fdo-mirrors/cairo
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/cairo/cairo.git synced 2026-05-18 02:28:06 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Change malloc to calloc. Randomize glyphs

Browse source
This commit is contained in:
Ceyhun Alp 2020-11-26 15:09:38 +00:00
parent 8c6d1628ed
commit 69c93dd259
3 changed files with 9 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
fuzzing/pdf_surface_fuzzer.c
View file

@ -11,7 +11,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
cairo_t *cr;
cairo_surface_t *surface;
cairo_status_t status;
int flags;
char *tmpfile = fuzzer_get_tmpfile(data, size);
surface = cairo_pdf_surface_create(tmpfile, WIDTH_IN_POINTS, HEIGHT_IN_POINTS);
@ -21,11 +20,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
return 0;
}
char *buf = (char *) malloc(size + 1);
char *buf = (char *) calloc(size + 1, sizeof(char));
memcpy(buf, data, size);
buf[size] = '\0';
flags = CAIRO_PDF_OUTLINE_FLAG_BOLD | CAIRO_PDF_OUTLINE_FLAG_OPEN;
cairo_pdf_surface_set_metadata(surface, CAIRO_PDF_METADATA_TITLE, buf);
cr = cairo_create(surface);
cairo_tag_begin(cr, buf, NULL);

2
fuzzing/raster_fuzzer.c
View file

@ -40,7 +40,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
w = cairo_image_surface_get_width(surface);
h = cairo_image_surface_get_height(surface);
char *buf = (char *) malloc(size + 1);
char *buf = (char *) calloc(size + 1, sizeof(char));
memcpy(buf, data, size);
buf[size] = '\0';

18
fuzzing/text_glyphs_fuzzer.c
View file

@ -1,22 +1,18 @@
#include <cairo.h>
#include "fuzzer_temp_file.h"
#define GLYPH_RANGE 9
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
if (size < GLYPH_RANGE) {
return 0;
}
cairo_t *cr;
cairo_surface_t *surface;
cairo_status_t status;
cairo_text_extents_t extents;
cairo_text_cluster_t cluster;
// Taken from test/text-glyph-range.c
long int index[] = {
0, /* 'no matching glyph' */
0xffff, /* kATSDeletedGlyphCode */
0x1ffff, /* out of range */
-1L, /* out of range */
70, 68, 76, 85, 82 /* 'cairo' */
};
char *tmpfile = fuzzer_get_tmpfile(data, size);
surface = cairo_image_surface_create_from_png(tmpfile);
status = cairo_surface_status(surface);
@ -25,7 +21,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
return 0;
}
char *buf = (char *) malloc(size + 1);
char *buf = (char *) calloc(size + 1, sizeof(char));
memcpy(buf, data, size);
buf[size] = '\0';
@ -36,7 +32,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
for (int i = 0; i < 9; i++) {
// Taken from test/text-glyph-range.c
cairo_glyph_t glyph = {
index[i], 10 * i, 25
(long int)data[i], 10 * i, 25
};
cairo_show_text_glyphs(cr, buf, size, &glyph, 1, &cluster, 1, 0);
}