[coreboot-gerrit] New patch to review for coreboot: util/fuzz-tests: Add jpeg.c fuzzer
Patrick Georgi (pgeorgi@google.com)
gerrit at coreboot.org
Tue Oct 27 22:21:23 CET 2015
Patrick Georgi (pgeorgi at google.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/12183
-gerrit
commit 3855cd7b447d422d06f19640f2d5115e106c40ca
Author: Patrick Georgi <patrick at georgi-clan.de>
Date: Sun Aug 9 18:30:44 2015 +0200
util/fuzz-tests: Add jpeg.c fuzzer
Change-Id: I10e5ef3a426b9c74c288d7232a6d11a1ca59833b
Signed-off-by: Patrick Georgi <patrick at georgi-clan.de>
---
util/fuzz-tests/Makefile | 5 +++++
util/fuzz-tests/jpeg-test-cases/coreboot.jpg | Bin 0 -> 711 bytes
util/fuzz-tests/jpeg-test-cases/coreboot_2.jpg | Bin 0 -> 285 bytes
util/fuzz-tests/jpeg-test.c | 30 +++++++++++++++++++++++++
4 files changed, 35 insertions(+)
diff --git a/util/fuzz-tests/Makefile b/util/fuzz-tests/Makefile
new file mode 100644
index 0000000..e97643f
--- /dev/null
+++ b/util/fuzz-tests/Makefile
@@ -0,0 +1,5 @@
+all:
+ afl-gcc -g -m32 -I ../../src/lib -o jpeg-test jpeg-test.c ../../src/lib/jpeg.c
+
+run:
+ afl-fuzz -i jpeg-test-cases -o jpeg-results ./jpeg-test @@
diff --git a/util/fuzz-tests/jpeg-test-cases/coreboot.jpg b/util/fuzz-tests/jpeg-test-cases/coreboot.jpg
new file mode 100644
index 0000000..018a3f0
Binary files /dev/null and b/util/fuzz-tests/jpeg-test-cases/coreboot.jpg differ
diff --git a/util/fuzz-tests/jpeg-test-cases/coreboot_2.jpg b/util/fuzz-tests/jpeg-test-cases/coreboot_2.jpg
new file mode 100644
index 0000000..8f57a22
Binary files /dev/null and b/util/fuzz-tests/jpeg-test-cases/coreboot_2.jpg differ
diff --git a/util/fuzz-tests/jpeg-test.c b/util/fuzz-tests/jpeg-test.c
new file mode 100644
index 0000000..928055f
--- /dev/null
+++ b/util/fuzz-tests/jpeg-test.c
@@ -0,0 +1,30 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include "jpeg.h"
+
+const int depth = 16;
+
+int main(int argc, char** argv)
+{
+ FILE *f = fopen(argv[1], "rb");
+ unsigned long len;
+
+ if (!f) return 1;
+ if (fseek(f, 0, SEEK_END) != 0) return 1;
+ len = ftell(f);
+ if (fseek(f, 0, SEEK_SET) != 0) return 1;
+
+ char *buf = malloc(len);
+ struct jpeg_decdata *decdata= malloc(sizeof(*decdata));
+ if (fread(buf, len, 1, f) != 1) return 1;
+ fclose(f);
+
+ int width;
+ int height;
+ jpeg_fetch_size(buf, &width, &height);
+ //printf("width: %d, height: %d\n", width, height);
+ char *pic = malloc(depth/8*width*height);
+ int ret = jpeg_decode(buf, pic, width, height, depth, decdata);
+ //printf("ret: %x\n", ret);
+ return ret;
+}
More information about the coreboot-gerrit
mailing list