[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ft-devel] [GSoC] Plans for the Finale of Fuzzing for FreeType
|
From: |
armin |
|
Subject: |
[ft-devel] [GSoC] Plans for the Finale of Fuzzing for FreeType |
|
Date: |
Tue, 10 Jul 2018 22:04:37 +0200 |
Hello dear readers of this wonderful mailing list :)
I want to give you a quick update on the fuzzing side of things:
The targets are growing on a daily basis and will be integrated into
OSS-Fuzz in a matter of hours, maximum a day or two :) They will not be
complete by then (technically, they will never be complete) but they are in
such a state that Kostya and I decided it's worth throwing them into the
machinery and watch the outcome.
Apart from that, I plan to achieve the following things during the 3rd (and
final) stage of GSoC 2018 (I am so sad, I cannot believe it's more than 50%
over already :/)
(1) Further work on the API checklist
(https://github.com/cherusker/freetype2-testing/blob/master/fuzzing/README.m
d) and adding even more API functions to that list (esp. parts of the
"Support API" that is not sufficiently being used indirectly).
(2) Play with driver properties.
(3) Build another set of fuzz targets for fuzzing glyph related stuff
(stroking, rendering, ...) that happens independently of the driver-driven
targets (that are the actual focus of my GSoC project). Some things from
the driver-driven targets will then be moved to these glyph-driven targets.
(4) Integrate some profiling to identify bottlenecks and maybe put scary
bits into separate targets and/or isolate them otherwise (if necessary).
So far, so good. I hope you're still with me, b/c I do also have a question
for everyone in here:
Does anyone know font geeks?
===========================
If possible, I would love to ditch the "old" corpus since its fonts are huge
(they are proper fonts) and repetitive (not exactly the initial fuzz corpus
of your dreams). While I do know more/less exactly what the perfect fuzzing
fonts should look like, I would much rather spend my time improving and
expanding the fuzz targets than creating those fonts. So, if there are any
font enthusiasts listening (or if you know any people who would love doing
that) please step forward; that would really be a great help :)
Ben (bungeman) already did a great job in providing a base set of sample
fonts that are optimised for fuzzing (small fonts, few glyphs, concentrating
on a few, very distinctive features) but there could be a lot more
(https://github.com/cherusker/freetype2-testing/tree/master/fuzzing/corpora/
truetype/bungeman etc.).
For reference: I will also contact HarfBuzz and see if they have interesting
stuff and IF they do, if they would share that with FreeType :)
I hope everyone is doing great and to my GSoC co-workers: have a happy
coding finale :)
- [ft-devel] [GSoC] Plans for the Finale of Fuzzing for FreeType,
armin <=