Refactor fuzzers, add fuzzer tests

This commit is contained in:
Eric Soroos 2021-03-14 12:21:02 +01:00
parent e2577d1736
commit becd633d3f
4 changed files with 70 additions and 19 deletions

View File

@ -20,17 +20,11 @@ import warnings
import atheris_no_libfuzzer as atheris import atheris_no_libfuzzer as atheris
from PIL import Image, ImageDraw, ImageFont import fuzzers
def TestOneInput(data): def TestOneInput(data):
try: try:
with ImageFont.load(io.BytesIO(data)) as font: fuzzers.fuzz_font(data)
font.getsize_multiline("ABC\nAaaa")
font.getmask("test text")
with Image.new(mode="RGBA", size=(200, 200)) as im:
draw = ImageDraw.Draw(im)
draw.text((10,10), "Test Text", font)
except Exception: except Exception:
# We're catching all exceptions because Pillow's exceptions are # We're catching all exceptions because Pillow's exceptions are
# directly inheriting from Exception. # directly inheriting from Exception.

View File

@ -18,28 +18,21 @@ import io
import sys import sys
import warnings import warnings
import fuzzers
import atheris_no_libfuzzer as atheris import atheris_no_libfuzzer as atheris
from PIL import Image, ImageFile, ImageFilter
def TestOneInput(data): def TestOneInput(data):
try: try:
with Image.open(io.BytesIO(data)) as im: fuzzers.fuzz_image(data)
im.rotate(45)
im.filter(ImageFilter.DETAIL)
im.save(io.BytesIO(), "BMP")
except Exception: except Exception:
# We're catching all exceptions because Pillow's exceptions are # We're catching all exceptions because Pillow's exceptions are
# directly inheriting from Exception. # directly inheriting from Exception.
return return
return return
def main(): def main():
ImageFile.LOAD_TRUNCATED_IMAGES = True fuzzers.enable_decompressionbomb_error()
warnings.filterwarnings("ignore")
warnings.simplefilter("error", Image.DecompressionBombWarning)
atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True) atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
atheris.Fuzz() atheris.Fuzz()

33
Tests/oss-fuzz/fuzzers.py Normal file
View File

@ -0,0 +1,33 @@
import warnings
import io
from PIL import Image, ImageFont, ImageDraw, ImageFilter, ImageFile, PcfFontFile
def enable_decompressionbomb_error():
ImageFile.LOAD_TRUNCATED_IMAGES = True
warnings.filterwarnings("ignore")
warnings.simplefilter("error", Image.DecompressionBombWarning)
def fuzz_image(data):
# This will fail on some images in the corpus, as we have many
# invalid images in the test suite.
with Image.open(io.BytesIO(data)) as im:
im.rotate(45)
im.filter(ImageFilter.DETAIL)
im.save(io.BytesIO(), "BMP")
def fuzz_font(data):
# This should not fail on a valid font load for any of the fonts in the corpus
wrapper = io.BytesIO(data)
try:
font = ImageFont.truetype(wrapper)
except OSError:
# pcf/pilfonts/random garbage here here. They're different.
return
font.getsize_multiline("ABC\nAaaa")
font.getmask("test text")
with Image.new(mode="RGBA", size=(200, 200)) as im:
draw = ImageDraw.Draw(im)
draw.multiline_textsize("ABC\nAaaa", font, stroke_width=2)
draw.text((10,10), "Test Text", font=font, fill="#000")

View File

@ -0,0 +1,31 @@
import pytest
import fuzzers
import glob
import subprocess
from PIL import Image
@pytest.mark.parametrize("path", subprocess.check_output('find Tests/images -type f', shell=True).split(b'\n'))
def test_fuzz_images(path):
fuzzers.enable_decompressionbomb_error()
try:
with open(path, 'rb') as f:
fuzzers.fuzz_image(f.read())
assert True
except (OSError, SyntaxError, MemoryError, ValueError, NotImplementedError):
# Known exceptions that are through from Pillow
assert True
except (Image.DecompressionBombError, Image.DecompressionBombWarning,
Image.UnidentifiedImageError):
# Known Image.* exceptions
assert True
@pytest.mark.parametrize("path", subprocess.check_output('find Tests/fonts -type f', shell=True).split(b'\n'))
def test_fuzz_fonts(path):
if not path or b'LICENSE.txt' in path or b'.pil' in path:
return
with open(path, 'rb') as f:
fuzzers.fuzz_font(f.read())
assert True