Fuzz introspector: cms_profile_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
33 33 1 :

['GrowMLUtable']

33 72 AddMLUBlock call site: 00000 /src/lcms/src/cmsnamed.c:150
14 14 3 :

['InitContextMutex', '_cmsEnterCriticalSectionPrimitive', '_cmsLeaveCriticalSectionPrimitive']

14 14 _cmsGetContext call site: 00014 /src/lcms/src/cmsplugin.c:720
2 60 3 :

['_cmsFree', 'fclose', 'cmsSignalError']

2 60 cmsOpenIOhandlerFromFile call site: 00039 /src/lcms/src/cmsio0.c:429
0 66 3 :

['freeOneTag', '_cmsTagSignature2String', 'cmsSignalError']

0 95 cmsReadTag call site: 00228 /src/lcms/src/cmsio0.c:1738
0 58 2 :

['_cmsFree', 'cmsSignalError']

0 58 cmsOpenIOhandlerFromFile call site: 00047 /src/lcms/src/cmsio0.c:441
0 32 1 :

['cmsStageFree']

0 32 cmsStageAllocCLut16bitGranular call site: 00000 /src/lcms/src/cmslut.c:599
0 29 1 :

['cmsSignalError']

0 29 cmsBuildParametricToneCurve call site: 00000 /src/lcms/src/cmsgamma.c:889
0 29 1 :

['cmsSignalError']

0 29 AllocateToneCurveStruct call site: 00000 /src/lcms/src/cmsgamma.c:226
0 29 1 :

['cmsSignalError']

0 29 MemorySeek call site: 00000 /src/lcms/src/cmsio0.c:174
0 29 1 :

['cmsSignalError']

0 29 FileSeek call site: 00056 /src/lcms/src/cmsio0.c:331
0 29 1 :

['cmsSignalError']

0 29 FileTell call site: 00062 /src/lcms/src/cmsio0.c:345
0 29 1 :

['cmsSignalError']

0 29 _cmsNewTag call site: 00270 /src/lcms/src/cmsio0.c:689

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 getpid [call site] 00001
1 fopen [call site] 00002
1 fwrite [call site] 00003
1 fclose [call site] 00004
1 cmsOpenProfileFromFile [function] [call site] 00005
2 cmsOpenProfileFromFileTHR [function] [call site] 00006
3 cmsCreateProfilePlaceholder [function] [call site] 00007
4 _cmsMallocZero [function] [call site] 00008
5 _cmsContextGetClientChunk [function] [call site] 00009
6 cmsSignalError [function] [call site] 00010
7 vsnprintf [call site] 00011
7 _cmsContextGetClientChunk [function] [call site] 00012
8 __assert_fail [call site] 00013
8 _cmsGetContext [function] [call site] 00014
9 InitContextMutex [function] [call site] 00015
9 _cmsEnterCriticalSectionPrimitive [function] [call site] 00016
10 pthread_mutex_lock [call site] 00017
9 _cmsLeaveCriticalSectionPrimitive [function] [call site] 00018
10 pthread_mutex_unlock [call site] 00019
9 _cmsLeaveCriticalSectionPrimitive [function] [call site] 00020
4 _cmsGetTime [function] [call site] 00021
5 time [call site] 00022
5 gmtime_r [call site] 00023
4 _cmsCreateMutex [function] [call site] 00024
5 _cmsContextGetClientChunk [function] [call site] 00025
4 _cmsFree [function] [call site] 00026
5 _cmsContextGetClientChunk [function] [call site] 00027
3 cmsOpenIOhandlerFromFile [function] [call site] 00028
4 __assert_fail [call site] 00029
4 __assert_fail [call site] 00030
4 _cmsMallocZero [function] [call site] 00031
4 _cmsFree [function] [call site] 00032
4 cmsSignalError [function] [call site] 00033
4 _cmsFree [function] [call site] 00034
4 cmsSignalError [function] [call site] 00035
4 fopen [call site] 00036
4 _cmsFree [function] [call site] 00037
4 cmsSignalError [function] [call site] 00038
4 cmsfilelength [function] [call site] 00039
5 ftell [call site] 00040
5 fseek [call site] 00041
5 ftell [call site] 00042
5 fseek [call site] 00043
4 fclose [call site] 00044
4 _cmsFree [function] [call site] 00045
4 cmsSignalError [function] [call site] 00046
4 fopen [call site] 00047
4 _cmsFree [function] [call site] 00048
4 cmsSignalError [function] [call site] 00049
4 _cmsFree [function] [call site] 00050
4 strncpy [call site] 00051
4 FileRead [function] [call site] 00052
5 fread [call site] 00053
5 cmsSignalError [function] [call site] 00054
4 FileSeek [function] [call site] 00055
5 fseek [call site] 00056
5 cmsSignalError [function] [call site] 00057
4 FileClose [function] [call site] 00058
5 fclose [call site] 00059
5 _cmsFree [function] [call site] 00060
4 FileTell [function] [call site] 00061
5 ftell [call site] 00062
5 cmsSignalError [function] [call site] 00063
4 FileWrite [function] [call site] 00064
5 fwrite [call site] 00065
3 _cmsReadHeader [function] [call site] 00066
4 _cmsAdjustEndianess32 [function] [call site] 00067
4 cmsSignalError [function] [call site] 00068
4 _cmsAdjustEndianess32 [function] [call site] 00069
4 _cmsAdjustEndianess32 [function] [call site] 00070
4 _cmsAdjustEndianess32 [function] [call site] 00071
4 _cmsAdjustEndianess32 [function] [call site] 00072
4 _cmsAdjustEndianess32 [function] [call site] 00073
4 _cmsAdjustEndianess32 [function] [call site] 00074
4 _cmsAdjustEndianess32 [function] [call site] 00075
4 _cmsAdjustEndianess32 [function] [call site] 00076
4 _cmsAdjustEndianess32 [function] [call site] 00077
4 _cmsAdjustEndianess32 [function] [call site] 00078
4 _cmsAdjustEndianess64 [function] [call site] 00079
5 __assert_fail [call site] 00080
4 _validatedVersion [function] [call site] 00081
4 _cmsAdjustEndianess32 [function] [call site] 00082
4 cmsSignalError [function] [call site] 00083
4 validDeviceClass [function] [call site] 00084
4 cmsSignalError [function] [call site] 00085
4 _cmsAdjustEndianess32 [function] [call site] 00086
4 _cmsDecodeDateTimeNumber [function] [call site] 00087
5 __assert_fail [call site] 00088
5 __assert_fail [call site] 00089
5 _cmsAdjustEndianess16 [function] [call site] 00090
5 _cmsAdjustEndianess16 [function] [call site] 00091
5 _cmsAdjustEndianess16 [function] [call site] 00092
5 _cmsAdjustEndianess16 [function] [call site] 00093
5 _cmsAdjustEndianess16 [function] [call site] 00094
5 _cmsAdjustEndianess16 [function] [call site] 00095
4 _cmsReadUInt32Number [function] [call site] 00096
5 __assert_fail [call site] 00097
5 _cmsAdjustEndianess32 [function] [call site] 00098
4 cmsSignalError [function] [call site] 00099
4 _cmsReadUInt32Number [function] [call site] 00100
4 _cmsReadUInt32Number [function] [call site] 00101
4 _cmsReadUInt32Number [function] [call site] 00102
4 _cmsGetTagDescriptor [function] [call site] 00103
5 _cmsContextGetClientChunk [function] [call site] 00104
4 _cmsGetTagDescriptor [function] [call site] 00105
4 CompatibleTypes [function] [call site] 00106
4 cmsSignalError [function] [call site] 00107
3 cmsCloseProfile [function] [call site] 00108
4 cmsSaveProfileToFile [function] [call site] 00109
5 cmsGetProfileContextID [function] [call site] 00110
5 cmsOpenIOhandlerFromFile [function] [call site] 00111
5 cmsSaveProfileToIOhandler [function] [call site] 00112
6 __assert_fail [call site] 00113
6 _cmsLockMutex [function] [call site] 00114
7 _cmsContextGetClientChunk [function] [call site] 00115
6 cmsGetProfileContextID [function] [call site] 00116
6 cmsOpenIOhandlerFromNULL [function] [call site] 00117
7 _cmsMallocZero [function] [call site] 00118
7 _cmsMallocZero [function] [call site] 00119
7 NULLRead [function] [call site] 00120
7 NULLSeek [function] [call site] 00121
7 NULLClose [function] [call site] 00122
8 _cmsFree [function] [call site] 00123
8 _cmsFree [function] [call site] 00124
7 NULLTell [function] [call site] 00125
7 NULLWrite [function] [call site] 00126
7 _cmsFree [function] [call site] 00127
6 _cmsUnlockMutex [function] [call site] 00128
7 _cmsContextGetClientChunk [function] [call site] 00129
6 _cmsWriteHeader [function] [call site] 00130
7 _cmsAdjustEndianess32 [function] [call site] 00131
7 _cmsAdjustEndianess32 [function] [call site] 00132
7 _cmsAdjustEndianess32 [function] [call site] 00133
7 _cmsAdjustEndianess32 [function] [call site] 00134
7 _cmsAdjustEndianess32 [function] [call site] 00135
7 _cmsAdjustEndianess32 [function] [call site] 00136
7 _cmsEncodeDateTimeNumber [function] [call site] 00137
8 __assert_fail [call site] 00138
8 __assert_fail [call site] 00139
8 _cmsAdjustEndianess16 [function] [call site] 00140
8 _cmsAdjustEndianess16 [function] [call site] 00141
8 _cmsAdjustEndianess16 [function] [call site] 00142
8 _cmsAdjustEndianess16 [function] [call site] 00143
8 _cmsAdjustEndianess16 [function] [call site] 00144
8 _cmsAdjustEndianess16 [function] [call site] 00145
7 _cmsAdjustEndianess32 [function] [call site] 00146
7 _cmsAdjustEndianess32 [function] [call site] 00147
7 _cmsAdjustEndianess32 [function] [call site] 00148
7 _cmsAdjustEndianess32 [function] [call site] 00149
7 _cmsAdjustEndianess32 [function] [call site] 00150
7 _cmsAdjustEndianess64 [function] [call site] 00151
7 _cmsAdjustEndianess32 [function] [call site] 00152
7 cmsD50_XYZ [function] [call site] 00153
7 _cmsDoubleTo15Fixed16 [function] [call site] 00154
7 cmsD50_XYZ [function] [call site] 00155
7 _cmsDoubleTo15Fixed16 [function] [call site] 00156
7 cmsD50_XYZ [function] [call site] 00157
7 _cmsDoubleTo15Fixed16 [function] [call site] 00158
7 _cmsAdjustEndianess32 [function] [call site] 00159
7 _cmsWriteUInt32Number [function] [call site] 00160
8 __assert_fail [call site] 00161
8 _cmsAdjustEndianess32 [function] [call site] 00162
7 _cmsAdjustEndianess32 [function] [call site] 00163
7 _cmsAdjustEndianess32 [function] [call site] 00164
7 _cmsAdjustEndianess32 [function] [call site] 00165
6 SaveTags [function] [call site] 00166
7 cmsGetProfileVersion [function] [call site] 00167
8 BaseToBase [function] [call site] 00168
7 _cmsMalloc [function] [call site] 00169
8 _cmsContextGetClientChunk [function] [call site] 00170
7 _cmsFree [function] [call site] 00171
7 _cmsWriteAlignment [function] [call site] 00172
8 __assert_fail [call site] 00173
7 _cmsGetTagDescriptor [function] [call site] 00174
7 _cmsGetTagTypeHandler [function] [call site] 00175
8 _cmsContextGetClientChunk [function] [call site] 00176
8 GetHandler [function] [call site] 00177
7 cmsSignalError [function] [call site] 00178
7 _cmsWriteTypeBase [function] [call site] 00179
8 __assert_fail [call site] 00180
8 _cmsAdjustEndianess32 [function] [call site] 00181
7 _cmsTagSignature2String [function] [call site] 00182
8 _cmsAdjustEndianess32 [function] [call site] 00183
7 cmsSignalError [function] [call site] 00184
7 _cmsWriteAlignment [function] [call site] 00185
6 SetLinks [function] [call site] 00186
7 _cmsSearchTag [function] [call site] 00187
8 SearchOneTag [function] [call site] 00188
6 _cmsWriteHeader [function] [call site] 00189
6 SaveTags [function] [call site] 00190
6 cmsCloseIOhandler [function] [call site] 00191
6 _cmsUnlockMutex [function] [call site] 00192
6 cmsCloseIOhandler [function] [call site] 00193
6 _cmsUnlockMutex [function] [call site] 00194
5 cmsCloseIOhandler [function] [call site] 00195
5 remove [call site] 00196
4 freeOneTag [function] [call site] 00197
5 _cmsFree [function] [call site] 00198
4 cmsCloseIOhandler [function] [call site] 00199
4 _cmsDestroyMutex [function] [call site] 00200
5 _cmsContextGetClientChunk [function] [call site] 00201
4 _cmsFree [function] [call site] 00202
1 cmsReadRawTag [function] [call site] 00203
2 _cmsLockMutex [function] [call site] 00204
2 _cmsSearchTag [function] [call site] 00205
2 _cmsUnlockMutex [function] [call site] 00206
2 _cmsUnlockMutex [function] [call site] 00207
2 _cmsUnlockMutex [function] [call site] 00208
2 _cmsUnlockMutex [function] [call site] 00209
2 _cmsUnlockMutex [function] [call site] 00210
2 cmsReadTag [function] [call site] 00211
3 _cmsLockMutex [function] [call site] 00212
3 _cmsSearchTag [function] [call site] 00213
3 _cmsUnlockMutex [function] [call site] 00214
3 _cmsGetTagDescriptor [function] [call site] 00215
3 IsTypeSupported [function] [call site] 00216
3 _cmsUnlockMutex [function] [call site] 00217
3 cmsSignalError [function] [call site] 00218
3 _cmsGetTagDescriptor [function] [call site] 00219
3 _cmsTagSignature2String [function] [call site] 00220
3 cmsSignalError [function] [call site] 00221
3 _cmsReadTypeBase [function] [call site] 00222
4 __assert_fail [call site] 00223
4 _cmsAdjustEndianess32 [function] [call site] 00224
3 IsTypeSupported [function] [call site] 00225
3 _cmsGetTagTypeHandler [function] [call site] 00226
3 _cmsTagSignature2String [function] [call site] 00227
3 cmsSignalError [function] [call site] 00228
3 _cmsTagSignature2String [function] [call site] 00229
3 cmsSignalError [function] [call site] 00230
3 _cmsUnlockMutex [function] [call site] 00231
3 freeOneTag [function] [call site] 00232
3 _cmsUnlockMutex [function] [call site] 00233
2 _cmsLockMutex [function] [call site] 00234
2 cmsGetProfileContextID [function] [call site] 00235
2 cmsGetProfileContextID [function] [call site] 00236
2 _cmsGetTagDescriptor [function] [call site] 00237
2 cmsCloseIOhandler [function] [call site] 00238
2 _cmsWriteTypeBase [function] [call site] 00239
2 cmsCloseIOhandler [function] [call site] 00240
2 cmsCloseIOhandler [function] [call site] 00241
2 cmsCloseIOhandler [function] [call site] 00242
2 _cmsUnlockMutex [function] [call site] 00243
2 _cmsUnlockMutex [function] [call site] 00244
1 cmsReadRawTag [function] [call site] 00245
1 cmsReadRawTag [function] [call site] 00246
1 cmsReadTag [function] [call site] 00247
1 cmsGetProfileInfoASCII [function] [call site] 00248
2 GetInfo [function] [call site] 00249
3 cmsReadTag [function] [call site] 00250
2 cmsMLUgetASCII [function] [call site] 00251
3 strTo16 [function] [call site] 00252
3 strTo16 [function] [call site] 00253
3 _cmsMLUgetWide [function] [call site] 00254
1 cmsGetTagCount [function] [call site] 00255
1 cmsGetTagSignature [function] [call site] 00256
1 cmsTagLinkedTo [function] [call site] 00257
2 _cmsSearchTag [function] [call site] 00258
1 cmsSaveProfileToFile [function] [call site] 00259
1 cmsCloseProfile [function] [call site] 00260
1 cmsOpenProfileFromFile [function] [call site] 00261
1 cmsReadRawTag [function] [call site] 00262
1 cmsReadRawTag [function] [call site] 00263
1 cmsReadRawTag [function] [call site] 00264
1 cmsReadTag [function] [call site] 00265
1 cmsWriteRawTag [function] [call site] 00266
2 _cmsLockMutex [function] [call site] 00267
2 _cmsNewTag [function] [call site] 00268
3 _cmsSearchTag [function] [call site] 00269
3 _cmsDeleteTagByPos [function] [call site] 00270
4 __assert_fail [call site] 00271
4 __assert_fail [call site] 00272
4 _cmsFree [function] [call site] 00273
3 cmsSignalError [function] [call site] 00274
2 _cmsUnlockMutex [function] [call site] 00275
2 _cmsDupMem [function] [call site] 00276
3 _cmsContextGetClientChunk [function] [call site] 00277
2 _cmsUnlockMutex [function] [call site] 00278
1 cmsReadRawTag [function] [call site] 00279
1 cmsReadRawTag [function] [call site] 00280
1 cmsReadRawTag [function] [call site] 00281
1 cmsReadTag [function] [call site] 00282
1 cmsWriteRawTag [function] [call site] 00283
1 cmsSaveProfileToFile [function] [call site] 00284
1 cmsCloseProfile [function] [call site] 00285
1 unlink [call site] 00286