Commit 975fae1667b858d7ed67550ef48dbcae575d8292
Committed by
GitHub
GitHub
Merge pull request #1225 from m-holger/fuzz4
Limit memory used for JPEG decompression during fuzzing
Showing
3 changed files
with
13 additions
and
1 deletions
CMakeLists.txt
| @@ -131,6 +131,10 @@ if(FUTURE) | @@ -131,6 +131,10 @@ if(FUTURE) | ||
| 131 | add_compile_definitions(QPDF_FUTURE=1) | 131 | add_compile_definitions(QPDF_FUTURE=1) |
| 132 | endif() | 132 | endif() |
| 133 | 133 | ||
| 134 | +if(OSS_FUZZ) | ||
| 135 | + add_compile_definitions(QPDF_OSS_FUZZ=1) | ||
| 136 | +endif() | ||
| 137 | + | ||
| 134 | enable_testing() | 138 | enable_testing() |
| 135 | set(RUN_QTEST perl ${qpdf_SOURCE_DIR}/run-qtest ${ENABLE_QTC_ARG}) | 139 | set(RUN_QTEST perl ${qpdf_SOURCE_DIR}/run-qtest ${ENABLE_QTC_ARG}) |
| 136 | 140 |
job.sums
| 1 | # Generated by generate_auto_job | 1 | # Generated by generate_auto_job |
| 2 | -CMakeLists.txt 47752f33b17fa526d46fc608a25ad6b8c61feba9deb1bd659fddf93e6e08b102 | 2 | +CMakeLists.txt 456938b9debc4997f142ccfb13f3baf2517ae5855e1fe9b2ada1a0b8f7e4facf |
| 3 | generate_auto_job f64733b79dcee5a0e3e8ccc6976448e8ddf0e8b6529987a66a7d3ab2ebc10a86 | 3 | generate_auto_job f64733b79dcee5a0e3e8ccc6976448e8ddf0e8b6529987a66a7d3ab2ebc10a86 |
| 4 | include/qpdf/auto_job_c_att.hh 4c2b171ea00531db54720bf49a43f8b34481586ae7fb6cbf225099ee42bc5bb4 | 4 | include/qpdf/auto_job_c_att.hh 4c2b171ea00531db54720bf49a43f8b34481586ae7fb6cbf225099ee42bc5bb4 |
| 5 | include/qpdf/auto_job_c_copy_att.hh 50609012bff14fd82f0649185940d617d05d530cdc522185c7f3920a561ccb42 | 5 | include/qpdf/auto_job_c_copy_att.hh 50609012bff14fd82f0649185940d617d05d530cdc522185c7f3920a561ccb42 |
libqpdf/Pl_DCT.cc
| @@ -311,6 +311,14 @@ Pl_DCT::decompress(void* cinfo_p, Buffer* b) | @@ -311,6 +311,14 @@ Pl_DCT::decompress(void* cinfo_p, Buffer* b) | ||
| 311 | #if ((defined(__GNUC__) && ((__GNUC__ * 100) + __GNUC_MINOR__) >= 406) || defined(__clang__)) | 311 | #if ((defined(__GNUC__) && ((__GNUC__ * 100) + __GNUC_MINOR__) >= 406) || defined(__clang__)) |
| 312 | # pragma GCC diagnostic pop | 312 | # pragma GCC diagnostic pop |
| 313 | #endif | 313 | #endif |
| 314 | + | ||
| 315 | +#ifdef QPDF_OSS_FUZZ | ||
| 316 | + // Limit the memory used to decompress JPEG files during fuzzing. Excessive memory use during | ||
| 317 | + // fuzzing is due to corrupt JPEG data which sometimes cannot be detected before | ||
| 318 | + // jpeg_start_decompress is called. During normal use of qpdf very large JPEGs can occasionally | ||
| 319 | + // occur legitimately and therefore must be allowed during normal operations. | ||
| 320 | + cinfo->mem->max_memory_to_use = 1'000'000'000; | ||
| 321 | +#endif | ||
| 314 | jpeg_buffer_src(cinfo, b); | 322 | jpeg_buffer_src(cinfo, b); |
| 315 | 323 | ||
| 316 | (void)jpeg_read_header(cinfo, TRUE); | 324 | (void)jpeg_read_header(cinfo, TRUE); |