diff options
author | Kevin Lubick <kjlubick@google.com> | 2018-02-12 08:26:39 -0500 |
---|---|---|
committer | Skia Commit-Bot <skia-commit-bot@chromium.org> | 2018-02-12 15:25:59 +0000 |
commit | 2416f968a69ff71f83eb17e97d1cb6448c916a69 (patch) | |
tree | 91e1846328cae9f649f0768b9401faea7ab11885 /include/private/SkMalloc.h | |
parent | 77295347c229fa4353e09d97961546ce3c9391e5 (diff) |
Add 2 fuzz targets for image decoding (oss-fuzz)
This also adds in a few small guards to prevent libfuzzer from frequently
running out of memory when an image claims to have billions of pixels.
Bug: skia:
Change-Id: I47a9daac832c4d85a42000698482b61721c38880
Reviewed-on: https://skia-review.googlesource.com/106264
Commit-Queue: Kevin Lubick <kjlubick@google.com>
Reviewed-by: Leon Scroggins <scroggo@google.com>
Diffstat (limited to 'include/private/SkMalloc.h')
-rw-r--r-- | include/private/SkMalloc.h | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/include/private/SkMalloc.h b/include/private/SkMalloc.h index 178e1b83a7..0e41073b0b 100644 --- a/include/private/SkMalloc.h +++ b/include/private/SkMalloc.h @@ -64,6 +64,13 @@ static inline void* sk_calloc_throw(size_t size) { } static inline void* sk_calloc_canfail(size_t size) { +#if defined(IS_FUZZING_WITH_LIBFUZZER) + // The Libfuzzer environment is very susceptible to OOM, so to avoid those + // just pretend we can't allocate more than 200kb. + if (size > 200000) { + return nullptr; + } +#endif return sk_malloc_flags(size, SK_MALLOC_ZERO_INITIALIZE); } @@ -76,6 +83,13 @@ SK_API extern void* sk_realloc_throw(void* buffer, size_t count, size_t elemSize * These variants return nullptr on failure */ static inline void* sk_malloc_canfail(size_t size) { +#if defined(IS_FUZZING_WITH_LIBFUZZER) + // The Libfuzzer environment is very susceptible to OOM, so to avoid those + // just pretend we can't allocate more than 200kb. + if (size > 200000) { + return nullptr; + } +#endif return sk_malloc_flags(size, 0); } SK_API extern void* sk_malloc_canfail(size_t count, size_t elemSize); |