Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-02-10 | Fix loop in QPDFOutlineDocumentHelper (fuzz issue 30507) | Jay Berkenbilt | |
2021-01-04 | Fix some pipelines to be safe if downstream write fails (fuzz issue 28262) | Jay Berkenbilt | |
2021-01-02 | Make more QPDFPageObjectHelper methods work with form XObject | Jay Berkenbilt | |
2021-01-02 | QPDFPageObjectHelper: getPageImages -> getImages | Jay Berkenbilt | |
2020-11-21 | Handle negative numbers in QIntC::range_check (fuzz issue 26994) | Jay Berkenbilt | |
2020-11-11 | Treat direct page as runtime rather than logic error (fuzz issue 27393) | Jay Berkenbilt | |
2020-10-31 | Fix stack overflow on direct root (fuzz issue 26761) | Jay Berkenbilt | |
2020-10-22 | Avoid leak by resolving object streams more than once (fuzz issue 23642) | Jay Berkenbilt | |
2020-10-22 | Handle jpeg library fuzz false positives | Jay Berkenbilt | |
The jpeg library has some assembly code that is missed by the compiler instrumentation used by memory sanitization. There is a runtime environment variable that is used to work around this issue. | |||
2020-10-22 | Check for overflow in page labels (fuzz issue 23599) | Jay Berkenbilt | |
2020-10-22 | Fix loop detection error (fuzz issue 23172) | Jay Berkenbilt | |
2020-10-21 | Remove some fuzz files with Mal/PDFEx-H (fixes #460) | Jay Berkenbilt | |
There isn't really an issue with these files causing a real problem, but malware and virus checkers trip on them, and the value to leaving them in the test suite is too low to be worth the hassle. | |||
2020-10-16 | Rename azure-pipelines to build-scripts | Jay Berkenbilt | |
2019-11-09 | Explicitly use only native crypto for oss-fuzz | Jay Berkenbilt | |
I don't need qpdf's fuzz to find leaks and invalid memory in gnutls. | |||
2019-11-04 | Fix two additional fuzz test cases | Jay Berkenbilt | |
2019-09-18 | Fix fuzz issue 16953 (overflow checking in xref stream index) | Jay Berkenbilt | |
2019-08-29 | Don't encrypt trailer, fixes fuzz issue 15983 | Jay Berkenbilt | |
Ordinarily the trailer doesn't contain any strings, so this is usually a non-issue, but if the trailer contains strings, linearizing and encrypting with object streams would include encrypted strings in the trailer, which would blow out the padding because encrypted strings are longer than their cleartext counterparts. | |||
2019-08-28 | Detect stream in object stream, fixing fuzz 16214 | Jay Berkenbilt | |
It's detected in QPDFWriter instead of at parse time because I can't figure out how to construct a test case in a reasonable time. This commit moves the fuzz file into the regular test suite for a QTC coverage case. | |||
2019-08-28 | Safe pipeline pop fixed fuzz issue 15445 | Jay Berkenbilt | |
2019-08-28 | Fix fuzz issues 15316 and 15390 | Jay Berkenbilt | |
2019-08-27 | Fix fuzz issue 16172 (overflow checking in OffsetInputSource) | Jay Berkenbilt | |
2019-08-27 | Fix fuzz issue 15442 (overflow checking in BufferInputSource) | Jay Berkenbilt | |
2019-08-27 | Fix fuzz issue 15387 (overflow checking xref size) | Jay Berkenbilt | |
2019-08-26 | Fix fuzz issue 15475 | Jay Berkenbilt | |
2019-08-26 | Fix fuzz issue 16301 | Jay Berkenbilt | |
2019-08-26 | Move qpdf_fuzzer tests to the end | Jay Berkenbilt | |
This makes it faster to iterate on the other ones. | |||
2019-08-26 | Fuzz build: allow easy addition of test files | Jay Berkenbilt | |
2019-07-04 | Change list to vector for outline helpers (fixes #297) | Thorsten Schöning | |
This change works around STL problems with Embarcadero C++ Builder version 10.2, but std::vector is more common than std::list in qpdf, and this is a relatively new API, so an API change is tolerable. Thanks to Thorsten Schöning <6223655+ams-tschoening@users.noreply.github.com> for the fix. | |||
2019-06-23 | Add fuzzers to exercise specific pipeline classes | Jay Berkenbilt | |
2019-06-22 | Add QUtil::read_file_into_memory | Jay Berkenbilt | |
This code was essentially duplicated between test_driver and standalone_fuzz_target_runner. | |||
2019-06-21 | Update qpdf_fuzzer to increase coverage | Jay Berkenbilt | |
2019-06-21 | Clean up fuzzer installation and add test files | Jay Berkenbilt | |
* Create the seed corpus in the build directory * Don't assume all fuzzers share an options file | |||
2019-06-21 | Re-enable fuzzer testing in Windows | Jay Berkenbilt | |
2019-06-21 | Fix sign and conversion warnings (major) | Jay Berkenbilt | |
This makes all integer type conversions that have potential data loss explicit with calls that do range checks and raise an exception. After this commit, qpdf builds with no warnings when -Wsign-conversion -Wconversion is used with gcc or clang or when -W3 -Wd4800 is used with MSVC. This significantly reduces the likelihood of potential crashes from bogus integer values. There are some parts of the code that take int when they should take size_t or an offset. Such places would make qpdf not support files with more than 2^31 of something that usually wouldn't be so large. In the event that such a file shows up and is valid, at least qpdf would raise an error in the right spot so the issue could be legitimately addressed rather than failing in some weird way because of a silent overflow condition. | |||
2019-06-18 | Remove qpdf_read_memory_fuzzer | Jay Berkenbilt | |
2019-06-15 | As a test suite, run stand-alone fuzzer on seed corpus | Jay Berkenbilt | |
Temporarily skip fuzz tests on Windows. There are Windows-specific failures to address later. | |||
2019-06-15 | Populate seed corpus | Jay Berkenbilt | |
2019-06-15 | Add corpus from previous fuzzer | Jay Berkenbilt | |
This is the set of files from the latest corpus of running the older fuzzer (qpdf_read_memory_fuzzer) at the time of adding the new fuzzer (qpdf_fuzzer) after running a merge operation to minimize the corpus. | |||
2019-06-15 | Implement fuzzer with good coverage | Jay Berkenbilt | |
2019-06-14 | oss-fuzz-build: support branch switching | Jay Berkenbilt | |
2019-06-13 | oss-fuzz initial integration | Jay Berkenbilt | |