third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Decouple EXIV2_BUILD_FUZZ_TESTS from EXIV2_TEAM_USE_SANITIZERS.

Browse Source
This commit is contained in:
Kevin Backhouse 2021-08-11 15:11:01 +01:00
parent ced25a5d56
commit 64fe77673f
No known key found for this signature in database
GPG Key ID: 9DD01852EE40366E
6 changed files with 28 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CMakeLists.txt
View File

@ -93,10 +93,6 @@ if( EXIV2_BUILD_UNIT_TESTS )
endif()
if( EXIV2_BUILD_FUZZ_TESTS )
if ((NOT COMPILER_IS_CLANG) OR (NOT EXIV2_TEAM_USE_SANITIZERS))
message(FATAL_ERROR "You need to build with Clang and sanitizers for the fuzzers to work. "
"Use Clang and -DEXIV2_TEAM_USE_SANITIZERS=ON")
endif()
add_subdirectory ( fuzz )
endif()

15
cmake/compilerFlags.cmake
View File

@ -70,6 +70,17 @@ if ( MINGW OR UNIX OR MSYS ) # MINGW, Linux, APPLE, CYGWIN
# This seems to be causing issues in the Fedora_MinGW GitLab job
#add_compile_options(-fasynchronous-unwind-tables)
if( EXIV2_BUILD_FUZZ_TESTS )
if (NOT COMPILER_IS_CLANG)
message(FATAL_ERROR "You need to build with Clang for the fuzzers to work. "
"Use Clang")
endif()
set(FUZZER_FLAGS "-fsanitize=fuzzer-no-link")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${FUZZER_FLAGS}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${FUZZER_FLAGS}")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${FUZZER_FLAGS}")
set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} ${FUZZER_FLAGS}")
endif()
if ( EXIV2_TEAM_USE_SANITIZERS )
# ASAN is available in gcc from 4.8 and UBSAN from 4.9
@ -84,9 +95,7 @@ if ( MINGW OR UNIX OR MSYS ) # MINGW, Linux, APPLE, CYGWIN
set(SANITIZER_FLAGS "-fno-omit-frame-pointer -fsanitize=address")
endif()
elseif( COMPILER_IS_CLANG )
if ( EXIV2_BUILD_FUZZ_TESTS )
set(SANITIZER_FLAGS "-fsanitize=fuzzer-no-link,address,undefined")
elseif ( CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 4.9 )
if ( CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 4.9 )
set(SANITIZER_FLAGS "-fno-omit-frame-pointer -fsanitize=address,undefined -fno-sanitize-recover=all")
elseif ( CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 3.4 )
set(SANITIZER_FLAGS "-fno-omit-frame-pointer -fsanitize=address,undefined")

4
src/basicio.cpp
View File

@ -1357,7 +1357,9 @@ namespace Exiv2 {
{
long avail = std::max(p_->size_ - p_->idx_, 0L);
long allow = std::min(rcount, avail);
std::memcpy(buf, &p_->data_[p_->idx_], allow);
if (allow > 0) {
std::memcpy(buf, &p_->data_[p_->idx_], allow);
}
p_->idx_ += allow;
if (rcount > avail) p_->eof_ = true;
return allow;

6
src/jpgimage.cpp
View File

@ -948,8 +948,10 @@ namespace Exiv2 {
memcmp(buf.pData_ + 2, exifId_, 6) == 0) {
skipApp1Exif = count;
++search;
rawExif.alloc(size - 8);
memcpy(rawExif.pData_, buf.pData_ + 8, size - 8);
if (size > 8) {
rawExif.alloc(size - 8);
memcpy(rawExif.pData_, buf.pData_ + 8, size - 8);
}
} else if (skipApp1Xmp == notfound &&
marker == app1_ &&
size >= 31 && // prevent out-of-bounds read in memcmp on next line

6
src/pngimage.cpp
View File

@ -62,7 +62,11 @@ namespace
inline bool compare(const char* str, const Exiv2::DataBuf& buf, size_t length)
{
assert(strlen(str) <= length);
return memcmp(str, buf.pData_, std::min(static_cast<long>(length), buf.size_)) == 0;
const long minlen = std::min(static_cast<long>(length), buf.size_);
if (minlen == 0) {
return true;
}
return memcmp(str, buf.pData_, minlen) == 0;
}
} // namespace

6
src/tiffvisitor_int.cpp
View File

@ -744,8 +744,10 @@ namespace Exiv2 {
<< " to offset area.\n";
#endif
memset(buf + 8, 0x0, 4);
memcpy(buf + 8, pTiffEntry->pData(), pTiffEntry->size());
memset(const_cast<byte*>(pTiffEntry->pData()), 0x0, pTiffEntry->size());
if (pTiffEntry->size() > 0) {
memcpy(buf + 8, pTiffEntry->pData(), pTiffEntry->size());
memset(const_cast<byte*>(pTiffEntry->pData()), 0x0, pTiffEntry->size());
}
}
return 12;
}