mirror of
https://github.com/python-pillow/Pillow.git
synced 2024-12-26 01:46:18 +03:00
Refactor fuzzers, add fuzzer tests
This commit is contained in:
parent
e2577d1736
commit
becd633d3f
|
@ -20,17 +20,11 @@ import warnings
|
||||||
|
|
||||||
import atheris_no_libfuzzer as atheris
|
import atheris_no_libfuzzer as atheris
|
||||||
|
|
||||||
from PIL import Image, ImageDraw, ImageFont
|
import fuzzers
|
||||||
|
|
||||||
|
|
||||||
def TestOneInput(data):
|
def TestOneInput(data):
|
||||||
try:
|
try:
|
||||||
with ImageFont.load(io.BytesIO(data)) as font:
|
fuzzers.fuzz_font(data)
|
||||||
font.getsize_multiline("ABC\nAaaa")
|
|
||||||
font.getmask("test text")
|
|
||||||
with Image.new(mode="RGBA", size=(200, 200)) as im:
|
|
||||||
draw = ImageDraw.Draw(im)
|
|
||||||
draw.text((10,10), "Test Text", font)
|
|
||||||
except Exception:
|
except Exception:
|
||||||
# We're catching all exceptions because Pillow's exceptions are
|
# We're catching all exceptions because Pillow's exceptions are
|
||||||
# directly inheriting from Exception.
|
# directly inheriting from Exception.
|
||||||
|
|
|
@ -18,28 +18,21 @@ import io
|
||||||
import sys
|
import sys
|
||||||
import warnings
|
import warnings
|
||||||
|
|
||||||
|
import fuzzers
|
||||||
|
|
||||||
import atheris_no_libfuzzer as atheris
|
import atheris_no_libfuzzer as atheris
|
||||||
|
|
||||||
from PIL import Image, ImageFile, ImageFilter
|
|
||||||
|
|
||||||
|
|
||||||
def TestOneInput(data):
|
def TestOneInput(data):
|
||||||
try:
|
try:
|
||||||
with Image.open(io.BytesIO(data)) as im:
|
fuzzers.fuzz_image(data)
|
||||||
im.rotate(45)
|
|
||||||
im.filter(ImageFilter.DETAIL)
|
|
||||||
im.save(io.BytesIO(), "BMP")
|
|
||||||
except Exception:
|
except Exception:
|
||||||
# We're catching all exceptions because Pillow's exceptions are
|
# We're catching all exceptions because Pillow's exceptions are
|
||||||
# directly inheriting from Exception.
|
# directly inheriting from Exception.
|
||||||
return
|
return
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
ImageFile.LOAD_TRUNCATED_IMAGES = True
|
fuzzers.enable_decompressionbomb_error()
|
||||||
warnings.filterwarnings("ignore")
|
|
||||||
warnings.simplefilter("error", Image.DecompressionBombWarning)
|
|
||||||
atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
|
atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
|
||||||
atheris.Fuzz()
|
atheris.Fuzz()
|
||||||
|
|
||||||
|
|
33
Tests/oss-fuzz/fuzzers.py
Normal file
33
Tests/oss-fuzz/fuzzers.py
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
import warnings
|
||||||
|
import io
|
||||||
|
|
||||||
|
from PIL import Image, ImageFont, ImageDraw, ImageFilter, ImageFile, PcfFontFile
|
||||||
|
|
||||||
|
def enable_decompressionbomb_error():
|
||||||
|
ImageFile.LOAD_TRUNCATED_IMAGES = True
|
||||||
|
warnings.filterwarnings("ignore")
|
||||||
|
warnings.simplefilter("error", Image.DecompressionBombWarning)
|
||||||
|
|
||||||
|
def fuzz_image(data):
|
||||||
|
# This will fail on some images in the corpus, as we have many
|
||||||
|
# invalid images in the test suite.
|
||||||
|
with Image.open(io.BytesIO(data)) as im:
|
||||||
|
im.rotate(45)
|
||||||
|
im.filter(ImageFilter.DETAIL)
|
||||||
|
im.save(io.BytesIO(), "BMP")
|
||||||
|
|
||||||
|
def fuzz_font(data):
|
||||||
|
# This should not fail on a valid font load for any of the fonts in the corpus
|
||||||
|
wrapper = io.BytesIO(data)
|
||||||
|
try:
|
||||||
|
font = ImageFont.truetype(wrapper)
|
||||||
|
except OSError:
|
||||||
|
# pcf/pilfonts/random garbage here here. They're different.
|
||||||
|
return
|
||||||
|
|
||||||
|
font.getsize_multiline("ABC\nAaaa")
|
||||||
|
font.getmask("test text")
|
||||||
|
with Image.new(mode="RGBA", size=(200, 200)) as im:
|
||||||
|
draw = ImageDraw.Draw(im)
|
||||||
|
draw.multiline_textsize("ABC\nAaaa", font, stroke_width=2)
|
||||||
|
draw.text((10,10), "Test Text", font=font, fill="#000")
|
31
Tests/oss-fuzz/test_fuzzers.py
Normal file
31
Tests/oss-fuzz/test_fuzzers.py
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
import pytest
|
||||||
|
|
||||||
|
import fuzzers
|
||||||
|
import glob
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
from PIL import Image
|
||||||
|
|
||||||
|
@pytest.mark.parametrize("path", subprocess.check_output('find Tests/images -type f', shell=True).split(b'\n'))
|
||||||
|
def test_fuzz_images(path):
|
||||||
|
fuzzers.enable_decompressionbomb_error()
|
||||||
|
try:
|
||||||
|
with open(path, 'rb') as f:
|
||||||
|
fuzzers.fuzz_image(f.read())
|
||||||
|
assert True
|
||||||
|
except (OSError, SyntaxError, MemoryError, ValueError, NotImplementedError):
|
||||||
|
# Known exceptions that are through from Pillow
|
||||||
|
assert True
|
||||||
|
except (Image.DecompressionBombError, Image.DecompressionBombWarning,
|
||||||
|
Image.UnidentifiedImageError):
|
||||||
|
# Known Image.* exceptions
|
||||||
|
assert True
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize("path", subprocess.check_output('find Tests/fonts -type f', shell=True).split(b'\n'))
|
||||||
|
def test_fuzz_fonts(path):
|
||||||
|
if not path or b'LICENSE.txt' in path or b'.pil' in path:
|
||||||
|
return
|
||||||
|
with open(path, 'rb') as f:
|
||||||
|
fuzzers.fuzz_font(f.read())
|
||||||
|
assert True
|
Loading…
Reference in New Issue
Block a user