Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jpeg Fuzz Fixes #836

Merged
merged 23 commits into from
Feb 17, 2019
Merged

Jpeg Fuzz Fixes #836

merged 23 commits into from
Feb 17, 2019

Conversation

JimBobSquarePants
Copy link
Member

@JimBobSquarePants JimBobSquarePants commented Feb 15, 2019
edited

Prerequisites

  • I have written a descriptive pull-request title
  • I have verified that there are no overlapping pull-requests open
  • I have verified that I am following matches the existing coding patterns and practice as demonstrated in the repository. These follow strict Stylecop rules 👮.
  • I have provided test coverage for my change (where applicable)

Description

A combined PR to fix all the recently submitted jpeg fuzz issues.

@JimBobSquarePants JimBobSquarePants added this to To Do in ImageSharp via automation Feb 15, 2019
@JimBobSquarePants JimBobSquarePants added this to the 1.0.0-rc1 milestone Feb 15, 2019
@JimBobSquarePants
Copy link
Member Author

There's a fair amount of work here so if anyone fancies chipping in please do.

@codecov
Copy link

codecov bot commented Feb 16, 2019

Codecov Report

Merging #836 into master will increase coverage by <.01%.
The diff coverage is 58.33%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #836      +/-   ##
==========================================
+ Coverage   88.84%   88.84%   +<.01%     
==========================================
  Files        1015     1015              
  Lines       44167    44185      +18     
  Branches     3180     3185       +5     
==========================================
+ Hits        39241    39258      +17     
- Misses       4201     4203       +2     
+ Partials      725      724       -1
Impacted Files Coverage Δ
...arp/Formats/Jpeg/Components/Decoder/ScanDecoder.cs 92.67% <0%> (ø) ⬆️
...arp.Tests/Formats/Jpg/JpegDecoderTests.Baseline.cs 84.61% <100%> (-2.06%) ⬇️
...Sharp/Formats/Jpeg/Components/Decoder/JpegFrame.cs 100% <100%> (ø) ⬆️
tests/ImageSharp.Tests/TestImages.cs 100% <100%> (ø) ⬆️
...Sharp.Tests/Formats/Jpg/JpegDecoderTests.Images.cs 100% <100%> (ø) ⬆️
...p/Formats/Jpeg/Components/Decoder/JpegComponent.cs 100% <100%> (+2.38%) ⬆️
src/ImageSharp/Formats/Jpeg/JpegDecoderCore.cs 87.35% <21.42%> (-0.4%) ⬇️
src/ImageSharp/Formats/Jpeg/JpegThrowHelper.cs 60% <60%> (+60%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5a9b84e...fdeb6ea. Read the comment docs.

@codecov
Copy link

codecov bot commented Feb 16, 2019
edited

Codecov Report

Merging #836 into master will increase coverage by 0.02%.
The diff coverage is 82.75%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #836      +/-   ##
==========================================
+ Coverage   88.84%   88.87%   +0.02%     
==========================================
  Files        1015     1015              
  Lines       44167    44240      +73     
  Branches     3180     3202      +22     
==========================================
+ Hits        39241    39319      +78     
+ Misses       4201     4200       -1     
+ Partials      725      721       -4
Impacted Files Coverage Δ
...arp.Tests/Formats/Jpg/JpegDecoderTests.Baseline.cs 83.33% <ø> (-3.34%) ⬇️
...harp/Formats/Jpeg/Components/Decoder/JFifMarker.cs 86.84% <0%> (-10.46%) ⬇️
...Sharp/Formats/Jpeg/Components/Decoder/JpegFrame.cs 100% <100%> (ø) ⬆️
tests/ImageSharp.Tests/TestImages.cs 100% <100%> (ø) ⬆️
...rp/Formats/Jpeg/Components/Decoder/HuffmanTable.cs 100% <100%> (ø) ⬆️
...Sharp.Tests/Formats/Jpg/JpegDecoderTests.Images.cs 100% <100%> (ø) ⬆️
...arp/Formats/Jpeg/Components/Decoder/ScanDecoder.cs 92.68% <72.22%> (ø) ⬆️
...p/Formats/Jpeg/Components/Decoder/JpegComponent.cs 96.07% <77.77%> (-1.55%) ⬇️
src/ImageSharp/Formats/Jpeg/JpegDecoderCore.cs 90.63% <82.05%> (+2.87%) ⬆️
src/ImageSharp/Formats/Jpeg/JpegThrowHelper.cs 85.71% <85.71%> (+85.71%) ⬆️
... and 3 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5a9b84e...1e38243. Read the comment docs.

@antonfirsov
Copy link
Member

Looks good so far!

@JimBobSquarePants JimBobSquarePants changed the title WIP Jpeg Fuzz Fixes Jpeg Fuzz Fixes Feb 17, 2019
@JimBobSquarePants JimBobSquarePants marked this pull request as ready for review February 17, 2019 06:18
tocsoft
tocsoft approved these changes Feb 17, 2019
View reviewed changes
Copy link
Member

@tocsoft tocsoft left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looking good to me 👍 well done

@JimBobSquarePants JimBobSquarePants merged commit 8f3658d into master Feb 17, 2019
ImageSharp automation moved this from To Do to Done Feb 17, 2019
@JimBobSquarePants JimBobSquarePants deleted the js/jpeg-security branch February 17, 2019 11:24
antonfirsov pushed a commit to antonfirsov/ImageSharp that referenced this pull request Nov 11, 2019
@JimBobSquarePants
Jpeg Fuzz Fixes (SixLabors#836)
2e241f5 
* Nomalize jpeg exceptions. Fix SixLabors#821

* Fix SixLabors#822

* Fix SixLabors#823

* Check for correct QT index. Touch SixLabors#824

* Check DHT props. Touch SixLabors#824

* Limit sampling factors to 1 & 2. Touch SixLabors#824

* Add already fixed image 4. Touch SixLabors#824

* Check for excessive code lengths. Touch SixLabors#824

* Add already fixed image 6. Touch SixLabors#824

* Lint progressive scan details. Touch SixLabors#824

* Add already fixed image 8. Fix SixLabors#824

* Remove duplicate per-block checks

* Add already fixed image 1. Touch SixLabors#825

* Don't throw on bad JFIF density units.

* Add already fixed image 3. Touch SixLabors#825

* Add already fixed image 4. Fix SixLabors#825

* Check SOFn marker length. Touch SixLabors#826

* Add already fixed image 2. Touch SixLabors#826

* Add already fixed image 3. Fix SixLabors#826

* Add fixed already fixed image. Fix SixLabors#827

* Revert unneeded bounds check introduced in SixLabors#804
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tocsoft tocsoft tocsoft approved these changes

@antonfirsov antonfirsov Awaiting requested review from antonfirsov

@dlemstra dlemstra Awaiting requested review from dlemstra

Assignees
No one assigned
Labels
bug formats:jpeg
Projects
ImageSharp
  
Done
Milestone
1.0.0-rc1
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@JimBobSquarePants @antonfirsov @tocsoft