Coverage Report

Created: 2022-05-03 06:27

/src/fuzz/pixbuf_file_fuzzer.c
Line
Count
Source (jump to first uncovered line)
1
// Copyright 2020 Google LLC
2
//
3
// Licensed under the Apache License, Version 2.0 (the "License");
4
// you may not use this file except in compliance with the License.
5
// You may obtain a copy of the License at
6
//
7
//      http://www.apache.org/licenses/LICENSE-2.0
8
//
9
// Unless required by applicable law or agreed to in writing, software
10
// distributed under the License is distributed on an "AS IS" BASIS,
11
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
// See the License for the specific language governing permissions and
13
// limitations under the License.
14
15
#include <stdint.h>
16
#include <gdk-pixbuf/gdk-pixbuf.h>
17
18
#include "fuzzer_temp_file.h"
19
20
9.88k
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
21
9.88k
    if (size < 1) {
22
0
        return 0;
23
0
    }
24
9.88k
    GdkPixbuf *pixbuf;
25
9.88k
    GError *error = NULL;
26
27
9.88k
    char *tmpfile = fuzzer_get_tmpfile(data, size);
28
9.88k
    pixbuf = gdk_pixbuf_new_from_file(tmpfile, &error);
29
9.88k
    if (error != NULL) {
30
9.88k
        g_clear_error(&error);
31
9.88k
        fuzzer_release_tmpfile(tmpfile);
32
9.88k
        return 0;
33
9.88k
    }
34
35
0
    char *buf = (char *) calloc(size + 1, sizeof(char));
36
0
    memcpy(buf, data, size);
37
0
    buf[size] = '\0';
38
39
0
    gdk_pixbuf_get_width(pixbuf);
40
0
    gdk_pixbuf_get_height(pixbuf);
41
0
    gdk_pixbuf_get_bits_per_sample(pixbuf);
42
0
    gdk_pixbuf_scale(pixbuf, pixbuf,
43
0
            0, 0, 
44
0
            gdk_pixbuf_get_width(pixbuf) / 4, 
45
0
            gdk_pixbuf_get_height(pixbuf) / 4,
46
0
            0, 0, 0.5, 0.5,
47
0
            GDK_INTERP_NEAREST);
48
0
    unsigned int rot_amount = ((unsigned int) data[0]) % 4;
49
0
    pixbuf = gdk_pixbuf_rotate_simple(pixbuf, rot_amount * 90);
50
0
    gdk_pixbuf_set_option(pixbuf, buf, buf);
51
0
    gdk_pixbuf_get_option(pixbuf, buf);
52
53
0
    free(buf);
54
0
    g_clear_object(&pixbuf);
55
0
    fuzzer_release_tmpfile(tmpfile);
56
0
    return 0;
57
9.88k
}