Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

More OSS-Fuzz support #5328

Merged
merged 18 commits into from Mar 28, 2021
Merged

More OSS-Fuzz support #5328

merged 18 commits into from Mar 28, 2021

Conversation

@wiredfool
Copy link
Member

@wiredfool wiredfool commented Mar 14, 2021

Changes proposed in this pull request:

  • Delegate build.sh, build-dictionaries to Pillow. This requires a further commit in oss-fuzz after this merges to master
  • Add a fuzzer for font files. This opens truetype files and performs some basic operations with them.
  • Refactor and add tests for the fuzzers. This should catch any cases of the fuzzers totally failing with unexpected errors, but we are still expecting that there are a reasonable number of exceptions thrown due to attempting to load broken input.
  • Lint fixes
@wiredfool
Copy link
Member Author

@wiredfool wiredfool commented Mar 14, 2021

Test failure appears to be unrelated.

"path", subprocess.check_output("find Tests/fonts -type f", shell=True).split(b"\n")
)
def test_fuzz_fonts(path):
if not path or b"LICENSE.txt" in path or b".pil" in path:
Copy link
Member

@radarhere radarhere Mar 14, 2021

Suggested change
if not path or b"LICENSE.txt" in path or b".pil" in path:
if not path or path.endswith(b"LICENSE.txt") or path.endswith(b".pil"):

Tests/oss-fuzz/fuzzers.py Outdated Show resolved Hide resolved
Tests/oss-fuzz/test_fuzzers.py Outdated Show resolved Hide resolved
hugovk
hugovk approved these changes Mar 18, 2021
from PIL import Image

if sys.platform.startswith("win32"):
pytest.skip("Fuzzer is linux only", allow_module_level=True)
Copy link
Member

@radarhere radarhere Mar 20, 2021

Suggested change
pytest.skip("Fuzzer is linux only", allow_module_level=True)
pytest.skip("Fuzzer is macOS and Linux only", allow_module_level=True)

Copy link
Member Author

@wiredfool wiredfool Mar 28, 2021

Well, technically, it's linux only, but the required bits don't fail on osx because it includes the find command.

"path", subprocess.check_output("find Tests/fonts -type f", shell=True).split(b"\n")
)
def test_fuzz_fonts(path):
if not path:
return
Copy link
Member

@radarhere radarhere Mar 21, 2021

Suggested change
"path", subprocess.check_output("find Tests/fonts -type f", shell=True).split(b"\n")
)
def test_fuzz_fonts(path):
if not path:
return
"path", subprocess.check_output("find Tests/fonts -type f", shell=True).strip().split(b"\n")
)
def test_fuzz_fonts(path):

@wiredfool wiredfool merged commit 611a6d2 into python-pillow:master Mar 28, 2021
50 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants