freetype-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ft-devel] More fuzzing for freetype2?

From: Kostya Serebryany
Subject: Re: [ft-devel] More fuzzing for freetype2?
Date: Mon, 5 Oct 2015 13:12:24 -0700


On Mon, Oct 5, 2015 at 7:22 AM, Alexei Podtelezhnikov <address@hidden> wrote:
On Sun, Oct 4, 2015 at 2:40 PM, Kostya Serebryany <address@hidden> wrote:
> The data shows that ~500 out of ~1000 functions were never executed.
> ...
> If we ever get close to ~90% function coverage...

About 50% coverage actually sounds reasonable for a given font format.
For example, Freetype has 3 hinters for different fonts. Of course, we
do not use them together. It took a while before the Fuzzer
"discovered" CFF space.

About two weeks on 20 CPU cores, to be precise. 
if I had a test input that uses CFF, it would have been much quicker. :) 
 
I might be totally off base here, but coverage
for a given font format would be more informative. FreeType supports a
large but limited number of font formats
http://freetype.org/freetype2/docs/index.html .

How do you identify that a given file belongs to one format or another?
Some magic in the beginning?
We can modify the target function to immediately reject all formats but one, and we'll get what you are asking for.  
This is where my knowledge about this domain area (fonts) ends and where I may need your help. 

--kcc 
reply via email to
[Prev in Thread] Current Thread [Next in Thread]