High level conclusions

Fuzzers reach 53.76% code coverage.

Fuzzers reach 40.46% of cyclomatic complexity.

Fuzzers reach 39.80% of all functions.

Reachability and coverage overview

Functions statically reachable by fuzzers

439 / 1103

Cyclomatic complexity statically reachable by fuzzers

2532 / 6257

Runtime code coverage of functions

593 / 1103

Warning: The number of runtime covered functions are larger than the number of reachable functions. This means that Fuzz Introspector found there are more functions covered at runtime than what is considered reachable based on the static analysis. This is a limitation in the analysis as anything covered at runtime is by definition reachable by the fuzzers.
This is likely due to a limitation in the static analysis. In this case, the count of functions covered at runtime is the true value, which means this is what should be considered "achieved" by the fuzzer.

Use the project functions table below to query all functions that were not covered at runtime.

The following table shows data about each function in the project. The functions included in this table correspond to all functions that exist in the executables of the fuzzers. As such, there may be functions that are from third-party libraries.

For further technical details on the meaning of columns in the below table, please see the Glossary .

Func name	Functions filename	Args	Function call depth	Reached by Fuzzers	Fuzzers runtime hit	Func lines hit %	I Count	BB Count	Cyclomatic complexity	Functions reached	Reached by functions	Accumulated cyclomatic complexity	Undiscovered complexity

Fuzzer: cmsIT8_load_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	123	39.6%
gold	[1:9]	7	2.25%
yellow	[10:29]	3	0.96%
greenyellow	[30:49]	0	0.0%
lawngreen	50+	177	57.0%
All colors	310	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
14	14	3 : View List ['InitContextMutex', '_cmsEnterCriticalSectionPrimitive', '_cmsLeaveCriticalSectionPrimitive']	14	14	_cmsGetContext	call site: 00012	/src/lcms/src/cmsplugin.c:720
2	2	1 : View List ['strncpy']	2	2	BuildAbsolutePath	call site: 00000	/src/lcms/src/cmscgats.c:499
2	2	1 : View List ['fclose']	2	2	NextCh	call site: 00071	/src/lcms/src/cmscgats.c:557
0	32	2 : View List ['AllocTable', 'SynError']	0	32	cmsIT8SetTable	call site: 00258	/src/lcms/src/cmscgats.c:1360
0	30	1 : View List ['SynError']	0	30	GetTable	call site: 00032	/src/lcms/src/cmscgats.c:1099
0	30	1 : View List ['SynError']	0	30	AddToList	call site: 00045	/src/lcms/src/cmscgats.c:1267
0	30	1 : View List ['SynError']	0	30	AddToList	call site: 00048	/src/lcms/src/cmscgats.c:1280
0	29	1 : View List ['_cmsFree']	0	29	AllocBigBlock	call site: 00023	/src/lcms/src/cmscgats.c:1150
0	29	1 : View List ['cmsSignalError']	0	29	WriteStr	call site: 00265	/src/lcms/src/cmscgats.c:1726
0	29	1 : View List ['cmsSignalError']	0	29	_cmsContextGetClientChunk	call site: 00007	/src/lcms/src/cmsplugin.c:752
0	6	1 : View List ['cmsstrcasecmp']	0	6	IsAvailableOnList	call site: 00041	/src/lcms/src/cmscgats.c:1235
0	0	None	64	397	WriteData	call site: 00296	/src/lcms/src/cmscgats.c:1879

Runtime coverage analysis

Covered functions

59

Functions that are reachable but not covered

37

Reachable functions

92

Percentage of reachable functions covered

59.78%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
cmsIT8_load_fuzzer.c	1
lcmscmscgats.c	54
lcmscmserr.c	5
lcmscmsplugin.c	3
lcms./lcms2_internal.h	2

Fuzzer: cms_profile_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	33	11.4%
gold	[1:9]	0	0.0%
yellow	[10:29]	2	0.69%
greenyellow	[30:49]	1	0.34%
lawngreen	50+	251	87.4%
All colors	287	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
33	33	1 : View List ['GrowMLUtable']	33	72	AddMLUBlock	call site: 00000	/src/lcms/src/cmsnamed.c:150
14	14	3 : View List ['InitContextMutex', '_cmsEnterCriticalSectionPrimitive', '_cmsLeaveCriticalSectionPrimitive']	14	14	_cmsGetContext	call site: 00014	/src/lcms/src/cmsplugin.c:720
2	60	3 : View List ['_cmsFree', 'fclose', 'cmsSignalError']	2	60	cmsOpenIOhandlerFromFile	call site: 00039	/src/lcms/src/cmsio0.c:429
0	66	3 : View List ['freeOneTag', '_cmsTagSignature2String', 'cmsSignalError']	0	95	cmsReadTag	call site: 00228	/src/lcms/src/cmsio0.c:1738
0	58	2 : View List ['_cmsFree', 'cmsSignalError']	0	58	cmsOpenIOhandlerFromFile	call site: 00047	/src/lcms/src/cmsio0.c:441
0	32	1 : View List ['cmsStageFree']	0	32	cmsStageAllocCLut16bitGranular	call site: 00000	/src/lcms/src/cmslut.c:599
0	29	1 : View List ['cmsSignalError']	0	29	cmsBuildParametricToneCurve	call site: 00000	/src/lcms/src/cmsgamma.c:889
0	29	1 : View List ['cmsSignalError']	0	29	AllocateToneCurveStruct	call site: 00000	/src/lcms/src/cmsgamma.c:226
0	29	1 : View List ['cmsSignalError']	0	29	MemorySeek	call site: 00000	/src/lcms/src/cmsio0.c:174
0	29	1 : View List ['cmsSignalError']	0	29	FileSeek	call site: 00056	/src/lcms/src/cmsio0.c:331
0	29	1 : View List ['cmsSignalError']	0	29	FileTell	call site: 00062	/src/lcms/src/cmsio0.c:345
0	29	1 : View List ['cmsSignalError']	0	29	_cmsNewTag	call site: 00270	/src/lcms/src/cmsio0.c:689

Runtime coverage analysis

Covered functions

220

Functions that are reachable but not covered

22

Reachable functions

102

Percentage of reachable functions covered

78.43%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
cms_profile_fuzzer.c	1
lcmscmsio0.c	41
lcmscmserr.c	11
lcmscmsplugin.c	15
lcms./lcms2_internal.h	2
lcmscmstypes.c	3
lcmscmswtpnt.c	1
lcmscmsio1.c	2
lcmscmsnamed.c	3

Fuzzer: cms_transform_extended_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	445	40.3%
gold	[1:9]	35	3.17%
yellow	[10:29]	18	1.63%
greenyellow	[30:49]	8	0.72%
lawngreen	50+	597	54.1%
All colors	1103	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1731	1731	1 : View List ['_cmsCreateGamutCheckPipeline']	1761	2382	cmsCreateExtendedTransform	call site: 01018	/src/lcms/src/cmsxform.c:1210
201	201	1 : View List ['cmsSaveProfileToFile']	201	294	cmsCloseProfile	call site: 00091	/src/lcms/src/cmsio0.c:1586
104	104	2 : View List ['_cmsGetFormatterAlpha', 'ComputeComponentIncrements']	104	104	_cmsHandleExtraChannels	call site: 00750	/src/lcms/src/cmsalpha.c:567
97	136	6 : View List ['_cmsMAT3identity', 'Temp2CHAD', '_cmsMAT3inverse', 'CHAD2Temp', '_cmsMAT3isIdentity', '_cmsMAT3per']	97	142	ComputeAbsoluteIntent	call site: 00000	/src/lcms/src/cmscnvrt.c:263
82	3133	27 : View List ['SlopeLimiting', 'cmsIsToneCurveMonotonic', 'cmsPipelineInsertStage', 'cmsStageAllocToneCurves', '_cmsFormatterIs8bit', 'cmsStageAllocCLut16bit', 'cmsPipelineFree', 'cmsFreeToneCurve', '_cmsReasonableGridpointsByColorspace', 'cmsPipelineAlloc', 'cmsStageSampleCLut16bit', 'cmsReverseToneCurveEx', 'cmsBuildTabulatedToneCurve16', 'PrelinOpt16alloc', 'cmsPipelineEvalFloat', 'cmsStageData', '_cmsPipelineSetOptimizationParameters', 'cmsPipelineGetPtrToLastStage', '_cmsStageGetPtrToCurveSet', '_cmsICCcolorSpace', 'FixWhiteMisalignment', 'IsDegenerated', 'cmsIsToneCurveLinear', '_cmsQuickSaturateWord.1436', 'cmsStageType', 'cmsPipelineDup', 'PrelinOpt8alloc']	82	3133	OptimizeByComputingLinearization	call site: 00000	/src/lcms/src/cmsopt.c:1055
67	274	5 : View List ['cmsPipelineFree', 'cmsPipelineAlloc', 'cmsPipelineInsertStage', '_cmsStageAllocLabV2ToV4', '_cmsStageAllocNamedColor']	67	274	_cmsReadInputLUT	call site: 00000	/src/lcms/src/cmsio1.c:322
67	134	2 : View List ['cmsPipelineAlloc', '_cmsStageAllocNamedColor']	67	367	_cmsReadDevicelinkLUT	call site: 00000	/src/lcms/src/cmsio1.c:721
54	54	1 : View List ['DupPluginIntentsList']	54	54	_cmsAllocIntentsPluginChunk	call site: 00694	/src/lcms/src/cmscnvrt.c:137
54	54	1 : View List ['DupPluginCurvesList']	54	54	_cmsAllocCurvesPluginChunk	call site: 00668	/src/lcms/src/cmsgamma.c:111
54	54	1 : View List ['DupPluginOptimizationList']	54	54	_cmsAllocOptimizationPluginChunk	call site: 00699	/src/lcms/src/cmsopt.c:1858
54	54	1 : View List ['DupFormatterFactoryList']	54	54	_cmsAllocFormattersPluginChunk	call site: 00675	/src/lcms/src/cmspack.c:3762
54	54	1 : View List ['DupTagTypeList']	54	54	_cmsAllocTagTypePluginChunk	call site: 00681	/src/lcms/src/cmstypes.c:5770

Runtime coverage analysis

Covered functions

449

Functions that are reachable but not covered

107

Reachable functions

387

Percentage of reachable functions covered

72.35%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
cms_transform_extended_fuzzer.c	2
lcmscmsio0.c	58
lcmscmserr.c	29
lcmscmsplugin.c	22
lcms./lcms2_internal.h	6
lcmscmstypes.c	12
lcmscmswtpnt.c	4
lcmscmsvirt.c	13
lcmscmspcs.c	10
lcmscmsnamed.c	16
lcmscmsmtrx.c	5
lcmscmslut.c	36
lcmscmsgamma.c	23
lcmscmsintrp.c	43
lcmscmspack.c	7
lcmscmscnvrt.c	5
lcmscmsopt.c	21
lcmscmsxform.c	29
lcmscmsalpha.c	7
lcmscmsgmt.c	3
lcmscmsio1.c	3

Fuzzer: cms_universal_transform_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	447	49.5%
gold	[1:9]	24	2.65%
yellow	[10:29]	22	2.43%
greenyellow	[30:49]	5	0.55%
lawngreen	50+	405	44.8%
All colors	903	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1743	5651	9 : View List ['cmsIsCLUT', 'RootOfLeastSquaresFitQuadraticCurve', 'cmsGetColorSpace', 'cmsXYZ2Lab', 'CreateRoundtripXForm', 'cmsDoTransform', 'cmsLab2XYZ', 'cmsDetectBlackPoint', 'cmsDeleteTransform']	1743	5651	cmsDetectDestinationBlackPoint	call site: 00000	/src/lcms/src/cmssamp.c:386
1737	1737	1 : View List ['BlackPointUsingPerceptualBlack']	1737	1737	cmsDetectBlackPoint	call site: 00000	/src/lcms/src/cmssamp.c:267
1731	1731	1 : View List ['_cmsCreateGamutCheckPipeline']	1903	2382	cmsCreateExtendedTransform	call site: 00799	/src/lcms/src/cmsxform.c:1210
571	571	1 : View List ['BuildGrayOutputPipeline']	571	571	_cmsReadOutputLUT	call site: 00000	/src/lcms/src/cmsio1.c:649
541	541	1 : View List ['BuildGrayInputMatrixPipeline']	541	541	_cmsReadInputLUT	call site: 00000	/src/lcms/src/cmsio1.c:392
535	535	3 : View List ['_cmsReadMediaWhitePoint', '_cmsReadCHAD', 'ComputeAbsoluteIntent']	535	535	ComputeConversion	call site: 00000	/src/lcms/src/cmscnvrt.c:368
375	422	4 : View List ['_cmsStageGetPtrToCurveSet', 'cmsEvalToneCurve16', 'cmsReverseToneCurve', 'cmsFreeToneCurve']	375	463	FixWhiteMisalignment	call site: 00498	/src/lcms/src/cmsopt.c:609
201	201	1 : View List ['cmsSaveProfileToFile']	201	294	cmsCloseProfile	call site: 00090	/src/lcms/src/cmsio0.c:1586
142	142	1 : View List ['_cmsCompileProfileSequence']	172	172	cmsCreateExtendedTransform	call site: 00800	/src/lcms/src/cmsxform.c:1244
114	114	1 : View List ['cmsLinkTag']	114	692	cmsCreateRGBProfileTHR	call site: 00716	/src/lcms/src/cmsvirt.c:180
67	274	5 : View List ['cmsPipelineFree', 'cmsPipelineAlloc', 'cmsPipelineInsertStage', '_cmsStageAllocLabV2ToV4', '_cmsStageAllocNamedColor']	67	274	_cmsReadInputLUT	call site: 00000	/src/lcms/src/cmsio1.c:322
67	134	2 : View List ['cmsPipelineAlloc', '_cmsStageAllocNamedColor']	67	367	_cmsReadDevicelinkLUT	call site: 00000	/src/lcms/src/cmsio1.c:721

Runtime coverage analysis

Covered functions

338

Functions that are reachable but not covered

120

Reachable functions

325

Percentage of reachable functions covered

63.08%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
cms_universal_transform_fuzzer.c	1
lcmscmsio0.c	57
lcmscmserr.c	13
lcmscmsplugin.c	15
lcms./lcms2_internal.h	6
lcmscmstypes.c	3
lcmscmswtpnt.c	4
lcmscmsxform.c	25
lcmscmslut.c	35
lcmscmspack.c	4
lcmscmsalpha.c	7
lcmscmsopt.c	18
lcmscmsmtrx.c	5
lcmscmspcs.c	10
lcmscmsgamma.c	20
lcmscmsintrp.c	41
lcmscmsnamed.c	15
lcmscmsgmt.c	3
lcmscmsvirt.c	4
lcmscmscnvrt.c	2
lcmscmsio1.c	3

Fuzzer: cms_transform_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	429	46.8%
gold	[1:9]	15	1.63%
yellow	[10:29]	15	1.63%
greenyellow	[30:49]	7	0.76%
lawngreen	50+	450	49.1%
All colors	916	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1743	5651	9 : View List ['cmsIsCLUT', 'RootOfLeastSquaresFitQuadraticCurve', 'cmsGetColorSpace', 'cmsXYZ2Lab', 'CreateRoundtripXForm', 'cmsDoTransform', 'cmsLab2XYZ', 'cmsDetectBlackPoint', 'cmsDeleteTransform']	1743	5651	cmsDetectDestinationBlackPoint	call site: 00000	/src/lcms/src/cmssamp.c:386
1737	1737	1 : View List ['BlackPointUsingPerceptualBlack']	1737	1737	cmsDetectBlackPoint	call site: 00000	/src/lcms/src/cmssamp.c:267
1731	1731	1 : View List ['_cmsCreateGamutCheckPipeline']	1903	2382	cmsCreateExtendedTransform	call site: 00810	/src/lcms/src/cmsxform.c:1210
571	571	1 : View List ['BuildGrayOutputPipeline']	571	571	_cmsReadOutputLUT	call site: 00000	/src/lcms/src/cmsio1.c:649
535	535	3 : View List ['_cmsReadMediaWhitePoint', '_cmsReadCHAD', 'ComputeAbsoluteIntent']	535	535	ComputeConversion	call site: 00000	/src/lcms/src/cmscnvrt.c:368
221	221	1 : View List ['_cmsReadFloatOutputTag']	221	221	_cmsReadOutputLUT	call site: 00000	/src/lcms/src/cmsio1.c:595
201	201	1 : View List ['cmsSaveProfileToFile']	201	294	cmsCloseProfile	call site: 00090	/src/lcms/src/cmsio0.c:1586
146	3133	27 : View List ['SlopeLimiting', 'cmsIsToneCurveMonotonic', 'cmsPipelineInsertStage', 'cmsStageAllocToneCurves', '_cmsFormatterIs8bit', 'cmsStageAllocCLut16bit', 'cmsPipelineFree', 'cmsFreeToneCurve', '_cmsReasonableGridpointsByColorspace', 'cmsPipelineAlloc', 'cmsStageSampleCLut16bit', 'cmsReverseToneCurveEx', 'cmsBuildTabulatedToneCurve16', 'PrelinOpt16alloc', 'cmsPipelineEvalFloat', 'cmsStageData', '_cmsPipelineSetOptimizationParameters', 'cmsPipelineGetPtrToLastStage', '_cmsStageGetPtrToCurveSet', '_cmsICCcolorSpace', 'FixWhiteMisalignment', 'IsDegenerated', 'cmsIsToneCurveLinear', '_cmsQuickSaturateWord.1436', 'cmsStageType', 'cmsPipelineDup', 'PrelinOpt8alloc']	146	3133	OptimizeByComputingLinearization	call site: 00000	/src/lcms/src/cmsopt.c:1055
142	142	1 : View List ['_cmsCompileProfileSequence']	172	172	cmsCreateExtendedTransform	call site: 00811	/src/lcms/src/cmsxform.c:1244
76	123	5 : View List ['cmsStageDup', 'cmsPipelineGetPtrToLastStage', 'cmsPipelineUnlinkStage', 'cmsStageType', 'AllCurvesAreLinear']	120	849	OptimizeByResampling	call site: 00593	/src/lcms/src/cmsopt.c:718
44	44	1 : View List ['PrelinOpt16alloc']	44	503	OptimizeByResampling	call site: 00615	/src/lcms/src/cmsopt.c:774
43	43	1 : View List ['cmsFreeProfileSequenceDescription']	43	72	cmsDeleteTransform	call site: 00675	/src/lcms/src/cmsxform.c:165

Runtime coverage analysis

Covered functions

365

Functions that are reachable but not covered

106

Reachable functions

328

Percentage of reachable functions covered

67.68%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
cms_transform_fuzzer.c	1
lcmscmsio0.c	57
lcmscmserr.c	13
lcmscmsplugin.c	15
lcms./lcms2_internal.h	6
lcmscmstypes.c	3
lcmscmswtpnt.c	4
lcmscmsvirt.c	7
lcmscmsgamma.c	20
lcmscmsintrp.c	41
lcmscmsnamed.c	16
lcmscmspcs.c	10
lcmscmsmtrx.c	5
lcmscmsxform.c	25
lcmscmslut.c	35
lcmscmspack.c	4
lcmscmsalpha.c	7
lcmscmsopt.c	18
lcmscmsgmt.c	3
lcmscmscnvrt.c	2
lcmscmsio1.c	3

Fuzzer: cms_overwrite_transform_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	447	49.5%
gold	[1:9]	22	2.43%
yellow	[10:29]	20	2.21%
greenyellow	[30:49]	15	1.66%
lawngreen	50+	399	44.1%
All colors	903	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1743	5651	9 : View List ['cmsIsCLUT', 'RootOfLeastSquaresFitQuadraticCurve', 'cmsGetColorSpace', 'cmsXYZ2Lab', 'CreateRoundtripXForm', 'cmsDoTransform', 'cmsLab2XYZ', 'cmsDetectBlackPoint', 'cmsDeleteTransform']	1743	5651	cmsDetectDestinationBlackPoint	call site: 00000	/src/lcms/src/cmssamp.c:386
1737	1737	1 : View List ['BlackPointUsingPerceptualBlack']	1737	1737	cmsDetectBlackPoint	call site: 00000	/src/lcms/src/cmssamp.c:267
1731	1731	1 : View List ['_cmsCreateGamutCheckPipeline']	1903	2382	cmsCreateExtendedTransform	call site: 00799	/src/lcms/src/cmsxform.c:1210
571	571	1 : View List ['BuildGrayOutputPipeline']	571	571	_cmsReadOutputLUT	call site: 00000	/src/lcms/src/cmsio1.c:649
541	541	1 : View List ['BuildGrayInputMatrixPipeline']	541	541	_cmsReadInputLUT	call site: 00000	/src/lcms/src/cmsio1.c:392
535	535	3 : View List ['_cmsReadMediaWhitePoint', '_cmsReadCHAD', 'ComputeAbsoluteIntent']	535	535	ComputeConversion	call site: 00000	/src/lcms/src/cmscnvrt.c:368
375	422	4 : View List ['_cmsStageGetPtrToCurveSet', 'cmsEvalToneCurve16', 'cmsReverseToneCurve', 'cmsFreeToneCurve']	375	463	FixWhiteMisalignment	call site: 00498	/src/lcms/src/cmsopt.c:609
201	201	1 : View List ['cmsSaveProfileToFile']	201	294	cmsCloseProfile	call site: 00090	/src/lcms/src/cmsio0.c:1586
142	142	1 : View List ['_cmsCompileProfileSequence']	172	172	cmsCreateExtendedTransform	call site: 00800	/src/lcms/src/cmsxform.c:1244
114	114	1 : View List ['cmsLinkTag']	114	692	cmsCreateRGBProfileTHR	call site: 00716	/src/lcms/src/cmsvirt.c:180
67	274	5 : View List ['cmsPipelineFree', 'cmsPipelineAlloc', 'cmsPipelineInsertStage', '_cmsStageAllocLabV2ToV4', '_cmsStageAllocNamedColor']	67	274	_cmsReadInputLUT	call site: 00000	/src/lcms/src/cmsio1.c:322
67	134	2 : View List ['cmsPipelineAlloc', '_cmsStageAllocNamedColor']	67	367	_cmsReadDevicelinkLUT	call site: 00000	/src/lcms/src/cmsio1.c:721

Runtime coverage analysis

Covered functions

344

Functions that are reachable but not covered

114

Reachable functions

325

Percentage of reachable functions covered

64.92%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
cms_overwrite_transform_fuzzer.c	1
lcmscmsio0.c	57
lcmscmserr.c	13
lcmscmsplugin.c	15
lcms./lcms2_internal.h	6
lcmscmstypes.c	3
lcmscmswtpnt.c	4
lcmscmsxform.c	25
lcmscmslut.c	35
lcmscmspack.c	4
lcmscmsalpha.c	7
lcmscmsopt.c	18
lcmscmsmtrx.c	5
lcmscmspcs.c	10
lcmscmsgamma.c	20
lcmscmsintrp.c	41
lcmscmsnamed.c	15
lcmscmsgmt.c	3
lcmscmsvirt.c	4
lcmscmscnvrt.c	2
lcmscmsio1.c	3

Fuzzer: cms_transform_all_fuzzer

Call tree

The calltree shows the control flow of the fuzzer. This is overlaid with coverage information to display how much of the potential code a fuzzer can reach is in fact covered at runtime. In the following there is a link to a detailed calltree visualisation as well as a bitmap showing a high-level view of the calltree. For further information about these topics please see the glossary for full calltree and calltree overview

Call tree overview bitmap:

The distribution of callsites in terms of coloring is

Color	Runtime hitcount	Callsite count	Percentage
red	0	331	36.6%
gold	[1:9]	25	2.76%
yellow	[10:29]	19	2.10%
greenyellow	[30:49]	17	1.88%
lawngreen	50+	511	56.5%
All colors	903	100

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity	Unique Reachable Complexities	Unique Reachable Functions	All non-covered Complexity	All Reachable Complexity	Function Name	Function Callsite	Blocked Branch
1731	1731	1 : View List ['_cmsCreateGamutCheckPipeline']	1761	2382	cmsCreateExtendedTransform	call site: 00800	/src/lcms/src/cmsxform.c:1210
401	413	2 : View List ['cmsIsToneCurveMonotonic', 'cmsJoinToneCurve']	401	536	_cmsBuildKToneCurve	call site: 00000	/src/lcms/src/cmsgmt.c:169
201	201	1 : View List ['cmsSaveProfileToFile']	201	294	cmsCloseProfile	call site: 00091	/src/lcms/src/cmsio0.c:1586
114	114	1 : View List ['cmsLinkTag']	114	692	cmsCreateRGBProfileTHR	call site: 00717	/src/lcms/src/cmsvirt.c:180
104	104	2 : View List ['_cmsGetFormatterAlpha', 'ComputeComponentIncrements']	104	104	_cmsHandleExtraChannels	call site: 00246	/src/lcms/src/cmsalpha.c:567
97	136	6 : View List ['_cmsMAT3identity', 'Temp2CHAD', '_cmsMAT3inverse', 'CHAD2Temp', '_cmsMAT3isIdentity', '_cmsMAT3per']	97	142	ComputeAbsoluteIntent	call site: 00000	/src/lcms/src/cmscnvrt.c:263
33	33	1 : View List ['GrowMLUtable']	33	72	AddMLUBlock	call site: 00659	/src/lcms/src/cmsnamed.c:150
30	30	1 : View List ['TransformOnePixelWithGamutCheck']	30	30	cmsCreateExtendedTransform	call site: 00801	/src/lcms/src/cmsxform.c:1255
14	14	3 : View List ['InitContextMutex', '_cmsEnterCriticalSectionPrimitive', '_cmsLeaveCriticalSectionPrimitive']	14	14	_cmsGetContext	call site: 00011	/src/lcms/src/cmsplugin.c:720
2	2	1 : View List ['cmsGetHeaderRenderingIntent']	2	2	cmsIsCLUT	call site: 00000	/src/lcms/src/cmsio1.c:835
0	5473	9 : View List ['cmsStageSampleCLut16bit', 'cmsPipelineInsertStage', '_cmsReadDevicelinkLUT', 'cmsStageAllocCLut16bit', 'cmsCloseProfile', 'cmsCreateTransformTHR', 'cmsCreateLab4ProfileTHR', '_cmsReasonableGridpointsByColorspace', 'cmsPipelineCat']	0	5714	BlackPreservingKPlaneIntents	call site: 00000	/src/lcms/src/cmscnvrt.c:1038
0	1032	6 : View List ['cmsStageSampleCLut16bit', 'cmsPipelineInsertStage', '_cmsReadDevicelinkLUT', 'cmsStageAllocCLut16bit', '_cmsReasonableGridpointsByColorspace', 'cmsPipelineCat']	0	1225	BlackPreservingKOnlyIntents	call site: 00000	/src/lcms/src/cmscnvrt.c:805

Runtime coverage analysis

Covered functions

419

Functions that are reachable but not covered

89

Reachable functions

326

Percentage of reachable functions covered

72.7%

NB: The sum of covered functions and functions that are reachable but not covered need not be equal to Reachable functions . This is because the reachability analysis is an approximation and thus at runtime some functions may be covered that are not included in the reachability analysis. This is a limitation of our static analysis capabilities.

Warning: The number of covered functions are larger than the number of reachable functions. This means that there are more functions covered at runtime than are extracted using static analysis. This is likely a result of the static analysis component failing to extract the right call graph or the coverage runtime being compiled with sanitizers in code that the static analysis has not analysed. This can happen if lto/gold is not used in all places that coverage instrumentation is used.

Function name	source code lines	source lines hit	percentage hit

Files reached

filename	functions hit
cms_transform_all_fuzzer.c	2
lcmscmsio0.c	57
lcmscmserr.c	13
lcmscmsplugin.c	15
lcms./lcms2_internal.h	6
lcmscmstypes.c	3
lcmscmswtpnt.c	4
lcmscmsxform.c	25
lcmscmslut.c	35
lcmscmspack.c	4
lcmscmsalpha.c	7
lcmscmsopt.c	18
lcmscmsmtrx.c	5
lcmscmspcs.c	10
lcmscmsgamma.c	20
lcmscmsintrp.c	41
lcmscmsnamed.c	15
lcmscmsgmt.c	3
lcmscmsvirt.c	4
lcmscmscnvrt.c	2
lcmscmsio1.c	3

Optimal target analysis

Remaining optimal interesting functions

The following table shows a list of functions that are optimal targets. Optimal targets are identified by finding the functions that in combination, yield a high code coverage.

Func name	Functions filename	Arg count	Args	Function depth	hitcount	instr count	bb count	cyclomatic complexity	Reachable functions	Incoming references	total cyclomatic complexity	Unreached complexity
BlackPreservingKPlaneIntents	/src/lcms/src/cmscnvrt.c	7	['struct._cmsContext_struct *', 'int', 'int *', 'char **', 'int *', 'double *', 'int']	22	0	448	69	27	388	0	2312	580
Type_Dictionary_Read	/src/lcms/src/cmstypes.c	4	['struct._cms_typehandler_struct *', 'struct._cms_io_handler *', 'int *', 'int']	10	0	399	67	27	42	0	211	142
Type_LUTB2A_Read	/src/lcms/src/cmstypes.c	4	['struct._cms_typehandler_struct *', 'struct._cms_io_handler *', 'int *', 'int']	17	0	348	58	25	116	0	622	109
OptimizeMatrixShaper	/src/lcms/src/cmsopt.c	5	['struct._cmsPipeline_struct.73 **', 'int', 'int *', 'int *', 'int *']	16	0	363	53	22	129	0	632	106
Type_LUTA2B_Write	/src/lcms/src/cmstypes.c	4	['struct._cms_typehandler_struct *', 'struct._cms_io_handler *', 'char *', 'int']	6	0	509	73	32	33	0	159	97
cmsTransform2DeviceLink	/src/lcms/src/cmsvirt.c	3	['char *', 'double', 'int']	18	0	583	93	37	253	0	1388	96
OptimizeByComputingLinearization	/src/lcms/src/cmsopt.c	5	['struct._cmsPipeline_struct.73 **', 'int', 'int *', 'int *', 'int *']	15	0	904	141	51	135	0	854	90
Type_ProfileSequenceId_Write	/src/lcms/src/cmstypes.c	4	['struct._cms_typehandler_struct *', 'struct._cms_io_handler *', 'char *', 'int']	10	0	78	8	4	30	0	149	73
Type_MPEcurve_Read	/src/lcms/src/cmstypes.c	4	['struct._cms_typehandler_struct *', 'struct._cms_io_handler *', 'int *', 'int']	15	0	183	22	9	87	0	480	68
Type_LUT16_Write	/src/lcms/src/cmstypes.c	4	['struct._cms_typehandler_struct *', 'struct._cms_io_handler *', 'char *', 'int']	5	0	700	125	52	21	0	112	63

Implementing fuzzers that target the above functions will improve reachability such that it becomes:

Functions statically reachable by fuzzers

612 / 1103

Cyclomatic complexity statically reachable by fuzzers

3954 / 6257

All functions overview

If you implement fuzzers for these functions, the status of all functions in the project will be:

Func name	Functions filename	Args	Function call depth	Reached by Fuzzers	Fuzzers runtime hit	Func lines hit %	I Count	BB Count	Cyclomatic complexity	Functions reached	Reached by functions	Accumulated cyclomatic complexity	Undiscovered complexity

This section shows analysis of runtime coverage data.

For futher technical details on how this section is generated, please see the Glossary .

Complex functions with low coverage

Func name	Function total lines	Lines covered at runtime	percentage covered	Reached by fuzzers
WriteHeader	47	23	48.93%	['cmsIT8_load_fuzzer']
ParseIT8	48	16	33.33%	['cmsIT8_load_fuzzer']
HeaderSection	70	38	54.28%	['cmsIT8_load_fuzzer']
CookPointers	43	13	30.23%	['cmsIT8_load_fuzzer']
_cmsHandleExtraChannels	67	15	22.38%	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
ComputeAbsoluteIntent	38	9	23.68%	[]
cmsPluginTHR	58	7	12.06%	['cms_transform_extended_fuzzer']
PrelinEval8	72	34	47.22%	[]

This section shows which files and directories are considered in this report. The main reason for showing this is fuzz introspector may include more code in the reasoning than is desired. This section helps identify if too many files/directories are included, e.g. third party code, which may be irrelevant for the threat model. In the event too much is included, fuzz introspector supports a configuration file that can exclude data from the report. See the following link for more information on how to create a config file: link

Files in report

Source file	Reached by	Covered by
	[]	[]
/src/lcms/src/cmsgmt.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_all_fuzzer']
/src/lcms/src/cmswtpnt.c	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmslut.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmssamp.c	[]	[]
/src/lcms/src/cmspack.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/cmsIT8_load_fuzzer.c	['cmsIT8_load_fuzzer']	['cmsIT8_load_fuzzer']
/src/lcms/src/cmshalf.c	[]	[]
/src/lcms/src/cmsmtrx.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/cms_profile_fuzzer.c	['cms_profile_fuzzer']	['cms_profile_fuzzer']
/src/lcms/src/cmscgats.c	['cmsIT8_load_fuzzer']	['cmsIT8_load_fuzzer']
/src/cms_universal_transform_fuzzer.c	['cms_universal_transform_fuzzer']	['cms_universal_transform_fuzzer']
/src/lcms/src/cmsintrp.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmserr.c	['cmsIT8_load_fuzzer', 'cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cmsIT8_load_fuzzer', 'cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmsopt.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmsio1.c	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmstypes.c	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/cms_transform_extended_fuzzer.c	['cms_transform_extended_fuzzer']	['cms_transform_extended_fuzzer']
/src/lcms/src/cmsxform.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmsgamma.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/./lcms2_internal.h	['cmsIT8_load_fuzzer', 'cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	[]
/src/cms_transform_fuzzer.c	['cms_transform_fuzzer']	['cms_transform_fuzzer']
/src/lcms/src/cmsvirt.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmsnamed.c	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmsio0.c	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmspcs.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmsplugin.c	['cmsIT8_load_fuzzer', 'cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cmsIT8_load_fuzzer', 'cms_profile_fuzzer', 'cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/cms_transform_all_fuzzer.c	['cms_transform_all_fuzzer']	['cms_transform_all_fuzzer']
/src/cms_overwrite_transform_fuzzer.c	['cms_overwrite_transform_fuzzer']	['cms_overwrite_transform_fuzzer']
/src/lcms/src/cmsalpha.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']
/src/lcms/src/cmscnvrt.c	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']	['cms_transform_extended_fuzzer', 'cms_universal_transform_fuzzer', 'cms_transform_fuzzer', 'cms_overwrite_transform_fuzzer', 'cms_transform_all_fuzzer']

Directories in report

Directory
/src/lcms/src/./
/src/
/src/lcms/src/