OpenSystemsDevelopment / qpdf

06 Aug, 2024

1 commit

Add new qpdf_fuzzer test cases
08eb6844

m-holger authored
2024-08-06 12:26:37 +0100
Browse Dir »

03 Aug, 2024

2 commits

Refactor Pl_RunLength::decode ...
3bab4cf3
```
Buffer output locally.
Add qpdf_fuzzer test case.
```
m-holger authored
2024-08-03 15:52:45 +0100
Browse Dir »
Reduce Pl_DCT and Pl_Flate memory limits during fuzzing ...
5edb5481
```
Also, add additional qpdf_fuzzer test case.
```
m-holger authored
2024-08-03 14:09:31 +0100
Browse Dir »

28 Jul, 2024

2 commits

In qpdf_fuzzer add a memory limit for Pl_Flate
2bb9e06d

m-holger authored
2024-07-28 19:54:38 +0100
Browse Dir »
Add additional qpdf_fuzzer test case
bc68003c

m-holger authored
2024-07-28 18:10:02 +0100
Browse Dir »

27 Jul, 2024

1 commit

Adjust qpdf_fuzzer warnings limit
f8518d36

m-holger authored
2024-07-27 21:18:06 +0100
Browse Dir »

22 Jul, 2024

1 commit

In qpdf_fuzzer reduce Pl_PNGFilter and Pl_TIFFPredictor memory limits
4f694cdf

m-holger authored
2024-07-22 13:25:21 +0100
Browse Dir »

18 Jul, 2024

3 commits

Rename fuzz test case
30e187b4

m-holger authored
2024-07-18 16:50:37 +0100
Browse Dir »
Limit memory used by Pl_PNGFilter and Pl_TIFFPredictor during fuzzing
34729e37

m-holger authored
2024-07-18 16:50:30 +0100
Browse Dir »
Change QPDF max_warnings into a hard limit ...
fe1fffe8
```
Throw damagedFile if max_warnings is exceeded. Change qpdf_fuzzer warnings limit to
limit to 500.
```
m-holger authored
2024-07-18 16:50:08 +0100
Browse Dir »

16 Jul, 2024

2 commits

Limit the number of warnings in json_fuzzer before giving up
992b7911

m-holger authored
2024-07-16 15:36:58 +0100
Browse Dir »
Add further fuzz tests
e14e828c

m-holger authored
2024-07-16 14:52:09 +0100
Browse Dir »

11 Jul, 2024

1 commit

Further limit size of uncompressed JPEG for fuzzing ...
722148de
```
Try a  limit of 50MB. For very large limits processing time before
damage is encountered may exceed oss-fuzz limits.
Add further test cases.
```
m-holger authored
2024-07-11 14:32:22 +0100
Browse Dir »

10 Jul, 2024

1 commit

Add extra sanity check on pages tree ...
c2c1618e
```
Reject non-dictionary Page and Pages objects.

Also add additional qpdf_fuzzer test cases.
```
m-holger authored
2024-07-10 19:03:23 +0100
Browse Dir »

09 Jul, 2024

1 commit

Add additional fuzzer test cases ...
7172dbd4
```
Add test case for oss-fuzz 15471 and 69977a
```
m-holger authored
2024-07-09 17:17:10 +0100
Browse Dir »

07 Jul, 2024

1 commit

Add qpdf_fuzzer test case
e76d6682

m-holger authored
2024-07-07 23:58:18 +0100
Browse Dir »

06 Jul, 2024

1 commit

In QPDF::processXRefIndex check number of objects in subsection is > 0 ...
c1cd3ec8
```
Fixes oss-fuzz 70055
```
m-holger authored
2024-07-06 16:09:50 +0100
Browse Dir »

03 Jul, 2024

2 commits

Add setMaxWarnings rather than using conditional compilation
598268f6

Jay Berkenbilt authored
2024-07-03 15:44:44 +0100
Browse Dir »

Add DCT decompression config methods in favor of compile-time changes ...

65bd8bc5

As a rule, we should avoid conditional compilation is it always causes
code paths that are sometimes not even seen lexically by the compiler.
Also, we want the actual code being fuzzed to be as close as possible
to the real code. Conditional compilation is suitable to handle
underlying system differences.

Instead, favor configuration using callbacks or other methods that can
be triggered in the places where they need to be exercised.

authored

2024-07-03 15:43:38 +0100

Browse Dir »

02 Jul, 2024

1 commit

Suppress excessive warnings while fuzzing ...
42c51119
```
Add extra fuzz test case and amend memory limit for Pl_DCT.
```
m-holger authored
2024-07-02 01:16:23 +0100
Browse Dir »

29 Jun, 2024

1 commit

In QPDFOutlineObjectHelper detect loops in direct children ...
0a081e1f
```
Also, add diagnostic messages in qpdf_fuzzer and additional fuzz test case.
```
m-holger authored
2024-06-29 12:38:07 +0100
Browse Dir »

27 Jun, 2024

3 commits

Merge pull request #1224 from m-holger/fuzz3 ...
6ed28804
```
Fix #1170
```
m-holger authored
2024-06-27 08:47:42 +0100
Browse Dir »
Merge pull request #1222 from m-holger/fuzz2 ...
732aab86
```
In PL_DCT add option to limit the size of uncompressed corrupt data
```
m-holger authored
2024-06-27 08:20:01 +0100
Browse Dir »

Fix #1170 ...

8ae3ef28

In QPDF::read_xrefEntry add buffer overflow test for first eol character.
Overlong f1 or f2 entries consisting only of zeros could cause a buffer
overflow.

Add fuzz testcase 69913.

authored

2024-06-27 08:17:58 +0100

Browse Dir »

26 Jun, 2024

1 commit

In PL_DCT add option to limit the size of uncompressed corrupt data ...
d83cf438
```
Also, apply limit in dct_fuzzer
```
m-holger authored
2024-06-26 11:57:29 +0100
Browse Dir »

25 Jun, 2024

1 commit

In QPDF check for page tree after reading xref table ...
e62973d2
```
Also add new fuzz test case.
```
m-holger authored
2024-06-25 15:18:54 +0100
Browse Dir »

22 Jun, 2024

1 commit

Try moving only files matching *_fuzzer* in fuzzer build
fff205dc

m-holger authored
2024-06-22 10:19:30 +0100
Browse Dir »

18 Jun, 2024

2 commits

Build all fuzzers with FUTURE=ON and FUTURE=OFF
aaa65473

Jay Berkenbilt authored
2024-06-18 11:00:44 -0400
Browse Dir »
Use more idiomatic OFF and ON with cmake
293203ac

Jay Berkenbilt authored
2024-06-18 10:55:19 -0400
Browse Dir »

11 May, 2024

1 commit

Add fuzz testcase 68915.fuzz
7f8e0a0d

m-holger authored
2024-05-11 21:49:27 +0100
Browse Dir »

04 May, 2024

1 commit

Fix bug in QPDFWriter::preserveObjectStreams ...

02e89bbe

Code failed to allow for QPDF::getCompressibleObjSet deleting objects
from the object cache in case of multiple entries for the same object id.

Add fuzz test case 68668.

authored

2024-05-04 10:55:30 +0100

Browse Dir »

30 Apr, 2024

2 commits

Guard against object id == std::numeric_limits<int> in QPDF::insertReconstructedXrefEntry
e85b98b7

m-holger authored
2024-04-30 12:38:02 +0100
Browse Dir »
In QPDF::filterCompressedObjects ignore objects not in QPDFWriter tables ...
60c7d594
```
Add fuzz case 68377.
```
m-holger authored
2024-04-30 10:46:06 +0100
Browse Dir »

06 Feb, 2024

2 commits

Detect end of input inside an unfinished JSON string
b1b789df

Jay Berkenbilt authored
2024-02-06 15:30:29 -0500
Browse Dir »
Detect JSON object whose value is an indirect object
3490090f

Jay Berkenbilt authored
2024-02-06 15:12:41 -0500
Browse Dir »

04 Feb, 2024

2 commits

Fix JSON parser error found by fuzz
7ae095fa

Jay Berkenbilt authored
2024-02-04 17:27:49 -0500
Browse Dir »
Add json fuzzer with seed files from #1123 and test suite ...
f0fb19df
```
...as well as some cases generated in CI from earlier attempts at
fixing this.
```
Jay Berkenbilt authored
2024-02-04 17:27:49 -0500
Browse Dir »

03 Feb, 2024

2 commits

Exercise more parameters of the tiff predictor in fuzz
e641a883

Jay Berkenbilt authored
2024-02-03 11:27:42 -0500
Browse Dir »
Add additional test case for fuzz tests
3279c21e

m-holger authored
2024-02-03 11:20:57 -0500
Browse Dir »

17 Jan, 2024

1 commit

Fix incorrect handling of invalid negative object ids ...

6e3b7982

Fix two errors introduced in #1110 and #1112. Since
#1110, encountering the invalid indirect reference #1110
-2147483648 n R produces an integer underflow which, if
 undetected, immediately trigger a logic error. Since
 #1112, object -1 0 R may be incorrectly identified as
 an earlier generation of itself and deleted,
 invalidating a live iterator.

authored

2024-01-17 10:39:06 +0000

Browse Dir »