diff options
| author | Jamie Pinheiro <jamiepinheiro@gmail.com> | 2020-06-12 15:14:30 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-12 12:14:30 -0700 |
| commit | a598a4fd340aa81afdb5837500a831b746edfbe5 (patch) | |
| tree | 53b8d93ba473c2298901289799cbc13ba09230a1 /projects/libraw | |
| parent | 6c21d442e11c11d31909b702753f0c76e9d5667f (diff) | |
| download | oss-fuzz-a598a4fd340aa81afdb5837500a831b746edfbe5.tar.gz | |
Increase coverage of libraw fuzzing (#3962)
* Increase coverage
* Respond to PR feedback
* Move corpuses to cloud
Co-authored-by: Jamie Pinheiro <pinheirojamie@google.com>
Diffstat (limited to 'projects/libraw')
| -rw-r--r-- | projects/libraw/Dockerfile | 5 | ||||
| -rwxr-xr-x | projects/libraw/build.sh | 20 | ||||
| -rw-r--r-- | projects/libraw/libraw_fuzzer.cc | 26 |
3 files changed, 45 insertions, 6 deletions
diff --git a/projects/libraw/Dockerfile b/projects/libraw/Dockerfile index 96826595a..0cb5d7d24 100644 --- a/projects/libraw/Dockerfile +++ b/projects/libraw/Dockerfile @@ -19,4 +19,9 @@ MAINTAINER jesteele@google.com RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config RUN git clone --depth 1 https://github.com/libraw/libraw WORKDIR libraw + +ADD http://oss-fuzz-corpus.storage.googleapis.com/libraw/libraw_cr2_fuzzer_seed_corpus.zip $SRC/ +ADD http://oss-fuzz-corpus.storage.googleapis.com/libraw/libraw_nef_fuzzer_seed_corpus.zip $SRC/ +ADD http://oss-fuzz-corpus.storage.googleapis.com/libraw/libraw_raf_fuzzer_seed_corpus.zip $SRC/ + COPY build.sh libraw_fuzzer.cc $SRC/ diff --git a/projects/libraw/build.sh b/projects/libraw/build.sh index 20dbc4562..6c46d3f01 100755 --- a/projects/libraw/build.sh +++ b/projects/libraw/build.sh @@ -15,8 +15,14 @@ # ################################################################################ +# copy corpuses +cp $SRC/libraw_cr2_fuzzer_seed_corpus.zip \ + $SRC/libraw_nef_fuzzer_seed_corpus.zip \ + $SRC/libraw_raf_fuzzer_seed_corpus.zip \ + $OUT/ + # build project -./mkdist.sh +autoreconf --install ./configure --disable-examples make @@ -24,3 +30,15 @@ make $CXX $CXXFLAGS -std=c++11 -Ilibraw \ $SRC/libraw_fuzzer.cc -o $OUT/libraw_fuzzer \ $LIB_FUZZING_ENGINE lib/.libs/libraw.a + +$CXX $CXXFLAGS -std=c++11 -Ilibraw \ + $SRC/libraw_fuzzer.cc -o $OUT/libraw_cr2_fuzzer \ + $LIB_FUZZING_ENGINE lib/.libs/libraw.a + +$CXX $CXXFLAGS -std=c++11 -Ilibraw \ + $SRC/libraw_fuzzer.cc -o $OUT/libraw_nef_fuzzer \ + $LIB_FUZZING_ENGINE lib/.libs/libraw.a + +$CXX $CXXFLAGS -std=c++11 -Ilibraw \ + $SRC/libraw_fuzzer.cc -o $OUT/libraw_raf_fuzzer \ + $LIB_FUZZING_ENGINE lib/.libs/libraw.a diff --git a/projects/libraw/libraw_fuzzer.cc b/projects/libraw/libraw_fuzzer.cc index 25c101f59..416802b6f 100644 --- a/projects/libraw/libraw_fuzzer.cc +++ b/projects/libraw/libraw_fuzzer.cc @@ -20,9 +20,19 @@ limitations under the License. #include <libraw.h> +enum InterpolationOptions { + Linear = 0, + Vng = 1, + Ppg = 2, + Ahd = 3, + Dcb = 4, + Dht = 11, + AhdModified = 12 +}; + extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { - // Input less than 10mb - if (size > 10000000) { + // Input less than 15mb + if (size > 15000000) { return 0; } @@ -39,9 +49,15 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { return 0; } - result = lib_raw.dcraw_process(); - if (result != LIBRAW_SUCCESS) { - return 0; + InterpolationOptions options[] = {Linear, Vng, Ppg, Ahd, Dcb, Dht, AhdModified}; + + for (int i = 0; i < sizeof(options); i++) { + lib_raw.output_params_ptr()->user_qual = static_cast<int>(options[i]); + + result = lib_raw.dcraw_process(); + if (result != LIBRAW_SUCCESS) { + return 0; + } } return 0; |