kc3-lang/harfbuzz/test/fuzzing/fonts

---

test/fuzzing/fonts

---

Log

Author	Commit	Date	CI	Message
	875985cd	2019-08-29T14:51:22		[subset] Don't allow malicious fonts to insert unlimited table headers Fixes https://crbug.com/oss-fuzz/16810
	269a120f	2019-08-25T20:37:00		[subset] Raise the bar in new vs old table size https://crbug.com/oss-fuzz/16740 This is actually an interesting thing that {h,v}mtx allocates as much as a font pretends to have glyphs but the solution is not that obvious as regular fonts can have less than actually containing metrics in their {h,v}mtx. This change raises the bar to consider this hmtx 4 byte for every glyph case. Initially we wanted to just find things allocating crazy amount of memory but having the assert has led to interesting findings also so let's don't remove the assert and see what we can find elsewhere.
	28aba780	2019-08-23T16:47:15		[subset] Fix blob leak of _subset2 when returns early Fixes https://crbug.com/oss-fuzz/16639
	b65bad18	2019-07-11T14:31:55		[fuzz] Don't fail when blob is empty And enable more tests able to trig the issue.
	8341c0b3	2019-06-27T08:43:31		add test case file
	90872a29	2019-06-11T12:28:30		change assert(false) to failure
	65e66a2d	2019-06-03T16:31:41		added test data
	e1a5ce6a	2019-05-24T10:58:52		Fix fuzzer crash testcase Add a check for stringOffSet(uint16) overflow, return early if overflow happens
	9ef241cd	2019-05-20T11:38:02		[test] Add one more
	3efb7af7	2019-05-20T11:37:16		[STAT] Fix sanitize condition Oops! Fixes https://oss-fuzz.com/testcase-detail/5696825891225600
	25a5b287	2019-05-10T16:01:39		Fix sanitize fail of extension sublookups Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=960331
	df237d2f	2019-05-08T14:17:14		[test] Add https://crbug.com/oss-fuzz/14641 testcase As 503748d fix
	62c6e170	2019-04-28T10:55:07		[test] Add crbug.com/oss-fuzz/14474 testcase Fixed at 6977a95f
	ba038606	2019-04-18T14:53:35		fix oss-fuzz issue 14345
	ec2a5dc8	2019-03-26T16:18:03		Use class templates for Null objects This allows partial-instantiating custom Null object for template Lookup<T>. Before, this had to be handcoded per instantiation. Apparently I missed adding one for AAT::ankr.lookupTable, so it was getting the wrong (generic) null for Lookup object, which is wrong and unsafe. Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=944346
	bcb4e505	2019-03-15T13:46:25		cff2 subset fuzzer issues (#1619) * add check to FDArray::serialize * add test files * fix off by one
	6879efc2	2019-01-17T14:06:37		[AAT] Fix anchor bound checking, again Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12532 Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=922303
	91d77471	2019-01-14T15:31:31		[test] Add test for previous commit
	7a6686a5	2019-01-14T15:09:14		[AAT] Fix mort ContextualSubtable offset access Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12312
	a3fa7d33	2019-01-14T14:37:36		[AAT] Fix ankr table access Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=918340
	798e98c4	2018-12-12T18:08:15		[CFF] bad offset in Index (#1476) * Update hb-ot-cff-common.hh * fix bug * bummer fix wasn't hit. refix * additional sanity check * Added test cases for oss-fuzz issues 11805, 11806
	bcb4ecaf	2018-12-12T17:36:01		[CFF] check out of range FD index (#1477) * add fd index checks to subr subsetter also added oss-fuzz test case * undid SubrSubsetParam::is_valid because already validated by SubrClosures.valid
	2941208f	2018-12-11T12:21:24		[CFF] oss-fuzz issue 11690 ASSERT: substr.offset >= opStart (#1461) * fix oss-fuzz 11690: substr.offset >= opStart detect recursive subroutine call & handle as error * fix build failure * add minimized test case for oss-fuzz 11690 * removed asserts
	ae087d10	2018-12-05T21:47:34		add minimized test case for oss-fuzz issue 11714
	f95324a3	2018-12-06T08:33:44		Merge pull request #1457 from harfbuzz/cff-varstore-sanitize [CFF] oss-fuzz issue 11713 (CFF2VariationStore::serialize)
	9d8f3b0d	2018-12-05T17:14:51		add minimized test case for oss-fuzz issue 11713
	34e3ef8f	2018-12-05T15:50:05		Merge branch 'master' into cff-subr-sanitize
	72d8f763	2018-12-05T15:49:11		add minimized test case for oss-fuzz issue 11691
	d9dabc00	2018-12-05T15:39:34		Merge pull request #1454 from harfbuzz/cff-fixbcd [CFF] fix oss-fuzz issue 11674: parse_bcd
	6708c559	2018-12-05T12:51:18		fix oss-fuzz issue 11675 (ASSERT: count <= str.len) Also added an additional error check to avail ()
	010e2ddb	2018-12-05T12:23:58		minimized test case for oss-fuzz issue 11674
	79e7e344	2018-12-05T13:25:18		Merge pull request #1449 from harfbuzz/cff-fixcharset [CFF] fix for oss-fuzz 11657: Charset overrun
	cf4b7db6	2018-12-05T13:23:23		Merge pull request #1448 from harfbuzz/cff-leak [CFF] fix leak: oss-fuzz 11662
	32cc46c7	2018-12-04T21:32:34		[CFF] fix oss-fuzz issue 11670: NULL dereference (#1450) * guard against no subr access * code tweak * add minimized testcase for oss-fuzz 11670 (Null deference)
	78f639b8	2018-12-04T14:17:03		added minimized testcase for oss-fuzz issue 11657
	b61f74f6	2018-12-04T10:30:35		added minimized test case for oss-fuzz issue 11662
	9424e805	2018-12-03T16:18:10		added minimized test cases
	84efe043	2018-12-02T12:38:53		[aat] Fix division sign fallout Happened after 11d2f49af8f53340134c844173f4d8655b00dea3 since now nClasses is unsigned int...
	1204a247	2018-11-24T09:49:21		[fuzzing] Add tests for previous commit Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11526 Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11522
	2c8188bf	2018-11-22T22:02:19		[kerx] Make sure subtables are non-zero-length Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11400
	8982830d	2018-11-19T13:00:24		[subset] add fuzzer testcase.
	5212cd8a	2018-11-12T14:25:18		[fuzzing] Add new test
	a549aa14	2018-11-12T13:01:22		[kerx] Protect against stack underflow Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11367
	752bd8a1	2018-11-10T21:13:13		[kerx] Fix Format1 tupleKern sanitization Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11312 Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11305
	3a9fa8c0	2018-11-10T01:56:37		[qsort] Fix O(N^2) behavior if all array elements are the same Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11327 Reported as https://github.com/noporpoise/sort_r/issues/7
	c560ca92	2018-11-03T13:03:36		[fuzz] A new testcase
	0af3d176	2018-10-30T17:05:28		[sbix] Fix memory leak in early return Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11210
	12058e44	2018-10-26T16:23:50		[fuzzing] Add more test
	0229eaea	2018-10-22T10:51:37		[fuzz] Add a found hb-subset testcase
	9b346157	2018-10-21T11:37:38		[fuzz] Add more testcases Fixed already but better to have anyway. One didn't have minimized but it was only 164 B, so
	217a3728	2018-10-20T20:39:56		[fuzzing] Add more font
	d39acc5a	2018-10-20T12:20:30		[fuzzing] Add new testcases
	fbf665b3	2018-10-19T08:09:53		[fuzz] Add more found cases (#1275)
	b9478e28	2018-10-17T21:52:14		Revert "[test] Remove not-fixed yet testcases (#1268)" This reverts commit 191eef823fe95355425621f8e002dfe7fe632383.
	191eef82	2018-10-18T08:04:18		[test] Remove not-fixed yet testcases (#1268) I added them but now that I think, it is a bad idea to have them as fuzzing bots will find good seeds to tweak in order to find easy new testcases which causes duplicated issues.
	751c10e5	2018-10-18T06:36:48		[fuzz] Add more new testcases
	fd282eb3	2018-10-18T06:33:39		[fuzz] Add a new testcase
	3341c7fb	2018-10-17T15:04:35		[fuzzing] Move fuzzing fonts from api/ here
	5842756b	2018-10-16T18:28:55		[fuzzing] Delete blink fuzzed data These are text, not font.
	7b37705f	2018-10-16T16:33:06		[fuzzing] Rename
	3676c685	2018-10-16T16:32:26		[fuzzing] Move rest of fuzzing tests here
	1147ce23	2018-10-16T16:18:32		[fuzzing] Add more tests
	e6f267c3	2018-10-16T15:16:20		[fuzzing] Add more clusterfuzz tests I had lying around
	e5320627	2018-10-17T01:42:04		Add all the fonts found by fuzzers to the repo (#1258)