Fuzz introspector: cms_profile_fuzzer
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
33 33 1 :

['GrowMLUtable']

33 72 AddMLUBlock call site: 00000 /src/lcms/src/cmsnamed.c:150
14 14 3 :

['_cmsLeaveCriticalSectionPrimitive', '_cmsEnterCriticalSectionPrimitive', 'InitContextMutex']

14 14 _cmsGetContext call site: 00015 /src/lcms/src/cmsplugin.c:720
2 57 3 :

['_cmsFree', 'cmsSignalError', 'fclose']

2 57 cmsOpenIOhandlerFromFile call site: 00040 /src/lcms/src/cmsio0.c:434
0 84 2 :

['_cmsFree', 'cmsSignalError']

0 84 cmsOpenIOhandlerFromMem call site: 00230 /src/lcms/src/cmsio0.c:280
0 63 3 :

['_cmsTagSignature2String', 'cmsSignalError', 'freeOneTag']

0 92 cmsReadTag call site: 00211 /src/lcms/src/cmsio0.c:1743
0 55 2 :

['_cmsFree', 'cmsSignalError']

0 55 cmsOpenIOhandlerFromFile call site: 00048 /src/lcms/src/cmsio0.c:446
0 32 1 :

['cmsStageFree']

0 32 cmsStageAllocCLut16bitGranular call site: 00000 /src/lcms/src/cmslut.c:599
0 29 1 :

['_cmsFree']

0 29 Type_Data_Read call site: 00000 /src/lcms/src/cmstypes.c:1050
0 26 1 :

['cmsSignalError']

0 26 cmsBuildParametricToneCurve call site: 00000 /src/lcms/src/cmsgamma.c:889
0 26 1 :

['cmsSignalError']

0 26 AllocateToneCurveStruct call site: 00000 /src/lcms/src/cmsgamma.c:226
0 26 1 :

['cmsSignalError']

0 26 MemorySeek call site: 00000 /src/lcms/src/cmsio0.c:174
0 26 1 :

['cmsSignalError']

0 26 FileSeek call site: 00000 /src/lcms/src/cmsio0.c:336

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 getpid [call site] 00001
1 sprintf [call site] 00002
1 fopen [call site] 00003
1 fwrite [call site] 00004
1 fclose [call site] 00005
1 cmsOpenProfileFromFile [function] [call site] 00006
2 cmsOpenProfileFromFileTHR [function] [call site] 00007
3 cmsCreateProfilePlaceholder [function] [call site] 00008
4 _cmsMallocZero [function] [call site] 00009
5 _cmsContextGetClientChunk [function] [call site] 00010
6 cmsSignalError [function] [call site] 00011
7 vsnprintf [call site] 00012
7 _cmsContextGetClientChunk [function] [call site] 00013
8 __assert_fail [call site] 00014
8 _cmsGetContext [function] [call site] 00015
9 InitContextMutex [function] [call site] 00016
9 _cmsEnterCriticalSectionPrimitive [function] [call site] 00017
10 pthread_mutex_lock [call site] 00018
9 _cmsLeaveCriticalSectionPrimitive [function] [call site] 00019
10 pthread_mutex_unlock [call site] 00020
9 _cmsLeaveCriticalSectionPrimitive [function] [call site] 00021
4 _cmsGetTime [function] [call site] 00022
5 time [call site] 00023
5 gmtime_r [call site] 00024
4 _cmsCreateMutex [function] [call site] 00025
5 _cmsContextGetClientChunk [function] [call site] 00026
4 _cmsFree [function] [call site] 00027
5 _cmsContextGetClientChunk [function] [call site] 00028
3 cmsOpenIOhandlerFromFile [function] [call site] 00029
4 __assert_fail [call site] 00030
4 __assert_fail [call site] 00031
4 _cmsMallocZero [function] [call site] 00032
4 _cmsFree [function] [call site] 00033
4 cmsSignalError [function] [call site] 00034
4 _cmsFree [function] [call site] 00035
4 cmsSignalError [function] [call site] 00036
4 fopen [call site] 00037
4 _cmsFree [function] [call site] 00038
4 cmsSignalError [function] [call site] 00039
4 cmsfilelength [function] [call site] 00040
5 ftell [call site] 00041
5 fseek [call site] 00042
5 ftell [call site] 00043
5 fseek [call site] 00044
4 fclose [call site] 00045
4 _cmsFree [function] [call site] 00046
4 cmsSignalError [function] [call site] 00047
4 fopen [call site] 00048
4 _cmsFree [function] [call site] 00049
4 cmsSignalError [function] [call site] 00050
4 _cmsFree [function] [call site] 00051
4 strncpy [call site] 00052
3 _cmsReadHeader [function] [call site] 00053
4 _cmsAdjustEndianess32 [function] [call site] 00054
4 cmsSignalError [function] [call site] 00055
4 _cmsAdjustEndianess32 [function] [call site] 00056
4 _cmsAdjustEndianess32 [function] [call site] 00057
4 _cmsAdjustEndianess32 [function] [call site] 00058
4 _cmsAdjustEndianess32 [function] [call site] 00059
4 _cmsAdjustEndianess32 [function] [call site] 00060
4 _cmsAdjustEndianess32 [function] [call site] 00061
4 _cmsAdjustEndianess32 [function] [call site] 00062
4 _cmsAdjustEndianess32 [function] [call site] 00063
4 _cmsAdjustEndianess32 [function] [call site] 00064
4 _cmsAdjustEndianess32 [function] [call site] 00065
4 _cmsAdjustEndianess64 [function] [call site] 00066
5 __assert_fail [call site] 00067
4 _validatedVersion [function] [call site] 00068
4 _cmsAdjustEndianess32 [function] [call site] 00069
4 cmsSignalError [function] [call site] 00070
4 validDeviceClass [function] [call site] 00071
4 cmsSignalError [function] [call site] 00072
4 _cmsAdjustEndianess32 [function] [call site] 00073
4 _cmsDecodeDateTimeNumber [function] [call site] 00074
5 __assert_fail [call site] 00075
5 __assert_fail [call site] 00076
5 _cmsAdjustEndianess16 [function] [call site] 00077
5 _cmsAdjustEndianess16 [function] [call site] 00078
5 _cmsAdjustEndianess16 [function] [call site] 00079
5 _cmsAdjustEndianess16 [function] [call site] 00080
5 _cmsAdjustEndianess16 [function] [call site] 00081
5 _cmsAdjustEndianess16 [function] [call site] 00082
4 _cmsReadUInt32Number [function] [call site] 00083
5 __assert_fail [call site] 00084
5 _cmsAdjustEndianess32 [function] [call site] 00085
4 cmsSignalError [function] [call site] 00086
4 _cmsReadUInt32Number [function] [call site] 00087
4 _cmsReadUInt32Number [function] [call site] 00088
4 _cmsReadUInt32Number [function] [call site] 00089
4 _cmsGetTagDescriptor [function] [call site] 00090
5 _cmsContextGetClientChunk [function] [call site] 00091
4 _cmsGetTagDescriptor [function] [call site] 00092
4 CompatibleTypes [function] [call site] 00093
4 cmsSignalError [function] [call site] 00094
3 cmsCloseProfile [function] [call site] 00095
4 cmsSaveProfileToFile [function] [call site] 00096
5 cmsGetProfileContextID [function] [call site] 00097
5 cmsOpenIOhandlerFromFile [function] [call site] 00098
5 cmsSaveProfileToIOhandler [function] [call site] 00099
6 __assert_fail [call site] 00100
6 _cmsLockMutex [function] [call site] 00101
7 _cmsContextGetClientChunk [function] [call site] 00102
6 cmsGetProfileContextID [function] [call site] 00103
6 cmsOpenIOhandlerFromNULL [function] [call site] 00104
7 _cmsMallocZero [function] [call site] 00105
7 _cmsMallocZero [function] [call site] 00106
7 _cmsFree [function] [call site] 00107
6 _cmsUnlockMutex [function] [call site] 00108
7 _cmsContextGetClientChunk [function] [call site] 00109
6 _cmsWriteHeader [function] [call site] 00110
7 _cmsAdjustEndianess32 [function] [call site] 00111
7 _cmsAdjustEndianess32 [function] [call site] 00112
7 _cmsAdjustEndianess32 [function] [call site] 00113
7 _cmsAdjustEndianess32 [function] [call site] 00114
7 _cmsAdjustEndianess32 [function] [call site] 00115
7 _cmsAdjustEndianess32 [function] [call site] 00116
7 _cmsEncodeDateTimeNumber [function] [call site] 00117
8 __assert_fail [call site] 00118
8 __assert_fail [call site] 00119
8 _cmsAdjustEndianess16 [function] [call site] 00120
8 _cmsAdjustEndianess16 [function] [call site] 00121
8 _cmsAdjustEndianess16 [function] [call site] 00122
8 _cmsAdjustEndianess16 [function] [call site] 00123
8 _cmsAdjustEndianess16 [function] [call site] 00124
8 _cmsAdjustEndianess16 [function] [call site] 00125
7 _cmsAdjustEndianess32 [function] [call site] 00126
7 _cmsAdjustEndianess32 [function] [call site] 00127
7 _cmsAdjustEndianess32 [function] [call site] 00128
7 _cmsAdjustEndianess32 [function] [call site] 00129
7 _cmsAdjustEndianess32 [function] [call site] 00130
7 _cmsAdjustEndianess64 [function] [call site] 00131
7 _cmsAdjustEndianess32 [function] [call site] 00132
7 cmsD50_XYZ [function] [call site] 00133
7 _cmsDoubleTo15Fixed16 [function] [call site] 00134
7 _cmsAdjustEndianess32 [function] [call site] 00135
7 cmsD50_XYZ [function] [call site] 00136
7 _cmsDoubleTo15Fixed16 [function] [call site] 00137
7 _cmsAdjustEndianess32 [function] [call site] 00138
7 cmsD50_XYZ [function] [call site] 00139
7 _cmsDoubleTo15Fixed16 [function] [call site] 00140
7 _cmsAdjustEndianess32 [function] [call site] 00141
7 _cmsAdjustEndianess32 [function] [call site] 00142
7 _cmsWriteUInt32Number [function] [call site] 00143
8 __assert_fail [call site] 00144
8 _cmsAdjustEndianess32 [function] [call site] 00145
7 _cmsAdjustEndianess32 [function] [call site] 00146
7 _cmsAdjustEndianess32 [function] [call site] 00147
7 _cmsAdjustEndianess32 [function] [call site] 00148
6 SaveTags [function] [call site] 00149
7 cmsGetProfileVersion [function] [call site] 00150
8 BaseToBase [function] [call site] 00151
7 _cmsMalloc [function] [call site] 00152
8 _cmsContextGetClientChunk [function] [call site] 00153
7 _cmsFree [function] [call site] 00154
7 _cmsWriteAlignment [function] [call site] 00155
8 __assert_fail [call site] 00156
7 _cmsGetTagDescriptor [function] [call site] 00157
7 _cmsGetTagTypeHandler [function] [call site] 00158
8 _cmsContextGetClientChunk [function] [call site] 00159
8 GetHandler [function] [call site] 00160
7 cmsSignalError [function] [call site] 00161
7 _cmsWriteTypeBase [function] [call site] 00162
8 __assert_fail [call site] 00163
8 _cmsAdjustEndianess32 [function] [call site] 00164
7 _cmsTagSignature2String [function] [call site] 00165
8 _cmsAdjustEndianess32 [function] [call site] 00166
7 cmsSignalError [function] [call site] 00167
7 _cmsWriteAlignment [function] [call site] 00168
6 SetLinks [function] [call site] 00169
7 _cmsSearchTag [function] [call site] 00170
8 SearchOneTag [function] [call site] 00171
6 _cmsWriteHeader [function] [call site] 00172
6 SaveTags [function] [call site] 00173
6 cmsCloseIOhandler [function] [call site] 00174
6 _cmsUnlockMutex [function] [call site] 00175
6 cmsCloseIOhandler [function] [call site] 00176
6 _cmsUnlockMutex [function] [call site] 00177
5 cmsCloseIOhandler [function] [call site] 00178
5 remove [call site] 00179
4 freeOneTag [function] [call site] 00180
5 _cmsFree [function] [call site] 00181
4 cmsCloseIOhandler [function] [call site] 00182
4 _cmsDestroyMutex [function] [call site] 00183
5 _cmsContextGetClientChunk [function] [call site] 00184
4 _cmsFree [function] [call site] 00185
1 cmsReadRawTag [function] [call site] 00186
2 _cmsLockMutex [function] [call site] 00187
2 _cmsSearchTag [function] [call site] 00188
2 _cmsUnlockMutex [function] [call site] 00189
2 _cmsUnlockMutex [function] [call site] 00190
2 _cmsUnlockMutex [function] [call site] 00191
2 _cmsUnlockMutex [function] [call site] 00192
2 _cmsUnlockMutex [function] [call site] 00193
2 cmsReadTag [function] [call site] 00194
3 _cmsLockMutex [function] [call site] 00195
3 _cmsSearchTag [function] [call site] 00196
3 _cmsUnlockMutex [function] [call site] 00197
3 _cmsGetTagDescriptor [function] [call site] 00198
3 IsTypeSupported [function] [call site] 00199
3 _cmsUnlockMutex [function] [call site] 00200
3 cmsSignalError [function] [call site] 00201
3 _cmsGetTagDescriptor [function] [call site] 00202
3 _cmsTagSignature2String [function] [call site] 00203
3 cmsSignalError [function] [call site] 00204
3 _cmsReadTypeBase [function] [call site] 00205
4 __assert_fail [call site] 00206
4 _cmsAdjustEndianess32 [function] [call site] 00207
3 IsTypeSupported [function] [call site] 00208
3 _cmsGetTagTypeHandler [function] [call site] 00209
3 _cmsTagSignature2String [function] [call site] 00210
3 cmsSignalError [function] [call site] 00211
3 _cmsTagSignature2String [function] [call site] 00212
3 cmsSignalError [function] [call site] 00213
3 _cmsUnlockMutex [function] [call site] 00214
3 freeOneTag [function] [call site] 00215
3 _cmsUnlockMutex [function] [call site] 00216
2 _cmsLockMutex [function] [call site] 00217
2 cmsGetProfileContextID [function] [call site] 00218
2 cmsOpenIOhandlerFromNULL [function] [call site] 00219
2 cmsGetProfileContextID [function] [call site] 00220
2 cmsOpenIOhandlerFromMem [function] [call site] 00221
3 __assert_fail [call site] 00222
3 _cmsMallocZero [function] [call site] 00223
3 _cmsMallocZero [function] [call site] 00224
3 cmsSignalError [function] [call site] 00225
3 _cmsMalloc [function] [call site] 00226
3 _cmsFree [function] [call site] 00227
3 _cmsFree [function] [call site] 00228
3 cmsSignalError [function] [call site] 00229
3 _cmsMallocZero [function] [call site] 00230
3 cmsSignalError [function] [call site] 00231
3 cmsSignalError [function] [call site] 00232
3 _cmsFree [function] [call site] 00233
3 _cmsFree [function] [call site] 00234
2 _cmsGetTagDescriptor [function] [call site] 00235
2 cmsCloseIOhandler [function] [call site] 00236
2 _cmsWriteTypeBase [function] [call site] 00237
2 cmsCloseIOhandler [function] [call site] 00238
2 cmsCloseIOhandler [function] [call site] 00239
2 cmsCloseIOhandler [function] [call site] 00240
2 _cmsUnlockMutex [function] [call site] 00241
2 _cmsUnlockMutex [function] [call site] 00242
1 cmsReadRawTag [function] [call site] 00243
1 cmsReadRawTag [function] [call site] 00244
1 cmsReadTag [function] [call site] 00245
1 cmsGetProfileInfoASCII [function] [call site] 00246
2 GetInfo [function] [call site] 00247
3 cmsReadTag [function] [call site] 00248
2 cmsMLUgetASCII [function] [call site] 00249
3 strTo16 [function] [call site] 00250
3 strTo16 [function] [call site] 00251
3 _cmsMLUgetWide [function] [call site] 00252
1 cmsGetTagCount [function] [call site] 00253
1 cmsGetTagSignature [function] [call site] 00254
1 cmsTagLinkedTo [function] [call site] 00255
2 _cmsSearchTag [function] [call site] 00256
1 cmsSaveProfileToFile [function] [call site] 00257
1 cmsCloseProfile [function] [call site] 00258
1 cmsOpenProfileFromFile [function] [call site] 00259
1 cmsReadRawTag [function] [call site] 00260
1 cmsReadRawTag [function] [call site] 00261
1 cmsReadRawTag [function] [call site] 00262
1 cmsReadTag [function] [call site] 00263
1 cmsWriteRawTag [function] [call site] 00264
2 _cmsLockMutex [function] [call site] 00265
2 _cmsNewTag [function] [call site] 00266
3 _cmsSearchTag [function] [call site] 00267
3 _cmsDeleteTagByPos [function] [call site] 00268
4 __assert_fail [call site] 00269
4 __assert_fail [call site] 00270
4 _cmsFree [function] [call site] 00271
3 cmsSignalError [function] [call site] 00272
2 _cmsUnlockMutex [function] [call site] 00273
2 _cmsDupMem [function] [call site] 00274
3 _cmsContextGetClientChunk [function] [call site] 00275
2 _cmsUnlockMutex [function] [call site] 00276
1 cmsReadRawTag [function] [call site] 00277
1 cmsReadRawTag [function] [call site] 00278
1 cmsReadRawTag [function] [call site] 00279
1 cmsReadTag [function] [call site] 00280
1 cmsWriteRawTag [function] [call site] 00281
1 cmsSaveProfileToFile [function] [call site] 00282
1 cmsCloseProfile [function] [call site] 00283
1 unlink [call site] 00284