diff --git a/Tests/LibGfx/TestICCProfile.cpp b/Tests/LibGfx/TestICCProfile.cpp index 3dbf6cd108..a24b59eeb5 100644 --- a/Tests/LibGfx/TestICCProfile.cpp +++ b/Tests/LibGfx/TestICCProfile.cpp @@ -258,3 +258,16 @@ TEST_CASE(to_lab) EXPECT_APPROXIMATE_LAB(lab_from_sRGB(0, 255, 255), expected[6]); EXPECT_APPROXIMATE_LAB(lab_from_sRGB(255, 255, 255), expected[7]); } + +TEST_CASE(malformed_profile) +{ + Array test_inputs = { + TEST_INPUT("icc/oss-fuzz-testcase-60281.icc"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto profile_or_error = Gfx::ICC::Profile::try_load_from_externally_owned_memory(file->bytes()); + EXPECT(profile_or_error.is_error()); + } +} diff --git a/Tests/LibGfx/TestImageDecoder.cpp b/Tests/LibGfx/TestImageDecoder.cpp index 954fba2782..b0071da319 100644 --- a/Tests/LibGfx/TestImageDecoder.cpp +++ b/Tests/LibGfx/TestImageDecoder.cpp @@ -69,6 +69,21 @@ TEST_CASE(test_bmp_top_down) expect_single_frame(*plugin_decoder); } +TEST_CASE(test_ico_malformed_frame) +{ + Array test_inputs = { + TEST_INPUT("ico/oss-fuzz-testcase-62541.ico"sv), + TEST_INPUT("ico/oss-fuzz-testcase-63177.ico"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder = TRY_OR_FAIL(Gfx::ICOImageDecoderPlugin::create(file->bytes())); + auto frame_or_error = plugin_decoder->frame(0); + EXPECT(frame_or_error.is_error()); + } +} + TEST_CASE(test_gif) { auto file = MUST(Core::MappedFile::map(TEST_INPUT("download-animation.gif"sv))); @@ -121,6 +136,33 @@ TEST_CASE(test_ilbm_uncompressed) EXPECT_EQ(frame.image->get_pixel(8, 0), Gfx::Color(0xee, 0xbb, 0, 255)); } +TEST_CASE(test_ilbm_malformed_header) +{ + Array test_inputs = { + TEST_INPUT("ilbm/oss-fuzz-testcase-62033.iff"sv), + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder_or_error = Gfx::ILBMImageDecoderPlugin::create(file->bytes()); + EXPECT(plugin_decoder_or_error.is_error()); + } +} + +TEST_CASE(test_ilbm_malformed_frame) +{ + Array test_inputs = { + TEST_INPUT("ilbm/oss-fuzz-testcase-63296.iff"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder = TRY_OR_FAIL(Gfx::ILBMImageDecoderPlugin::create(file->bytes())); + auto frame_or_error = plugin_decoder->frame(0); + EXPECT(frame_or_error.is_error()); + } +} + TEST_CASE(test_jpeg_sof0_one_scan) { auto file = MUST(Core::MappedFile::map(TEST_INPUT("jpg/rgb24.jpg"sv))); @@ -211,6 +253,33 @@ TEST_CASE(test_jpeg_grayscale_with_app14) expect_single_frame_of_size(*plugin_decoder, { 80, 80 }); } +TEST_CASE(test_jpeg_malformed_header) +{ + Array test_inputs = { + TEST_INPUT("jpg/oss-fuzz-testcase-59785.jpg"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder_or_error = Gfx::JPEGImageDecoderPlugin::create(file->bytes()); + EXPECT(plugin_decoder_or_error.is_error()); + } +} + +TEST_CASE(test_jpeg_malformed_frame) +{ + Array test_inputs = { + TEST_INPUT("jpg/oss-fuzz-testcase-62584.jpg"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder = TRY_OR_FAIL(Gfx::JPEGImageDecoderPlugin::create(file->bytes())); + auto frame_or_error = plugin_decoder->frame(0); + EXPECT(frame_or_error.is_error()); + } +} + TEST_CASE(test_pbm) { auto file = MUST(Core::MappedFile::map(TEST_INPUT("pnm/buggie-raw.pbm"sv))); @@ -238,6 +307,21 @@ TEST_CASE(test_png) expect_single_frame(*plugin_decoder); } +TEST_CASE(test_png_malformed_frame) +{ + Array test_inputs = { + TEST_INPUT("png/oss-fuzz-testcase-62371.png"sv), + TEST_INPUT("png/oss-fuzz-testcase-63052.png"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder = TRY_OR_FAIL(Gfx::PNGImageDecoderPlugin::create(file->bytes())); + auto frame_or_error = plugin_decoder->frame(0); + EXPECT(frame_or_error.is_error()); + } +} + TEST_CASE(test_ppm) { auto file = MUST(Core::MappedFile::map(TEST_INPUT("pnm/buggie-raw.ppm"sv))); diff --git a/Tests/LibGfx/test-inputs/bmp/oss-fuzz-testcase-62541.bmp b/Tests/LibGfx/test-inputs/bmp/oss-fuzz-testcase-62541.bmp new file mode 100644 index 0000000000..baa7a6a662 Binary files /dev/null and b/Tests/LibGfx/test-inputs/bmp/oss-fuzz-testcase-62541.bmp differ diff --git a/Tests/LibGfx/test-inputs/icc/oss-fuzz-testcase-60281.icc b/Tests/LibGfx/test-inputs/icc/oss-fuzz-testcase-60281.icc new file mode 100644 index 0000000000..017e0ccdee Binary files /dev/null and b/Tests/LibGfx/test-inputs/icc/oss-fuzz-testcase-60281.icc differ diff --git a/Tests/LibGfx/test-inputs/ico/oss-fuzz-testcase-62541.ico b/Tests/LibGfx/test-inputs/ico/oss-fuzz-testcase-62541.ico new file mode 100644 index 0000000000..baa7a6a662 Binary files /dev/null and b/Tests/LibGfx/test-inputs/ico/oss-fuzz-testcase-62541.ico differ diff --git a/Tests/LibGfx/test-inputs/ico/oss-fuzz-testcase-63177.ico b/Tests/LibGfx/test-inputs/ico/oss-fuzz-testcase-63177.ico new file mode 100644 index 0000000000..4d14a01ac4 Binary files /dev/null and b/Tests/LibGfx/test-inputs/ico/oss-fuzz-testcase-63177.ico differ diff --git a/Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-62033.iff b/Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-62033.iff new file mode 100644 index 0000000000..945902c57e Binary files /dev/null and b/Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-62033.iff differ diff --git a/Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-63296.iff b/Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-63296.iff new file mode 100644 index 0000000000..e1390b3277 Binary files /dev/null and b/Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-63296.iff differ diff --git a/Tests/LibGfx/test-inputs/jpg/oss-fuzz-testcase-59785.jpg b/Tests/LibGfx/test-inputs/jpg/oss-fuzz-testcase-59785.jpg new file mode 100644 index 0000000000..e97ea1b4ad Binary files /dev/null and b/Tests/LibGfx/test-inputs/jpg/oss-fuzz-testcase-59785.jpg differ diff --git a/Tests/LibGfx/test-inputs/jpg/oss-fuzz-testcase-62584.jpg b/Tests/LibGfx/test-inputs/jpg/oss-fuzz-testcase-62584.jpg new file mode 100644 index 0000000000..e33f853948 Binary files /dev/null and b/Tests/LibGfx/test-inputs/jpg/oss-fuzz-testcase-62584.jpg differ diff --git a/Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-62371.png b/Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-62371.png new file mode 100644 index 0000000000..e8c5ac4b70 Binary files /dev/null and b/Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-62371.png differ diff --git a/Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-63052.png b/Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-63052.png new file mode 100644 index 0000000000..de20b63d23 Binary files /dev/null and b/Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-63052.png differ diff --git a/Tests/LibVideo/CMakeLists.txt b/Tests/LibVideo/CMakeLists.txt index 3e154292fa..c2c4373b9e 100644 --- a/Tests/LibVideo/CMakeLists.txt +++ b/Tests/LibVideo/CMakeLists.txt @@ -12,3 +12,7 @@ install(FILES vp9_4k.webm DESTINATION usr/Tests/LibVideo) install(FILES vp9_clamp_reference_mvs.webm DESTINATION usr/Tests/LibVideo) install(FILES vp9_oob_blocks.webm DESTINATION usr/Tests/LibVideo) install(FILES master_elements_containing_crc32.mkv DESTINATION usr/Tests/LibVideo) +install(FILES oss-fuzz-testcase-52630.vp9 DESTINATION usr/Tests/LibVideo) +install(FILES oss-fuzz-testcase-53977.vp9 DESTINATION usr/Tests/LibVideo) +install(FILES oss-fuzz-testcase-62054.vp9 DESTINATION usr/Tests/LibVideo) +install(FILES oss-fuzz-testcase-63182.vp9 DESTINATION usr/Tests/LibVideo) diff --git a/Tests/LibVideo/TestVP9Decode.cpp b/Tests/LibVideo/TestVP9Decode.cpp index ac24e8b24e..d0fbb808c8 100644 --- a/Tests/LibVideo/TestVP9Decode.cpp +++ b/Tests/LibVideo/TestVP9Decode.cpp @@ -59,6 +59,23 @@ TEST_CASE(vp9_oob_blocks) decode_video("./vp9_oob_blocks.webm"sv, 240); } +TEST_CASE(vp9_malformed_frame) +{ + Array test_inputs = { + "./oss-fuzz-testcase-52630.vp9"sv, + "./oss-fuzz-testcase-53977.vp9"sv, + "./oss-fuzz-testcase-62054.vp9"sv, + "./oss-fuzz-testcase-63182.vp9"sv + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + Video::VP9::Decoder vp9_decoder; + auto maybe_decoder_error = vp9_decoder.receive_sample(file->bytes()); + EXPECT(maybe_decoder_error.is_error()); + } +} + BENCHMARK_CASE(vp9_4k) { decode_video("./vp9_4k.webm"sv, 2); diff --git a/Tests/LibVideo/oss-fuzz-testcase-52630.vp9 b/Tests/LibVideo/oss-fuzz-testcase-52630.vp9 new file mode 100644 index 0000000000..7d6c1dabfe Binary files /dev/null and b/Tests/LibVideo/oss-fuzz-testcase-52630.vp9 differ diff --git a/Tests/LibVideo/oss-fuzz-testcase-53977.vp9 b/Tests/LibVideo/oss-fuzz-testcase-53977.vp9 new file mode 100644 index 0000000000..b31fed77a9 Binary files /dev/null and b/Tests/LibVideo/oss-fuzz-testcase-53977.vp9 differ diff --git a/Tests/LibVideo/oss-fuzz-testcase-62054.vp9 b/Tests/LibVideo/oss-fuzz-testcase-62054.vp9 new file mode 100644 index 0000000000..e6c52d8c43 --- /dev/null +++ b/Tests/LibVideo/oss-fuzz-testcase-62054.vp9 @@ -0,0 +1 @@ +‚IƒBÿ \ No newline at end of file diff --git a/Tests/LibVideo/oss-fuzz-testcase-63182.vp9 b/Tests/LibVideo/oss-fuzz-testcase-63182.vp9 new file mode 100644 index 0000000000..cfe8b9ae09 Binary files /dev/null and b/Tests/LibVideo/oss-fuzz-testcase-63182.vp9 differ