Commit Graph

36 Commits

Author SHA1 Message Date
Kleis Auke Wolthuizen
3da7caee6c
LSan improvements and fixes (#2672)
* LSan: remove GLib suppression

* LSan: disable the fast unwinder to get full stacktraces

* Move ASan/UBSan fuzzer options to CI configuration

* LSan: remove EOLed python2.7 suppression

* LSan: remove libstdc++ suppression

* LSan: add libx265 to suppression file

* Try to reproduce small memleak

* Try a possible patch

* Skip test if `im_benchmark` is not available

* CI: upgrade Clang version to 13

* CI: correct job names

* Meson: increase the timeout for tests

* README.md: correct Meson invocation
2022-02-19 15:13:42 +00:00
Corentin Noël
02901436d4
Add meson build system (#2637)
Allows to use the Meson build system to build the project.
2022-02-08 15:19:36 +00:00
Kleis Auke Wolthuizen
5ab66e16e1
Fix UBSan errors (#1948)
* Ensure UBSan exits with a non-zero code on error

* Avoid misaligned member access in mosaic_fuzzer

* Add missing VIPS_CLIP in scRGB2sRGB/scRGB2BW

* Fix UBSan error in flatten

By using saturated casts for the int types (copied from vips_cast).

* CI: ensure fuzzer log is printed on error

* Avoid UB in heifload

* Revert flatten change

I could no longer reproduce this with clang 12 locally.

* Indentation fixes [skip ci]
2021-09-12 13:14:24 +01:00
Lovell Fuller
1f5d6f6bc9
Add gifsave operation, depends on cgif and libimagequant (#2381) 2021-08-22 18:11:41 +01:00
Doug Nazar
97f5417aaa
Fix tests when using a separate build dir. (#2405) 2021-08-18 11:45:02 +01:00
Lovell Fuller
82c9a820d7 gifload: ensure total height of all pages is sanitised 2020-11-21 11:55:18 +00:00
John Cupitt
cb1634dd31 block fuzz data over 100kb
Many codecs can take a huge amount of time attempting to read large
random objects. jpeg_read_header(), for example, can take ~10s on a 1mb
of random data.

Ignore fuzz objects over 100kb.

See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24383
2020-07-25 14:46:44 +01:00
Kleis Auke Wolthuizen
3460814b98 Add test case for undefined shift in rad2vips 2020-07-19 13:48:21 +02:00
John Cupitt
ab5d511123 add fuzz corpus 2020-02-28 15:22:10 +00:00
John Cupitt
59669be592 remove some stray files 2020-02-28 14:51:21 +00:00
John Cupitt
857aafc8c2 add VipsStreamiu
a streami subclass (u for user?) with actions signals you can connect to
to provide implementations of read and seek
2019-11-21 16:22:43 +00:00
John Cupitt
7c5971392c tighten fuzz size limits
we are still seeing timeouts
2019-10-30 08:57:46 +00:00
John Cupitt
f98adc1a0a strange fuzzer failure
possible fix
2019-10-07 15:57:00 +01:00
John Cupitt
3510c515f2 oop deleted one png init too many 2019-10-07 13:30:19 +01:00
Oscar Mira
37eb4c73c8 remove stale corpus dirs
After #1398 these directories are not needed anymore.
2019-09-01 12:00:08 +02:00
John Cupitt
f135a6e292 add corpus for Coding verification 2019-08-29 15:30:49 +01:00
John Cupitt
6fafbce81a add test case for out of bounds gif frame 2019-08-27 14:10:57 +01:00
John Cupitt
74156198d2 Merge branch '8.8' 2019-08-27 14:09:56 +01:00
John Cupitt
5749d60425 add a test case for /0 in exif read 2019-08-25 11:31:21 +01:00
John Cupitt
9941490d9e add fuzz file for gif loop 2019-08-24 17:24:59 +01:00
John Cupitt
54ce3513fd add some corpus ascii files
some sample images for the file loader
2019-08-23 12:50:33 +01:00
John Cupitt
1de458556a try adding a file fuzzer
oss-fuzz normally fuzzes with memory buffers, but a lot of the libvips
loadres, especially CSV and PPM, only work from the filesystem.

This fuzzer writes the oss-fuzz buffer to the FS, then fuzzes that.
2019-08-23 12:43:59 +01:00
John Cupitt
19a80e4efb Merge branch '8.8' 2019-08-21 17:37:16 +01:00
Oscar Mira
a3466f305c move fuzzing corpus into a single dir 2019-08-19 19:54:56 +02:00
Oscar Mira
16a5cac2e3 add fuzzers for vips_smartcrop and vip_mosaic 2019-08-19 18:51:37 +02:00
John Cupitt
d81efda782 better blocking of large input images in the fuzzer
things like 65494x5 pixel PNGs were being allowed through and caused
timeouts
2019-08-09 16:45:08 +01:00
John Cupitt
7abe129ac4 don't invert signed ints in tiffload 2019-08-07 17:08:18 +01:00
John Cupitt
6ba34e479e better shrinkv for int32 types
use double as the sum type to prevent int overflow
2019-08-06 16:55:10 +01:00
Oscar Mira
4304ef35ee add already fixed testcases to fuzz corpus 2019-08-06 13:37:41 +02:00
Oscar Mira
7c8af4e78a remove stale file 2019-08-06 13:37:41 +02:00
Oscar Mira
78c0014708 add UBSAN sanitizer 2019-08-02 19:46:42 +02:00
Oscar Mira
45de60e571 skip large images in the fuzzers not in the lib
This reverts commit 0accdf858b.
2019-08-02 17:56:33 +02:00
John Cupitt
a6fbf1af36
Merge pull request #1264 from omira-sch/add-oss-fuzz
improve fuzz targets and oss-fuzz integration
2019-07-21 17:48:58 +01:00
John Cupitt
9063b8608e revise README 2019-07-18 08:43:41 +01:00
Oscar Mira
f2745e19c9 add check script for regression testing
Run the fuzz targets over the seed corpus with the standalone driver as part of
the test suite.
2019-07-15 14:02:27 +02:00
Oscar Mira
3ea72c286e improve fuzz targets and oss-fuzz integration
It replaces current fuzz setup with 5 new fuzzers integrating them with
top-level Makefile. It now supports multiple fuzzing engines and Google's
oss-fuzz. By default, the fuzzers are linked against an standalone runner to
easily reproduce bugs.
2019-07-15 14:02:27 +02:00