Fuzz introspector: grk_decompress_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
84 84 10 :

['grk::minpf_load_from_path(char const*, bool, int (*)(char const*, void*))', '_ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC2B8ne180100ILi0EEEPKc', 'std::__1::basic_string , std::__1::allocator >::c_str[abi:ne180100]() const', 'std::__1::basic_string , std::__1::allocator >::operator+=[abi:ne180100](std::__1::basic_string , std::__1::allocator > const&)', 'std::__1::basic_string , std::__1::allocator >::~basic_string()', 'std::__1::basic_string , std::__1::allocator > std::__1::operator+[abi:ne180100] , std::__1::allocator >(std::__1::basic_string , std::__1::allocator >&&, std::__1::basic_string , std::__1::allocator > const&)', 'grk::minpf_get_dynamic_library_extension()', 'std::__1::basic_string , std::__1::allocator >::operator+=[abi:ne180100](char const*)', 'grk::minpf_cleanup_plugin_manager()', 'std::__1::basic_string , std::__1::allocator > std::__1::operator+[abi:ne180100] , std::__1::allocator >(std::__1::basic_string , std::__1::allocator >&&, char const*)']

84 84 grk_plugin_load call site: 00000 /src/grok/src/lib/core/grok.cpp:852
26 37 5 :

['grk::GrkImage::all_components_data_free()', 'operator new[](unsigned long)', 'grk::GrkImage::copyComponent(_grk_image_comp*, _grk_image_comp*)', 'grk::GrkImage::allocData(_grk_image_comp*)', 'operator delete[](void*)']

26 37 grk::GrkImage::execUpsample() call site: 00000 /src/grok/src/lib/core/util/GrkImage_Conversion.cpp:93
23 75 2 :

['_cmsFree', 'cmsSignalError']

23 75 cmsOpenIOhandlerFromMem call site: 00000 /src/grok/thirdparty/liblcms2/src/cmsio0.c:260
23 23 1 :

['cmsSignalError']

23 23 MemoryRead call site: 00000 /src/grok/thirdparty/liblcms2/src/cmsio0.c:153
23 23 1 :

['cmsSignalError']

23 23 _cmsContextGetClientChunk call site: 00000 /src/grok/thirdparty/liblcms2/src/cmsplugin.c:752
22 38 5 :

['grk::TileComponentWindow ::getResWindowBufferHighestSimple() const', 'grk::mct::decompress_custom(unsigned char*, unsigned long, unsigned char**, unsigned short, unsigned int)', 'grk::TileComponent::getWindow() const', 'grk::TileComponentWindow ::stridedArea() const', 'operator new[](unsigned long)']

22 38 grk::TileProcessor::mctDecompress(FlowComponent*) call site: 00000 /src/grok/src/lib/core/tile/TileProcessor.cpp:693
22 22 1 :

['void tf::throw_re (char const*, unsigned long, char const (&) [41])']

38 440 tf::Executor::Executor(unsignedlong) call site: 00000 /src/grok/src/include/taskflow/core/executor.hpp:1121
18 18 5 :

['std::__1::promise ::set_exception(std::exception_ptr)', 'std::exception_ptr::operator=(std::exception_ptr const&)', 'std::exception_ptr::exception_ptr(std::exception_ptr const&)', 'std::exception_ptr::~exception_ptr()', 'std::exception_ptr::exception_ptr[abi:ne180100](decltype(nullptr))']

18 18 tf::Topology::_carry_out_promise() call site: 00000 /src/grok/src/include/taskflow/core/topology.hpp:61
16 56 2 :

['grk::BufferedStream::read(unsigned char*, unsigned long)', 'void grk::grk_read (unsigned char const*, unsigned long*)']

24 64 grk::FileFormatDecompress::read_box_hdr(grk::FileFormatBox*,unsignedint*,bool,grk::BufferedStream*) call site: 00000 /src/grok/src/lib/core/codestream/FileFormatDecompress.cpp:583
16 16 1 :

['void grk::grk_read (unsigned char const*, unsigned long*)']

16 16 grk::FileFormatDecompress::read_box(grk::FileFormatBox*,unsignedchar*,unsignedint*,unsignedlong) call site: 00000 /src/grok/src/lib/core/codestream/FileFormatDecompress.cpp:1322
15 15 1 :

['grk::ParserMap::pushParser(unsigned long, grk::PacketParser*)']

15 15 grk::T2Decompress::readPacketData(grk::Resolution*,grk::PacketParser*,unsignedlong,bool) call site: 00000 /src/grok/src/lib/core/t2/T2Decompress.cpp:173
15 15 1 :

['grk::Logger::log_message(void (*)(char const*, void*), void*, char const*, __va_list_tag*)']

15 15 grk::Logger::info(charconst*,...) call site: 00000 /src/grok/src/lib/core/util/Logger.h:35

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 grk_decompress_init [function] [call site] 00001
2 grk_decompress_create_from_file(char const*) [function] [call site] 00002
3 grk_stream_create_file_stream(char const*, unsigned long, bool) [function] [call site] 00003
4 fopen [call site] 00004
4 grk_stream_new(unsigned long, bool) [function] [call site] 00005
5 grk::BufferedStream::BufferedStream(unsigned char*, unsigned long, bool) [function] [call site] 00006
6 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::grk_buf(unsigned char*, unsigned long, bool) [function] [call site] 00007
7 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::grk_buf(unsigned char*, unsigned long, unsigned long, bool) [function] [call site] 00008
6 grk::GrkObjectWrapperImpl<grk::BufferedStream>::GrkObjectWrapperImpl(grk::BufferedStream*) [function] [call site] 00009
7 grk::GrkObjectWrapper::GrkObjectWrapper() [function] [call site] 00010
5 grk::BufferedStream::getWrapper() [function] [call site] 00011
4 fclose [call site] 00012
4 fread [call site] 00013
4 rewind [call site] 00014
4 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00015
5 grk::GrkObjectWrapperImpl<grk::BufferedStream>::getWrappee() [function] [call site] 00016
4 grk_decompress_buffer_detect_format(unsigned char*, unsigned long, _GRK_CODEC_FORMAT*) [function] [call site] 00017
5 memcmp [call site] 00018
5 memcmp [call site] 00019
4 grk_stream_set_user_data(_grk_object*, void*, void (*)(void*)) [function] [call site] 00020
5 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00021
5 grk::BufferedStream::setUserData(void*, void (*)(void*)) [function] [call site] 00022
4 grk::BufferedStream::setFormat(_GRK_CODEC_FORMAT) [function] [call site] 00023
4 grk_get_data_length_from_file(void*) [function] [call site] 00024
5 fseek [call site] 00025
5 ftell [call site] 00026
5 fseek [call site] 00027
4 grk_stream_set_user_data_length(_grk_object*, unsigned long) [function] [call site] 00028
5 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00029
5 grk::BufferedStream::setUserDataLength(unsigned long) [function] [call site] 00030
4 grk_stream_set_read_function(_grk_object*, unsigned long (*)(unsigned char*, unsigned long, void*)) [function] [call site] 00031
5 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00032
5 grk::BufferedStream::getStatus() [function] [call site] 00033
5 grk::BufferedStream::setReadFunction(unsigned long (*)(unsigned char*, unsigned long, void*)) [function] [call site] 00034
4 grk_read_from_file(unsigned char*, unsigned long, void*) [function] [call site] 00035
5 fread [call site] 00036
4 grk_stream_set_write_function(_grk_object*, unsigned long (*)(unsigned char const*, unsigned long, void*)) [function] [call site] 00037
5 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00038
5 grk::BufferedStream::getStatus() [function] [call site] 00039
5 grk::BufferedStream::setWriteFunction(unsigned long (*)(unsigned char const*, unsigned long, void*)) [function] [call site] 00040
4 grk_write_to_file(unsigned char const*, unsigned long, void*) [function] [call site] 00041
5 fwrite [call site] 00042
4 grk_stream_set_seek_function(_grk_object*, bool (*)(unsigned long, void*)) [function] [call site] 00043
5 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00044
5 grk::BufferedStream::setSeekFunction(bool (*)(unsigned long, void*)) [function] [call site] 00045
4 grk_seek_in_file(unsigned long, void*) [function] [call site] 00046
5 fseek [call site] 00047
3 grk_decompress_create(_grk_object*) [function] [call site] 00048
4 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00049
4 grk::BufferedStream::getFormat() [function] [call site] 00050
4 GrkCodec::GrkCodec(_grk_object*) [function] [call site] 00051
5 grk::GrkObjectWrapperImpl<GrkCodec>::GrkObjectWrapperImpl(GrkCodec*) [function] [call site] 00052
4 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00053
4 grk::CodeStreamDecompress::CodeStreamDecompress(grk::BufferedStream*) [function] [call site] 00054
5 grk::CodeStream::CodeStream(grk::BufferedStream*) [function] [call site] 00055
6 grk::CodingParams::CodingParams() [function] [call site] 00056
5 grk::ICodeStreamDecompress::ICodeStreamDecompress() [function] [call site] 00057
5 grk::DecompressorState::DecompressorState() [function] [call site] 00058
6 grk::TileSet::TileSet() [function] [call site] 00059
7 grk::grk_rect<unsigned short>::grk_rect() [function] [call site] 00060
8 grk::grk_rect<unsigned short>::grk_rect(unsigned short, unsigned short, unsigned short, unsigned short) [function] [call site] 00061
9 grk::grk_rect<unsigned short>::grk_rect(unsigned short, unsigned short, unsigned short, unsigned short, unsigned short, unsigned short) [function] [call site] 00062
5 grk::TileCache::TileCache() [function] [call site] 00063
6 grk::TileCache::TileCache(unsigned int) [function] [call site] 00064
7 grk::GrkImage::GrkImage() [function] [call site] 00065
8 grk::GrkObjectWrapperImpl<grk::GrkImage>::GrkObjectWrapperImpl(grk::GrkImage*) [function] [call site] 00066
5 grk::TileCodingParams::TileCodingParams() [function] [call site] 00067
5 grk::CodeStreamInfo::CodeStreamInfo(grk::BufferedStream*) [function] [call site] 00068
5 grk::GrkImage::GrkImage() [function] [call site] 00069
5 grk_image_meta_new [function] [call site] 00070
6 grk::GrkImageMeta::GrkImageMeta() [function] [call site] 00071
7 grk::GrkObjectWrapperImpl<grk::GrkImageMeta>::GrkObjectWrapperImpl(grk::GrkImageMeta*) [function] [call site] 00072
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00073
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00074
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00075
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00076
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00077
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00078
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00079
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00080
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00081
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00082
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00083
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00084
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00085
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00086
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00087
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00088
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00089
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00090
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00091
5 grk::marker_handler::marker_handler(unsigned short, unsigned int, std::__1::function<bool (unsigned char*, unsigned short)>) [function] [call site] 00092
5 grk::DecompressorState::~DecompressorState() [function] [call site] 00093
6 grk::TileSet::~TileSet() [function] [call site] 00094
7 grk::grk_rect<unsigned short>::~grk_rect() [function] [call site] 00095
5 grk::ICodeStreamDecompress::~ICodeStreamDecompress() [function] [call site] 00096
5 grk::CodeStream::~CodeStream() [function] [call site] 00097
6 grk_object_unref [function] [call site] 00098
7 grk::GrkObjectWrapper::unref() [function] [call site] 00099
6 grk::CodingParams::~CodingParams() [function] [call site] 00100
7 grk::TileCodingParams::~TileCodingParams() [function] [call site] 00101
8 grk::grk_free(void*) [function] [call site] 00102
8 grk::grk_free(void*) [function] [call site] 00103
8 grk::grk_free(void*) [function] [call site] 00104
8 grk::grk_free(void*) [function] [call site] 00105
8 grk::grk_free(void*) [function] [call site] 00106
8 grk::grk_free(void*) [function] [call site] 00107
8 grk::grk_free(void*) [function] [call site] 00108
8 grk::grk_free(void*) [function] [call site] 00109
8 grk::SparseBuffer::~SparseBuffer() [function] [call site] 00110
9 grk::SparseBuffer::cleanup() [function] [call site] 00111
8 __clang_call_terminate [call site] 00112
9 __cxa_begin_catch [call site] 00113
7 grk::PLMarkerMgr::~PLMarkerMgr() [function] [call site] 00114
8 grk::PLMarkerMgr::clearMarkers() [function] [call site] 00115
8 __clang_call_terminate [call site] 00116
7 grk::TileLengthMarkers::~TileLengthMarkers() [function] [call site] 00117
8 __clang_call_terminate [call site] 00118
7 grk::PPMMarker::~PPMMarker() [function] [call site] 00119
8 grk::grk_free(void*) [function] [call site] 00120
8 grk::grk_free(void*) [function] [call site] 00121
8 __clang_call_terminate [call site] 00122
6 __clang_call_terminate [call site] 00123
4 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00124
4 grk::FileFormatDecompress::FileFormatDecompress(grk::BufferedStream*) [function] [call site] 00125
5 grk::FileFormat::FileFormat() [function] [call site] 00126
6 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::grk_buf() [function] [call site] 00127
7 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::grk_buf(unsigned char*, unsigned long, unsigned long, bool) [function] [call site] 00128
6 grk::UUIDBox::UUIDBox() [function] [call site] 00129
7 grk::FileFormatBox::FileFormatBox() [function] [call site] 00130
7 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::grk_buf() [function] [call site] 00131
6 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::~grk_buf() [function] [call site] 00132
7 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::dealloc() [function] [call site] 00133
8 grk::AllocatorVanilla<unsigned char>::dealloc(unsigned char*) [function] [call site] 00134
7 __clang_call_terminate [call site] 00135
6 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::~grk_buf() [function] [call site] 00136
5 grk::AsocBox::AsocBox() [function] [call site] 00137
6 grk::FileFormatBox::FileFormatBox() [function] [call site] 00138
6 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::grk_buf() [function] [call site] 00139
5 grk::CodeStreamDecompress::CodeStreamDecompress(grk::BufferedStream*) [function] [call site] 00140
5 grk::AsocBox::~AsocBox() [function] [call site] 00141
6 grk::AsocBox::dealloc() [function] [call site] 00142
7 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::dealloc() [function] [call site] 00143
6 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::~grk_buf() [function] [call site] 00144
6 __clang_call_terminate [call site] 00145
5 grk::ICodeStreamDecompress::~ICodeStreamDecompress() [function] [call site] 00146
5 grk::FileFormat::~FileFormat() [function] [call site] 00147
6 grk::grk_free(void*) [function] [call site] 00148
6 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::dealloc() [function] [call site] 00149
6 grk::grk_buf<unsigned char, grk::AllocatorVanilla>::~grk_buf() [function] [call site] 00150
6 __clang_call_terminate [call site] 00151
3 grk_object_unref [function] [call site] 00152
2 grk_decompress_create_from_buffer(unsigned char*, unsigned long) [function] [call site] 00153
3 grk::create_mem_stream(unsigned char*, unsigned long, bool, bool) [function] [call site] 00154
4 grk_decompress_buffer_detect_format(unsigned char*, unsigned long, _GRK_CODEC_FORMAT*) [function] [call site] 00155
4 grk::MemStream::MemStream(unsigned char*, unsigned long, unsigned long, bool) [function] [call site] 00156
4 grk::BufferedStream::BufferedStream(unsigned char*, unsigned long, bool) [function] [call site] 00157
4 grk::BufferedStream::setFormat(_GRK_CODEC_FORMAT) [function] [call site] 00158
4 grk::BufferedStream::getWrapper() [function] [call site] 00159
4 grk_stream_set_user_data(_grk_object*, void*, void (*)(void*)) [function] [call site] 00160
4 grk::free_mem(void*) [function] [call site] 00161
5 grk::MemStream::~MemStream() [function] [call site] 00162
4 grk::set_up_mem_stream(_grk_object*, unsigned long, bool) [function] [call site] 00163
5 grk_stream_set_user_data_length(_grk_object*, unsigned long) [function] [call site] 00164
5 grk_stream_set_read_function(_grk_object*, unsigned long (*)(unsigned char*, unsigned long, void*)) [function] [call site] 00165
5 grk::read_from_mem(unsigned char*, unsigned long, void*) [function] [call site] 00166
5 grk::grk_stream_set_zero_copy_read_function(_grk_object*, unsigned long (*)(unsigned char**, unsigned long, void*)) [function] [call site] 00167
6 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00168
6 grk::BufferedStream::getStatus() [function] [call site] 00169
6 grk::BufferedStream::setZeroCopyReadFunction(unsigned long (*)(unsigned char**, unsigned long, void*)) [function] [call site] 00170
6 grk::zero_copy_read_from_mem(unsigned char**, unsigned long, void*) [function] [call site] 00171
5 grk_stream_set_write_function(_grk_object*, unsigned long (*)(unsigned char const*, unsigned long, void*)) [function] [call site] 00172
5 grk::write_to_mem(unsigned char const*, unsigned long, void*) [function] [call site] 00173
5 grk_stream_set_seek_function(_grk_object*, bool (*)(unsigned long, void*)) [function] [call site] 00174
5 grk::seek_from_mem(unsigned long, void*) [function] [call site] 00175
3 grk_decompress_create(_grk_object*) [function] [call site] 00176
3 grk_object_unref [function] [call site] 00177
2 grk_decompress_create_from_callbacks(_grk_stream_params*) [function] [call site] 00178
3 grk_stream_create_stream(_grk_stream_params*) [function] [call site] 00179
4 grk_stream_new(unsigned long, bool) [function] [call site] 00180
4 grk::BufferedStream::getImpl(_grk_object*) [function] [call site] 00181
4 grk_decompress_buffer_detect_format(unsigned char*, unsigned long, _GRK_CODEC_FORMAT*) [function] [call site] 00182
4 grk_stream_set_user_data(_grk_object*, void*, void (*)(void*)) [function] [call site] 00183
4 grk::BufferedStream::setFormat(_GRK_CODEC_FORMAT) [function] [call site] 00184
4 grk_stream_set_user_data_length(_grk_object*, unsigned long) [function] [call site] 00185
4 grk_stream_set_read_function(_grk_object*, unsigned long (*)(unsigned char*, unsigned long, void*)) [function] [call site] 00186
4 grk_stream_set_write_function(_grk_object*, unsigned long (*)(unsigned char const*, unsigned long, void*)) [function] [call site] 00187
4 grk_stream_set_seek_function(_grk_object*, bool (*)(unsigned long, void*)) [function] [call site] 00188
3 grk_decompress_create(_grk_object*) [function] [call site] 00189
3 grk_object_unref [function] [call site] 00190
2 GrkCodec::getImpl(_grk_object*) [function] [call site] 00191
3 grk::GrkObjectWrapperImpl<GrkCodec>::getWrappee() [function] [call site] 00192
2 grk_object_unref [function] [call site] 00193
1 grk_decompress_read_header [function] [call site] 00194
2 GrkCodec::getImpl(_grk_object*) [function] [call site] 00195
1 grk_decompress_get_image [function] [call site] 00196
2 GrkCodec::getImpl(_grk_object*) [function] [call site] 00197
1 grk_decompress_set_window [function] [call site] 00198
2 GrkCodec::getImpl(_grk_object*) [function] [call site] 00199
2 grk::grk_rect<double>::grk_rect(double, double, double, double) [function] [call site] 00200
3 grk::grk_rect<double>::grk_rect(double, double, double, double, double, double) [function] [call site] 00201
2 grk::grk_rect<double>::~grk_rect() [function] [call site] 00202
1 grk_decompress [function] [call site] 00203
2 GrkCodec::getImpl(_grk_object*) [function] [call site] 00204
1 grk_object_unref [function] [call site] 00205