/src/xpdf-4.06/build/fuzz_pdfload.cc

Source
/*  Copyright 2020 Google Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include <fuzzer/FuzzedDataProvider.h>

#include <vector>
#include <aconf.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <stddef.h>
#include <string.h>
#include <png.h>

#include "gmem.h"
#include "gmempp.h"
#include "parseargs.h"
#include "GString.h"
#include "gfile.h"
#include "GlobalParams.h"
#include "Object.h"
#include "PDFDoc.h"
#include "SplashBitmap.h"
#include "Splash.h"
#include "SplashOutputDev.h"
#include "Stream.h"
#include "config.h"
#include "JBIG2Stream.h"

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
    FuzzedDataProvider fdp (data, size);
    double hdpi = fdp.ConsumeFloatingPoint<double>();
    double vdpi = fdp.ConsumeFloatingPoint<double>();
    int rotate = fdp.ConsumeIntegral<int>();
    bool useMediaBox = fdp.ConsumeBool();
    bool crop = fdp.ConsumeBool();
    bool printing = fdp.ConsumeBool();
    std::vector<char> payload = fdp.ConsumeRemainingBytes<char>();

    Object xpdf_obj;
    xpdf_obj.initNull();
    BaseStream *stream = new MemStream(payload.data(), 0, payload.size(), &xpdf_obj);

    Object info, xfa;
    Object *acroForm;
    globalParams = new GlobalParams(NULL);
    globalParams->setErrQuiet(1);
    globalParams->setupBaseFonts(NULL);
    char yes[] = "yes";
    globalParams->setEnableFreeType(yes);  // Yes, it's a string and not a bool.
    globalParams->setErrQuiet(1);

    PDFDoc *doc = NULL;
    try {
      PDFDoc doc(stream);
        if (doc.isOk() == gTrue)
        {
            doc.getNumPages();
            doc.getOutline();
            doc.getStructTreeRoot();
            doc.getXRef();
            doc.okToPrint(gTrue);
            doc.okToCopy(gTrue);
            doc.okToChange(gTrue);
            doc.okToAddNotes(gTrue);
            doc.isLinearized();
            doc.getPDFVersion();

            GString *metadata;
            if ((metadata = doc.readMetadata())) {
              (void)metadata->getCString();
            }
            delete metadata;

            Object info;
            doc.getDocInfo(&info);
            if (info.isDict()) {
              info.getDict();
            }
            info.free();

            if ((acroForm = doc.getCatalog()->getAcroForm())->isDict()) {
                acroForm->dictLookup("XFA", &xfa);
                xfa.free();
            }

            for (size_t i = 1; i <= doc.getNumPages(); i++) {
              doc.getLinks(i);
              auto page = doc.getCatalog()->getPage(i);
              if (!page->isOk()) {
                continue;
              }
              page->getResourceDict();
              page->getMetadata();
              page->getResourceDict();
            }

            SplashColor paperColor = {0xff, 0xff, 0xff};
            SplashOutputDev *splashOut = new SplashOutputDev(splashModeRGB8, 1, gFalse, paperColor);
            splashOut->setNoComposite(gTrue);
            splashOut->startDoc(doc.getXRef());
            for (size_t i = 1; i <= doc.getNumPages(); ++i) {
              doc.displayPage(splashOut, NULL, i, hdpi, vdpi, rotate, useMediaBox, crop, printing);
            }
            (void)splashOut->getBitmap();

            delete splashOut;
        }
    } catch (...) {

    }

    delete globalParams;

    return 0;
}


Line	Count	Source
1		/* Copyright 2020 Google Inc.
2
3		Licensed under the Apache License, Version 2.0 (the "License");
4		you may not use this file except in compliance with the License.
5		You may obtain a copy of the License at
6
7		http://www.apache.org/licenses/LICENSE-2.0
8
9		Unless required by applicable law or agreed to in writing, software
10		distributed under the License is distributed on an "AS IS" BASIS,
11		WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		See the License for the specific language governing permissions and
13		limitations under the License.
14		*/
15		#include <fuzzer/FuzzedDataProvider.h>
16
17		#include <vector>
18		#include <aconf.h>
19		#include <stdio.h>
20		#include <stdint.h>
21		#include <stdlib.h>
22		#include <stddef.h>
23		#include <string.h>
24		#include <png.h>
25
26		#include "gmem.h"
27		#include "gmempp.h"
28		#include "parseargs.h"
29		#include "GString.h"
30		#include "gfile.h"
31		#include "GlobalParams.h"
32		#include "Object.h"
33		#include "PDFDoc.h"
34		#include "SplashBitmap.h"
35		#include "Splash.h"
36		#include "SplashOutputDev.h"
37		#include "Stream.h"
38		#include "config.h"
39		#include "JBIG2Stream.h"
40
41		extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
42	19.7k	{
43	19.7k	FuzzedDataProvider fdp (data, size);
44	19.7k	double hdpi = fdp.ConsumeFloatingPoint<double>();
45	19.7k	double vdpi = fdp.ConsumeFloatingPoint<double>();
46	19.7k	int rotate = fdp.ConsumeIntegral<int>();
47	19.7k	bool useMediaBox = fdp.ConsumeBool();
48	19.7k	bool crop = fdp.ConsumeBool();
49	19.7k	bool printing = fdp.ConsumeBool();
50	19.7k	std::vector<char> payload = fdp.ConsumeRemainingBytes<char>();
51
52	19.7k	Object xpdf_obj;
53	19.7k	xpdf_obj.initNull();
54	19.7k	BaseStream *stream = new MemStream(payload.data(), 0, payload.size(), &xpdf_obj);
55
56	19.7k	Object info, xfa;
57	19.7k	Object *acroForm;
58	19.7k	globalParams = new GlobalParams(NULL);
59	19.7k	globalParams->setErrQuiet(1);
60	19.7k	globalParams->setupBaseFonts(NULL);
61	19.7k	char yes[] = "yes";
62	19.7k	globalParams->setEnableFreeType(yes); // Yes, it's a string and not a bool.
63	19.7k	globalParams->setErrQuiet(1);
64
65	19.7k	PDFDoc *doc = NULL;
66	19.7k	try {
67	19.7k	PDFDoc doc(stream);
68	19.7k	if (doc.isOk() == gTrue)
69	16.3k	{
70	16.3k	doc.getNumPages();
71	16.3k	doc.getOutline();
72	16.3k	doc.getStructTreeRoot();
73	16.3k	doc.getXRef();
74	16.3k	doc.okToPrint(gTrue);
75	16.3k	doc.okToCopy(gTrue);
76	16.3k	doc.okToChange(gTrue);
77	16.3k	doc.okToAddNotes(gTrue);
78	16.3k	doc.isLinearized();
79	16.3k	doc.getPDFVersion();
80
81	16.3k	GString *metadata;
82	16.3k	if ((metadata = doc.readMetadata())) {
83	1.28k	(void)metadata->getCString();
84	1.28k	}
85	16.3k	delete metadata;
86
87	16.3k	Object info;
88	16.3k	doc.getDocInfo(&info);
89	16.3k	if (info.isDict()) {
90	3.61k	info.getDict();
91	3.61k	}
92	16.3k	info.free();
93
94	16.3k	if ((acroForm = doc.getCatalog()->getAcroForm())->isDict()) {
95	1.52k	acroForm->dictLookup("XFA", &xfa);
96	1.52k	xfa.free();
97	1.52k	}
98
99	417k	for (size_t i = 1; i <= doc.getNumPages(); i++) {
100	401k	doc.getLinks(i);
101	401k	auto page = doc.getCatalog()->getPage(i);
102	401k	if (!page->isOk()) {
103	0	continue;
104	0	}
105	401k	page->getResourceDict();
106	401k	page->getMetadata();
107	401k	page->getResourceDict();
108	401k	}
109
110	16.3k	SplashColor paperColor = {0xff, 0xff, 0xff};
111	16.3k	SplashOutputDev *splashOut = new SplashOutputDev(splashModeRGB8, 1, gFalse, paperColor);
112	16.3k	splashOut->setNoComposite(gTrue);
113	16.3k	splashOut->startDoc(doc.getXRef());
114	417k	for (size_t i = 1; i <= doc.getNumPages(); ++i) {
115	401k	doc.displayPage(splashOut, NULL, i, hdpi, vdpi, rotate, useMediaBox, crop, printing);
116	401k	}
117	16.3k	(void)splashOut->getBitmap();
118
119	16.3k	delete splashOut;
120	16.3k	}
121	19.7k	} catch (...) {
122
123	59	}
124
125	19.7k	delete globalParams;
126
127	19.7k	return 0;
128	19.7k	}
129

Coverage Report

Created: 2026-04-12 06:43