From a2c1109152a8afe40d420342cf20a3f84f483e92 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Tue, 30 Jul 2019 10:40:47 +0200 Subject: Harden ICC parser Add missing implicit size checks of tags by passing the already checked explicitly given size forward. Also adds my fuzzing test for the ICC parser as it is security critical, by being used by multiple image formats. Change-Id: Ieb632ccb78f9b445a276959ffbd66fa04a7a5b45 Reviewed-by: Eirik Aavitsland --- tests/libfuzzer/gui/iccparser/iccparser.pro | 3 +++ tests/libfuzzer/gui/iccparser/main.cpp | 37 +++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 tests/libfuzzer/gui/iccparser/iccparser.pro create mode 100644 tests/libfuzzer/gui/iccparser/main.cpp (limited to 'tests/libfuzzer') diff --git a/tests/libfuzzer/gui/iccparser/iccparser.pro b/tests/libfuzzer/gui/iccparser/iccparser.pro new file mode 100644 index 0000000000..bf4037eae7 --- /dev/null +++ b/tests/libfuzzer/gui/iccparser/iccparser.pro @@ -0,0 +1,3 @@ +QT += gui +SOURCES += main.cpp +LIBS += -fsanitize=fuzzer diff --git a/tests/libfuzzer/gui/iccparser/main.cpp b/tests/libfuzzer/gui/iccparser/main.cpp new file mode 100644 index 0000000000..ba4f70ef3b --- /dev/null +++ b/tests/libfuzzer/gui/iccparser/main.cpp @@ -0,0 +1,37 @@ +/**************************************************************************** +** +** Copyright (C) 2019 The Qt Company Ltd. +** Contact: https://www.qt.io/licensing/ +** +** This file is part of the test suite of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:GPL-EXCEPT$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and The Qt Company. For licensing terms +** and conditions see https://www.qt.io/terms-conditions. For further +** information use the contact form at https://www.qt.io/contact-us. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 3 as published by the Free Software +** Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT +** included in the packaging of this file. Please review the following +** information to ensure the GNU General Public License requirements will +** be met: https://www.gnu.org/licenses/gpl-3.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include +#include + +extern "C" int LLVMFuzzerTestOneInput(const char *data, size_t size) { + static int c = 0; + static QGuiApplication a(c, nullptr); + QColorSpace cs = QColorSpace::fromIccProfile(QByteArray(data, size)); + return 0; +} -- cgit v1.2.3