-
Notifications
You must be signed in to change notification settings - Fork 617
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add exrcheck utility and hooks for fuzz testing #842
add exrcheck utility and hooks for fuzz testing #842
Conversation
Signed-off-by: Peter Hillman <peterh@wetafx.co.nz>
Signed-off-by: Peter Hillman <peterh@wetafx.co.nz>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice addition
Signed-off-by: Peter Hillman <peterh@wetafx.co.nz>
…tests (#875) * ignore unused bits in B44 mode detection Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * apply #832: use unsigned values in shift to prevent undefined behavior Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * apply #818: compute Huf codelengths using 64 bit to prevent shift overflow Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * apply #817: double-check unpackedBuffer created in DWA uncompress Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * apply #820: suppress sanitizer warnings when writing invalid enums Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * apply #825: Avoid overflow in calculateNumTiles when size=MAX_INT Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * apply #826: restrict maximum tile size to INT_MAX byte limit Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * apply #827: lighter weight reading of Luma-only images via RgbaInputFile Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * refactor channel filling in InputFile API with tiled source Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * handle edge-case of empty framebuffer Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * apply #829: fix buffer overflow check in PIZ decompression Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * Use Int64 in dataWindowForTile to prevent integer overflow (#831) * Use Int64 in dataWindowForTile to prevent integer overflow Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * use signed 64 bit instead for dataWindow calculation Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> Co-authored-by: Cary Phillips <cary@ilm.com> Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * prevent overflow in hufUncompress if nBits is large (#836) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * add sanity check for reading multipart files with no parts (#840) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * reduce B44 _tmpBufferSize (was allocating two bytes per byte) (#843) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * check for valid Huf code lengths (#849) * check for valid Huf code lengths * test non-fast huf decoder in testHuf Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * check 1 part files with 'nonimage' bit have type attribute (#860) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> Co-authored-by: Cary Phillips <cary@ilm.com> Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * Fix overflow computing deeptile sample table size (#861) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * re-order shift/compare in FastHuf to prevent undefined shift overflow warning (#819) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> Co-authored-by: Cary Phillips <cary@ilm.com> Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * more elegant exception handling in exrmaketiled (#841) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * check EXRAllocAligned succeeded to allocate ScanlineInputFile lineBuffers (#844) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * test channels are DCT compressed before DWA decompression (#845) Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> * Merge ABI-compatible changes from #842 Signed-off-by: Peter Hillman <peterh@wetafx.co.nz> Co-authored-by: Cary Phillips <cary@ilm.com>
set_target_properties(exrcheck PROPERTIES | ||
RUNTIME_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/bin" | ||
) | ||
# install(TARGETS exrcheck DESTINATION ${CMAKE_INSTALL_BINDIR}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was discussed on the OpenEXR slack channel (academysoftwarefdn#openexr) in February.
It was originally set to not install because it didn't seem appropriate to add a new binary install in a patch release. I overlooked adding it in at the next significant release.
exrcheck
is largely useful when compiling the OpenEXR library with various sanitizer options, so it can detect programming errors in the library. Sanitizer builds are generally not installed anyway, so it doesn't seem useful to set it to install.
Do you have a case for it to be installed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, good to know, thanks, yes I'm thinking to use it to check the exr file integrity, like when process crashed on writing or so, was confused a bit why it's documented but missed in destination.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes exrcheck
was also meant to be used that way, but it's not particularly efficient for that: currently it tries to read the file multiple times to exercise all the API. It needs a faster 'just validate file integrity' option that does the bare minimum to check the file is OK (including decompressing all the image data)
This adds an
exrcheck
binary (not installed by default) that can be used to check for bad files, as well as looking for issues in the OpenEXR library. This wraps a new API call in IlmImfUtil: checkOpenEXRFile()A hook to call this function with the oss-fuzz project has also been added in IlmImfFuzzTest. This file is to be compiled by that project
OpenEXR's internal fuzz tests could also be adapted to use checkOpenEXRFile instead of their own function. This would allow for more exhaustive testing.
A few other additions to the API:
Other bugfixes to address issues found while testing against the 'Damaged' file list that were required to properly test
exrcheck
: