Kleis Auke Wolthuizen
5ab66e16e1
Fix UBSan errors ( #1948 )
...
* Ensure UBSan exits with a non-zero code on error
* Avoid misaligned member access in mosaic_fuzzer
* Add missing VIPS_CLIP in scRGB2sRGB/scRGB2BW
* Fix UBSan error in flatten
By using saturated casts for the int types (copied from vips_cast).
* CI: ensure fuzzer log is printed on error
* Avoid UB in heifload
* Revert flatten change
I could no longer reproduce this with clang 12 locally.
* Indentation fixes [skip ci]
2021-09-12 13:14:24 +01:00
Lovell Fuller
1f5d6f6bc9
Add gifsave operation, depends on cgif and libimagequant ( #2381 )
2021-08-22 18:11:41 +01:00
Doug Nazar
97f5417aaa
Fix tests when using a separate build dir. ( #2405 )
2021-08-18 11:45:02 +01:00
Lovell Fuller
82c9a820d7
gifload: ensure total height of all pages is sanitised
2020-11-21 11:55:18 +00:00
John Cupitt
cb1634dd31
block fuzz data over 100kb
...
Many codecs can take a huge amount of time attempting to read large
random objects. jpeg_read_header(), for example, can take ~10s on a 1mb
of random data.
Ignore fuzz objects over 100kb.
See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24383
2020-07-25 14:46:44 +01:00
Kleis Auke Wolthuizen
3460814b98
Add test case for undefined shift in rad2vips
2020-07-19 13:48:21 +02:00
John Cupitt
ab5d511123
add fuzz corpus
2020-02-28 15:22:10 +00:00
John Cupitt
59669be592
remove some stray files
2020-02-28 14:51:21 +00:00
John Cupitt
857aafc8c2
add VipsStreamiu
...
a streami subclass (u for user?) with actions signals you can connect to
to provide implementations of read and seek
2019-11-21 16:22:43 +00:00
John Cupitt
7c5971392c
tighten fuzz size limits
...
we are still seeing timeouts
2019-10-30 08:57:46 +00:00
John Cupitt
f98adc1a0a
strange fuzzer failure
...
possible fix
2019-10-07 15:57:00 +01:00
John Cupitt
3510c515f2
oop deleted one png init too many
2019-10-07 13:30:19 +01:00
Oscar Mira
37eb4c73c8
remove stale corpus dirs
...
After #1398 these directories are not needed anymore.
2019-09-01 12:00:08 +02:00
John Cupitt
f135a6e292
add corpus for Coding verification
2019-08-29 15:30:49 +01:00
John Cupitt
6fafbce81a
add test case for out of bounds gif frame
2019-08-27 14:10:57 +01:00
John Cupitt
74156198d2
Merge branch '8.8'
2019-08-27 14:09:56 +01:00
John Cupitt
5749d60425
add a test case for /0 in exif read
2019-08-25 11:31:21 +01:00
John Cupitt
9941490d9e
add fuzz file for gif loop
2019-08-24 17:24:59 +01:00
John Cupitt
54ce3513fd
add some corpus ascii files
...
some sample images for the file loader
2019-08-23 12:50:33 +01:00
John Cupitt
1de458556a
try adding a file fuzzer
...
oss-fuzz normally fuzzes with memory buffers, but a lot of the libvips
loadres, especially CSV and PPM, only work from the filesystem.
This fuzzer writes the oss-fuzz buffer to the FS, then fuzzes that.
2019-08-23 12:43:59 +01:00
John Cupitt
19a80e4efb
Merge branch '8.8'
2019-08-21 17:37:16 +01:00
Oscar Mira
a3466f305c
move fuzzing corpus into a single dir
2019-08-19 19:54:56 +02:00
Oscar Mira
16a5cac2e3
add fuzzers for vips_smartcrop and vip_mosaic
2019-08-19 18:51:37 +02:00
John Cupitt
d81efda782
better blocking of large input images in the fuzzer
...
things like 65494x5 pixel PNGs were being allowed through and caused
timeouts
2019-08-09 16:45:08 +01:00
John Cupitt
7abe129ac4
don't invert signed ints in tiffload
2019-08-07 17:08:18 +01:00
John Cupitt
6ba34e479e
better shrinkv for int32 types
...
use double as the sum type to prevent int overflow
2019-08-06 16:55:10 +01:00
Oscar Mira
4304ef35ee
add already fixed testcases to fuzz corpus
2019-08-06 13:37:41 +02:00
Oscar Mira
7c8af4e78a
remove stale file
2019-08-06 13:37:41 +02:00
Oscar Mira
78c0014708
add UBSAN sanitizer
2019-08-02 19:46:42 +02:00
Oscar Mira
45de60e571
skip large images in the fuzzers not in the lib
...
This reverts commit 0accdf858b
.
2019-08-02 17:56:33 +02:00
John Cupitt
a6fbf1af36
Merge pull request #1264 from omira-sch/add-oss-fuzz
...
improve fuzz targets and oss-fuzz integration
2019-07-21 17:48:58 +01:00
John Cupitt
9063b8608e
revise README
2019-07-18 08:43:41 +01:00
Oscar Mira
f2745e19c9
add check script for regression testing
...
Run the fuzz targets over the seed corpus with the standalone driver as part of
the test suite.
2019-07-15 14:02:27 +02:00
Oscar Mira
3ea72c286e
improve fuzz targets and oss-fuzz integration
...
It replaces current fuzz setup with 5 new fuzzers integrating them with
top-level Makefile. It now supports multiple fuzzing engines and Google's
oss-fuzz. By default, the fuzzers are linked against an standalone runner to
easily reproduce bugs.
2019-07-15 14:02:27 +02:00