Create fuzzer for PDFium's hint table/stream reader |
|||
Issue descriptionBug 635565 is an example where PDFium crashes due to bad hint table data. Since the hint table is just hint data, it is not required to load PDFs. Would a fuzzer be a good tool to help us flush out all the cases where the code is too strict with safe_math checks? Instead, the crashes should be handled and turned into failures that return false/nullptr.
,
Aug 15 2016
I'll take it.
,
Aug 19 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b9dc835015e914ded4f4f3db0bd9e95aaf7d7c03 commit b9dc835015e914ded4f4f3db0bd9e95aaf7d7c03 Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org> Date: Fri Aug 19 23:30:52 2016 Roll src/third_party/pdfium/ bb5fa043a..5b13e1dc5 (1 commit). https://pdfium.googlesource.com/pdfium.git/+log/bb5fa043a7ef..5b13e1dc5770 $ git log bb5fa043a..5b13e1dc5 --date=short --no-merges --format='%ad %ae %s' 2016-08-19 thestig Add a fuzzer for CPDF_HintTables. BUG= 636559 TBR=dsinclair@chromium.org Review-Url: https://codereview.chromium.org/2264733002 Cr-Commit-Position: refs/heads/master@{#413284} [modify] https://crrev.com/b9dc835015e914ded4f4f3db0bd9e95aaf7d7c03/DEPS
,
Aug 20 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e8ad85572cd463bfb07d89140267e47e507f1caa commit e8ad85572cd463bfb07d89140267e47e507f1caa Author: thestig <thestig@chromium.org> Date: Sat Aug 20 04:25:09 2016 Build rule for pdf_hint_table_fuzzer Add the Chromium side build rules for the hint table fuzzer. BUG= 636559 Review-Url: https://codereview.chromium.org/2262623002 Cr-Commit-Position: refs/heads/master@{#413320} [modify] https://crrev.com/e8ad85572cd463bfb07d89140267e47e507f1caa/pdf/pdfium/fuzzers/BUILD.gn
,
Aug 20 2016
|
|||
►
Sign in to add a comment |
|||
Comment 1 by och...@chromium.org
, Aug 10 2016