diff options
| author |  Kevin Lubick <kjlubick@google.com> | 2018-01-11 10:27:14 -0500 |
|---|---|---|
| committer |  Skia Commit-Bot <skia-commit-bot@chromium.org> | 2018-01-11 19:42:53 +0000 |
| commit | 2541edf0c6f9dc6897853efe546b5c215034ad49 (patch) | |
| tree | ed23f1aadc624f27fde4e2f53c6960488152b42f /fuzz/oss_fuzz | |
| parent | b5ef1f9b13e36a427dd6350986d41db208b2df1b (diff) | |
Add in Region SetPath Fuzzer
Also refactor a few things to make it easier to use oss-fuzz.
Bug: skia:
Change-Id: Ie518a6cfc7d57a347b5d09089379f986d33f8b7f
Reviewed-on: https://skia-review.googlesource.com/41740
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Mike Klein <mtklein@google.com>
Diffstat (limited to 'fuzz/oss_fuzz')
| -rw-r--r-- | fuzz/oss_fuzz/FuzzRegionDeserialize.cpp | 39 | ||||
| -rw-r--r-- | fuzz/oss_fuzz/FuzzRegionSetPath.cpp | 46 |
2 files changed, 85 insertions, 0 deletions
diff --git a/fuzz/oss_fuzz/FuzzRegionDeserialize.cpp b/fuzz/oss_fuzz/FuzzRegionDeserialize.cpp new file mode 100644 index 0000000000..c5b37cb68e --- /dev/null +++ b/fuzz/oss_fuzz/FuzzRegionDeserialize.cpp @@ -0,0 +1,39 @@ +/* + * Copyright 2018 Google Inc. + * + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + + +#include "SkCanvas.h" +#include "SkPaint.h" +#include "SkRegion.h" +#include "SkSurface.h" + +bool FuzzRegionDeserialize(sk_sp<SkData> bytes) { + SkRegion region; + if (!region.readFromMemory(bytes->data(), bytes->size())) { + return false; + } + region.computeRegionComplexity(); + region.isComplex(); + SkRegion r2; + if (region == r2) { + region.contains(0,0); + } else { + region.contains(1,1); + } + auto s = SkSurface::MakeRasterN32Premul(1024, 1024); + s->getCanvas()->drawRegion(region, SkPaint()); + SkDEBUGCODE(region.validate()); + return true; +} + +#if defined(IS_FUZZING_WITH_LIBFUZZER) +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + auto bytes = SkData::MakeWithoutCopy(data, size); + FuzzRegionDeserialize(bytes); + return 0; +} +#endif diff --git a/fuzz/oss_fuzz/FuzzRegionSetPath.cpp b/fuzz/oss_fuzz/FuzzRegionSetPath.cpp new file mode 100644 index 0000000000..e51a4c03f0 --- /dev/null +++ b/fuzz/oss_fuzz/FuzzRegionSetPath.cpp @@ -0,0 +1,46 @@ +/* + * Copyright 2018 Google Inc. + * + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +#include "../Fuzz.h" +#include "../FuzzCommon.h" +#include "SkData.h" +#include "SkPath.h" +#include "SkRegion.h" + + +void FuzzRegionSetPath(Fuzz* fuzz) { + SkPath p; + fuzz_path(fuzz, &p, 1000); + SkRegion r1; + bool initR1; + fuzz->next(&initR1); + if (initR1) { + fuzz->next(&r1); + } + SkRegion r2; + fuzz->next(&r2); + + r1.setPath(p, r2); + + // Do some follow on computations to make sure region is well-formed. + r1.computeRegionComplexity(); + r1.isComplex(); + if (r1 == r2) { + r1.contains(0,0); + } else { + r1.contains(1,1); + } +} + +#if defined(IS_FUZZING_WITH_LIBFUZZER) +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + sk_sp<SkData> bytes(SkData::MakeWithoutCopy(data, size)); + Fuzz fuzz(bytes); + FuzzRegionSetPath(&fuzz); + return 0; +} +#endif |