testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc - Issue 2370943004: Add fuzzer for jbig2 parsing

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc

Issue 2370943004: Add fuzzer for jbig2 parsing (Closed)

Patch Set: Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2016 The PDFium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include <cstdint>

	6

	7 #include "core/fpdfapi/fpdf_parser/include/cpdf_stream.h"

	8 #include "core/fpdfapi/fpdf_parser/include/cpdf_stream_acc.h"

	9 #include "core/fxcodec/codec/ccodec_jbig2module.h"

	10 #include "core/fxcodec/include/JBig2_DocumentContext.h"

	11 #include "core/fxcodec/jbig2/JBig2_Context.h"

	12 #include "core/fxge/include/fx_dib.h"

	13

	14 static uint32_t GetInteger(const uint8_t* data) {

	15 return data[0] \| data[1] << 8 \| data[2] << 16 \| data[3] << 24;

	16 }

	17

	18 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {

	19 const size_t kParameterSize = 8;

	20 if (size < kParameterSize)

	21 return 0;
	Lei Zhang 2016/09/27 16:39:54 nit: blank line after, just like line 29-30. nit: blank line after, just like line 29-30. kcwu 2016/09/27 17:03:08 Done. Show quoted text On 2016/09/27 16:39:54, Lei Zhang wrote: > nit: blank line after, just like line 29-30. Done.
	22 uint32_t width = GetInteger(data);

	23 uint32_t height = GetInteger(data + 4);

	24 size -= kParameterSize;

	25 data += kParameterSize;

	26

	27 std::unique_ptr<CFX_DIBitmap> bitmap(new CFX_DIBitmap);

	28 if (!bitmap->Create(width, height, FXDIB_1bppRgb))

	29 return 0;

	30

	31 std::unique_ptr<CPDF_Object> stream(new CPDF_Stream);
	Lei Zhang 2016/09/27 16:39:54 CPDF_Object probably needs a ReleaseDeleter. CPDF_Object probably needs a ReleaseDeleter. kcwu 2016/09/27 17:03:08 Ah, you are right. I saw std::default_delete<CPDF_ Ah, you are right. I saw std::default_delete<CPDF_Object> mentioned here https://cs.chromium.org/chromium/src/third_party/pdfium/core/fpdfapi/fpdf_par... but it is not actually declared.
	32 stream->AsStream()->SetData(data, size);

	33 CCodec_Jbig2Context jbig2context;
	Lei Zhang 2016/09/27 16:39:54 nit "jbig2_context" ? nit "jbig2_context" ? Lei Zhang 2016/09/27 16:39:54 Declare this var and \|document_context\| below clos Declare this var and \|document_context\| below closer to where its first used. kcwu 2016/09/27 17:03:08 Done. Show quoted text On 2016/09/27 16:39:54, Lei Zhang wrote: > Declare this var and \|document_context\| below closer to where its first used. Done. kcwu 2016/09/27 17:03:08 Done. Show quoted text On 2016/09/27 16:39:54, Lei Zhang wrote: > nit "jbig2_context" ? Done.
	34 std::unique_ptr<JBig2_DocumentContext> document_context;

	35 CPDF_StreamAcc src_stream;

	36 src_stream.LoadAllData(stream->AsStream(), TRUE);

	37

	38 CCodec_Jbig2Module module;

	39 FXCODEC_STATUS status = module.StartDecode(

	40 &jbig2context, &document_context, width, height, &src_stream, nullptr,

	41 bitmap->GetBuffer(), bitmap->GetPitch(), nullptr);

	42

	43 while (status == FXCODEC_STATUS_DECODE_TOBECONTINUE)

	44 status = module.ContinueDecode(&jbig2context, nullptr);

	45 return 0;

	46 }

OLD	NEW

« no previous file with comments | « testing/libfuzzer/BUILD.gn ('k') | no next file » | no next file with comments »