/src/skia/fuzz/oss_fuzz/FuzzImageFilterDeserialize.cpp

Source
/*
 * Copyright 2018 Google Inc.
 *
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 */


#include "include/core/SkBitmap.h"
#include "include/core/SkCanvas.h"
#include "include/core/SkData.h"
#include "include/core/SkImage.h"
#include "include/core/SkImageFilter.h"
#include "include/core/SkPaint.h"
#include "src/core/SkFontMgrPriv.h"
#include "tools/fonts/TestFontMgr.h"

void FuzzImageFilterDeserialize(sk_sp<SkData> bytes) {
    const int BitmapSize = 24;
    SkBitmap bitmap;
    bitmap.allocN32Pixels(BitmapSize, BitmapSize);
    SkCanvas canvas(bitmap);
    canvas.clear(0x00000000);

    auto flattenable = SkImageFilter::Deserialize(bytes->data(), bytes->size());

    if (flattenable != nullptr) {
        // Let's see if using the filters can cause any trouble...
        SkPaint paint;
        paint.setImageFilter(flattenable);
        canvas.save();
        canvas.clipIRect(bitmap.bounds());

        // This call shouldn't crash or cause ASAN to flag any memory issues
        // If nothing bad happens within this call, everything is fine
        canvas.drawImage(bitmap.asImage(), 0, 0, SkSamplingOptions(), &paint);

        canvas.restore();
    }
}

// TODO(kjlubick): remove IS_FUZZING... after https://crrev.com/c/2410304 lands
#if defined(SK_BUILD_FOR_LIBFUZZER) || defined(IS_FUZZING_WITH_LIBFUZZER)
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
    if (size > 10024) {
        return 0;
    }
    gSkFontMgr_DefaultFactory = &ToolUtils::MakePortableFontMgr;
    auto bytes = SkData::MakeWithoutCopy(data, size);
    FuzzImageFilterDeserialize(bytes);
    return 0;
}
#endif

Line	Count	Source
1		/*
2		* Copyright 2018 Google Inc.
3		*
4		* Use of this source code is governed by a BSD-style license that can be
5		* found in the LICENSE file.
6		*/
7
8
9		#include "include/core/SkBitmap.h"
10		#include "include/core/SkCanvas.h"
11		#include "include/core/SkData.h"
12		#include "include/core/SkImage.h"
13		#include "include/core/SkImageFilter.h"
14		#include "include/core/SkPaint.h"
15		#include "src/core/SkFontMgrPriv.h"
16		#include "tools/fonts/TestFontMgr.h"
17
18	3.53k	void FuzzImageFilterDeserialize(sk_sp<SkData> bytes) {
19	3.53k	const int BitmapSize = 24;
20	3.53k	SkBitmap bitmap;
21	3.53k	bitmap.allocN32Pixels(BitmapSize, BitmapSize);
22	3.53k	SkCanvas canvas(bitmap);
23	3.53k	canvas.clear(0x00000000);
24
25	3.53k	auto flattenable = SkImageFilter::Deserialize(bytes->data(), bytes->size());
26
27	3.53k	if (flattenable != nullptr) {
28		// Let's see if using the filters can cause any trouble...
29	669	SkPaint paint;
30	669	paint.setImageFilter(flattenable);
31	669	canvas.save();
32	669	canvas.clipIRect(bitmap.bounds());
33
34		// This call shouldn't crash or cause ASAN to flag any memory issues
35		// If nothing bad happens within this call, everything is fine
36	669	canvas.drawImage(bitmap.asImage(), 0, 0, SkSamplingOptions(), &paint);
37
38	669	canvas.restore();
39	669	}
40	3.53k	}
41
42		// TODO(kjlubick): remove IS_FUZZING... after https://crrev.com/c/2410304 lands
43		#if defined(SK_BUILD_FOR_LIBFUZZER) \|\| defined(IS_FUZZING_WITH_LIBFUZZER)
44	183k	extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
45	183k	if (size > 10024) {
46	151	return 0;
47	151	}
48	183k	gSkFontMgr_DefaultFactory = &ToolUtils::MakePortableFontMgr;
49	183k	auto bytes = SkData::MakeWithoutCopy(data, size);
50	183k	FuzzImageFilterDeserialize(bytes);
51	183k	return 0;
52	183k	}
53		#endif

Coverage Report

Created: 2021-08-22 09:07