From 08816117788491a989888c30b9676bc8d7849f96 Mon Sep 17 00:00:00 2001 From: Ebrahim Byagowi Date: Sat, 20 Jun 2020 01:02:50 +0430 Subject: [PATCH] [fuzzer] Make some use for test_font API calls Making some use for result of some of the test_font calls to make sure compilers in fuzzers aren't just optimizing the calls. --- test/api/test-ot-face.c | 42 ++++++++++++++++++++------------- test/fuzzing/hb-shape-fuzzer.cc | 8 +++---- 2 files changed, 30 insertions(+), 20 deletions(-) diff --git a/test/api/test-ot-face.c b/test/api/test-ot-face.c index e2297b23e..6a8ebcdf3 100644 --- a/test/api/test-ot-face.c +++ b/test/api/test-ot-face.c @@ -32,17 +32,19 @@ /* Unit tests for hb-ot-*.h */ - -static void +/* Return some dummy result so that compiler won't just optimize things */ +static long long test_font (hb_font_t *font, hb_codepoint_t cp) { + long long result = 0; + hb_face_t *face = hb_font_get_face (font); hb_set_t *set; - hb_codepoint_t g; - hb_position_t x, y; + hb_codepoint_t g = 0; + hb_position_t x = 0, y = 0; char buf[5] = {0}; - unsigned int len; - hb_glyph_extents_t extents; + unsigned int len = 0; + hb_glyph_extents_t extents = {0}; hb_ot_font_set_funcs (font); set = hb_set_create (); @@ -74,14 +76,17 @@ test_font (hb_font_t *font, hb_codepoint_t cp) hb_ot_color_has_png (face); hb_blob_destroy (hb_ot_color_glyph_reference_png (font, cp)); - hb_aat_layout_feature_type_t feature; - unsigned count = 1; - hb_aat_layout_get_feature_types (face, 0, &count, &feature); - hb_aat_layout_feature_type_get_name_id (face, HB_AAT_LAYOUT_FEATURE_TYPE_CHARACTER_SHAPE); - hb_aat_layout_feature_selector_info_t setting = {0}; - unsigned default_index; - count = 1; - hb_aat_layout_feature_type_get_selector_infos (face, HB_AAT_LAYOUT_FEATURE_TYPE_DESIGN_COMPLEXITY_TYPE, 0, &count, &setting, &default_index); + { + hb_aat_layout_feature_type_t feature = HB_AAT_LAYOUT_FEATURE_TYPE_ALL_TYPOGRAPHIC; + unsigned count = 1; + hb_aat_layout_get_feature_types (face, 0, &count, &feature); + hb_aat_layout_feature_type_get_name_id (face, HB_AAT_LAYOUT_FEATURE_TYPE_CHARACTER_SHAPE); + hb_aat_layout_feature_selector_info_t setting = {0}; + unsigned default_index; + count = 1; + hb_aat_layout_feature_type_get_selector_infos (face, HB_AAT_LAYOUT_FEATURE_TYPE_DESIGN_COMPLEXITY_TYPE, 0, &count, &setting, &default_index); + result += count + feature + setting.disable + setting.disable + setting.name_id + setting.reserved + default_index; + } hb_set_t *lookup_indexes = hb_set_create (); hb_set_add (lookup_indexes, 0); @@ -102,8 +107,8 @@ test_font (hb_font_t *font, hb_codepoint_t cp) hb_ot_layout_get_ligature_carets (font, HB_DIRECTION_LTR, cp, 0, NULL, NULL); { - unsigned temp = 0, temp2; - hb_ot_name_id_t name; + unsigned temp = 0, temp2 = 0; + hb_ot_name_id_t name = HB_OT_NAME_ID_FULL_NAME; hb_ot_layout_get_size_params (face, &temp, &temp, &name, &temp, &temp); hb_tag_t cv01 = HB_TAG ('c','v','0','1'); unsigned feature_index = 0; @@ -116,6 +121,8 @@ test_font (hb_font_t *font, hb_codepoint_t cp) hb_ot_layout_feature_get_characters (face, HB_OT_TAG_GSUB, feature_index, 0, &temp, &g); temp = 1; hb_ot_layout_language_get_feature_indexes (face, HB_OT_TAG_GSUB, 0, 0, 0, &temp, &temp2); + + result += temp + name + feature_index + temp2; } hb_ot_math_has_data (face); @@ -162,6 +169,9 @@ test_font (hb_font_t *font, hb_codepoint_t cp) #endif hb_set_destroy (set); + + return result + g + x + y + buf[0] + buf[1] + buf[2] + buf[3] + buf[4] + len + + extents.height + extents.width + extents.x_bearing + extents.y_bearing; } #ifndef TEST_OT_FACE_NO_MAIN diff --git a/test/fuzzing/hb-shape-fuzzer.cc b/test/fuzzing/hb-shape-fuzzer.cc index eb03132c3..d1687b2ca 100644 --- a/test/fuzzing/hb-shape-fuzzer.cc +++ b/test/fuzzing/hb-shape-fuzzer.cc @@ -42,7 +42,10 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) if (size < len) len = size; if (len) - memcpy(text32, data + size - len, len); + memcpy (text32, data + size - len, len); + + /* Misc calls on font. */ + text32[10] = test_font (font, text32[15]) % 256; hb_buffer_t *buffer = hb_buffer_create (); hb_buffer_add_utf32 (buffer, text32, sizeof (text32) / sizeof (text32[0]), 0, -1); @@ -50,9 +53,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) hb_shape (font, buffer, nullptr, 0); hb_buffer_destroy (buffer); - /* Misc calls on font. */ - test_font (font, text32[15]); - hb_font_destroy (font); hb_face_destroy (face); hb_blob_destroy (blob);