diff options
author | Nicolas Pena <npm@chromium.org> | 2017-11-28 15:17:27 +0000 |
---|---|---|
committer | Chromium commit bot <commit-bot@chromium.org> | 2017-11-28 15:17:27 +0000 |
commit | fee749f0a1419e300a49ef657106f580c43842c4 (patch) | |
tree | 8988e8dbd782553b307c90b23e41a111bf3b9e15 /testing/libfuzzer | |
parent | e82af1a845c13f16972ab9ea10ae8caf00d54d5a (diff) | |
download | pdfium-fee749f0a1419e300a49ef657106f580c43842c4.tar.xz |
Fix PDF fuzzers memory limit
This CL reduces the memory limit in pdf_codec_jbig2_fuzzer. Note that
MSAN requires the limit to be lower than the actual bot usage limit.
In the testcase, we get OOM just after CFX_DIBitmap::Create.
It also increases the limit in xfa_codec_fuzzer.h
Bug: 784155
Change-Id: I6fc8d9533ca7dc2b19bf84b9eac23284e05b1e6d
Reviewed-on: https://pdfium-review.googlesource.com/19571
Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Diffstat (limited to 'testing/libfuzzer')
-rw-r--r-- | testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc | 2 | ||||
-rw-r--r-- | testing/libfuzzer/xfa_codec_fuzzer.h | 5 |
2 files changed, 3 insertions, 4 deletions
diff --git a/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc b/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc index 9a2ebd2e32..ac3c5c3260 100644 --- a/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc +++ b/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc @@ -28,7 +28,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { size -= kParameterSize; data += kParameterSize; - static constexpr uint32_t kMemLimit = 1024 * 1024 * 1024; // 1 GB. + static constexpr uint32_t kMemLimit = 512000000; // 512 MB static constexpr uint32_t k1bppRgbComponents = 4; // From CFX_DIBitmap impl. FX_SAFE_UINT32 mem = width; mem *= height; diff --git a/testing/libfuzzer/xfa_codec_fuzzer.h b/testing/libfuzzer/xfa_codec_fuzzer.h index c7a16a8005..90706af9f4 100644 --- a/testing/libfuzzer/xfa_codec_fuzzer.h +++ b/testing/libfuzzer/xfa_codec_fuzzer.h @@ -17,9 +17,8 @@ #include "testing/fx_string_testhelpers.h" #include "third_party/base/ptr_util.h" -// Arbitrarily picked to support up to 1000x1000 images. This is far below where -// OOM issues are occuring. -const int kXFACodecFuzzerPixelLimit = 1000000; +// Support up to 512 MB. This prevents trivial OOM when MSAN is on. +const int kXFACodecFuzzerPixelLimit = 512000000; class XFACodecFuzzer { public: |