mirror of
https://github.com/python-pillow/Pillow.git
synced 2025-09-24 21:17:02 +03:00
Update fuzz_exif.py
This commit is contained in:
Roshan Sah
GitHub
parent
c8c708f852
commit
624858e558
|
|
@ -1,17 +1,11 @@
|
||||||
# Enhanced Fuzz Target for Pillow: EXIF Metadata Fuzzing
|
|
||||||
|
|
||||||
This fuzz target focuses on testing the EXIF metadata handling capabilities of Pillow, which is an area not specifically targeted by the existing fuzzers.
|
|
||||||
|
|
||||||
```python
|
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
# Copyright 2025 Google LLC
|
# Copyright 2025 Google LLC
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
# You may obtain a copy of the License at
|
# You may obtain a copy of the License at
|
||||||
#
|
#
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
#
|
#
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
|
@ -19,90 +13,54 @@ This fuzz target focuses on testing the EXIF metadata handling capabilities of P
|
||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
|
import sys
|
||||||
|
import io
|
||||||
|
|
||||||
import atheris
|
import atheris
|
||||||
from atheris.import_hook import instrument_imports
|
from atheris.import_hook import instrument_imports
|
||||||
|
|
||||||
with instrument_imports():
|
with instrument_imports():
|
||||||
import io
|
from PIL import ExifTags, Image
|
||||||
import sys
|
|
||||||
from PIL import Image, ExifTags
|
|
||||||
|
|
||||||
def TestOneInput(data):
|
def TestOneInput(data):
|
||||||
if len(data) < 10: # Skip inputs that are too small
|
if len(data) < 10:
|
||||||
return
|
return
|
||||||
|
|
||||||
try:
|
try:
|
||||||
# Create a BytesIO object from the fuzzer data
|
|
||||||
image_io = io.BytesIO(data)
|
image_io = io.BytesIO(data)
|
||||||
|
|
||||||
# Try to open the image
|
|
||||||
with Image.open(image_io) as img:
|
with Image.open(image_io) as img:
|
||||||
# Test EXIF extraction
|
|
||||||
try:
|
try:
|
||||||
exif = img._getexif()
|
exif = img._getexif()
|
||||||
if exif:
|
if exif:
|
||||||
# Process EXIF data
|
|
||||||
for tag_id, value in exif.items():
|
for tag_id, value in exif.items():
|
||||||
# Try to get the tag name
|
|
||||||
tag_name = ExifTags.TAGS.get(tag_id, tag_id)
|
tag_name = ExifTags.TAGS.get(tag_id, tag_id)
|
||||||
|
if tag_id == 34853: # GPSInfo
|
||||||
# Try to convert GPS info
|
|
||||||
if tag_id == 34853: # GPSInfo tag
|
|
||||||
for gps_tag, gps_value in value.items():
|
for gps_tag, gps_value in value.items():
|
||||||
gps_tag_name = ExifTags.GPSTAGS.get(gps_tag, gps_tag)
|
gps_tag_name = ExifTags.GPSTAGS.get(gps_tag, gps_tag)
|
||||||
except Exception:
|
except Exception:
|
||||||
# Catch exceptions from EXIF processing
|
|
||||||
pass
|
pass
|
||||||
|
|
||||||
# Test thumbnail extraction from EXIF
|
|
||||||
try:
|
try:
|
||||||
if hasattr(img, 'getexif'):
|
if hasattr(img, "getexif"):
|
||||||
exif = img.getexif()
|
exif = img.getexif()
|
||||||
if exif:
|
if exif and hasattr(exif, "get_thumbnail"):
|
||||||
# Try to extract thumbnail if present
|
thumbnail = exif.get_thumbnail()
|
||||||
if hasattr(exif, 'get_thumbnail'):
|
if thumbnail:
|
||||||
thumbnail = exif.get_thumbnail()
|
thumb_img = Image.open(io.BytesIO(thumbnail))
|
||||||
if thumbnail:
|
thumb_img.load()
|
||||||
# Try to open the thumbnail
|
|
||||||
thumb_img = Image.open(io.BytesIO(thumbnail))
|
|
||||||
thumb_img.load()
|
|
||||||
except Exception:
|
except Exception:
|
||||||
# Catch exceptions from thumbnail extraction
|
|
||||||
pass
|
pass
|
||||||
|
|
||||||
except Exception:
|
except Exception:
|
||||||
# Catch all other exceptions
|
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
atheris.Setup(sys.argv, TestOneInput)
|
atheris.Setup(sys.argv, TestOneInput)
|
||||||
atheris.Fuzz()
|
atheris.Fuzz()
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
main()
|
main()
|
||||||
```
|
|
||||||
|
|
||||||
## Features
|
|
||||||
|
|
||||||
This fuzz target specifically tests:
|
|
||||||
|
|
||||||
1. EXIF metadata extraction from images
|
|
||||||
2. Processing of EXIF tags and values
|
|
||||||
3. GPS information handling
|
|
||||||
4. Thumbnail extraction from EXIF data
|
|
||||||
|
|
||||||
## Integration
|
|
||||||
|
|
||||||
To integrate this fuzz target:
|
|
||||||
|
|
||||||
1. Save it as `fuzz_exif.py` in the `Tests/oss-fuzz/` directory
|
|
||||||
2. Update the `build.sh` script to include this target in the build process
|
|
||||||
3. Test locally to ensure it works correctly
|
|
||||||
4. Submit as part of a pull request to the Pillow repository
|
|
||||||
|
|
||||||
## Expected Benefits
|
|
||||||
|
|
||||||
- Increased coverage of EXIF metadata handling code
|
|
||||||
- Potential discovery of bugs in metadata parsing
|
|
||||||
- Better handling of malformed EXIF data
|
|
||||||
- Improved security for applications processing images with metadata
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user