/src/fuzz/animation_fuzzer.c

Source
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

#include <stdint.h>
#include <gdk-pixbuf/gdk-pixbuf.h>

#include "fuzzer_temp_file.h"

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
    if (size < 1) {
        return 0;
    }
    GError *error = NULL;
    GdkPixbuf *pixbuf;
    GdkPixbufAnimation *anim;

    char *tmpfile = fuzzer_get_tmpfile(data, size);
    anim = gdk_pixbuf_animation_new_from_file(tmpfile, &error);
    if (error != NULL) {
        g_clear_error(&error);
        fuzzer_release_tmpfile(tmpfile);
        return 0;
    }

    char *buf = (char *) calloc(size + 1, sizeof(char));
    memcpy(buf, data, size);
    buf[size] = '\0';

    pixbuf = gdk_pixbuf_animation_get_static_image(anim);
    if (pixbuf != NULL) {
        unsigned int rot_amount = ((unsigned int) data[0]) % 4;
        pixbuf = gdk_pixbuf_rotate_simple(pixbuf, rot_amount * 90);
        gdk_pixbuf_set_option(pixbuf, buf, buf);
        gdk_pixbuf_get_pixels(pixbuf);
        gdk_pixbuf_get_width(pixbuf);
        gdk_pixbuf_get_height(pixbuf);
        g_object_unref(pixbuf);
    }

    free(buf);
    g_object_unref(anim);
    fuzzer_release_tmpfile(tmpfile);
    return 0;
}

Line	Count	Source
1		// Copyright 2020 Google LLC
2		//
3		// Licensed under the Apache License, Version 2.0 (the "License");
4		// you may not use this file except in compliance with the License.
5		// You may obtain a copy of the License at
6		//
7		// http://www.apache.org/licenses/LICENSE-2.0
8		//
9		// Unless required by applicable law or agreed to in writing, software
10		// distributed under the License is distributed on an "AS IS" BASIS,
11		// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		// See the License for the specific language governing permissions and
13		// limitations under the License.
14
15		#include <stdint.h>
16		#include <gdk-pixbuf/gdk-pixbuf.h>
17
18		#include "fuzzer_temp_file.h"
19
20	1.49k	int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
21	1.49k	if (size < 1) {
22	0	return 0;
23	0	}
24	1.49k	GError *error = NULL;
25	1.49k	GdkPixbuf *pixbuf;
26	1.49k	GdkPixbufAnimation *anim;
27
28	1.49k	char *tmpfile = fuzzer_get_tmpfile(data, size);
29	1.49k	anim = gdk_pixbuf_animation_new_from_file(tmpfile, &error);
30	1.49k	if (error != NULL) {
31	1.19k	g_clear_error(&error);
32	1.19k	fuzzer_release_tmpfile(tmpfile);
33	1.19k	return 0;
34	1.19k	}
35
36	297	char buf = (char ) calloc(size + 1, sizeof(char));
37	297	memcpy(buf, data, size);
38	297	buf[size] = '\0';
39
40	297	pixbuf = gdk_pixbuf_animation_get_static_image(anim);
41	297	if (pixbuf != NULL) {
42	297	unsigned int rot_amount = ((unsigned int) data[0]) % 4;
43	297	pixbuf = gdk_pixbuf_rotate_simple(pixbuf, rot_amount * 90);
44	297	gdk_pixbuf_set_option(pixbuf, buf, buf);
45	297	gdk_pixbuf_get_pixels(pixbuf);
46	297	gdk_pixbuf_get_width(pixbuf);
47	297	gdk_pixbuf_get_height(pixbuf);
48	297	g_object_unref(pixbuf);
49	297	}
50
51	297	free(buf);
52	297	g_object_unref(anim);
53	297	fuzzer_release_tmpfile(tmpfile);
54	297	return 0;
55	1.49k	}

Coverage Report

Created: 2026-02-14 07:17