Commit Graph

396 Commits

Author SHA1 Message Date
Ebrahim Byagowi e21bdf500d
Increase subset fuzzer timeout to 8s
Probably we should just remove timeout when running tsan and vaglrind here, the flaky bots
2019-07-28 22:59:09 +04:30
Ebrahim Byagowi bdfdac0f26
[ci][fuzzer] print valgrind failure if an error happened 2019-07-19 10:33:00 +04:30
Ebrahim Byagowi f8242b61ab
[fuzz] Increase subset runner timeout for tsan bot
Now is flaky let's just increase and maybe investigate later
2019-07-11 15:10:36 +04:30
Ebrahim Byagowi b65bad18aa
[fuzz] Don't fail when blob is empty
And enable more tests able to trig the issue.
2019-07-11 14:31:55 +04:30
Ebrahim Byagowi c85f624b51 Force blob generation and memory check in hb-subset-fuzzer 2019-07-10 23:38:07 +04:30
Michiharu Ariza 8341c0b304 add test case file 2019-06-27 08:43:31 -07:00
Michiharu Ariza 90872a29ee change assert(false) to failure 2019-06-11 12:42:28 -07:00
Michiharu Ariza 65e66a2d37 added test data 2019-06-03 16:31:41 -07:00
Bruce Mitchener 5846884f86 test: Use nullptr in C++ code. () 2019-06-03 12:30:25 +04:30
Qunxin Liu e1a5ce6aa6 Fix fuzzer crash testcase
Add a check for stringOffSet(uint16) overflow,
return early if overflow happens
2019-05-24 15:26:20 -04:00
Garret Rieger 0ff3618c2d [subset] Use hb_subset_input_t inside of subset_options_t so that input defaults are shared between the library and cli. 2019-05-20 13:35:46 -07:00
Behdad Esfahbod 9ef241cd40 [test] Add one more 2019-05-20 11:38:02 -04:00
Behdad Esfahbod 3efb7af7e2 [STAT] Fix sanitize condition
Oops!

Fixes https://oss-fuzz.com/testcase-detail/5696825891225600
2019-05-20 11:37:16 -04:00
Ebrahim Byagowi 30c059a978
[test] minor, fix -Weverything bot 2019-05-11 18:48:41 -04:00
Ebrahim Byagowi 25531a3039
[test] minor
style fix and add return statement
2019-05-11 19:50:42 +00:00
Behdad Esfahbod 25a5b287f2 Fix sanitize fail of extension sublookups
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=960331
2019-05-10 16:03:20 -07:00
Ebrahim Byagowi df237d2fe7
[test] Add https://crbug.com/oss-fuzz/14641 testcase
As 503748d fix
2019-05-08 14:17:14 -07:00
Ebrahim Byagowi 6d6edc8b25
[valgrind] Use libtool and support run-subset-fuzzer-tests () 2019-04-28 11:54:07 -07:00
Ebrahim Byagowi 62c6e17072 [test] Add crbug.com/oss-fuzz/14474 testcase
Fixed at 6977a95f
2019-04-28 10:55:07 -07:00
Michiharu Ariza ba0386060d fix oss-fuzz issue 14345 2019-04-18 18:18:05 -04:00
Behdad Esfahbod b7384c89e2 [fuzzing] Run valgrind with --leak-check=full 2019-04-15 16:53:10 -04:00
Behdad Esfahbod 3ff66c0029 [fuzzing] Fail if valgrind is requested but not found 2019-04-15 16:52:21 -04:00
Behdad Esfahbod ec2a5dc859 Use class templates for Null objects
This allows partial-instantiating custom Null object for template Lookup<T>.
Before, this had to be handcoded per instantiation.  Apparently I missed
adding one for AAT::ankr.lookupTable, so it was getting the wrong (generic)
null for Lookup object, which is wrong and unsafe.

Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=944346
2019-03-26 16:23:40 -07:00
Michiharu Ariza bcb4e505d6
cff2 subset fuzzer issues ()
* add check to FDArray::serialize

* add test files

* fix off by one
2019-03-15 13:46:25 -07:00
Garret Rieger dc04261a5b [subset] Update the subset fuzzer to determine which options to use based on data in the fuzzing test case.
Add support for toggling retain_gids.
2019-01-30 15:23:19 -08:00
Behdad Esfahbod 6879efc2c1 [AAT] Fix anchor bound checking, again
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12532
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=922303
2019-01-17 14:08:02 -05:00
Behdad Esfahbod 91d774712f [test] Add test for previous commit 2019-01-14 15:31:31 -05:00
Behdad Esfahbod 7a6686a589 [AAT] Fix mort ContextualSubtable offset access
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12312
2019-01-14 15:09:14 -05:00
Behdad Esfahbod a3fa7d3336 [AAT] Fix ankr table access
Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=918340
2019-01-14 14:37:36 -05:00
Michiharu Ariza 798e98c47b [CFF] bad offset in Index ()
* Update hb-ot-cff-common.hh

* fix bug

* bummer fix wasn't hit. refix

* additional sanity check

* Added test cases for oss-fuzz issues 11805, 11806
2018-12-12 21:08:15 -05:00
Michiharu Ariza bcb4ecaf68 [CFF] check out of range FD index ()
* add fd index checks to subr subsetter

also added oss-fuzz test case

* undid SubrSubsetParam::is_valid

because already validated by SubrClosures.valid
2018-12-12 20:36:01 -05:00
Michiharu Ariza 2941208f1e [CFF] oss-fuzz issue 11690 ASSERT: substr.offset >= opStart ()
* fix oss-fuzz 11690: substr.offset >= opStart

detect recursive subroutine call & handle as error

* fix build failure

* add minimized test case for oss-fuzz 11690

* removed asserts
2018-12-11 15:21:24 -05:00
Michiharu Ariza ae087d10c2 add minimized test case for oss-fuzz issue 11714 2018-12-05 21:47:34 -08:00
Ebrahim Byagowi f95324a335
Merge pull request from harfbuzz/cff-varstore-sanitize
[CFF] oss-fuzz issue 11713 (CFF2VariationStore::serialize)
2018-12-06 08:33:44 +03:30
Michiharu Ariza 9d8f3b0dfb add minimized test case for oss-fuzz issue 11713 2018-12-05 17:14:51 -08:00
Michiharu Ariza 34e3ef8ff3 Merge branch 'master' into cff-subr-sanitize 2018-12-05 15:50:05 -08:00
Michiharu Ariza 72d8f76368 add minimized test case for oss-fuzz issue 11691 2018-12-05 15:49:11 -08:00
Behdad Esfahbod d9dabc00e9
Merge pull request from harfbuzz/cff-fixbcd
[CFF] fix oss-fuzz issue 11674: parse_bcd
2018-12-05 15:39:34 -08:00
Michiharu Ariza 6708c5595f fix oss-fuzz issue 11675 (ASSERT: count <= str.len)
Also added an additional error check to avail ()
2018-12-05 12:51:18 -08:00
Michiharu Ariza 010e2ddb38 minimized test case for oss-fuzz issue 11674 2018-12-05 12:23:58 -08:00
Ebrahim Byagowi 79e7e3445e
Merge pull request from harfbuzz/cff-fixcharset
[CFF] fix for oss-fuzz 11657: Charset overrun
2018-12-05 13:25:18 +03:30
Ebrahim Byagowi cf4b7db6b1
Merge pull request from harfbuzz/cff-leak
[CFF] fix leak: oss-fuzz 11662
2018-12-05 13:23:23 +03:30
Michiharu Ariza 32cc46c75a [CFF] fix oss-fuzz issue 11670: NULL dereference ()
* guard against no subr access

* code tweak

* add minimized testcase for oss-fuzz 11670 (Null deference)
2018-12-05 09:02:34 +03:30
Michiharu Ariza 78f639b8bf added minimized testcase for oss-fuzz issue 11657 2018-12-04 14:17:03 -08:00
Michiharu Ariza b61f74f69a added minimized test case for oss-fuzz issue 11662 2018-12-04 10:30:35 -08:00
Michiharu Ariza 9424e80526 added minimized test cases 2018-12-03 16:18:10 -08:00
Behdad Esfahbod 84efe0438e [aat] Fix division sign fallout
Happened after 11d2f49af8
since now nClasses is unsigned int...
2018-12-02 12:39:14 -05:00
Behdad Esfahbod 1204a247a5 [fuzzing] Add tests for previous commit
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11526
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11522
2018-11-24 09:49:21 -05:00
Behdad Esfahbod 2c8188bf59 [kerx] Make sure subtables are non-zero-length
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11400
2018-11-22 22:02:19 -05:00
Garret Rieger 8982830d3e [subset] add fuzzer testcase. 2018-11-22 21:30:01 -05:00
Behdad Esfahbod 5212cd8af2 [fuzzing] Add new test 2018-11-12 14:25:18 -05:00
Behdad Esfahbod d6666b3866 [fuzzing] Remove limited-edition build of libraries
Use normal, production, shared libraries.

Fixes https://github.com/harfbuzz/harfbuzz/issues/1237
2018-11-12 13:21:14 -05:00
Behdad Esfahbod a549aa14a0 [kerx] Protect against stack underflow
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11367
2018-11-12 13:02:39 -05:00
Behdad Esfahbod 752bd8a192 [kerx] Fix Format1 tupleKern sanitization
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11312
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11305
2018-11-10 21:13:32 -05:00
Behdad Esfahbod f9e0552deb [fuzzing] Make "make lib" faster and more usable 2018-11-10 21:06:56 -05:00
Behdad Esfahbod 3a9fa8c026 [qsort] Fix O(N^2) behavior if all array elements are the same
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11327

Reported as https://github.com/noporpoise/sort_r/issues/7
2018-11-10 01:58:26 -05:00
Behdad Esfahbod 0bf76154f1 [fuzzing] Take whatever text we can 2018-11-07 19:12:27 -05:00
Behdad Esfahbod 8790b2740a [fuzzing] Fix test 2018-11-06 10:24:54 -05:00
Behdad Esfahbod 3af0a7edd0 [fuzzing] Add make check-valgrind 2018-11-06 10:20:57 -05:00
Behdad Esfahbod 6482fda519 [fuzzing] Fuzz glyph-id etc in test-ot-face 2018-11-05 15:03:18 -05:00
Behdad Esfahbod bce437cf0b [test] Call test-ot-face.c test from hb-shape-fuzzer
Should increase coverage...
2018-11-04 02:53:25 -05:00
Ebrahim Byagowi c560ca9251
[fuzz] A new testcase 2018-11-03 13:03:36 +03:30
Behdad Esfahbod 69297bb216 [fuzzing] Call hb-ot-color API 2018-10-30 19:07:38 -07:00
Khaled Hosny 0af3d176a6 [sbix] Fix memory leak in early return
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11210
2018-10-30 17:05:28 +02:00
Behdad Esfahbod ad3cededdd [fuzzing] Make test runners less verbose 2018-10-29 22:53:16 -07:00
Behdad Esfahbod 12058e44d1 [fuzzing] Add more test 2018-10-26 21:22:26 -07:00
Ebrahim Byagowi 0229eaea29
[fuzz] Add a found hb-subset testcase 2018-10-22 10:51:37 +03:30
Ebrahim Byagowi 9b3461574f
[fuzz] Add more testcases
Fixed already but better to have anyway.

One didn't have minimized but it was only 164 B, so
2018-10-21 11:37:38 +03:30
Behdad Esfahbod 217a3728b4 [fuzzing] Add more font 2018-10-20 20:39:56 -07:00
Ebrahim Byagowi d39acc5a95
[fuzzing] Add new testcases 2018-10-20 12:20:30 +03:30
Ebrahim Byagowi 964ae32aac
Run valgrind on run-shape-fuzzer only when RUN_VALGRIND is set () 2018-10-20 07:39:18 +03:30
Ebrahim Byagowi b7cef8cb1d Enable valgrind and dedicate a bot to it 2018-10-19 09:39:36 +03:30
Ebrahim Byagowi bccd09d6c7 Minor, tweak spaces on hb-shape-fuzzer.cc 2018-10-19 09:39:36 +03:30
Ebrahim Byagowi fbf665b307
[fuzz] Add more found cases () 2018-10-19 08:09:53 +03:30
Behdad Esfahbod b9478e28ac Revert "[test] Remove not-fixed yet testcases ()"
This reverts commit 191eef823f.
2018-10-17 22:11:49 -07:00
Ebrahim Byagowi 191eef823f
[test] Remove not-fixed yet testcases ()
I added them but now that I think, it is a bad idea to have them as
fuzzing bots will find good seeds to tweak in order to find easy new
testcases which causes duplicated issues.
2018-10-18 08:04:18 +03:30
Ebrahim Byagowi 392e1f4ddd
[test/shape-fuzzer] fail on timeout and ubsan errors () 2018-10-18 07:42:20 +03:30
Ebrahim Byagowi 751c10e55e
[fuzz] Add more new testcases 2018-10-18 06:36:48 +03:30
Ebrahim Byagowi fd282eb328
[fuzz] Add a new testcase 2018-10-18 06:33:39 +03:30
Behdad Esfahbod 3341c7fbfb [fuzzing] Move fuzzing fonts from api/ here 2018-10-17 15:04:35 -07:00
Behdad Esfahbod 5842756b13 [fuzzing] Delete blink fuzzed data
These are text, not font.
2018-10-16 18:28:55 -07:00
Behdad Esfahbod ba42651608 Fix indent 2018-10-16 17:35:46 -07:00
Behdad Esfahbod c0c190c16a [fuzzing] Run tests against fuzzing fonts
Some disable.
2018-10-16 16:39:55 -07:00
Behdad Esfahbod 7b37705fb5 [fuzzing] Rename 2018-10-16 16:33:06 -07:00
Behdad Esfahbod 3676c685d4 [fuzzing] Move rest of fuzzing tests here 2018-10-16 16:32:26 -07:00
Behdad Esfahbod 49c041f7c5 Minor 2018-10-16 16:25:24 -07:00
Behdad Esfahbod 1147ce2392 [fuzzing] Add more tests 2018-10-16 16:18:32 -07:00
Behdad Esfahbod 98d4ad02b9 [fuzzing] One more 2018-10-16 15:17:31 -07:00
Behdad Esfahbod e6f267c3df [fuzzing] Add more clusterfuzz tests I had lying around 2018-10-16 15:16:20 -07:00
Ebrahim Byagowi e53206271d
Add all the fonts found by fuzzers to the repo () 2018-10-17 01:42:04 +03:30
Behdad Esfahbod 211cd3691b Remove remains of get-codepoint-fuzzer 2018-10-11 17:31:29 -04:00
Behdad Esfahbod 120ed02725 [fuzzing] Fold get-codepoints-fuzzer into subset-fuzzer 2018-10-11 17:08:12 -04:00
Behdad Esfahbod 1d995a340b Minor 2018-10-11 15:42:54 -04:00
Ebrahim Byagowi 4146c00caa
[test] Use an in-repo font for test-multithread ()
As Khaled's suggestion, hard-coded font paths was only for my own testing.
2018-10-03 21:26:58 +03:30
Ebrahim Byagowi 6353cc1f83
[circleci] Fix some of warnings from clang-everything bot ()
* -Wshift-sign-overflow
* -Wmissing-prototypes
2018-10-02 21:39:19 +03:30
Ebrahim Byagowi f72b748371
[circleci] Fix "msan" and "everything" bots () 2018-10-02 00:16:08 +03:30
Ebrahim Byagowi 0fa1edbd3b
[circleci] Couple of fixes ()
* Raise error on warnings on -everything
* Enable fontconfig to two bots
* Fix msan bot now that all of its real complain are gone
2018-10-01 09:40:29 +03:30
Behdad Esfahbod 93fe0faaee [subset] Clean up hb_subset_input_t API 2018-08-29 18:24:03 -07:00
Behdad Esfahbod f39166f0c0 [subset] Remove unused hb_subset_profile_t
We might reintroduce it later, but for now remove, as it was unused.
Some things that should have been in this object (drop_hints, etc)
are already in hb_subset_input_t.  So, for now, keep everything there.
2018-08-29 18:09:55 -07:00
Behdad Esfahbod dae39c58fb [face] Introduce character-map API
New API:
+hb_face_collect_unicodes
+hb_face_collect_variation_selectors
+hb_face_collect_variation_unicodes
2018-08-25 22:44:39 -07:00
Behdad Esfahbod d60c465627 Rename get_all_codepoints() to collect_unicodes() 2018-08-25 08:48:42 -07:00
Garret Rieger 37eab27be3 [subset] Add fuzzing of gsub closure to hb-subset-fuzzer. 2018-06-08 12:09:34 -06:00
Garret Rieger a070dfd333 [subset] Have the subset fuzzer pull the text string to subset to from the end of the fuzzer provided data. 2018-06-01 17:32:02 -06:00
Garret Rieger 3c97614598 [subset] In subset fuzzer run through drop hints and keep hints pathways. 2018-04-19 17:19:38 -06:00
Garret Rieger 1a309dcd72 [subset] Remove printf's from fuzzing targets. 2018-04-17 19:37:36 -06:00
Garret Rieger c02b40e58f [subset] add a fuzzer target for subset_get_all_codepoints method. () 2018-04-17 16:21:22 +02:00
Ebrahim Byagowi cab2c2c08c
Make more gen-* scripts py3 compatible () 2018-03-29 12:48:47 +04:30
Garret Rieger b5c7d6cffc [subset] Restore subset to hb-subset-fuzzer. 2018-03-19 16:06:17 -06:00
Garret Rieger 584693e0cb [subset] Test not linking libharfbuzz-subset-fuzzing into hb-subset-fuzzer. 2018-03-16 09:04:01 -07:00
Garret Rieger 3f9361fe7a [subset] Test hb-shape-fuzzer in run-subset-fuzzer-tests. 2018-03-16 09:04:01 -07:00
Garret Rieger ce368e0d05 [subset] make libharfbuzz-subset-fuzzing.la depend on lib target. 2018-03-16 09:04:01 -07:00
Garret Rieger 85a57029cd [subset] %d -> %zu 2018-03-16 09:04:01 -07:00
Garret Rieger 318eea5853 [subset] Add some more logging to hb-subset-fuzzer. 2018-03-16 09:04:01 -07:00
Garret Rieger 64bab8b3d0 [subset] Fix run-shape-fuzzer-tests.py. It was generating incorrect paths for input fonts. 2018-03-16 09:04:01 -07:00
Garret Rieger 6f9a584371 [subset] Add more verbose output for subset fuzzer test. 2018-03-16 09:04:01 -07:00
Garret Rieger 0ce0f87812 [subset] Rename hb-fuzzer -> hb-shape-fuzzer. 2018-03-16 09:04:01 -07:00
Garret Rieger 1e9bd6d5ff [subset] Add rub-subset-fuzzer-tests.py to dist files. 2018-03-16 09:04:01 -07:00
Garret Rieger 474afaafd9 [subset] Add a test runner for hb-subset-fuzzer and cmake build config. 2018-03-16 09:04:01 -07:00
Garret Rieger aa9612d35f [subset] Fix fuzzing build for hb-subset-fuzzer. 2018-03-16 09:04:01 -07:00
Garret Rieger b674fc1f9f [subset] Add missing destroy of subsetting result in subset fuzzer. 2018-03-16 09:04:01 -07:00
Garret Rieger 1beb08862e [subset] First pass at setting up a fuzzing program for hb-subset. 2018-03-16 09:04:01 -07:00
Chun-wei Fan eda6a5ea80 CMake: Fix running tests on Windows
For the API tests, output the test programs at $(TOP_BUILDDIR) so that
the freshly-built DLLs will be available for the test programs.  For
those that are run through the Python wrapper scripts, use
${PYTHON_EXECUTABLE} instead of plain 'python' in case the Python
interpreter is not in the PATH.
2018-03-13 20:17:58 +08:00
Ebrahim Byagowi b095ce59eb
Simplify hb-fuzzer output printing and fix ArchLinux bot 2018-02-19 11:58:20 +03:30
Behdad Esfahbod 44c65eee28 [test] Reorganize test suite
In anticipation of importing more test suites.
2018-01-10 02:50:49 +01:00
Behdad Esfahbod ebbee7c247 [test] Move test files around 2018-01-10 02:50:49 +01:00
Ebrahim Byagowi 72bec1cd09
Improve tests () 2018-01-05 12:42:20 +03:30
Ebrahim Byagowi 70807ad274
Fix make check issue on out-of-tree builds and test it () 2018-01-02 23:52:12 +03:30
Ebrahim Byagowi 4e3cf91af2
[cmake] Run rest of the tests on Windows () 2018-01-01 11:17:51 +03:30
Ebrahim Byagowi 2dbdeb1421
[cmake] Run fuzzing and shaping tests () 2017-12-29 23:13:29 +03:30
ebraminio 7c6937e7c7
Move all references of old url to the new address () 2017-11-20 14:49:22 -05:00
Behdad Esfahbod a0688e8e7b Ouch, finish previous change 2016-12-20 20:52:50 -06:00
Behdad Esfahbod de14c19d14 [fuzzer] Separate main() into a new file 2016-12-20 20:50:38 -06:00
Behdad Esfahbod 8c842e4a44 [hb-fuzzer] Get glyph extents for output glyphs
To exercise glyph-extents codepaths (glyf / CBLC+CBDT).
2016-12-04 20:28:38 -08:00
Behdad Esfahbod aa33cb72ab [fuzzing] Make test runner actually work 2016-02-19 15:12:53 +07:00
Behdad Esfahbod 2735555c6b [fuzzing] Add TODO item 2016-02-19 15:12:50 +07:00
Behdad Esfahbod 7e76bbabba [fuzzing] Make "make hb-fuzzer" build lib dependency
Not going to do with util/, but is convenient here.
2016-02-19 14:43:39 +07:00
Behdad Esfahbod 505b7d4732 [fuzzing] Fuzz input text
Very rudimentary right now, but will get kcc's bot going.

From
https://github.com/behdad/harfbuzz/issues/139#issuecomment-163580783
2016-01-11 18:31:04 +00:00
Behdad Esfahbod e8a27d7947 Don't build hb-fuzzer in "make", only "make check" 2016-01-07 22:52:16 +00:00
Behdad Esfahbod 7d75eee799 [fuzzing] Run fuzzing tests using hb-fuzzer as well 2015-11-19 12:15:05 -08:00
Behdad Esfahbod ec625f7dfb Try to fix gnome-continuous build fail 2015-11-18 16:37:59 -08:00
Behdad Esfahbod ff16ef3379 Enable building a bounded version of the library for fuzzing
test/fuzzing/hb-fuzzer links against libharfbuzz-fuzzing.so now.
2015-11-18 16:27:32 -08:00
Behdad Esfahbod a6d7668a95 [fuzzing] Cap max buffer len at 128 2015-11-06 09:46:54 -08:00
Behdad Esfahbod 4301703bdd Limit buffer max size growth
https://github.com/behdad/harfbuzz/issues/161
2015-11-05 23:44:59 -08:00
Behdad Esfahbod 19300183a6 [fuzzing] Add build system 2015-11-05 23:08:50 -08:00
Behdad Esfahbod 9c9ad214af [fuzzer] Add README
https://github.com/behdad/harfbuzz/issues/139#issuecomment-154202645
2015-11-05 22:50:52 -08:00
Behdad Esfahbod c1a5dc46c2 [fuzz] Add fuzzing script from kcc@
https://github.com/behdad/harfbuzz/issues/139
2015-10-12 17:39:52 -04:00