Add new fuzzer to increase OSS-Fuzz coverage (!151) · Merge requests · libtiff / libtiff

Ravi Jotwani requested to merge rjotwani/libtiff:master into master Aug 11, 2020

Adding another libtiff fuzzer to increase coverage. This fuzzer utilizes the TiffStream class, so we propose a few updates to tiffstream.cpp and tiffstream.h to make them work with modern C++ versions and the rest of libtiff. We also update the OSS-Fuzz build script in order to account for the addition of this fuzzer (and any others to come).

tiff_read_data_fuzzer.cc is an adaptation of the fuzzer located here. Summary of changes:

Remove unused imports
Use libtiff's stream class instead of defining custom handler functions for in-memory parsing
Remove all instances of printf and change output FILE * to /dev/null instead of stdout because we don't need any output for fuzz testing
Remove the use of static variables in favor of refactoring based on desired code paths to hit (except in the case of TIFFReadSeparateStripData(), where rather than break the inner loop we immediately jump to the call to _TIFFfree())
Clean up the function calls made in TIFFReadData() by avoiding repetition of code

Add new fuzzer to increase OSS-Fuzz coverage

Merge request reports