Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[poppler] Add poppler #1431

Merged
merged 3 commits into from
May 21, 2018
Merged

[poppler] Add poppler #1431

merged 3 commits into from
May 21, 2018

Conversation

titanous
Copy link
Contributor

As requested in #402.

👋 @tsdgeos This adds a fuzzer for poppler that will be continuously updated and run in the OSS-Fuzz infrastructure. Assuming you are okay with this, please confirm that aacid@kde.org is your email address and has a Google account associated with it (this account will be used to access restricted bugs filed by the fuzzers). Also, should anyone else have access to the bugs?

@titanous titanous mentioned this pull request May 21, 2018
Closed
@tsdgeos
Copy link
Contributor

tsdgeos commented May 21, 2018

I don't think aacid@kde.org has an associated google account you can use tsdgeos@gmail.com i guess

@titanous
Copy link
Contributor Author

This is ready to merge.

inferno-chromium
inferno-chromium reviewed May 21, 2018
View reviewed changes
projects/poppler/pdf_fuzzer.options Outdated
@@ -0,0 +1 @@
[libfuzzer]
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not needed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed.

@inferno-chromium inferno-chromium merged commit 6836cc6 into google:master May 21, 2018
@titanous titanous deleted the poppler branch May 21, 2018 21:15
@tsdgeos
Copy link
Contributor

tsdgeos commented May 21, 2018

So i just realized the test code is wrong and is not checking for is_locked before trying to use the document which is basically a misuse of the API (that ends up in crashes if you do, but that's not a security issue, it's just people not using the library correctly)

I guess i should just propose a fix?

@tsdgeos
Copy link
Contributor

tsdgeos commented May 21, 2018

#1436

tmatth pushed a commit to tmatth/oss-fuzz that referenced this pull request Oct 22, 2018
@titanous @tmatth
[poppler] Add poppler (google#1431)
24f4abe 
* [poppler] Add poppler

* cleanup

* remove empty options
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@inferno-chromium inferno-chromium inferno-chromium left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@titanous @tsdgeos @inferno-chromium