[XL] Change in coreboot[main]: lib/jpeg: Replace decoder with Wuffs' implementation - coreboot-gerrit

12 Oct 2023


      Attention is currently required from: Martin L Roth, Patrick Georgi, Tim Wawrzynczak.
Nigel Tao has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/78271?usp=email )
Change subject: lib/jpeg: Replace decoder with Wuffs' implementation
......................................................................
Patch Set 2:
(1 comment)
Commit Message:
https://review.coreboot.org/c/coreboot/+/78271/comment/a8a9eec3_c81d7255 :
PS2, Line 28: inputs. No crashes or anything though, which is a notable improvement
You might want to impose some image/buffer length constraints in your fuzzer.
Wuffs' JPEG fuzzer uses "buffer size in bytes" constraints, at 64 MiB max for both work buffer and pixel buffer:
https://github.com/google/wuffs/blob/3eb4e3a6aa4bb41bde2c38dafbe650b252281ba...
https://github.com/google/wuffs/blob/3eb4e3a6aa4bb41bde2c38dafbe650b252281ba...
Coreboot's fuzzer could do something similar (in terms of buffer sizes) and/or constrain the image width and height in pixels.
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/78271?usp=email
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: If8fa7da69da1ad412f27c2c5e882393c7739bc82
Gerrit-Change-Number: 78271
Gerrit-PatchSet: 2
Gerrit-Owner: Patrick Georgi patrick@coreboot.org
Gerrit-Reviewer: Martin L Roth gaumless@gmail.com
Gerrit-Reviewer: Martin Roth martinroth@google.com
Gerrit-Reviewer: Stefan Reinauer stefan.reinauer@coreboot.org
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-Reviewer: ron minnich rminnich@gmail.com
Gerrit-CC: Nigel Tao nigeltao@golang.org
Gerrit-CC: Paul Menzel paulepanter@mailbox.org
Gerrit-CC: Tim Wawrzynczak inforichland@gmail.com
Gerrit-Attention: Patrick Georgi patrick@coreboot.org
Gerrit-Attention: Martin L Roth gaumless@gmail.com
Gerrit-Attention: Tim Wawrzynczak inforichland@gmail.com
Gerrit-Comment-Date: Thu, 12 Oct 2023 00:17:22 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Gerrit-MessageType: comment