/src/xpdf-4.06/build/fuzz_pdfload.cc

Source
/*  Copyright 2020 Google Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
#include <fuzzer/FuzzedDataProvider.h>

#include <vector>
#include <aconf.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <stddef.h>
#include <string.h>
#include <png.h>

#include "gmem.h"
#include "gmempp.h"
#include "parseargs.h"
#include "GString.h"
#include "gfile.h"
#include "GlobalParams.h"
#include "Object.h"
#include "PDFDoc.h"
#include "SplashBitmap.h"
#include "Splash.h"
#include "SplashOutputDev.h"
#include "Stream.h"
#include "config.h"
#include "JBIG2Stream.h"

extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
    FuzzedDataProvider fdp (data, size);
    double hdpi = fdp.ConsumeFloatingPoint<double>();
    double vdpi = fdp.ConsumeFloatingPoint<double>();
    int rotate = fdp.ConsumeIntegral<int>();
    bool useMediaBox = fdp.ConsumeBool();
    bool crop = fdp.ConsumeBool();
    bool printing = fdp.ConsumeBool();
    std::vector<char> payload = fdp.ConsumeRemainingBytes<char>();

    Object xpdf_obj;
    xpdf_obj.initNull();
    BaseStream *stream = new MemStream(payload.data(), 0, payload.size(), &xpdf_obj);

    Object info, xfa;
    Object *acroForm;
    globalParams = new GlobalParams(NULL);
    globalParams->setErrQuiet(1);
    globalParams->setupBaseFonts(NULL);
    char yes[] = "yes";
    globalParams->setEnableFreeType(yes);  // Yes, it's a string and not a bool.
    globalParams->setErrQuiet(1);

    PDFDoc *doc = NULL;
    try {
      PDFDoc doc(stream);
        if (doc.isOk() == gTrue)
        {
            doc.getNumPages();
            doc.getOutline();
            doc.getStructTreeRoot();
            doc.getXRef();
            doc.okToPrint(gTrue);
            doc.okToCopy(gTrue);
            doc.okToChange(gTrue);
            doc.okToAddNotes(gTrue);
            doc.isLinearized();
            doc.getPDFVersion();

            GString *metadata;
            if ((metadata = doc.readMetadata())) {
              (void)metadata->getCString();
            }
            delete metadata;

            Object info;
            doc.getDocInfo(&info);
            if (info.isDict()) {
              info.getDict();
            }
            info.free();

            if ((acroForm = doc.getCatalog()->getAcroForm())->isDict()) {
                acroForm->dictLookup("XFA", &xfa);
                xfa.free();
            }

            for (size_t i = 1; i <= doc.getNumPages(); i++) {
              doc.getLinks(i);
              auto page = doc.getCatalog()->getPage(i);
              if (!page->isOk()) {
                continue;
              }
              page->getResourceDict();
              page->getMetadata();
              page->getResourceDict();
            }

            SplashColor paperColor = {0xff, 0xff, 0xff};
            SplashOutputDev *splashOut = new SplashOutputDev(splashModeRGB8, 1, gFalse, paperColor);
            splashOut->setNoComposite(gTrue);
            splashOut->startDoc(doc.getXRef());
            for (size_t i = 1; i <= doc.getNumPages(); ++i) {
              doc.displayPage(splashOut, NULL, i, hdpi, vdpi, rotate, useMediaBox, crop, printing);
            }
            (void)splashOut->getBitmap();

            delete splashOut;
        }
    } catch (...) {

    }

    delete globalParams;

    return 0;
}


Line	Count	Source
1		/* Copyright 2020 Google Inc.
2
3		Licensed under the Apache License, Version 2.0 (the "License");
4		you may not use this file except in compliance with the License.
5		You may obtain a copy of the License at
6
7		http://www.apache.org/licenses/LICENSE-2.0
8
9		Unless required by applicable law or agreed to in writing, software
10		distributed under the License is distributed on an "AS IS" BASIS,
11		WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		See the License for the specific language governing permissions and
13		limitations under the License.
14		*/
15		#include <fuzzer/FuzzedDataProvider.h>
16
17		#include <vector>
18		#include <aconf.h>
19		#include <stdio.h>
20		#include <stdint.h>
21		#include <stdlib.h>
22		#include <stddef.h>
23		#include <string.h>
24		#include <png.h>
25
26		#include "gmem.h"
27		#include "gmempp.h"
28		#include "parseargs.h"
29		#include "GString.h"
30		#include "gfile.h"
31		#include "GlobalParams.h"
32		#include "Object.h"
33		#include "PDFDoc.h"
34		#include "SplashBitmap.h"
35		#include "Splash.h"
36		#include "SplashOutputDev.h"
37		#include "Stream.h"
38		#include "config.h"
39		#include "JBIG2Stream.h"
40
41		extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
42	11.1k	{
43	11.1k	FuzzedDataProvider fdp (data, size);
44	11.1k	double hdpi = fdp.ConsumeFloatingPoint<double>();
45	11.1k	double vdpi = fdp.ConsumeFloatingPoint<double>();
46	11.1k	int rotate = fdp.ConsumeIntegral<int>();
47	11.1k	bool useMediaBox = fdp.ConsumeBool();
48	11.1k	bool crop = fdp.ConsumeBool();
49	11.1k	bool printing = fdp.ConsumeBool();
50	11.1k	std::vector<char> payload = fdp.ConsumeRemainingBytes<char>();
51
52	11.1k	Object xpdf_obj;
53	11.1k	xpdf_obj.initNull();
54	11.1k	BaseStream *stream = new MemStream(payload.data(), 0, payload.size(), &xpdf_obj);
55
56	11.1k	Object info, xfa;
57	11.1k	Object *acroForm;
58	11.1k	globalParams = new GlobalParams(NULL);
59	11.1k	globalParams->setErrQuiet(1);
60	11.1k	globalParams->setupBaseFonts(NULL);
61	11.1k	char yes[] = "yes";
62	11.1k	globalParams->setEnableFreeType(yes); // Yes, it's a string and not a bool.
63	11.1k	globalParams->setErrQuiet(1);
64
65	11.1k	PDFDoc *doc = NULL;
66	11.1k	try {
67	11.1k	PDFDoc doc(stream);
68	11.1k	if (doc.isOk() == gTrue)
69	10.2k	{
70	10.2k	doc.getNumPages();
71	10.2k	doc.getOutline();
72	10.2k	doc.getStructTreeRoot();
73	10.2k	doc.getXRef();
74	10.2k	doc.okToPrint(gTrue);
75	10.2k	doc.okToCopy(gTrue);
76	10.2k	doc.okToChange(gTrue);
77	10.2k	doc.okToAddNotes(gTrue);
78	10.2k	doc.isLinearized();
79	10.2k	doc.getPDFVersion();
80
81	10.2k	GString *metadata;
82	10.2k	if ((metadata = doc.readMetadata())) {
83	819	(void)metadata->getCString();
84	819	}
85	10.2k	delete metadata;
86
87	10.2k	Object info;
88	10.2k	doc.getDocInfo(&info);
89	10.2k	if (info.isDict()) {
90	2.18k	info.getDict();
91	2.18k	}
92	10.2k	info.free();
93
94	10.2k	if ((acroForm = doc.getCatalog()->getAcroForm())->isDict()) {
95	998	acroForm->dictLookup("XFA", &xfa);
96	998	xfa.free();
97	998	}
98
99	109k	for (size_t i = 1; i <= doc.getNumPages(); i++) {
100	99.0k	doc.getLinks(i);
101	99.0k	auto page = doc.getCatalog()->getPage(i);
102	99.0k	if (!page->isOk()) {
103	0	continue;
104	0	}
105	99.0k	page->getResourceDict();
106	99.0k	page->getMetadata();
107	99.0k	page->getResourceDict();
108	99.0k	}
109
110	10.2k	SplashColor paperColor = {0xff, 0xff, 0xff};
111	10.2k	SplashOutputDev *splashOut = new SplashOutputDev(splashModeRGB8, 1, gFalse, paperColor);
112	10.2k	splashOut->setNoComposite(gTrue);
113	10.2k	splashOut->startDoc(doc.getXRef());
114	109k	for (size_t i = 1; i <= doc.getNumPages(); ++i) {
115	99.0k	doc.displayPage(splashOut, NULL, i, hdpi, vdpi, rotate, useMediaBox, crop, printing);
116	99.0k	}
117	10.2k	(void)splashOut->getBitmap();
118
119	10.2k	delete splashOut;
120	10.2k	}
121	11.1k	} catch (...) {
122
123	26	}
124
125	11.1k	delete globalParams;
126
127	11.1k	return 0;
128	11.1k	}
129

Coverage Report

Created: 2026-06-22 07:14