2018.04.09 07:29 "[Tiff] fuzzing libtiff with google's oss-fuzz", by Paul Kehrer
- 2018.04.09 08:05 "Re: [Tiff] fuzzing libtiff with google's oss-fuzz", by Nicolas RUFF
- 2018.04.09 11:57 "Re: [Tiff] fuzzing libtiff with google's oss-fuzz", by Even Rouault
- 2018.04.15 14:34 "Re: [Tiff] fuzzing libtiff with google's oss-fuzz", by Even Rouault
2018.04.15 14:34 "Re: [Tiff] fuzzing libtiff with google's oss-fuzz", by Even Rouault
Paul,
one of the issue raised is a integer overflow in the tiff_read_rgba_fuzzer.cc code itself
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7540
/src/tiff_read_rgba_fuzzer.cc:36:22: runtime error: signed integer overflow: -3977127075081250816 * 4 cannot be represented in type 'long'
Would probably be good to move most of the code&scripts in a fuzzers/ subdir of the libtiff repo with minimal bootstrapping in the ossfuzz repo
Even
--
Spatialys - Geospatial professional services
http://www.spatialys.com