diff options
author | YannisGuyon <7632072+YannisGuyon@users.noreply.github.com> | 2018-10-04 22:33:12 +0200 |
---|---|---|
committer | mbarbella-chromium <41697236+mbarbella-chromium@users.noreply.github.com> | 2018-10-04 13:33:12 -0700 |
commit | b1b585f4da8b11e360e440d1d572cf7f0b4208b6 (patch) | |
tree | bdfe4ec947c46ee6c37f995aeb4afecd48538608 /projects/libwebp | |
parent | 72adedc68e15f0e3b920278d48e0aadc9669a51d (diff) | |
download | oss-fuzz-b1b585f4da8b11e360e440d1d572cf7f0b4208b6.tar.gz |
webp_enc_dec: Clamp slow parameters for big images (#1854)
* Add new fuzz target for encoding and misc
- Add fuzz_webp_enc_dec and adapt Dockerfile, build.sh
- Lint existing targets
- Add license headers
- Increase fuzz.dict
* webp_enc_dec: Convert input images to inline C arrays
Local files are not available on oss-fuzz servers.
* webp_enc_dec: Fix timeout by skipping crusher
The target fuzz_webp_enc_dec with msan crashes (timeout)
on a 128*128px image encoding with max compression (crusher).
Reduce crusher encoding to 16*16px and below.
Bug report 10423
* webp_enc_dec: Replace cruncher by lossy alpha encoding
The target fuzz_webp_enc_dec with msan crashes (timeout)
during encoding with max compression (cruncher).
Reduce alpha cruncher encoding to 16*16px and below.
Bug report 10634
* webp_enc_dec: Clamp slow parameters for big images
The target fuzz_webp_enc_dec with ubsan crashes (timeout)
during encoding with heavy compression. The cause can not
be easily removed without reducing performance.
Clamp compression parameters for images bigger than 16*16.
Bug report 10700
Diffstat (limited to 'projects/libwebp')
-rw-r--r-- | projects/libwebp/Dockerfile | 2 | ||||
-rw-r--r-- | projects/libwebp/fuzz_webp_enc_dec.cc | 20 |
2 files changed, 13 insertions, 9 deletions
diff --git a/projects/libwebp/Dockerfile b/projects/libwebp/Dockerfile index 9345e07ec..b00a937e0 100644 --- a/projects/libwebp/Dockerfile +++ b/projects/libwebp/Dockerfile @@ -15,7 +15,7 @@ ################################################################################ FROM gcr.io/oss-fuzz-base/base-builder -MAINTAINER pdknsk@gmail.com +MAINTAINER yguyon@google.com RUN apt-get update && apt-get install -y autoconf make libtool zip RUN git clone https://chromium.googlesource.com/webm/libwebp RUN git clone https://chromium.googlesource.com/webm/libwebp-test-data diff --git a/projects/libwebp/fuzz_webp_enc_dec.cc b/projects/libwebp/fuzz_webp_enc_dec.cc index 993c554f9..84726eac3 100644 --- a/projects/libwebp/fuzz_webp_enc_dec.cc +++ b/projects/libwebp/fuzz_webp_enc_dec.cc @@ -181,14 +181,18 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* const data, size_t size) { } } - // Skip the cruncher except on small images, it's likely to timeout. - if (config.lossless && config.quality == 100. && config.method == 6 && - pic.width * pic.height >= 16 * 16) { - config.lossless = 0; - } - if (config.alpha_quality == 100 && config.method == 6 && - pic.width * pic.height >= 16 * 16) { - config.alpha_quality = 99; + // Skip slow settings on big images, it's likely to timeout. + if (pic.width * pic.height > 16 * 16) { + if (config.lossless) { + if (config.quality >= 99.0f && config.method >= 5) { + config.quality = 99.0f; + config.method = 5; + } + } else { + if (config.quality >= 99.0f && config.method == 6) { + config.quality = 99.0f; + } + } } // Encode. |