Fix PDF fuzzers memory limit

This CL reduces the memory limit in pdf_codec_jbig2_fuzzer. Note that
MSAN requires the limit to be lower than the actual bot usage limit.
In the testcase, we get OOM just after CFX_DIBitmap::Create.

It also increases the limit in xfa_codec_fuzzer.h

Bug: 784155
Change-Id: I6fc8d9533ca7dc2b19bf84b9eac23284e05b1e6d
Reviewed-on: https://pdfium-review.googlesource.com/19571
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>

2 files changed, 3 insertions, 4 deletions

diff --git a/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc b/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc
index 9a2ebd2e32..ac3c5c3260 100644
--- a/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc
+++ b/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc
@@ -28,7 +28,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
   size -= kParameterSize;
   data += kParameterSize;
 
-  static constexpr uint32_t kMemLimit = 1024 * 1024 * 1024;  // 1 GB.
+  static constexpr uint32_t kMemLimit = 512000000;   // 512 MB
   static constexpr uint32_t k1bppRgbComponents = 4;  // From CFX_DIBitmap impl.
   FX_SAFE_UINT32 mem = width;
   mem *= height;
diff --git a/testing/libfuzzer/xfa_codec_fuzzer.h b/testing/libfuzzer/xfa_codec_fuzzer.h
index c7a16a8005..90706af9f4 100644
--- a/testing/libfuzzer/xfa_codec_fuzzer.h
+++ b/testing/libfuzzer/xfa_codec_fuzzer.h
@@ -17,9 +17,8 @@
 #include "testing/fx_string_testhelpers.h"
 #include "third_party/base/ptr_util.h"
 
-// Arbitrarily picked to support up to 1000x1000 images. This is far below where
-// OOM issues are occuring.
-const int kXFACodecFuzzerPixelLimit = 1000000;
+// Support up to 512 MB. This prevents trivial OOM when MSAN is on.
+const int kXFACodecFuzzerPixelLimit = 512000000;
 
 class XFACodecFuzzer {
  public: