search

lvandeve / lodepng

PNG encoder and decoder in C and C++.
zlib License
2.04k stars 420 forks source link

Integrating with OSS-Fuzz #90

Closed Google-Autofuzz closed 5 years ago

Google-Autofuzz commented 5 years ago

Greetings lodepng developers and contributors,

We’re reaching out because your project is an important part of the open source ecosystem, and we’d like to invite you to integrate with our fuzzing service, OSS-Fuzz. OSS-Fuzz is a free fuzzing infrastructure you can use to identify security vulnerabilities and stability bugs in your project. OSS-Fuzz will:

Many widely used open source projects like OpenSSL, FFmpeg, LibreOffice, and ImageMagick are fuzzing via OSS-Fuzz, which helps them find and remediate critical issues.

Even though typical integrations can be done in < 100 LoC, we have a reward program in place which aims to recognize folks who are not just contributing to open source, but are also working hard to make it more secure.

We want to stress that anyone who meets the eligibility criteria and integrates a project with OSS-Fuzz is eligible for a reward.

To help you getting started, we attached our internal fuzzer for your project that you are welcome to use directly, or to use it as a starting point. If you're not interested in integrating with OSS-Fuzz, it would be helpful for us to understand why—lack of interest, lack of time, or something else—so we can better support projects like yours in the future. If we’ve missed your question in our [FAQ]( https://github.com/google/oss-fuzz/blob/master/docs/faq.md ), feel free to reply or reach out to us at oss-fuzz-outreach@googlegroups.com. Thanks! Tommy OSS-Fuzz Team ```c++ #include #include #include #include #include #include "lodepng.h" namespace { LodePNGColorType SelectColorType(const uint8_t** data, size_t* size) { uint8_t color_type_selector = 0; if (*size >= 1) { color_type_selector = *data[0]; *data += 1; *size -= 1; } const std::vector colorTypes{LCT_GREY, LCT_RGB, LCT_PALETTE, LCT_GREY_ALPHA, LCT_RGBA}; return colorTypes.at(color_type_selector % colorTypes.size()); } } // namespace extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { if (size == 0) { return EXIT_SUCCESS; } const LodePNGColorType wantColorType = SelectColorType(&data, &size); const unsigned char* buffer = reinterpret_cast(data); LodePNGState lp{}; lodepng_state_init(&lp); unsigned int lp_w{}; unsigned int lp_h{}; const unsigned inspect_err = lodepng_inspect(&lp_w, &lp_h, &lp, buffer, size); if (inspect_err != 0) { lodepng_state_cleanup(&lp); return EXIT_SUCCESS; } std::vector outBuffer{}; unsigned int w{}; unsigned int h{}; lodepng::decode(outBuffer, w, h, buffer, wantColorType); lodepng_state_cleanup(&lp); return EXIT_SUCCESS; } ```
lvandeve commented 5 years ago

Thank you for accepting!

This is done in pull request https://github.com/google/oss-fuzz/pull/2556, closing issue