From fee749f0a1419e300a49ef657106f580c43842c4 Mon Sep 17 00:00:00 2001 From: Nicolas Pena Date: Tue, 28 Nov 2017 15:17:27 +0000 Subject: Fix PDF fuzzers memory limit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This CL reduces the memory limit in pdf_codec_jbig2_fuzzer. Note that MSAN requires the limit to be lower than the actual bot usage limit. In the testcase, we get OOM just after CFX_DIBitmap::Create. It also increases the limit in xfa_codec_fuzzer.h Bug: 784155 Change-Id: I6fc8d9533ca7dc2b19bf84b9eac23284e05b1e6d Reviewed-on: https://pdfium-review.googlesource.com/19571 Commit-Queue: Nicolás Peña Moreno Reviewed-by: dsinclair --- testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc | 2 +- testing/libfuzzer/xfa_codec_fuzzer.h | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'testing') diff --git a/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc b/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc index 9a2ebd2e32..ac3c5c3260 100644 --- a/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc +++ b/testing/libfuzzer/pdf_codec_jbig2_fuzzer.cc @@ -28,7 +28,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { size -= kParameterSize; data += kParameterSize; - static constexpr uint32_t kMemLimit = 1024 * 1024 * 1024; // 1 GB. + static constexpr uint32_t kMemLimit = 512000000; // 512 MB static constexpr uint32_t k1bppRgbComponents = 4; // From CFX_DIBitmap impl. FX_SAFE_UINT32 mem = width; mem *= height; diff --git a/testing/libfuzzer/xfa_codec_fuzzer.h b/testing/libfuzzer/xfa_codec_fuzzer.h index c7a16a8005..90706af9f4 100644 --- a/testing/libfuzzer/xfa_codec_fuzzer.h +++ b/testing/libfuzzer/xfa_codec_fuzzer.h @@ -17,9 +17,8 @@ #include "testing/fx_string_testhelpers.h" #include "third_party/base/ptr_util.h" -// Arbitrarily picked to support up to 1000x1000 images. This is far below where -// OOM issues are occuring. -const int kXFACodecFuzzerPixelLimit = 1000000; +// Support up to 512 MB. This prevents trivial OOM when MSAN is on. +const int kXFACodecFuzzerPixelLimit = 512000000; class XFACodecFuzzer { public: -- cgit v1.2.3