walkero
/
harfbuzz
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
9,420 Commits 16 Branches 166 Tags 114 MiB
Commit Graph

59 Commits

Author SHA1 Message Date
Michiharu Ariza 90872a29ee change assert(false) to failure 2019-06-11 12:42:28 -07:00
Michiharu Ariza 65e66a2d37 added test data 2019-06-03 16:31:41 -07:00
Qunxin Liu e1a5ce6aa6 Fix fuzzer crash testcase 
Add a check for stringOffSet(uint16) overflow,
return early if overflow happens
 2019-05-24 15:26:20 -04:00
Behdad Esfahbod 9ef241cd40 [test] Add one more 2019-05-20 11:38:02 -04:00
Behdad Esfahbod 3efb7af7e2 [STAT] Fix sanitize condition 
Oops!

Fixes https://oss-fuzz.com/testcase-detail/5696825891225600
 2019-05-20 11:37:16 -04:00
Behdad Esfahbod 25a5b287f2 Fix sanitize fail of extension sublookups 
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=960331
 2019-05-10 16:03:20 -07:00
Ebrahim Byagowi df237d2fe7
[test] Add https://crbug.com/oss-fuzz/14641 testcase 
As 503748d fix
 2019-05-08 14:17:14 -07:00
Ebrahim Byagowi 62c6e17072 [test] Add crbug.com/oss-fuzz/14474 testcase 
Fixed at 6977a95f
 2019-04-28 10:55:07 -07:00
Michiharu Ariza ba0386060d fix oss-fuzz issue 14345 2019-04-18 18:18:05 -04:00
Behdad Esfahbod ec2a5dc859 Use class templates for Null objects 
This allows partial-instantiating custom Null object for template Lookup<T>.
Before, this had to be handcoded per instantiation.  Apparently I missed
adding one for AAT::ankr.lookupTable, so it was getting the wrong (generic)
null for Lookup object, which is wrong and unsafe.

Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=944346
 2019-03-26 16:23:40 -07:00
Michiharu Ariza bcb4e505d6
cff2 subset fuzzer issues (#1619) 
* add check to FDArray::serialize

* add test files

* fix off by one
 2019-03-15 13:46:25 -07:00
Behdad Esfahbod 6879efc2c1 [AAT] Fix anchor bound checking, again 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12532
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=922303
 2019-01-17 14:08:02 -05:00
Behdad Esfahbod 91d774712f [test] Add test for previous commit 2019-01-14 15:31:31 -05:00
Behdad Esfahbod 7a6686a589 [AAT] Fix mort ContextualSubtable offset access 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12312
 2019-01-14 15:09:14 -05:00
Behdad Esfahbod a3fa7d3336 [AAT] Fix ankr table access 
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=918340
 2019-01-14 14:37:36 -05:00
Michiharu Ariza 798e98c47b [CFF] bad offset in Index (#1476) 
* Update hb-ot-cff-common.hh

* fix bug

* bummer fix wasn't hit. refix

* additional sanity check

* Added test cases for oss-fuzz issues 11805, 11806
 2018-12-12 21:08:15 -05:00
Michiharu Ariza bcb4ecaf68 [CFF] check out of range FD index (#1477) 
* add fd index checks to subr subsetter

also added oss-fuzz test case

* undid SubrSubsetParam::is_valid

because already validated by SubrClosures.valid
 2018-12-12 20:36:01 -05:00
Michiharu Ariza 2941208f1e [CFF] oss-fuzz issue 11690 ASSERT: substr.offset >= opStart (#1461) 
* fix oss-fuzz 11690: substr.offset >= opStart

detect recursive subroutine call & handle as error

* fix build failure

* add minimized test case for oss-fuzz 11690

* removed asserts
 2018-12-11 15:21:24 -05:00
Michiharu Ariza ae087d10c2 add minimized test case for oss-fuzz issue 11714 2018-12-05 21:47:34 -08:00
Ebrahim Byagowi f95324a335
Merge pull request #1457 from harfbuzz/cff-varstore-sanitize 
[CFF] oss-fuzz issue 11713 (CFF2VariationStore::serialize)
 2018-12-06 08:33:44 +03:30
Michiharu Ariza 9d8f3b0dfb add minimized test case for oss-fuzz issue 11713 2018-12-05 17:14:51 -08:00
Michiharu Ariza 34e3ef8ff3 Merge branch 'master' into cff-subr-sanitize 2018-12-05 15:50:05 -08:00
Michiharu Ariza 72d8f76368 add minimized test case for oss-fuzz issue 11691 2018-12-05 15:49:11 -08:00
Behdad Esfahbod d9dabc00e9
Merge pull request #1454 from harfbuzz/cff-fixbcd 
[CFF] fix oss-fuzz issue 11674: parse_bcd
 2018-12-05 15:39:34 -08:00
Michiharu Ariza 6708c5595f fix oss-fuzz issue 11675 (ASSERT: count <= str.len) 
Also added an additional error check to avail ()
 2018-12-05 12:51:18 -08:00
Michiharu Ariza 010e2ddb38 minimized test case for oss-fuzz issue 11674 2018-12-05 12:23:58 -08:00
Ebrahim Byagowi 79e7e3445e
Merge pull request #1449 from harfbuzz/cff-fixcharset 
[CFF] fix for oss-fuzz 11657: Charset overrun
 2018-12-05 13:25:18 +03:30
Ebrahim Byagowi cf4b7db6b1
Merge pull request #1448 from harfbuzz/cff-leak 
[CFF] fix leak: oss-fuzz 11662
 2018-12-05 13:23:23 +03:30
Michiharu Ariza 32cc46c75a [CFF] fix oss-fuzz issue 11670: NULL dereference (#1450) 
* guard against no subr access

* code tweak

* add minimized testcase for oss-fuzz 11670 (Null deference)
 2018-12-05 09:02:34 +03:30
Michiharu Ariza 78f639b8bf added minimized testcase for oss-fuzz issue 11657 2018-12-04 14:17:03 -08:00
Michiharu Ariza b61f74f69a added minimized test case for oss-fuzz issue 11662 2018-12-04 10:30:35 -08:00
Michiharu Ariza 9424e80526 added minimized test cases 2018-12-03 16:18:10 -08:00
Behdad Esfahbod 84efe0438e [aat] Fix division sign fallout 
Happened after 11d2f49af8
since now nClasses is unsigned int...
 2018-12-02 12:39:14 -05:00
Behdad Esfahbod 1204a247a5 [fuzzing] Add tests for previous commit 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11526
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11522
 2018-11-24 09:49:21 -05:00
Behdad Esfahbod 2c8188bf59 [kerx] Make sure subtables are non-zero-length 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11400
 2018-11-22 22:02:19 -05:00
Garret Rieger 8982830d3e [subset] add fuzzer testcase. 2018-11-22 21:30:01 -05:00
Behdad Esfahbod 5212cd8af2 [fuzzing] Add new test 2018-11-12 14:25:18 -05:00
Behdad Esfahbod a549aa14a0 [kerx] Protect against stack underflow 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11367
 2018-11-12 13:02:39 -05:00
Behdad Esfahbod 752bd8a192 [kerx] Fix Format1 tupleKern sanitization 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11312
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11305
 2018-11-10 21:13:32 -05:00
Behdad Esfahbod 3a9fa8c026 [qsort] Fix O(N^2) behavior if all array elements are the same 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11327

Reported as https://github.com/noporpoise/sort_r/issues/7
 2018-11-10 01:58:26 -05:00
Ebrahim Byagowi c560ca9251
[fuzz] A new testcase 2018-11-03 13:03:36 +03:30
Khaled Hosny 0af3d176a6 [sbix] Fix memory leak in early return 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11210
 2018-10-30 17:05:28 +02:00
Behdad Esfahbod 12058e44d1 [fuzzing] Add more test 2018-10-26 21:22:26 -07:00
Ebrahim Byagowi 0229eaea29
[fuzz] Add a found hb-subset testcase 2018-10-22 10:51:37 +03:30
Ebrahim Byagowi 9b3461574f
[fuzz] Add more testcases 
Fixed already but better to have anyway.

One didn't have minimized but it was only 164 B, so
 2018-10-21 11:37:38 +03:30
Behdad Esfahbod 217a3728b4 [fuzzing] Add more font 2018-10-20 20:39:56 -07:00
Ebrahim Byagowi d39acc5a95
[fuzzing] Add new testcases 2018-10-20 12:20:30 +03:30
Ebrahim Byagowi fbf665b307
[fuzz] Add more found cases (#1275) 2018-10-19 08:09:53 +03:30
Behdad Esfahbod b9478e28ac Revert "[test] Remove not-fixed yet testcases (#1268)" 
This reverts commit 191eef823f.
 2018-10-17 22:11:49 -07:00
Ebrahim Byagowi 191eef823f
[test] Remove not-fixed yet testcases (#1268) 
I added them but now that I think, it is a bad idea to have them as
fuzzing bots will find good seeds to tweak in order to find easy new
testcases which causes duplicated issues.
 2018-10-18 08:04:18 +03:30