Refactor fuzzers, add fuzzer tests

Tests/oss-fuzz/fuzz_font.py

@@ -20,17 +20,11 @@ import warnings
 
 import atheris_no_libfuzzer as atheris
 
-from PIL import Image, ImageDraw, ImageFont
-
+import fuzzers
 
 def TestOneInput(data):
     try:
-        with ImageFont.load(io.BytesIO(data)) as font:
-            font.getsize_multiline("ABC\nAaaa")
-            font.getmask("test text")
-            with Image.new(mode="RGBA", size=(200, 200)) as im:
-                draw = ImageDraw.Draw(im)
-                draw.text((10,10), "Test Text", font)
+        fuzzers.fuzz_font(data)
     except Exception:
         # We're catching all exceptions because Pillow's exceptions are
         # directly inheriting from Exception.

Tests/oss-fuzz/fuzz_pillow.py

@@ -18,28 +18,21 @@ import io
 import sys
 import warnings
 
+import fuzzers
+
 import atheris_no_libfuzzer as atheris
 
-from PIL import Image, ImageFile, ImageFilter
-
-
 def TestOneInput(data):
     try:
-        with Image.open(io.BytesIO(data)) as im:
-            im.rotate(45)
-            im.filter(ImageFilter.DETAIL)
-            im.save(io.BytesIO(), "BMP")
+        fuzzers.fuzz_image(data)
     except Exception:
         # We're catching all exceptions because Pillow's exceptions are
         # directly inheriting from Exception.
         return
     return
 
-
 def main():
-    ImageFile.LOAD_TRUNCATED_IMAGES = True
-    warnings.filterwarnings("ignore")
-    warnings.simplefilter("error", Image.DecompressionBombWarning)
+    fuzzers.enable_decompressionbomb_error()
     atheris.Setup(sys.argv, TestOneInput, enable_python_coverage=True)
     atheris.Fuzz()
 

Tests/oss-fuzz/fuzzers.py

@@ -0,0 +1,33 @@
+import warnings
+import io
+
+from PIL import Image, ImageFont, ImageDraw, ImageFilter, ImageFile, PcfFontFile
+
+def enable_decompressionbomb_error():
+    ImageFile.LOAD_TRUNCATED_IMAGES = True
+    warnings.filterwarnings("ignore")
+    warnings.simplefilter("error", Image.DecompressionBombWarning)
+
+def fuzz_image(data):
+    # This will fail on some images in the corpus, as we have many
+    # invalid images in the test suite.
+    with Image.open(io.BytesIO(data)) as im:
+        im.rotate(45)
+        im.filter(ImageFilter.DETAIL)
+        im.save(io.BytesIO(), "BMP")
+
+def fuzz_font(data):
+    # This should not fail on a valid font load for any of the fonts in the corpus
+    wrapper = io.BytesIO(data)
+    try:
+        font = ImageFont.truetype(wrapper)
+    except OSError:
+        # pcf/pilfonts/random garbage here here. They're different.
+        return
+
+    font.getsize_multiline("ABC\nAaaa")
+    font.getmask("test text")
+    with Image.new(mode="RGBA", size=(200, 200)) as im:
+        draw = ImageDraw.Draw(im)
+        draw.multiline_textsize("ABC\nAaaa", font, stroke_width=2)
+        draw.text((10,10), "Test Text", font=font, fill="#000")

Tests/oss-fuzz/test_fuzzers.py

@@ -0,0 +1,31 @@
+import pytest
+
+import fuzzers
+import glob
+import subprocess
+
+from PIL import Image
+
+@pytest.mark.parametrize("path", subprocess.check_output('find Tests/images -type f', shell=True).split(b'\n'))
+def test_fuzz_images(path):
+    fuzzers.enable_decompressionbomb_error()
+    try:
+        with open(path, 'rb') as f:
+            fuzzers.fuzz_image(f.read())
+            assert True
+    except (OSError, SyntaxError, MemoryError, ValueError, NotImplementedError):
+        # Known exceptions that are through from Pillow
+        assert True
+    except (Image.DecompressionBombError, Image.DecompressionBombWarning,
+            Image.UnidentifiedImageError):
+        # Known Image.* exceptions
+        assert True
+
+
+@pytest.mark.parametrize("path", subprocess.check_output('find Tests/fonts -type f', shell=True).split(b'\n'))
+def test_fuzz_fonts(path):
+    if not path or b'LICENSE.txt' in path or b'.pil' in path:
+        return
+    with open(path, 'rb') as f:
+        fuzzers.fuzz_font(f.read())
+        assert True