walkero
/
harfbuzz
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
harfbuzz/test/fuzzing
History
Michiharu Ariza 5ab50eebd7
collect_unicodes() with clamp, calling add_range() 
Use add_range instead an inner loop, clamp its input number by
number of glyphs a face has.

Even the face cmap12 and 13 have 32-bit hb_codepoint_t, which is here
used to make timeout, face's maxp has 16-bit gid limitation at least for now,
using that makes sure we both fix and the timeout and don't need to change
much things here also in order to support 32-bit gids also someday.

Fixes #2204
 		2020-02-29 13:02:29 +03:30
..
fonts collect_unicodes() with clamp, calling add_range() 2020-02-29 13:02:29 +03:30
sets [fuzz] minor, move two fuzzer cases to their correct place 2020-02-12 19:17:18 +03:30
CMakeLists.txt Remove remains of get-codepoint-fuzzer 2018-10-11 17:31:29 -04:00
Makefile.am [draw] Add fuzzer runner 2020-02-28 19:57:56 +03:30
README Move all references of old url to the new address (#622) 2017-11-20 14:49:22 -05:00
hb-draw-fuzzer.cc minor 2020-02-26 16:36:48 +03:30
hb-fuzzer.hh [fuzzer] Separate main() into a new file 2016-12-20 20:50:38 -06:00
hb-set-fuzzer.cc [fuzz] minor style fixes 2020-02-12 19:30:31 +03:30
hb-shape-fuzzer.cc [fuzz] Practice variations on font object 2020-02-25 21:16:57 +03:30
hb-subset-fuzzer.cc [fuzz] Don't fail when blob is empty 2019-07-11 14:31:55 +04:30
main.cc [fuzz] minor don't abort main.cc when the file was empty or not found 2020-02-26 16:15:17 +03:30
run-draw-fuzzer-tests.py [draw] Add fuzzer runner 2020-02-28 19:57:56 +03:30
run-shape-fuzzer-tests.py Remove python2 support from tests/utils scripts 2020-02-19 16:17:45 +03:30
run-subset-fuzzer-tests.py Remove python2 support from tests/utils scripts 2020-02-19 16:17:45 +03:30

README 

In order to build the fuzzer one needs to build HarfBuzz and
harfbuzz/test/fuzzing/hb-fuzzer.cc with:
  - Using the most recent Clang
  - With -fsanitize=address (or =undefined, or a combination)
  - With -fsanitize-coverage=edge[,8bit-counters,trace-cmp]
  - With various defines that limit worst case exponential behavior.
    See FUZZING_CPPFLAGS in harfbuzz/src/Makefile.am for the list.
  - link against libFuzzer

To run the fuzzer one needs to first obtain a test corpus as a directory
containing interesting fonts.  A good starting point is inside
harfbuzz/test/shaping/fonts/fonts/.
Then, run the fuzzer like this:
   ./hb-fuzzer -max_len=2048 CORPUS_DIR
Where max_len specifies the maximal length of font files to handle.
The smaller the faster.

For more details consult the following locations:
  - http://llvm.org/docs/LibFuzzer.html or
  - https://github.com/google/libfuzzer-bot/tree/master/harfbuzz
  - https://github.com/harfbuzz/harfbuzz/issues/139