freetype-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ft-devel] More fuzzing for freetype2?

From: Kostya Serebryany
Subject: Re: [ft-devel] More fuzzing for freetype2?
Date: Wed, 7 Oct 2015 09:01:08 -0700


On Wed, Oct 7, 2015 at 1:18 AM, Werner LEMBERG <address@hidden> wrote:

> I've inserted this file into the corpus, and it added 2 more control flow
> edges (out of ~15000).
> Not much, but not zero.

The current function used for the fuzzer doesn't cover GX stuff at
all.  We have to extend it step by step to get a better FreeType
coverage.

Let's start from here. 
I think the more sustainable approach is to commit the target function into the FreeType git first.
I'll then re-target the bot to use that file instead of my own. 
Once that works, one of the domain experts (i.e. not me :)  will be able to add more stuff there. 
This way you will fully control what functionality is actually being fuzzed, and I will just monitor the infrastructure. 
Does that sounds reasonable?  

--kcc 
 

> The current target function handles any kind of font, so it may be
> rather slow in finding problems specific to a single font type.  For
> that we better write a separate target function. Would you like to
> help?

Yes, this would be great!  Have a look into the `ftmulti' FreeType
demo program :-) If you want to test named instances only, a simpler
approach of looping over all faces might work also with the recent
2.6.1 version (we have to add to test TTC support anyways to the
fuzzing routine).


    Werner

reply via email to
[Prev in Thread] Current Thread [Next in Thread]