kc3-lang/harfbuzz/test/fuzzing

Diff

  • Show log

    Commit

  • Hash : 03085132
    Author : Behdad Esfahbod
    Date : 2022-03-21T18:06:33 

    [buffer] Fix out-buffer under memory-alloc failure

This was broken in July refactoring of the buffer, and exposed to
ReverseChainSingleSubstFormat1 in 3807061d634b60bd6235d6e1d8c47a034377f924

Fixes:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38800
https://bugs.chromium.org/p/chromium/issues/detail?id=1303552

  • Properties

  • Git HTTP https://git.kmx.io/kc3-lang/harfbuzz.git
    Git SSH git@git.kmx.io:kc3-lang/harfbuzz.git
    Public access ? public
    Description

    HarfBuzz text shaping engine
    Users
    		 thodg_m kc3_lang_org thodg_w www_kmx_io thodg_l thodg
    Tags

  • README

  • In order to build the fuzzer one needs to build HarfBuzz and
harfbuzz/test/fuzzing/hb-fuzzer.cc with:
  - Using the most recent Clang
  - With -fsanitize=address (or =undefined, or a combination)
  - With -fsanitize-coverage=edge[,8bit-counters,trace-cmp]
  - With various defines that limit worst case exponential behavior.
    See FUZZING_CPPFLAGS in harfbuzz/src/Makefile.am for the list.
  - link against libFuzzer

To run the fuzzer one needs to first obtain a test corpus as a directory
containing interesting fonts.  A good starting point is inside
harfbuzz/test/shaping/fonts/fonts/.
Then, run the fuzzer like this:
   ./hb-fuzzer -max_len=2048 CORPUS_DIR
Where max_len specifies the maximal length of font files to handle.
The smaller the faster.

For more details consult the following locations:
  - http://llvm.org/docs/LibFuzzer.html or
  - https://github.com/google/libfuzzer-bot/tree/master/harfbuzz
  - https://github.com/harfbuzz/harfbuzz/issues/139

kmx.io     mail     discord kmxgit v0.4.0