* LSan: remove GLib suppression
* LSan: disable the fast unwinder to get full stacktraces
* Move ASan/UBSan fuzzer options to CI configuration
* LSan: remove EOLed python2.7 suppression
* LSan: remove libstdc++ suppression
* LSan: add libx265 to suppression file
* Try to reproduce small memleak
* Try a possible patch
* Skip test if `im_benchmark` is not available
* CI: upgrade Clang version to 13
* CI: correct job names
* Meson: increase the timeout for tests
* README.md: correct Meson invocation
* Ensure UBSan exits with a non-zero code on error
* Avoid misaligned member access in mosaic_fuzzer
* Add missing VIPS_CLIP in scRGB2sRGB/scRGB2BW
* Fix UBSan error in flatten
By using saturated casts for the int types (copied from vips_cast).
* CI: ensure fuzzer log is printed on error
* Avoid UB in heifload
* Revert flatten change
I could no longer reproduce this with clang 12 locally.
* Indentation fixes [skip ci]
Many codecs can take a huge amount of time attempting to read large
random objects. jpeg_read_header(), for example, can take ~10s on a 1mb
of random data.
Ignore fuzz objects over 100kb.
See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24383
oss-fuzz normally fuzzes with memory buffers, but a lot of the libvips
loadres, especially CSV and PPM, only work from the filesystem.
This fuzzer writes the oss-fuzz buffer to the FS, then fuzzes that.
It replaces current fuzz setup with 5 new fuzzers integrating them with
top-level Makefile. It now supports multiple fuzzing engines and Google's
oss-fuzz. By default, the fuzzers are linked against an standalone runner to
easily reproduce bugs.
John Cupitt
Kleis Auke Wolthuizen
Corentin Noël
Lovell Fuller
Doug Nazar
Lovell Fuller
Oscar Mira