summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorkcwu <kcwu@chromium.org>2016-09-22 10:30:18 -0700
committerCommit bot <commit-bot@chromium.org>2016-09-22 10:30:18 -0700
commitda4bd1099d3566bc7f68a036eef091b07a8d873a (patch)
treeac536daebf85bbbc62edf68bc42c2442fda071de
parent577ad2c9ea89c721ee1dbb89d1f7e12bb8c333f7 (diff)
downloadpdfium-da4bd1099d3566bc7f68a036eef091b07a8d873a.tar.xz
Add fuzzer for icc codec
Review-Url: https://codereview.chromium.org/2362623002
-rw-r--r--testing/libfuzzer/BUILD.gn15
-rw-r--r--testing/libfuzzer/pdf_codec_icc_fuzzer.cc25
2 files changed, 40 insertions, 0 deletions
diff --git a/testing/libfuzzer/BUILD.gn b/testing/libfuzzer/BUILD.gn
index 6ffa6665e7..a872901e77 100644
--- a/testing/libfuzzer/BUILD.gn
+++ b/testing/libfuzzer/BUILD.gn
@@ -169,6 +169,21 @@ source_set("pdf_codec_fax_fuzzer") {
]
}
+source_set("pdf_codec_icc_fuzzer") {
+ testonly = true
+ sources = [
+ "pdf_codec_icc_fuzzer.cc",
+ ]
+ deps = [
+ "//third_party/pdfium:pdfium",
+ ]
+ configs -= [ "//build/config/compiler:chromium_code" ]
+ configs += [
+ "//build/config/compiler:no_chromium_code",
+ ":libfuzzer_config",
+ ]
+}
+
source_set("pdf_jpx_fuzzer") {
testonly = true
sources = [
diff --git a/testing/libfuzzer/pdf_codec_icc_fuzzer.cc b/testing/libfuzzer/pdf_codec_icc_fuzzer.cc
new file mode 100644
index 0000000000..d7bfdba0cf
--- /dev/null
+++ b/testing/libfuzzer/pdf_codec_icc_fuzzer.cc
@@ -0,0 +1,25 @@
+// Copyright 2016 The PDFium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <cstdint>
+
+#include "core/fxcodec/codec/ccodec_iccmodule.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ CCodec_IccModule icc_module;
+ uint32_t nComponent = 0;
+ void* transform = icc_module.CreateTransform_sRGB(data, size, nComponent);
+
+ if (transform) {
+ FX_FLOAT src[4];
+ FX_FLOAT dst[4];
+ for (int i = 0; i < 4; i++)
+ src[i] = 0.5f;
+ icc_module.SetComponents(nComponent);
+ icc_module.Translate(transform, src, dst);
+ icc_module.DestroyTransform(transform);
+ }
+
+ return 0;
+}