Commit Graph

10 Commits

Author SHA1 Message Date
James Zern
b60d460318 advanced_api_fuzzer: add extreme config value coverage
this enables cases that might trigger overflows, but increases the risk
of OOM and timeouts

Bug: chromium:1196850
Change-Id: I317b5109525646731e762faa3c34ed28a27595dc
2021-06-23 18:53:05 -07:00
James Zern
cc3577e9b9 fuzzer/*: use src/ based include paths
this synchronizes the code with chrome, where this format allows the
code to pass buildtools/checkdeps/checkdeps.py

Bug: 1141126
Change-Id: I25361b1a43cd95730814302f02aa16af8fdb5fd2
2021-01-29 20:04:08 -08:00
Pascal Massimino
8df77fb1b1 animdecoder_fuzzer: fix memory leak
BUG=oss-fuzz:28978

Change-Id: I7b3a495c02b4b03f367d732af5acb02856f8bead
2020-12-26 12:26:41 +01:00
James Zern
6325882327 animdecoder_fuzzer: validate canvas size
avoids some OOMs due to extreme resolutions

BUG=oss-fuzz:28658

Change-Id: I60b5fb3d7a7d17694a89237d521b851b0897e9fb
2020-12-18 11:18:11 -08:00
James Zern
83604bf3ac {animencoder,enc_dec}_fuzzer: convert some abort()s to returns
with functions that can legitimately fail when under memory pressure the
fuzzer should exit gracefully rather than abort().

+ add some more error detail to output

Bug: chromium:1140448
Change-Id: I1a8582a939e0a5b2b8631c95c0464658c99063e2
2020-10-21 10:48:05 -07:00
James Zern
9f6055fcb2 fuzz_utils.h: rename max() to Max()
avoids conflict with windows.h define

Bug: webp:409
Change-Id: I8ae0947365e7071d8ebe1d682c9211882cc2fd89
2020-10-17 16:40:58 -07:00
James Zern
695788e7f5 fuzz_utils.h: make functions WEBP_INLINE
+ add some warnings and avoid overriding implicit %.c, %.cc patterns in
makefile.unix

Bug: webp:409
Change-Id: I678c8b1ed630ebb9114208c20b794d2eefdca5a1
2020-10-17 10:49:26 -07:00
James Zern
8cb7e536d2 rename demux_api_fuzzer.c -> mux_demux_api_fuzzer.c
this better matches the file's contents

Bug: webp:409
Change-Id: I693795370c0d1af198971693b4ff15a57d996c4b
2020-10-15 16:50:25 -07:00
James Zern
443db47d91 add animdecoder_fuzzer.cc
Bug: webp:409
Change-Id: Iade1e6b1288faad9076f72c21c1bde5a6bbfc7e0
2020-10-14 19:44:19 -07:00
James Zern
bd94090a11 import fuzzers from oss-fuzz/chromium
+ a simple makefile + README

these were mostly equivalent, chromium added support for
WEBP_REDUCE_CSP.

the file names were normalized as follows:

fuzz_advanced_api.{c,cc} -> advanced_api_fuzzer.c
fuzz_animation_api.{c,cc} -> animation_api_fuzzer.c
fuzz_webp_animencoder.cc -> animencoder_fuzzer.cc
fuzz_demux_api.{c,cc} -> demux_api_fuzzer.c
fuzz_webp_enc_dec.cc -> enc_dec_fuzzer.cc
fuzz.h -> fuzz_utils.h
fuzz_simple_api.{c,cc} -> simple_api_fuzzer.c

Bug: webp:409
Change-Id: Ib997f0c92f25f8a1f91da83790298cd848b61a5d
2020-10-13 18:31:08 -07:00