Commit 5edb548148a25ebcd187e96f97282d04bb2cd2eb
1 parent
99f3a7b5
Reduce Pl_DCT and Pl_Flate memory limits during fuzzing
Also, add additional qpdf_fuzzer test case.
Showing
5 changed files
with
5 additions
and
4 deletions
fuzz/CMakeLists.txt
fuzz/dct_fuzzer.cc
| ... | ... | @@ -30,7 +30,7 @@ FuzzHelper::doChecks() |
| 30 | 30 | // fuzzing is due to corrupt JPEG data which sometimes cannot be detected before |
| 31 | 31 | // jpeg_start_decompress is called. During normal use of qpdf very large JPEGs can occasionally |
| 32 | 32 | // occur legitimately and therefore must be allowed during normal operations. |
| 33 | - Pl_DCT::setMemoryLimit(1'000'000'000); | |
| 33 | + Pl_DCT::setMemoryLimit(200'000'000); | |
| 34 | 34 | |
| 35 | 35 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without |
| 36 | 36 | // exercising additional code paths in qpdf. | ... | ... |
fuzz/qpdf_extra/17630b.fuzz
0 → 100644
No preview for this file type
fuzz/qpdf_fuzzer.cc
| ... | ... | @@ -180,11 +180,11 @@ FuzzHelper::doChecks() |
| 180 | 180 | // fuzzing is due to corrupt JPEG data which sometimes cannot be detected before |
| 181 | 181 | // jpeg_start_decompress is called. During normal use of qpdf very large JPEGs can occasionally |
| 182 | 182 | // occur legitimately and therefore must be allowed during normal operations. |
| 183 | - Pl_DCT::setMemoryLimit(1'000'000'000); | |
| 183 | + Pl_DCT::setMemoryLimit(100'000'000); | |
| 184 | 184 | |
| 185 | 185 | Pl_PNGFilter::setMemoryLimit(1'000'000); |
| 186 | 186 | Pl_TIFFPredictor::setMemoryLimit(1'000'000); |
| 187 | - Pl_Flate::setMemoryLimit(10'000'000); | |
| 187 | + Pl_Flate::setMemoryLimit(1'000'000); | |
| 188 | 188 | |
| 189 | 189 | // Do not decompress corrupt data. This may cause extended runtime within jpeglib without |
| 190 | 190 | // exercising additional code paths in qpdf, and potentially causing counterproductive timeouts. | ... | ... |
fuzz/qtest/fuzz.test