/src/libjpeg-turbo.3.0.x/fuzz/cjpeg.cc
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright (C)2021 D. R. Commander. All Rights Reserved. |
3 | | * |
4 | | * Redistribution and use in source and binary forms, with or without |
5 | | * modification, are permitted provided that the following conditions are met: |
6 | | * |
7 | | * - Redistributions of source code must retain the above copyright notice, |
8 | | * this list of conditions and the following disclaimer. |
9 | | * - Redistributions in binary form must reproduce the above copyright notice, |
10 | | * this list of conditions and the following disclaimer in the documentation |
11 | | * and/or other materials provided with the distribution. |
12 | | * - Neither the name of the libjpeg-turbo Project nor the names of its |
13 | | * contributors may be used to endorse or promote products derived from this |
14 | | * software without specific prior written permission. |
15 | | * |
16 | | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS", |
17 | | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
18 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
19 | | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE |
20 | | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
21 | | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
22 | | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
23 | | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
24 | | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
25 | | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
26 | | * POSSIBILITY OF SUCH DAMAGE. |
27 | | */ |
28 | | |
29 | | /* This fuzz target wraps cjpeg in order to test esoteric compression options |
30 | | as well as the GIF and Targa readers. */ |
31 | | |
32 | | #define main cjpeg_main |
33 | | #define CJPEG_FUZZER |
34 | | extern "C" { |
35 | | #include "../cjpeg.c" |
36 | | } |
37 | | #undef main |
38 | | #undef CJPEG_FUZZER |
39 | | |
40 | | #include <stdint.h> |
41 | | #include <unistd.h> |
42 | | |
43 | | |
44 | | extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) |
45 | 61 | { |
46 | 61 | char filename[FILENAME_MAX] = { 0 }; |
47 | 61 | char *argv1[] = { |
48 | 61 | (char *)"cjpeg", (char *)"-dct", (char *)"float", (char *)"-memdst", |
49 | 61 | (char *)"-optimize", (char *)"-quality", (char *)"100,99,98", |
50 | 61 | (char *)"-restart", (char *)"2", (char *)"-sample", (char *)"4x1,2x2,1x2", |
51 | 61 | (char *)"-targa", NULL |
52 | 61 | }; |
53 | 61 | char *argv2[] = { |
54 | 61 | (char *)"cjpeg", (char *)"-arithmetic", (char *)"-dct", (char *)"float", |
55 | 61 | (char *)"-memdst", (char *)"-quality", (char *)"90,80,70", (char *)"-rgb", |
56 | 61 | (char *)"-sample", (char *)"2x2", (char *)"-smooth", (char *)"50", |
57 | 61 | (char *)"-targa", NULL |
58 | 61 | }; |
59 | 61 | int fd = -1; |
60 | | |
61 | 61 | snprintf(filename, FILENAME_MAX, "/tmp/libjpeg-turbo_cjpeg_fuzz.XXXXXX"); |
62 | 61 | if ((fd = mkstemp(filename)) < 0 || write(fd, data, size) < 0) |
63 | 0 | goto bailout; |
64 | | |
65 | 61 | argv1[12] = argv2[13] = filename; |
66 | | |
67 | 61 | cjpeg_main(13, argv1); |
68 | 61 | cjpeg_main(14, argv2); |
69 | | |
70 | 61 | argv1[12] = argv2[13] = NULL; |
71 | 61 | argv1[11] = argv2[12] = filename; |
72 | | |
73 | 61 | cjpeg_main(12, argv1); |
74 | 61 | cjpeg_main(13, argv2); |
75 | | |
76 | 61 | bailout: |
77 | 61 | if (fd >= 0) { |
78 | 61 | close(fd); |
79 | 61 | if (strlen(filename) > 0) unlink(filename); |
80 | 61 | } |
81 | 61 | return 0; |
82 | 61 | } |