AuroraMiddleware/harfbuzz
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
07acd1a042
harfbuzz/test/fuzzing
History
Ebrahim Byagowi 0d729b4b72 [avar] Fix out-of-bound read when input is bigger than all the coords 
'i' shouldn't become equal to array's length which as the increament
is happened at end of the loop, if the input is bigger than all the
table coords, it will be equal to array's length.

Fixes https://crbug.com/oss-fuzz/21092
2020-03-07 13:20:41 +03:30
..
fonts [avar] Fix out-of-bound read when input is bigger than all the coords 2020-03-07 13:20:41 +03:30
sets [fuzz] minor, move two fuzzer cases to their correct place 2020-02-12 19:17:18 +03:30
CMakeLists.txt Remove remains of get-codepoint-fuzzer 2018-10-11 17:31:29 -04:00
hb-draw-fuzzer.cc [draw] minor 2020-02-29 16:12:54 +03:30
hb-fuzzer.hh [fuzzer] Separate main() into a new file 2016-12-20 20:50:38 -06:00
hb-set-fuzzer.cc [fuzz] minor style fixes 2020-02-12 19:30:31 +03:30
hb-shape-fuzzer.cc [fuzz] Avoid empty memcpy and ubsan complain by length checking before memcpy 2020-03-03 21:39:22 +03:30
hb-subset-fuzzer.cc [fuzz] Don't fail when blob is empty 2019-07-11 14:31:55 +04:30
main.cc [fuzz] minor don't abort main.cc when the file was empty or not found 2020-02-26 16:15:17 +03:30
Makefile.am [draw] Add fuzzer runner 2020-02-28 19:57:56 +03:30
README Move all references of old url to the new address (#622) 2017-11-20 14:49:22 -05:00
run-draw-fuzzer-tests.py [draw] Add fuzzer runner 2020-02-28 19:57:56 +03:30
run-shape-fuzzer-tests.py Remove python2 support from tests/utils scripts 2020-02-19 16:17:45 +03:30
run-subset-fuzzer-tests.py Remove python2 support from tests/utils scripts 2020-02-19 16:17:45 +03:30

README 

In order to build the fuzzer one needs to build HarfBuzz and
harfbuzz/test/fuzzing/hb-fuzzer.cc with:
  - Using the most recent Clang
  - With -fsanitize=address (or =undefined, or a combination)
  - With -fsanitize-coverage=edge[,8bit-counters,trace-cmp]
  - With various defines that limit worst case exponential behavior.
    See FUZZING_CPPFLAGS in harfbuzz/src/Makefile.am for the list.
  - link against libFuzzer

To run the fuzzer one needs to first obtain a test corpus as a directory
containing interesting fonts.  A good starting point is inside
harfbuzz/test/shaping/fonts/fonts/.
Then, run the fuzzer like this:
   ./hb-fuzzer -max_len=2048 CORPUS_DIR
Where max_len specifies the maximal length of font files to handle.
The smaller the faster.

For more details consult the following locations:
  - http://llvm.org/docs/LibFuzzer.html or
  - https://github.com/google/libfuzzer-bot/tree/master/harfbuzz
  - https://github.com/harfbuzz/harfbuzz/issues/139