/src/fuzz/animation_fuzzer.c

Source
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

#include <stdint.h>
#include <gdk-pixbuf/gdk-pixbuf.h>

#include "fuzzer_temp_file.h"

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
    if (size < 1) {
        return 0;
    }
    GError *error = NULL;
    GdkPixbuf *pixbuf;
    GdkPixbufAnimation *anim;

    char *tmpfile = fuzzer_get_tmpfile(data, size);
    anim = gdk_pixbuf_animation_new_from_file(tmpfile, &error);
    if (error != NULL) {
        g_clear_error(&error);
        fuzzer_release_tmpfile(tmpfile);
        return 0;
    }

    char *buf = (char *) calloc(size + 1, sizeof(char));
    memcpy(buf, data, size);
    buf[size] = '\0';

    pixbuf = gdk_pixbuf_animation_get_static_image(anim);
    if (pixbuf != NULL) {
        unsigned int rot_amount = ((unsigned int) data[0]) % 4;
        pixbuf = gdk_pixbuf_rotate_simple(pixbuf, rot_amount * 90);
        gdk_pixbuf_set_option(pixbuf, buf, buf);
        gdk_pixbuf_get_pixels(pixbuf);
        gdk_pixbuf_get_width(pixbuf);
        gdk_pixbuf_get_height(pixbuf);
        g_object_unref(pixbuf);
    }

    free(buf);
    g_object_unref(anim);
    fuzzer_release_tmpfile(tmpfile);
    return 0;
}

Line	Count	Source
1		// Copyright 2020 Google LLC
2		//
3		// Licensed under the Apache License, Version 2.0 (the "License");
4		// you may not use this file except in compliance with the License.
5		// You may obtain a copy of the License at
6		//
7		// http://www.apache.org/licenses/LICENSE-2.0
8		//
9		// Unless required by applicable law or agreed to in writing, software
10		// distributed under the License is distributed on an "AS IS" BASIS,
11		// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		// See the License for the specific language governing permissions and
13		// limitations under the License.
14
15		#include <stdint.h>
16		#include <gdk-pixbuf/gdk-pixbuf.h>
17
18		#include "fuzzer_temp_file.h"
19
20	2.04k	int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
21	2.04k	if (size < 1) {
22	0	return 0;
23	0	}
24	2.04k	GError *error = NULL;
25	2.04k	GdkPixbuf *pixbuf;
26	2.04k	GdkPixbufAnimation *anim;
27
28	2.04k	char *tmpfile = fuzzer_get_tmpfile(data, size);
29	2.04k	anim = gdk_pixbuf_animation_new_from_file(tmpfile, &error);
30	2.04k	if (error != NULL) {
31	1.65k	g_clear_error(&error);
32	1.65k	fuzzer_release_tmpfile(tmpfile);
33	1.65k	return 0;
34	1.65k	}
35
36	395	char buf = (char ) calloc(size + 1, sizeof(char));
37	395	memcpy(buf, data, size);
38	395	buf[size] = '\0';
39
40	395	pixbuf = gdk_pixbuf_animation_get_static_image(anim);
41	395	if (pixbuf != NULL) {
42	395	unsigned int rot_amount = ((unsigned int) data[0]) % 4;
43	395	pixbuf = gdk_pixbuf_rotate_simple(pixbuf, rot_amount * 90);
44	395	gdk_pixbuf_set_option(pixbuf, buf, buf);
45	395	gdk_pixbuf_get_pixels(pixbuf);
46	395	gdk_pixbuf_get_width(pixbuf);
47	395	gdk_pixbuf_get_height(pixbuf);
48	395	g_object_unref(pixbuf);
49	395	}
50
51	395	free(buf);
52	395	g_object_unref(anim);
53	395	fuzzer_release_tmpfile(tmpfile);
54	395	return 0;
55	2.04k	}

Coverage Report

Created: 2026-03-31 06:14