diff options
| author |  Google AutoFuzz Team <security-tps@google.com> | 2020-05-06 20:16:27 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2020-05-06 11:16:27 -0700 |
| commit | 8613dc9d80d98b4217f15ec427de6f7bf157ba37 (patch) | |
| tree | c770251d7d871f47636a36e8bbfa0b740c1b5bc7 /projects/zopfli | |
| parent | dc4be108964bbb318f273e9c0046a300c879b90b (diff) | |
[zopfli] Add another fuzzer (#3767)
* add new fuzzer and modified Dockerfile
* modify build file
Diffstat (limited to 'projects/zopfli')
| -rw-r--r-- | projects/zopfli/Dockerfile | 2 | ||||
| -rw-r--r-- | projects/zopfli/zopfli_deflate_fuzzer.cc | 45 |
2 files changed, 46 insertions, 1 deletions
diff --git a/projects/zopfli/Dockerfile b/projects/zopfli/Dockerfile index f4fe9852..378b76e8 100644 --- a/projects/zopfli/Dockerfile +++ b/projects/zopfli/Dockerfile @@ -19,4 +19,4 @@ MAINTAINER lode@google.com RUN apt-get update && apt-get install -y make autoconf automake libtool RUN git clone --depth 1 https://github.com/google/zopfli WORKDIR zopfli -COPY build.sh zopfli_compress_fuzzer.cc $SRC/ +COPY build.sh *.cc $SRC/ diff --git a/projects/zopfli/zopfli_deflate_fuzzer.cc b/projects/zopfli/zopfli_deflate_fuzzer.cc new file mode 100644 index 00000000..07b50c95 --- /dev/null +++ b/projects/zopfli/zopfli_deflate_fuzzer.cc @@ -0,0 +1,45 @@ +// Copyright 2019 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +#include <fuzzer/FuzzedDataProvider.h> + +#include <string> + +#include "deflate.h" +#include "zopfli.h" + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + ZopfliOptions options; + ZopfliInitOptions(&options); + + FuzzedDataProvider stream(data, size); + + // From documentation: valid values for btype are 0, 1, or 2. + const int btype = stream.PickValueInArray({0, 1, 2}); + // The final parameter is an int but it is used as a bool. + const int is_final = stream.ConsumeIntegralInRange(0, 1); + const std::string input = stream.ConsumeRemainingBytesAsString(); + + unsigned char* out = nullptr; + size_t outsize = 0; + unsigned char bp = 0; // Apparently must be zero. + ZopfliDeflate(&options, btype, is_final, + reinterpret_cast<const unsigned char*>(input.data()), + input.size(), &bp, &out, &outsize); + + if (out != nullptr) { + free(out); + } + + return 0; +} |