From cb16c217b835871c560895509324baa9d1258d14 Mon Sep 17 00:00:00 2001 From: Tim Ledbetter Date: Sat, 21 Oct 2023 23:22:32 +0100 Subject: [PATCH] Tests: Add regression tests for fixed OSS-Fuzz test cases --- Tests/LibGfx/TestICCProfile.cpp | 13 +++ Tests/LibGfx/TestImageDecoder.cpp | 84 ++++++++++++++++++ .../bmp/oss-fuzz-testcase-62541.bmp | Bin 0 -> 138 bytes .../icc/oss-fuzz-testcase-60281.icc | Bin 0 -> 324 bytes .../ico/oss-fuzz-testcase-62541.ico | Bin 0 -> 138 bytes .../ico/oss-fuzz-testcase-63177.ico | Bin 0 -> 184 bytes .../ilbm/oss-fuzz-testcase-62033.iff | Bin 0 -> 20 bytes .../ilbm/oss-fuzz-testcase-63296.iff | Bin 0 -> 40 bytes .../jpg/oss-fuzz-testcase-59785.jpg | Bin 0 -> 26 bytes .../jpg/oss-fuzz-testcase-62584.jpg | Bin 0 -> 47 bytes .../png/oss-fuzz-testcase-62371.png | Bin 0 -> 2241 bytes .../png/oss-fuzz-testcase-63052.png | Bin 0 -> 512 bytes Tests/LibVideo/CMakeLists.txt | 4 + Tests/LibVideo/TestVP9Decode.cpp | 17 ++++ Tests/LibVideo/oss-fuzz-testcase-52630.vp9 | Bin 0 -> 75 bytes Tests/LibVideo/oss-fuzz-testcase-53977.vp9 | Bin 0 -> 64 bytes Tests/LibVideo/oss-fuzz-testcase-62054.vp9 | 1 + Tests/LibVideo/oss-fuzz-testcase-63182.vp9 | Bin 0 -> 32 bytes 18 files changed, 119 insertions(+) create mode 100644 Tests/LibGfx/test-inputs/bmp/oss-fuzz-testcase-62541.bmp create mode 100644 Tests/LibGfx/test-inputs/icc/oss-fuzz-testcase-60281.icc create mode 100644 Tests/LibGfx/test-inputs/ico/oss-fuzz-testcase-62541.ico create mode 100644 Tests/LibGfx/test-inputs/ico/oss-fuzz-testcase-63177.ico create mode 100644 Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-62033.iff create mode 100644 Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-63296.iff create mode 100644 Tests/LibGfx/test-inputs/jpg/oss-fuzz-testcase-59785.jpg create mode 100644 Tests/LibGfx/test-inputs/jpg/oss-fuzz-testcase-62584.jpg create mode 100644 Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-62371.png create mode 100644 Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-63052.png create mode 100644 Tests/LibVideo/oss-fuzz-testcase-52630.vp9 create mode 100644 Tests/LibVideo/oss-fuzz-testcase-53977.vp9 create mode 100644 Tests/LibVideo/oss-fuzz-testcase-62054.vp9 create mode 100644 Tests/LibVideo/oss-fuzz-testcase-63182.vp9 diff --git a/Tests/LibGfx/TestICCProfile.cpp b/Tests/LibGfx/TestICCProfile.cpp index 3dbf6cd108..a24b59eeb5 100644 --- a/Tests/LibGfx/TestICCProfile.cpp +++ b/Tests/LibGfx/TestICCProfile.cpp @@ -258,3 +258,16 @@ TEST_CASE(to_lab) EXPECT_APPROXIMATE_LAB(lab_from_sRGB(0, 255, 255), expected[6]); EXPECT_APPROXIMATE_LAB(lab_from_sRGB(255, 255, 255), expected[7]); } + +TEST_CASE(malformed_profile) +{ + Array test_inputs = { + TEST_INPUT("icc/oss-fuzz-testcase-60281.icc"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto profile_or_error = Gfx::ICC::Profile::try_load_from_externally_owned_memory(file->bytes()); + EXPECT(profile_or_error.is_error()); + } +} diff --git a/Tests/LibGfx/TestImageDecoder.cpp b/Tests/LibGfx/TestImageDecoder.cpp index 954fba2782..b0071da319 100644 --- a/Tests/LibGfx/TestImageDecoder.cpp +++ b/Tests/LibGfx/TestImageDecoder.cpp @@ -69,6 +69,21 @@ TEST_CASE(test_bmp_top_down) expect_single_frame(*plugin_decoder); } +TEST_CASE(test_ico_malformed_frame) +{ + Array test_inputs = { + TEST_INPUT("ico/oss-fuzz-testcase-62541.ico"sv), + TEST_INPUT("ico/oss-fuzz-testcase-63177.ico"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder = TRY_OR_FAIL(Gfx::ICOImageDecoderPlugin::create(file->bytes())); + auto frame_or_error = plugin_decoder->frame(0); + EXPECT(frame_or_error.is_error()); + } +} + TEST_CASE(test_gif) { auto file = MUST(Core::MappedFile::map(TEST_INPUT("download-animation.gif"sv))); @@ -121,6 +136,33 @@ TEST_CASE(test_ilbm_uncompressed) EXPECT_EQ(frame.image->get_pixel(8, 0), Gfx::Color(0xee, 0xbb, 0, 255)); } +TEST_CASE(test_ilbm_malformed_header) +{ + Array test_inputs = { + TEST_INPUT("ilbm/oss-fuzz-testcase-62033.iff"sv), + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder_or_error = Gfx::ILBMImageDecoderPlugin::create(file->bytes()); + EXPECT(plugin_decoder_or_error.is_error()); + } +} + +TEST_CASE(test_ilbm_malformed_frame) +{ + Array test_inputs = { + TEST_INPUT("ilbm/oss-fuzz-testcase-63296.iff"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder = TRY_OR_FAIL(Gfx::ILBMImageDecoderPlugin::create(file->bytes())); + auto frame_or_error = plugin_decoder->frame(0); + EXPECT(frame_or_error.is_error()); + } +} + TEST_CASE(test_jpeg_sof0_one_scan) { auto file = MUST(Core::MappedFile::map(TEST_INPUT("jpg/rgb24.jpg"sv))); @@ -211,6 +253,33 @@ TEST_CASE(test_jpeg_grayscale_with_app14) expect_single_frame_of_size(*plugin_decoder, { 80, 80 }); } +TEST_CASE(test_jpeg_malformed_header) +{ + Array test_inputs = { + TEST_INPUT("jpg/oss-fuzz-testcase-59785.jpg"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder_or_error = Gfx::JPEGImageDecoderPlugin::create(file->bytes()); + EXPECT(plugin_decoder_or_error.is_error()); + } +} + +TEST_CASE(test_jpeg_malformed_frame) +{ + Array test_inputs = { + TEST_INPUT("jpg/oss-fuzz-testcase-62584.jpg"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder = TRY_OR_FAIL(Gfx::JPEGImageDecoderPlugin::create(file->bytes())); + auto frame_or_error = plugin_decoder->frame(0); + EXPECT(frame_or_error.is_error()); + } +} + TEST_CASE(test_pbm) { auto file = MUST(Core::MappedFile::map(TEST_INPUT("pnm/buggie-raw.pbm"sv))); @@ -238,6 +307,21 @@ TEST_CASE(test_png) expect_single_frame(*plugin_decoder); } +TEST_CASE(test_png_malformed_frame) +{ + Array test_inputs = { + TEST_INPUT("png/oss-fuzz-testcase-62371.png"sv), + TEST_INPUT("png/oss-fuzz-testcase-63052.png"sv) + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + auto plugin_decoder = TRY_OR_FAIL(Gfx::PNGImageDecoderPlugin::create(file->bytes())); + auto frame_or_error = plugin_decoder->frame(0); + EXPECT(frame_or_error.is_error()); + } +} + TEST_CASE(test_ppm) { auto file = MUST(Core::MappedFile::map(TEST_INPUT("pnm/buggie-raw.ppm"sv))); diff --git a/Tests/LibGfx/test-inputs/bmp/oss-fuzz-testcase-62541.bmp b/Tests/LibGfx/test-inputs/bmp/oss-fuzz-testcase-62541.bmp new file mode 100644 index 0000000000000000000000000000000000000000..baa7a6a662cb6b6d9f06465d70f6a8bdc21ed2a1 GIT binary patch literal 138 zcmZQzU<5(Npc1CFOkeC77#PGD7#K7d7#R2&7#NrsK=LdM=ztR@z{tqJ%)k)lv)^5T z3o0hgz`&r;nc$bo%O%Cd0OBz*z~n$y896X2FnoAu(E6Fd0L1+F(4Z;N)5Q@0$d3ATeU|;|MFtP*m literal 0 HcmV?d00001 diff --git a/Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-63296.iff b/Tests/LibGfx/test-inputs/ilbm/oss-fuzz-testcase-63296.iff new file mode 100644 index 0000000000000000000000000000000000000000..e1390b3277c9e4265311bb2930e426ff39dfa8a2 GIT binary patch literal 40 ecmZ?s5Asz|P*Cvnaq@NY^>ATeU=RWE(J=s6X`lpQSJ3Njze!b!k1dwTr;@AD8@Gek=Ogu+L{f(zs` zeCqJXVF{3A1~~x+M(hEylM8=rYj6jG z3jrbn5L`YWCw{EK3^5uhqkcgTSBMG*1_oj*w*nPG43OA^YeZ+LK?Df84VnZniyS;< z3dCsQNc18Oq6-`rL#a^160ejcPDBzM;NqGlKBGzL#L2)Q!N|c3NkJeImbmdrFsS3u z!O#em$PPl(mLOB9l?g*!4Oo6GuhPB@GL)F?$N*{r;L48-+@M@vF(+Ap;g=6IZ$i=# Pha$sGUB6(5E+0JrEB$3s literal 0 HcmV?d00001 diff --git a/Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-63052.png b/Tests/LibGfx/test-inputs/png/oss-fuzz-testcase-63052.png new file mode 100644 index 0000000000000000000000000000000000000000..de20b63d23d67fdac584eb19d86afa3969348465 GIT binary patch literal 512 zcmeAS@N?(olHy`uVBq!ia0vp@3=FKN1lSlD7$YaDEoER})b@0745_&F_A(kgTfISp3Dpkj42$=3=E8HTn~7_5-yG*6AO~% zSd}{&LR?$p-FdaRq!<_&gadp+T(>hYh%hlQFoGQS>fUcD23c{27ewe|K-I^<$N-C2 RW{|O+0q(q92wPz81OPpk)pGy< literal 0 HcmV?d00001 diff --git a/Tests/LibVideo/CMakeLists.txt b/Tests/LibVideo/CMakeLists.txt index 3e154292fa..c2c4373b9e 100644 --- a/Tests/LibVideo/CMakeLists.txt +++ b/Tests/LibVideo/CMakeLists.txt @@ -12,3 +12,7 @@ install(FILES vp9_4k.webm DESTINATION usr/Tests/LibVideo) install(FILES vp9_clamp_reference_mvs.webm DESTINATION usr/Tests/LibVideo) install(FILES vp9_oob_blocks.webm DESTINATION usr/Tests/LibVideo) install(FILES master_elements_containing_crc32.mkv DESTINATION usr/Tests/LibVideo) +install(FILES oss-fuzz-testcase-52630.vp9 DESTINATION usr/Tests/LibVideo) +install(FILES oss-fuzz-testcase-53977.vp9 DESTINATION usr/Tests/LibVideo) +install(FILES oss-fuzz-testcase-62054.vp9 DESTINATION usr/Tests/LibVideo) +install(FILES oss-fuzz-testcase-63182.vp9 DESTINATION usr/Tests/LibVideo) diff --git a/Tests/LibVideo/TestVP9Decode.cpp b/Tests/LibVideo/TestVP9Decode.cpp index ac24e8b24e..d0fbb808c8 100644 --- a/Tests/LibVideo/TestVP9Decode.cpp +++ b/Tests/LibVideo/TestVP9Decode.cpp @@ -59,6 +59,23 @@ TEST_CASE(vp9_oob_blocks) decode_video("./vp9_oob_blocks.webm"sv, 240); } +TEST_CASE(vp9_malformed_frame) +{ + Array test_inputs = { + "./oss-fuzz-testcase-52630.vp9"sv, + "./oss-fuzz-testcase-53977.vp9"sv, + "./oss-fuzz-testcase-62054.vp9"sv, + "./oss-fuzz-testcase-63182.vp9"sv + }; + + for (auto test_input : test_inputs) { + auto file = MUST(Core::MappedFile::map(test_input)); + Video::VP9::Decoder vp9_decoder; + auto maybe_decoder_error = vp9_decoder.receive_sample(file->bytes()); + EXPECT(maybe_decoder_error.is_error()); + } +} + BENCHMARK_CASE(vp9_4k) { decode_video("./vp9_4k.webm"sv, 2); diff --git a/Tests/LibVideo/oss-fuzz-testcase-52630.vp9 b/Tests/LibVideo/oss-fuzz-testcase-52630.vp9 new file mode 100644 index 0000000000000000000000000000000000000000..7d6c1dabfe01ee6cfcb1e243b037e81d2b9a4f04 GIT binary patch literal 75 zcmdnE