[cairo] Anyone interested in fuzzing issues?
Albert Astals Cid
aacid at kde.org
Wed Dec 16 22:58:09 UTC 2020
El dimecres, 16 de desembre de 2020, a les 21:08:52 CET, Uli Schlachter va escriure:
> Am 16.12.20 um 20:29 schrieb Albert Astals Cid:
> > We recently added fuzzing to the cairo renderer in poppler and we're getting quite some issues like
> Do you have some links? Which inputs do which function are you fuzzing?
> I'm curious. A quick search didn't find any relevant code.
I'm not sure I understood what you're interested in, but basically we're fuzzying what a normal application would do with poppler, that if you're using the glib codepaths, ends up using cairo to do drawing/printing
Some random links
> > Anyone interested in the full traces/files to reproduce those issues?
> Sure, why not. I might have some time after Christmas, but I cannot
> promise anything.
> Depending on volume, you could also feed your findings into the bugtracker.
Are you happy with me publicly posting these crashes? Or prefer if i check the "This issue is confidential and should only be visible to team members with at least Reporter access." box in the gitlab issues?
> I don't really know this font stuff, but it seems like you are feeding a
> broken font into code that was not meant to deal with malicious fonts.
Well that's what fuzzyign is for, find all the places you thought you were safe and user input is never safe :D
> Related: Could you take a look at
> https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/69? Google
> has an intern who wrote some fuzzing targets for cairo. Perhaps they
> have a similar approach or your and their effort could be integrated?
Yes, it's the same thing and not the same thing :D
I mean we're also running in oss-fuzz, but ours is "higher" level, i.e we're "just" fuzzing poppler, but it happens that some of the codepaths end up in cairo so it complains of those too.
More information about the cairo