walkero
/
harfbuzz
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
15,952 Commits 16 Branches 166 Tags 114 MiB
Commit Graph

408 Commits

Author SHA1 Message Date
Garret Rieger 2cd81fdfb6 [subset] fix memory leak. 
Fixes fuzzer issue https://oss-fuzz.com/testcase-detail/6169920089227264
 2023-03-30 16:19:41 -06:00
Garret Rieger be87200106 [subset] fix buffer overflow fuzzer reported issue. 2023-03-25 10:11:46 -04:00
Garret Rieger 79ae6b657f [subset] Fix fuzzer found memory leaks. 2023-03-25 10:11:46 -04:00
Garret Rieger f0f7f22525 [subset] fix fuzzer found null deref. 
https://oss-fuzz.com/testcase-detail/5844352760152064
 2023-03-21 11:41:09 -06:00
Garret Rieger 3d05b96181 [subset] track which glyphs have allocated memory so we can clean up correctly. 
Fixes https://oss-fuzz.com/testcase-detail/5388270411579392
 2023-03-13 16:03:58 -06:00
Garret Rieger 7a87b17742 Check for failed subset input creation in the fuzzer. 2023-03-13 15:21:25 -06:00
Garret Rieger 28b05e1cb6 [subset] Fix memory leak in glyf subset. 
Fixes fuzzer issue: https://oss-fuzz.com/testcase-detail/6525813890875392.
 2023-03-08 17:02:04 -07:00
Garret Rieger 9286e12525 Don't subset a glyf table with an unknown format. 
Fixes fuzzer issue: https://oss-fuzz.com/testcase-detail/4875306193518592
 2023-03-08 14:51:54 -07:00
Behdad Esfahbod 2d33a6b4df [subset-fuzzer] Protect against overflow 
Fixes
https://github.com/harfbuzz/harfbuzz/issues/4137#issuecomment-1448994447
 2023-02-28 15:31:45 -07:00
Garret Rieger c0fac016dc [subset] update the subset fuzzer to be able to reach instancing code. 2023-02-27 15:07:04 -07:00
Garret Rieger 918193ebf9 [subset] fix a class of fuzzer timeouts caused by large shared coverage tables. 
More acurately estimates the op count for CoverageFormat2 tables as the population size instead of the size in bytes.
 2023-02-22 16:57:39 -07:00
Behdad Esfahbod 64fa5cd482 [GPOS] Fix assert fail introduced recently 
Was introduced in 8708b9e081.

If these lookups are recursed to from (Chain)Context out-of-order,
it was possible that last_base > buffer->idx, in which case we
were attaching marks to a base after them... and an assertion
was failing fortunately.

Fixes https://oss-fuzz.com/testcase-detail/6377756666757120
 2023-02-07 15:52:53 -07:00
Garret Rieger e4fff64ce3 [repacker] check duplicate() for success. 
Fixes fuzzer testcase https://oss-fuzz.com/testcase-detail/5475787333828608.
 2023-01-23 18:37:13 -07:00
Behdad Esfahbod b63159e8bf [PairPosFormat1] Fix stride 
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55287
and generally the lookup with MediumTypes.
 2023-01-21 15:51:40 -07:00
Behdad Esfahbod 3c972867b9 More s/hb_font_get_glyph_shape/hb_font_draw_glyph/ 2022-12-23 13:37:59 -07:00
Chun-wei Fan 4622be7f84 test/fuzzing: Fix dist 
We need to dist the repacker fuzzer test items into the tarball, along
with the items in graphs/ and sets/.
 2022-12-22 06:44:04 -07:00
Garret Rieger 40342c9437 [subset] check for addition overflow in hdmx size calculation. 
Fixes https://oss-fuzz.com/testcase-detail/4877336988483584.
 2022-12-21 16:44:06 -07:00
Garret Rieger b5acde43ed [subset] check pending/subsetted tag sets for alloc failure. 2022-12-13 15:31:40 -07:00
Garret Rieger 35233d2514 [repacker] fix fuzzer reported stack overflow. 
Fixes https://oss-fuzz.com/testcase-detail/6014493291577344.
 2022-12-07 10:32:56 -07:00
Garret Rieger b17fbc200b [repacker] use memcpy to avoid alignment issues. 2022-12-05 14:13:47 -07:00
Garret Rieger f1d3489388 [repacker] bail on failure to alloc assigned_bytes set. 
Fixes fuzzer issue https://oss-fuzz.com/testcase-detail/5390364397928448.
 2022-12-05 14:13:47 -07:00
Garret Rieger 239a5aca02 [repacker] don't allow references to the null object in graph. 
Fixes fuzzer issue https://oss-fuzz.com/testcase-detail/6714085985353728
 2022-12-05 14:13:47 -07:00
Garret Rieger 16f61a1c87 [repacker] only build repacker fuzzer when experimental api is enabled. 2022-12-02 00:02:14 +00:00
Garret Rieger de5a621322 [repacker] enforce root node having no incoming edges. 2022-12-01 23:37:16 +00:00
Garret Rieger 30e405e470 [repacker] ensure link obj indices are valid. 2022-12-01 22:12:59 +00:00
Garret Rieger 554ed06fac [repacker] add cycle detection to the graph sort. 
This allows us to bail early if the graph is not acyclic.
 2022-12-01 21:52:37 +00:00
Garret Rieger 9e99d08470 [repacker] validate link widths during repacker setup. 2022-12-01 20:17:41 +00:00
Garret Rieger edf7a29595 [repacker] Validate link positions before running the repacker. 2022-12-01 20:17:41 +00:00
Garret Rieger 88d437525f [repacker] add test for repacker fuzzer. 2022-12-01 20:17:40 +00:00
Garret Rieger 6627a1ab45 [repacker] Add a initial seed for the fuzzer repacker. 2022-12-01 20:17:40 +00:00
Garret Rieger deca30b268 [repacker] get repacker fuzzer working. 
Additionally add helper method that allows a graph to be saved as a fuzzer seed.
 2022-12-01 20:17:40 +00:00
Garret Rieger 261a605f9c [repacker] verify graph is a dag before using the fuzzer input. 2022-12-01 20:17:40 +00:00
Garret Rieger 985b19f678 [repacker] begin implementing a fuzzer for the repacker api. 2022-12-01 20:17:39 +00:00
Garret Rieger dd1ba328a8 [repacker] fix fuzzer timeout. 
For https://oss-fuzz.com/testcase-detail/5845846876356608. Only process the set of unique overflows.
 2022-11-21 16:24:48 -07:00
Behdad Esfahbod e854739b2d [fuzzing] Add test font for previous commit 2022-10-26 13:12:56 -06:00
Qunxin Liu 7fde6ab025 fuzzer fix: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49790 2022-08-05 15:10:31 -06:00
Khaled Hosny afe6629b2f Fix make dist 2022-08-03 19:56:29 +02:00
Behdad Esfahbod e68e874da6 Update test/fuzzing/README 2022-08-03 11:31:34 -06:00
Behdad Esfahbod bdbb8c297e Add test for previous commit 2022-07-29 12:04:28 -06:00
Behdad Esfahbod e2cc34e190 [subset/GPOS] Fix a fuzzer timeout test 
Fixes https://oss-fuzz.com/testcase-detail/5234369031176192
 2022-07-26 12:31:40 -06:00
Behdad Esfahbod 4cb83967aa [subset/ClassDefFormat2] Fix timeout 
Fixes https://oss-fuzz.com/testcase-detail/5417800474165248
 2022-07-23 11:00:20 -06:00
Behdad Esfahbod 32c85b8c8c [avar2] Fix mapping when coords length don't match 
Ouch.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49407
 2022-07-23 10:50:26 -06:00
Behdad Esfahbod 9eab3ac72d [CoverageFormat2] Remove hand-written loop 
While on a fuzzer-found test case (added) that loop was faster,
on real fonts, including NotoNastaliq in our benchmark, it was
actually slower, which intuitively I would have expected.

Still no idea why on that fuzzer case it's faster though. :(
 2022-07-21 12:36:53 -06:00
Behdad Esfahbod 3c84aa8416 [cff] Add a max work counter 
Set to 10,000 per interpretation right now.

Fixes https://github.com/harfbuzz/harfbuzz/issues/3700
Fixes https://oss-fuzz.com/testcase-detail/5667125715927040
 2022-07-18 13:57:59 -06:00
Behdad Esfahbod b8c7c0a0e6 [fuzzer] In 50% of runs don't fail the allocator 2022-07-01 15:25:09 -06:00
Garret Rieger 311413f16b [subset] Fix fuzzer issue. 
Fixes https://oss-fuzz.com/testcase-detail/5693568490012672. new_index should be set from new_index2 when the entry is present in the map.
 2022-06-14 17:49:13 +01:00
Behdad Esfahbod 62e803b361 [sbix] Limit glyph extents 
Fixes https://github.com/harfbuzz/harfbuzz/issues/3557
 2022-06-01 07:39:20 -06:00
Behdad Esfahbod 5a058ba158 [shape-fuzzer] Add commented out more buffer-verify option 
Those currently fail and I've been unable to debug them.

I tried two, passing them to hb-shape doesn't reproduce the failure. :(
 2022-06-01 04:53:50 -06:00
Behdad Esfahbod 189f65344a [fuzz-shape] Verify shape output 
Let the fuzzers loose on shape verify.
 2022-06-01 04:53:50 -06:00
Garret Rieger 8f9f0c494b [subset] Enforce cmap12 group ordering constraints in collect_mapping. 
Fixes fuzzer issue: https://oss-fuzz.com/testcase-detail/6365271012540416
 2022-05-10 12:15:09 -06:00