Merge pull request #1225 from m-holger/fuzz4

Limit memory used for JPEG decompression during fuzzing

Merge pull request #1225 from m-holger/fuzz4
Limit memory used for JPEG decompression during fuzzing
m-holger · GitHub
2 parents 6ed28804 c93b149b
Showing 3 changed files with 13 additions and 1 deletions
CMakeLists.txt
job.sums
libqpdf/Pl_DCT.cc
@@ -131,6 +131,10 @@ if(FUTURE)
   add_compile_definitions(QPDF_FUTURE=1)
 endif()
  
+if(OSS_FUZZ)
+  add_compile_definitions(QPDF_OSS_FUZZ=1)
+endif()
+
 enable_testing()
 set(RUN_QTEST perl ${qpdf_SOURCE_DIR}/run-qtest ${ENABLE_QTC_ARG})
  
 # Generated by generate_auto_job
-CMakeLists.txt 47752f33b17fa526d46fc608a25ad6b8c61feba9deb1bd659fddf93e6e08b102
+CMakeLists.txt 456938b9debc4997f142ccfb13f3baf2517ae5855e1fe9b2ada1a0b8f7e4facf
 generate_auto_job f64733b79dcee5a0e3e8ccc6976448e8ddf0e8b6529987a66a7d3ab2ebc10a86
 include/qpdf/auto_job_c_att.hh 4c2b171ea00531db54720bf49a43f8b34481586ae7fb6cbf225099ee42bc5bb4
 include/qpdf/auto_job_c_copy_att.hh 50609012bff14fd82f0649185940d617d05d530cdc522185c7f3920a561ccb42
@@ -311,6 +311,14 @@ Pl_DCT::decompress(void* cinfo_p, Buffer* b)
 #if ((defined(__GNUC__) && ((__GNUC__ * 100) + __GNUC_MINOR__) >= 406) || defined(__clang__))
 # pragma GCC diagnostic pop
 #endif
+
+#ifdef QPDF_OSS_FUZZ
+    // Limit the memory used to decompress JPEG files during fuzzing. Excessive memory use during
+    // fuzzing is due to corrupt JPEG data which sometimes cannot be detected before
+    // jpeg_start_decompress is called. During normal use of qpdf very large JPEGs can occasionally
+    // occur legitimately and therefore must be allowed during normal operations.
+    cinfo->mem->max_memory_to_use = 1'000'000'000;
+#endif
     jpeg_buffer_src(cinfo, b);
  
     (void)jpeg_read_header(cinfo, TRUE);