mirror of
https://github.com/python-pillow/Pillow.git
synced 2024-12-25 17:36:18 +03:00
Refactor fuzzers, add fuzzer tests
This commit is contained in:
parent
e2577d1736
commit
becd633d3f
|
@ -20,17 +20,11 @@ import warnings
|
|||
|
||||
import atheris_no_libfuzzer as atheris
|
||||
|
||||
from PIL import Image, ImageDraw, ImageFont
|
||||
|
||||
import fuzzers
|
||||
|
||||
def TestOneInput(data):
|
||||
try:
|
||||
with ImageFont.load(io.BytesIO(data)) as font:
|
||||
font.getsize_multiline("ABC\nAaaa")
|
||||
font.getmask("test text")
|
||||
with Image.new(mode="RGBA", size=(200, 200)) as im:
|
||||
draw = ImageDraw.Draw(im)
|
||||
draw.text((10,10), "Test Text", font)
|
||||
fuzzers.fuzz_font(data)
|
||||
except Exception:
|
||||
# We're catching all exceptions because Pillow's exceptions are
|
||||
# directly inheriting from Exception.
|
||||
|
|
|
@ -18,28 +18,21 @@ import io
|
|||
import sys
|
||||
import warnings
|
||||
|
||||
import fuzzers
|
||||
|
||||
import atheris_no_libfuzzer as atheris
|
||||
|
||||
from PIL import Image, ImageFile, ImageFilter
|
||||
|
||||
|
||||
def TestOneInput(data):
|
||||
try:
|
||||
with Image.open(io.BytesIO(data)) as im:
|
||||
im.rotate(45)
|
||||
im.filter(ImageFilter.DETAIL)
|
||||
im.save(io.BytesIO(), "BMP")
|
||||
fuzzers.fuzz_image(data)
|
||||
except Exception:
|
||||
# We're catching all exceptions because Pillow's exceptions are
|
||||
# directly inheriting from Exception.
|
||||
return
|
||||
return
|
||||
|
||||
|
||||
def main():
|
||||
ImageFile.LOAD_TRUNCATED_IMAGES = True
|
||||
warnings.filterwarnings("ignore")
|
||||
warnings.simplefilter("error", Image.DecompressionBombWarning)
|
||||
fuzzers.enable_decompressionbomb_error()
|
||||
atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
|
||||
atheris.Fuzz()
|
||||
|
||||
|
|
33
Tests/oss-fuzz/fuzzers.py
Normal file
33
Tests/oss-fuzz/fuzzers.py
Normal file
|
@ -0,0 +1,33 @@
|
|||
import warnings
|
||||
import io
|
||||
|
||||
from PIL import Image, ImageFont, ImageDraw, ImageFilter, ImageFile, PcfFontFile
|
||||
|
||||
def enable_decompressionbomb_error():
|
||||
ImageFile.LOAD_TRUNCATED_IMAGES = True
|
||||
warnings.filterwarnings("ignore")
|
||||
warnings.simplefilter("error", Image.DecompressionBombWarning)
|
||||
|
||||
def fuzz_image(data):
|
||||
# This will fail on some images in the corpus, as we have many
|
||||
# invalid images in the test suite.
|
||||
with Image.open(io.BytesIO(data)) as im:
|
||||
im.rotate(45)
|
||||
im.filter(ImageFilter.DETAIL)
|
||||
im.save(io.BytesIO(), "BMP")
|
||||
|
||||
def fuzz_font(data):
|
||||
# This should not fail on a valid font load for any of the fonts in the corpus
|
||||
wrapper = io.BytesIO(data)
|
||||
try:
|
||||
font = ImageFont.truetype(wrapper)
|
||||
except OSError:
|
||||
# pcf/pilfonts/random garbage here here. They're different.
|
||||
return
|
||||
|
||||
font.getsize_multiline("ABC\nAaaa")
|
||||
font.getmask("test text")
|
||||
with Image.new(mode="RGBA", size=(200, 200)) as im:
|
||||
draw = ImageDraw.Draw(im)
|
||||
draw.multiline_textsize("ABC\nAaaa", font, stroke_width=2)
|
||||
draw.text((10,10), "Test Text", font=font, fill="#000")
|
31
Tests/oss-fuzz/test_fuzzers.py
Normal file
31
Tests/oss-fuzz/test_fuzzers.py
Normal file
|
@ -0,0 +1,31 @@
|
|||
import pytest
|
||||
|
||||
import fuzzers
|
||||
import glob
|
||||
import subprocess
|
||||
|
||||
from PIL import Image
|
||||
|
||||
@pytest.mark.parametrize("path", subprocess.check_output('find Tests/images -type f', shell=True).split(b'\n'))
|
||||
def test_fuzz_images(path):
|
||||
fuzzers.enable_decompressionbomb_error()
|
||||
try:
|
||||
with open(path, 'rb') as f:
|
||||
fuzzers.fuzz_image(f.read())
|
||||
assert True
|
||||
except (OSError, SyntaxError, MemoryError, ValueError, NotImplementedError):
|
||||
# Known exceptions that are through from Pillow
|
||||
assert True
|
||||
except (Image.DecompressionBombError, Image.DecompressionBombWarning,
|
||||
Image.UnidentifiedImageError):
|
||||
# Known Image.* exceptions
|
||||
assert True
|
||||
|
||||
|
||||
@pytest.mark.parametrize("path", subprocess.check_output('find Tests/fonts -type f', shell=True).split(b'\n'))
|
||||
def test_fuzz_fonts(path):
|
||||
if not path or b'LICENSE.txt' in path or b'.pil' in path:
|
||||
return
|
||||
with open(path, 'rb') as f:
|
||||
fuzzers.fuzz_font(f.read())
|
||||
assert True
|
Loading…
Reference in New Issue
Block a user