diff options
| author | Ravi Jotwani <rjotwani@google.com> | 2020-08-07 11:40:34 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-08-07 11:40:34 -0700 |
| commit | 7ff3b68f7e3d636c7f55337167b4e736076f557d (patch) | |
| tree | e679fcdfbfe9b3fc34638503e01daeb3adc2a27b /projects/openexr | |
| parent | cd5123192fa2f9cf625f5f6e9c95af75715363c6 (diff) | |
| download | oss-fuzz-7ff3b68f7e3d636c7f55337167b4e736076f557d.tar.gz | |
[openexr] Using different file utilities to write files to /tmp (#4218)
* using tidy_html5's fuzzer_temp_file utilities to create a file from fuzzing input in /tmp
* used FuzzerTemporaryFile class, updated copyright year
* catch all exceptions instead of a select few, fix styling in openexr_exrheader_fuzzer
* updating fuzzer_temp_file.h with the changes mentioned in https://github.com/google/oss-fuzz/pull/4236
Diffstat (limited to 'projects/openexr')
| -rw-r--r-- | projects/openexr/Dockerfile | 2 | ||||
| -rwxr-xr-x | projects/openexr/build.sh | 1 | ||||
| -rw-r--r-- | projects/openexr/fuzzer_temp_file.h | 81 | ||||
| -rw-r--r-- | projects/openexr/openexr_exrenvmap_fuzzer.cc | 39 | ||||
| -rw-r--r-- | projects/openexr/openexr_exrheader_fuzzer.cc | 276 |
5 files changed, 212 insertions, 187 deletions
diff --git a/projects/openexr/Dockerfile b/projects/openexr/Dockerfile index 529b9b1e4..8757145f9 100644 --- a/projects/openexr/Dockerfile +++ b/projects/openexr/Dockerfile @@ -18,4 +18,4 @@ FROM gcr.io/oss-fuzz-base/base-builder RUN apt-get update && apt-get install -y make autoconf automake libtool zlib1g-dev RUN git clone --depth 1 https://github.com/AcademySoftwareFoundation/openexr openexr WORKDIR openexr -COPY build.sh *_fuzzer.cc $SRC/ +COPY build.sh *_fuzzer.cc *.h $SRC/ diff --git a/projects/openexr/build.sh b/projects/openexr/build.sh index 990f1559f..dcf71f845 100755 --- a/projects/openexr/build.sh +++ b/projects/openexr/build.sh @@ -31,6 +31,7 @@ make -j$(nproc) ar -qc $WORK/OpenEXR/libOpenexrUtils.a $(find $WORK/ -name "*.o") INCLUDES=( + "-I $SRC" "-I $SRC/openexr/OpenEXR/IlmImf" "-I $SRC/openexr/OpenEXR/exrenvmap" "-I $SRC/openexr/IlmBase/Imath" diff --git a/projects/openexr/fuzzer_temp_file.h b/projects/openexr/fuzzer_temp_file.h new file mode 100644 index 000000000..b5442f164 --- /dev/null +++ b/projects/openexr/fuzzer_temp_file.h @@ -0,0 +1,81 @@ +// Copyright 2020 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Adapter utility from fuzzer input to a temporary file, for fuzzing APIs that +// require a file instead of an input buffer. + +#ifndef FUZZER_TEMP_FILE_H_ +#define FUZZER_TEMP_FILE_H_ + +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + +// Pure-C interface for creating and cleaning up temporary files. + +static char *fuzzer_get_tmpfile(const uint8_t *data, size_t size) { + char *filename_buffer = strdup("/tmp/generate_temporary_file.XXXXXX"); + if (!filename_buffer) { + perror("Failed to allocate file name buffer."); + abort(); + } + const int file_descriptor = mkstemp(filename_buffer); + if (file_descriptor < 0) { + perror("Failed to make temporary file."); + abort(); + } + FILE *file = fdopen(file_descriptor, "wb"); + if (!file) { + perror("Failed to open file descriptor."); + close(file_descriptor); + abort(); + } + const size_t bytes_written = fwrite(data, sizeof(uint8_t), size, file); + if (bytes_written != size) { + fclose(file); + fprintf(stderr, "Failed to write all bytes to file (%zu out of %zu)", + bytes_written, size); + abort(); + } + fclose(file); + return filename_buffer; +} + +static void fuzzer_release_tmpfile(char *filename) { + if (unlink(filename) != 0) { + perror("WARNING: Failed to delete temporary file."); + } + free(filename); +} + +// C++ RAII object for creating temporary files. + +#ifdef __cplusplus +class FuzzerTemporaryFile { +public: + FuzzerTemporaryFile(const uint8_t *data, size_t size) + : filename_(fuzzer_get_tmpfile(data, size)) {} + + ~FuzzerTemporaryFile() { fuzzer_release_tmpfile(filename_); } + + const char *filename() const { return filename_; } + +private: + char *filename_; +}; +#endif + +#endif // FUZZER_TEMP_FILE_H_ diff --git a/projects/openexr/openexr_exrenvmap_fuzzer.cc b/projects/openexr/openexr_exrenvmap_fuzzer.cc index b9be068df..68c66437f 100644 --- a/projects/openexr/openexr_exrenvmap_fuzzer.cc +++ b/projects/openexr/openexr_exrenvmap_fuzzer.cc @@ -12,22 +12,24 @@ // See the License for the specific language governing permissions and // limitations under the License. -#include <makeCubeMap.h> -#include <makeLatLongMap.h> -#include <blurImage.h> #include <EnvmapImage.h> #include <ImfEnvmap.h> #include <ImfHeader.h> +#include <blurImage.h> +#include <makeCubeMap.h> +#include <makeLatLongMap.h> -#include <iostream> #include <exception> -#include <string> -#include <string.h> +#include <iostream> #include <stdint.h> #include <stdio.h> #include <stdlib.h> +#include <string.h> +#include <string> #include <unistd.h> +#include "fuzzer_temp_file.h" + using namespace OPENEXR_IMF_NAMESPACE; using namespace std; @@ -56,8 +58,10 @@ static char *buf_to_file(const char *buf, size_t size) { extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - char *file = buf_to_file((const char *)data, size); - if (!file) return 0; + FuzzerTemporaryFile tempFile(data, size); + const char *filename = tempFile.filename(); + if (!filename) + return 0; Envmap overrideInputType = NUM_ENVMAPTYPES; LevelMode levelMode = ONE_LEVEL; @@ -74,22 +78,15 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { RgbaChannels channels; try { - readInputImage (file, 0, 0, - overrideInputType, false, - image, header, channels); + readInputImage(filename, 0, 0, overrideInputType, false, image, header, + channels); - makeCubeMap (image, header, channels, - "/dev/null", - tileWidth, tileHeight, - levelMode, roundingMode, - compression, mapWidth, - filterRadius, numSamples, - false); + makeCubeMap(image, header, channels, "/dev/null", tileWidth, tileHeight, + levelMode, roundingMode, compression, mapWidth, filterRadius, + numSamples, false); } catch (...) { + ; } - unlink(file); - free(file); - return 0; } diff --git a/projects/openexr/openexr_exrheader_fuzzer.cc b/projects/openexr/openexr_exrheader_fuzzer.cc index 33c8534b1..c77105914 100644 --- a/projects/openexr/openexr_exrheader_fuzzer.cc +++ b/projects/openexr/openexr_exrheader_fuzzer.cc @@ -13,7 +13,6 @@ // limitations under the License. #include "ImfNamespace.h" -#include <ImfMultiPartInputFile.h> #include <ImfBoxAttribute.h> #include <ImfChannelListAttribute.h> #include <ImfChromaticitiesAttribute.h> @@ -21,202 +20,149 @@ #include <ImfDoubleAttribute.h> #include <ImfEnvmapAttribute.h> #include <ImfFloatAttribute.h> +#include <ImfHeader.h> #include <ImfIntAttribute.h> #include <ImfKeyCodeAttribute.h> #include <ImfLineOrderAttribute.h> #include <ImfMatrixAttribute.h> +#include <ImfMultiPartInputFile.h> #include <ImfPreviewImageAttribute.h> #include <ImfRationalAttribute.h> +#include <ImfStdIO.h> #include <ImfStringAttribute.h> #include <ImfStringVectorAttribute.h> #include <ImfTileDescriptionAttribute.h> #include <ImfTimeCodeAttribute.h> #include <ImfVecAttribute.h> #include <ImfVersion.h> -#include <ImfHeader.h> -#include <ImfStdIO.h> -#include <iostream> #include <iomanip> +#include <iostream> using namespace OPENEXR_IMF_NAMESPACE; using namespace std; -void -dumpTimeCode (TimeCode tc) -{ - tc.hours(); - tc.minutes(); - tc.seconds(); - tc.frame(); - - tc.dropFrame(); - tc.colorFrame(); - tc.fieldPhase(); - tc.bgf0(); - tc.bgf1(); - tc.bgf2(); - tc.userData(); +void dumpTimeCode(TimeCode tc) { + tc.hours(); + tc.minutes(); + tc.seconds(); + tc.frame(); + + tc.dropFrame(); + tc.colorFrame(); + tc.fieldPhase(); + tc.bgf0(); + tc.bgf1(); + tc.bgf2(); + tc.userData(); } -void -dumpChannelList (const ChannelList &cl) -{ - for (ChannelList::ConstIterator i = cl.begin(); i != cl.end(); ++i) - { - i.name(); - i.channel(); - } +void dumpChannelList(const ChannelList &cl) { + for (ChannelList::ConstIterator i = cl.begin(); i != cl.end(); ++i) { + i.name(); + i.channel(); + } } +void dumpInfo(IStream &is) { + MultiPartInputFile in(is, 0); + int parts = in.parts(); -void -dumpInfo (IStream &is) -{ - MultiPartInputFile in(is, 0); - int parts = in.parts(); - - getVersion(in.version()); - getFlags(in.version()); - - for (int p = 0; p < parts ; ++p) - { - const Header & h = in.header (p); + getVersion(in.version()); + getFlags(in.version()); - if (parts != 1) - { - in.partComplete(p); - } + for (int p = 0; p < parts; ++p) { + const Header &h = in.header(p); - for (Header::ConstIterator i = h.begin(); i != h.end(); ++i) - { - const Attribute *a = &i.attribute(); - i.name(); - a->typeName(); - - if (const Box2iAttribute *ta = - dynamic_cast <const Box2iAttribute *> (a)) - { - ta->value(); - } - - else if (const Box2fAttribute *ta = - dynamic_cast <const Box2fAttribute *> (a)) - { - ta->value(); - } - else if (const ChannelListAttribute *ta = - dynamic_cast <const ChannelListAttribute *> (a)) - { - dumpChannelList(ta->value()); - } - else if (const ChromaticitiesAttribute *ta = - dynamic_cast <const ChromaticitiesAttribute *> (a)) - { - ta->value(); - } - else if (const DoubleAttribute *ta = - dynamic_cast <const DoubleAttribute *> (a)) - { - ta->value(); - } - else if (const FloatAttribute *ta = - dynamic_cast <const FloatAttribute *> (a)) - { - ta->value(); - } - else if (const IntAttribute *ta = - dynamic_cast <const IntAttribute *> (a)) - { - ta->value(); - } - else if (const KeyCodeAttribute *ta = - dynamic_cast <const KeyCodeAttribute *> (a)) - { - ta->value().filmMfcCode(); - ta->value().filmType(); - ta->value().prefix(); - ta->value().count(); - ta->value().perfOffset(); - ta->value().perfsPerFrame(); - ta->value().perfsPerCount(); - } - else if (const M33fAttribute *ta = - dynamic_cast <const M33fAttribute *> (a)) - { - ta->value(); - } - else if (const M44fAttribute *ta = - dynamic_cast <const M44fAttribute *> (a)) - { - ta->value(); - } - else if (const PreviewImageAttribute *ta = - dynamic_cast <const PreviewImageAttribute *> (a)) - { - ta->value().width(); - ta->value().height(); - } - else if (const StringAttribute *ta = - dynamic_cast <const StringAttribute *> (a)) - { - ta->value(); - } - else if (const StringVectorAttribute * ta = - dynamic_cast<const StringVectorAttribute *>(a)) - { - for (StringVector::const_iterator i = ta->value().begin(); - i != ta->value().end(); - ++i) - { - *i; - } - } - else if (const RationalAttribute *ta = - dynamic_cast <const RationalAttribute *> (a)) - { - ta->value(); - } - else if (const TileDescriptionAttribute *ta = - dynamic_cast <const TileDescriptionAttribute *> (a)) - { - ta->value(); - - } - else if (const TimeCodeAttribute *ta = - dynamic_cast <const TimeCodeAttribute *> (a)) - { - dumpTimeCode (ta->value()); - } - else if (const V2iAttribute *ta = - dynamic_cast <const V2iAttribute *> (a)) - { - ta->value(); - } - else if (const V2fAttribute *ta = - dynamic_cast <const V2fAttribute *> (a)) - { - ta->value(); - } - else if (const V3iAttribute *ta = - dynamic_cast <const V3iAttribute *> (a)) - { - ta->value(); - } - else if (const V3fAttribute *ta = - dynamic_cast <const V3fAttribute *> (a)) - { - ta->value(); - } + if (parts != 1) { + in.partComplete(p); + } + for (Header::ConstIterator i = h.begin(); i != h.end(); ++i) { + const Attribute *a = &i.attribute(); + i.name(); + a->typeName(); + + if (const Box2iAttribute *ta = dynamic_cast<const Box2iAttribute *>(a)) { + ta->value(); + } + + else if (const Box2fAttribute *ta = + dynamic_cast<const Box2fAttribute *>(a)) { + ta->value(); + } else if (const ChannelListAttribute *ta = + dynamic_cast<const ChannelListAttribute *>(a)) { + dumpChannelList(ta->value()); + } else if (const ChromaticitiesAttribute *ta = + dynamic_cast<const ChromaticitiesAttribute *>(a)) { + ta->value(); + } else if (const DoubleAttribute *ta = + dynamic_cast<const DoubleAttribute *>(a)) { + ta->value(); + } else if (const FloatAttribute *ta = + dynamic_cast<const FloatAttribute *>(a)) { + ta->value(); + } else if (const IntAttribute *ta = + dynamic_cast<const IntAttribute *>(a)) { + ta->value(); + } else if (const KeyCodeAttribute *ta = + dynamic_cast<const KeyCodeAttribute *>(a)) { + ta->value().filmMfcCode(); + ta->value().filmType(); + ta->value().prefix(); + ta->value().count(); + ta->value().perfOffset(); + ta->value().perfsPerFrame(); + ta->value().perfsPerCount(); + } else if (const M33fAttribute *ta = + dynamic_cast<const M33fAttribute *>(a)) { + ta->value(); + } else if (const M44fAttribute *ta = + dynamic_cast<const M44fAttribute *>(a)) { + ta->value(); + } else if (const PreviewImageAttribute *ta = + dynamic_cast<const PreviewImageAttribute *>(a)) { + ta->value().width(); + ta->value().height(); + } else if (const StringAttribute *ta = + dynamic_cast<const StringAttribute *>(a)) { + ta->value(); + } else if (const StringVectorAttribute *ta = + dynamic_cast<const StringVectorAttribute *>(a)) { + for (StringVector::const_iterator i = ta->value().begin(); + i != ta->value().end(); ++i) { + *i; } + } else if (const RationalAttribute *ta = + dynamic_cast<const RationalAttribute *>(a)) { + ta->value(); + } else if (const TileDescriptionAttribute *ta = + dynamic_cast<const TileDescriptionAttribute *>(a)) { + ta->value(); + + } else if (const TimeCodeAttribute *ta = + dynamic_cast<const TimeCodeAttribute *>(a)) { + dumpTimeCode(ta->value()); + } else if (const V2iAttribute *ta = + dynamic_cast<const V2iAttribute *>(a)) { + ta->value(); + } else if (const V2fAttribute *ta = + dynamic_cast<const V2fAttribute *>(a)) { + ta->value(); + } else if (const V3iAttribute *ta = + dynamic_cast<const V3iAttribute *>(a)) { + ta->value(); + } else if (const V3fAttribute *ta = + dynamic_cast<const V3fAttribute *>(a)) { + ta->value(); + } } - + } } extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - const std::string s(reinterpret_cast<const char*>(data), size); + const std::string s(reinterpret_cast<const char *>(data), size); StdISStream is; is.str(s); |