[ghostscript] New project: ghostscript (#2544)

4 files changed, 186 insertions, 0 deletions

diff --git a/projects/ghostscript/Dockerfile b/projects/ghostscript/Dockerfile
new file mode 100644
index 000000000..21dadb540
--- /dev/null
+++ b/projects/ghostscript/Dockerfile
@@ -0,0 +1,27 @@
+# Copyright 2019 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+MAINTAINER skau@google.com
+
+RUN apt-get update && apt-get install -y autoconf zlibc liblcms2-dev libfreetype6-dev libpng-dev libtiff-dev
+RUN git clone --branch branch-2.2 --single-branch --depth 1 https://github.com/apple/cups.git cups
+RUN git clone --single-branch --depth 1 git://git.ghostscript.com/ghostpdl.git ghostpdl
+
+RUN mkdir ghostpdl/fuzz
+COPY gstoraster_fuzzer.cc ghostpdl/fuzz
+
+COPY build.sh $SRC/
diff --git a/projects/ghostscript/build.sh b/projects/ghostscript/build.sh
new file mode 100755
index 000000000..9abc8be1a
--- /dev/null
+++ b/projects/ghostscript/build.sh
@@ -0,0 +1,56 @@
+#!/bin/bash -eu
+# Copyright 2019 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# Build CUPS
+pushd cups
+# Fix bad line
+sed -i '2110s/\(\s\)f->value/\1(int)f->value/' cups/ppd-cache.c
+
+LSB_BUILD=y ./configure --prefix="$WORK" --libdir="$OUT" --disable-gnutls \
+   --disable-libusb --with-components=core
+
+make clean
+make install-headers install-libs
+make -C filter libs install-libs
+install -m755 cups-config "$WORK"/cups-config
+popd
+
+cd ghostpdl
+rm -rf cups/libs || die
+rm -rf freetype || die
+rm -rf libpng || die
+rm -rf tiff || die
+rm -rf zlib || die
+
+export CUPSCONFIG="$WORK/cups-config"
+CUPS_CFLAGS=$($CUPSCONFIG --cflags)
+CUPS_LDFLAGS=$($CUPSCONFIG --ldflags)
+CUPS_LIBS=$($CUPSCONFIG --image --libs)
+export CXXFLAGS="$CXXFLAGS $CUPS_CFLAGS"
+
+autoconf
+CPPFLAGS="${CPPFLAGS:-} $CUPS_CFLAGS" ./configure \
+  --enable-freetype --enable-fontconfig \
+  --enable-cups --with-ijs --with-jbig2dec \
+  --with-drivers=cups,ljet4,laserjet,pxlmono,pxlcolor,pcl3,uniprint
+make -j$(nproc) libgs
+
+$CXX $CXXFLAGS $CUPS_LDFLAGS -std=c++11 -I. \
+    fuzz/gstoraster_fuzzer.cc \
+    -o "$OUT/gstoraster_fuzzer" \
+    $CUPS_LIBS \
+    $LIB_FUZZING_ENGINE bin/gs.a
diff --git a/projects/ghostscript/gstoraster_fuzzer.cc b/projects/ghostscript/gstoraster_fuzzer.cc
new file mode 100644
index 000000000..b128b7475
--- /dev/null
+++ b/projects/ghostscript/gstoraster_fuzzer.cc
@@ -0,0 +1,97 @@
+// Copyright 2019 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <base/gserrors.h>
+#include <psi/iapi.h>
+
+#include <limits.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdint.h>
+
+static const unsigned char *g_data;
+static size_t g_size;
+
+#define min(x, y) ((x) < (y) ? (x) : (y))
+
+static int gs_stdin(void *inst, char *buf, int len)
+{
+	size_t to_copy = min(len, g_size);
+	to_copy = min(INT_MAX, to_copy);
+
+	memcpy(buf, g_data, to_copy);
+
+	g_data += to_copy;
+	g_size -= to_copy;
+
+	return to_copy;
+}
+
+static int gs_stdout(void *inst, const char *buf, int len)
+{
+	/* Just discard everything. */
+	return len;
+}
+
+static int gs_to_raster_fuzz(const unsigned char *buf, size_t size)
+{
+	int ret;
+	void *gs;
+
+	/* Mostly stolen from cups-filters gstoraster. */
+	char *args[] = {
+		"-r200x200",
+		"-dMediaPosition=1",
+		"-dcupsColorSpace=1", /* RGB */
+		"-dQUIET",
+		"-dPARANOIDSAFER",
+		"-dNOPAUSE",
+		"-dBATCH",
+		"-dNOINTERPOLATE",
+		"-dNOMEDIAATTRS",
+		"-sstdout=%stderr",
+		"-sOutputFile=%stdout",
+		"-sDEVICE=cups",
+		"-_",
+	};
+	int argc = sizeof(args) / sizeof(args[0]);
+
+	/* Stash buffers globally, for gs_stdin(). */
+	g_data = buf;
+	g_size = size;
+
+	ret = gsapi_new_instance(&gs, NULL);
+	if (ret < 0) {
+		fprintf(stderr, "gsapi_new_instance: error %d\n", ret);
+		return ret;
+	}
+
+	gsapi_set_stdio(gs, gs_stdin, gs_stdout, NULL /* stderr */);
+	ret = gsapi_set_arg_encoding(gs, GS_ARG_ENCODING_UTF8);
+	if (ret < 0) {
+		fprintf(stderr, "gsapi_set_arg_encoding: error %d\n", ret);
+		gsapi_delete_instance(gs);
+		return ret;
+	}
+
+	ret = gsapi_init_with_args(gs, argc, args);
+	if (ret && ret != gs_error_Quit)
+		/* Just keep going, to cleanup. */
+		fprintf(stderr, "gsapi_init_with_args: error %d\n", ret);
+
+	ret = gsapi_exit(gs);
+	if (ret < 0 && ret != gs_error_Quit) {
+		fprintf(stderr, "gsapi_exit: error %d\n", ret);
+		return ret;
+	}
+
+	gsapi_delete_instance(gs);
+
+	return 0;
+}
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+	gs_to_raster_fuzz(data, size);
+	return 0;
+}
diff --git a/projects/ghostscript/project.yaml b/projects/ghostscript/project.yaml
new file mode 100644
index 000000000..59a9628ae
--- /dev/null
+++ b/projects/ghostscript/project.yaml
@@ -0,0 +1,6 @@
+homepage: "https://ghostscript.com"
+primary_contact: "skau@google.com"
+auto_ccs:
+  - "skau@google.com"
+sanitizers:
+  - address