/src/xpdf-4.05/build/fuzz_JBIG2.cc

Source
/*  Copyright 2022 Google Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include <fuzzer/FuzzedDataProvider.h>

#include <vector>
#include <aconf.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <stddef.h>
#include <string.h>
#include <png.h>

#include "gmem.h"
#include "gmempp.h"
#include "parseargs.h"
#include "GString.h"
#include "gfile.h"
#include "GlobalParams.h"
#include "Object.h"
#include "PDFDoc.h"
#include "SplashBitmap.h"
#include "Splash.h"
#include "SplashOutputDev.h"
#include "Stream.h"
#include "config.h"

#include "JBIG2Stream.h"

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
  FuzzedDataProvider fdp(data, size);
  double hdpi = fdp.ConsumeFloatingPoint<double>();
  double vdpi = fdp.ConsumeFloatingPoint<double>();
  int rotate = fdp.ConsumeIntegral<int>();
  bool useMediaBox = fdp.ConsumeBool();
  bool crop = fdp.ConsumeBool();
  bool printing = fdp.ConsumeBool();
  std::vector<char> payload = fdp.ConsumeRemainingBytes<char>();

  Object xpdf_obj;
  xpdf_obj.initNull();
  BaseStream *stream = new MemStream(payload.data(), 0, payload.size(), &xpdf_obj);

  Object info, xfa;
  Object *acroForm;
  globalParams = new GlobalParams(NULL);
  globalParams->setErrQuiet(1);
  globalParams->setupBaseFonts(NULL);
  char yes[] = "yes";
  globalParams->setEnableFreeType(yes); // Yes, it's a string and not a bool.
  globalParams->setErrQuiet(1);

  PDFDoc *doc = NULL;
  try
  {
    PDFDoc doc(stream);
    if (doc.isOk() == gTrue)
    {
      XRef *xref = doc.getXRef();
      int objNums = xref->getNumObjects();
      Object currentObj;
      for (int i = 0; i < objNums; ++i)
      {
        if (xref->fetch(i, 0, &currentObj)->isStream())
        {
          currentObj.getStream()->reset();
        }
      }
      currentObj.free();
    }
  }
  catch (...)
  {
  }

  delete globalParams;

  return 0;
}

Line	Count	Source
1		/* Copyright 2022 Google Inc.
2
3		Licensed under the Apache License, Version 2.0 (the "License");
4		you may not use this file except in compliance with the License.
5		You may obtain a copy of the License at
6
7		http://www.apache.org/licenses/LICENSE-2.0
8
9		Unless required by applicable law or agreed to in writing, software
10		distributed under the License is distributed on an "AS IS" BASIS,
11		WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		See the License for the specific language governing permissions and
13		limitations under the License.
14		*/
15		#include <fuzzer/FuzzedDataProvider.h>
16
17		#include <vector>
18		#include <aconf.h>
19		#include <stdio.h>
20		#include <stdint.h>
21		#include <stdlib.h>
22		#include <stddef.h>
23		#include <string.h>
24		#include <png.h>
25
26		#include "gmem.h"
27		#include "gmempp.h"
28		#include "parseargs.h"
29		#include "GString.h"
30		#include "gfile.h"
31		#include "GlobalParams.h"
32		#include "Object.h"
33		#include "PDFDoc.h"
34		#include "SplashBitmap.h"
35		#include "Splash.h"
36		#include "SplashOutputDev.h"
37		#include "Stream.h"
38		#include "config.h"
39
40		#include "JBIG2Stream.h"
41
42		extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
43	1.64k	{
44	1.64k	FuzzedDataProvider fdp(data, size);
45	1.64k	double hdpi = fdp.ConsumeFloatingPoint<double>();
46	1.64k	double vdpi = fdp.ConsumeFloatingPoint<double>();
47	1.64k	int rotate = fdp.ConsumeIntegral<int>();
48	1.64k	bool useMediaBox = fdp.ConsumeBool();
49	1.64k	bool crop = fdp.ConsumeBool();
50	1.64k	bool printing = fdp.ConsumeBool();
51	1.64k	std::vector<char> payload = fdp.ConsumeRemainingBytes<char>();
52
53	1.64k	Object xpdf_obj;
54	1.64k	xpdf_obj.initNull();
55	1.64k	BaseStream *stream = new MemStream(payload.data(), 0, payload.size(), &xpdf_obj);
56
57	1.64k	Object info, xfa;
58	1.64k	Object *acroForm;
59	1.64k	globalParams = new GlobalParams(NULL);
60	1.64k	globalParams->setErrQuiet(1);
61	1.64k	globalParams->setupBaseFonts(NULL);
62	1.64k	char yes[] = "yes";
63	1.64k	globalParams->setEnableFreeType(yes); // Yes, it's a string and not a bool.
64	1.64k	globalParams->setErrQuiet(1);
65
66	1.64k	PDFDoc *doc = NULL;
67	1.64k	try
68	1.64k	{
69	1.64k	PDFDoc doc(stream);
70	1.64k	if (doc.isOk() == gTrue)
71	846	{
72	846	XRef *xref = doc.getXRef();
73	846	int objNums = xref->getNumObjects();
74	846	Object currentObj;
75	83.4M	for (int i = 0; i < objNums; ++i)
76	83.4M	{
77	83.4M	if (xref->fetch(i, 0, &currentObj)->isStream())
78	11.2k	{
79	11.2k	currentObj.getStream()->reset();
80	11.2k	}
81	83.4M	}
82	846	currentObj.free();
83	846	}
84	1.64k	}
85	1.64k	catch (...)
86	1.64k	{
87	9	}
88
89	1.64k	delete globalParams;
90
91	1.64k	return 0;
92	1.64k	}

Coverage Report

Created: 2025-09-04 08:08