walkero/harfbuzz
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
harfbuzz/test/fuzzing
History
Ebrahim Byagowi 269a120f13
[subset] Raise the bar in new vs old table size 
https://crbug.com/oss-fuzz/16740

This is actually an interesting thing that {h,v}mtx allocates as
much as a font pretends to have glyphs but the solution is not
that obvious as regular fonts can have less than actually containing
metrics in their {h,v}mtx. This change raises the bar to consider this
hmtx 4 byte for every glyph case.

Initially we wanted to just find things allocating crazy amount of
memory but having the assert has led to interesting findings also
so let's don't remove the assert and see what we can find elsewhere.
2019-08-25 20:37:00 +04:30
..
fonts
[subset] Raise the bar in new vs old table size
2019-08-25 20:37:00 +04:30
CMakeLists.txt
Remove remains of get-codepoint-fuzzer
2018-10-11 17:31:29 -04:00
hb-fuzzer.hh
[fuzzer] Separate main() into a new file
2016-12-20 20:50:38 -06:00
hb-shape-fuzzer.cc
test: Use nullptr in C++ code. (#1744)
2019-06-03 12:30:25 +04:30
hb-subset-fuzzer.cc
[fuzz] Don't fail when blob is empty
2019-07-11 14:31:55 +04:30
main.cc
[test] minor, fix -Weverything bot
2019-05-11 18:48:41 -04:00
Makefile.am
[valgrind] Use libtool and support run-subset-fuzzer-tests (#1668)
2019-04-28 11:54:07 -07:00
README
Move all references of old url to the new address (#622)
2017-11-20 14:49:22 -05:00
run-shape-fuzzer-tests.py
[ci][fuzzer] print valgrind failure if an error happened
2019-07-19 10:33:00 +04:30
run-subset-fuzzer-tests.py
Increase subset fuzzer timeout to 16s
2019-08-11 23:34:48 +04:30

README 

In order to build the fuzzer one needs to build HarfBuzz and
harfbuzz/test/fuzzing/hb-fuzzer.cc with:
  - Using the most recent Clang
  - With -fsanitize=address (or =undefined, or a combination)
  - With -fsanitize-coverage=edge[,8bit-counters,trace-cmp]
  - With various defines that limit worst case exponential behavior.
    See FUZZING_CPPFLAGS in harfbuzz/src/Makefile.am for the list.
  - link against libFuzzer

To run the fuzzer one needs to first obtain a test corpus as a directory
containing interesting fonts.  A good starting point is inside
harfbuzz/test/shaping/fonts/fonts/.
Then, run the fuzzer like this:
   ./hb-fuzzer -max_len=2048 CORPUS_DIR
Where max_len specifies the maximal length of font files to handle.
The smaller the faster.

For more details consult the following locations:
  - http://llvm.org/docs/LibFuzzer.html or
  - https://github.com/google/libfuzzer-bot/tree/master/harfbuzz
  - https://github.com/harfbuzz/harfbuzz/issues/139