128px image encoding with max compression (crusher).
Reduce crusher encoding to 16*16px and below.
Bug report 10423
* webp_enc_dec: Replace cruncher by lossy alpha encoding
The target fuzz_webp_enc_dec with msan crashes (timeout)
during encoding with max compression (cruncher).
Reduce alpha cruncher encoding to 16*16px and below.
Bug report 10634
* webp_enc_dec: Clamp slow parameters for big images
The target fuzz_webp_enc_dec with ubsan crashes (timeout)
during encoding with heavy compression. The cause can not
be easily removed without reducing performance.
Clamp compression parameters for images bigger than 16*16.
Bug report 10700
* webp_enc_dec: Limit alpha_quality to 99 when method is 6
The target fuzz_webp_enc_dec with asan crashes (timeout)
during encoding with heavy alpha compression.
Clamp alpha compression parameters for images bigger than 16*16.
Bug report 10838
* webp_animencoder: Add target to fuzz animation encoding
Add fuzz_webp_animencoder.cc and modify Dockerfile, build.sh
accordingly.
The thresholds for input size and encoding parameters are low
to prevent timeouts.
Some functions used by fuzz_webp_animencoder and fuzz_webp_enc_dec
have been moved to fuzz.h.
The upstream fdk-aac project at Fraunhofer currently have no active
plans to avoid left shifts of negative values, so disable this
checker to help find other potential issues.
Currently, dictionaries are taken into account only when `libfuzzer` is
used as a fuzzing engine (and also apparently `none` but I'm not sure what it is).
This patch makes it possible to make use of dictionaries with other fuzzing
engines too. I didn't touch the code handling options passed to libFuzzer
so as not to break anything :-)
* envoy: use Bazel to build corpora.
Rather than scraping this out of the source tree, build each corpus
under Bazel. The advantage is that we can now support synthesized
corpora, e.g. automated generation from unit tests.
Signed-off-by: Harvey Tuch <htuch@google.com>
* Review feedback.
Signed-off-by: Harvey Tuch <htuch@google.com>
Ebrahim Byagowi