Re: [Pixman] Crash during stress-test

[Emil Velikov]

On 19 November 2017 at 18:26, LE GARREC Vincent
 wrote:
> I made a clone on https://github.com/bansan85/pixman/tree/stress_test_file
> I tried to make lots of small commits to make review easier.

A lot better, thank you. There are some whitespace fixes alongside the
feature ones.
Can you give it another quick look and send the lot to the list for
review - I think the recommended way is via git send-email.

-Emil
___
Pixman mailing list
Pixman@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/pixman

Re: [Pixman] Crash during stress-test

[Emil Velikov]

Hi Vincent,

On 15 November 2017 at 21:37, LE GARREC Vincent
 wrote:
> Dear,
>
> I ran stress-test under fuzzing and I found a crash.
>
> I'm not really comfortable with pixman so I don't really know how to report
> you the problem.
>
> Please find enclosed modifications I needed to apply to allow fuzzing with
> afl.
> I disabled HAVE_GCC_VECTOR_EXTENSIONS and adapt smallprng_rand_r to read
> from buffer instead of random data based on seed.
>
> To make the stress-test crashes, run ./stress-test rasterize_edges_8.crash
>
> I hope it's not my patch that make pixman crashes.
>
> Please, tell me if you need further information or if I did something wrong.
>
I'm not that muhc of a pixman to provide you with feedback on the exact issue.

Small question though:
Have you considered adding a argument to the program which changes
rand -> input file method?

It will allow you to drop the HAVE_GCC_VECTOR_EXTENSIONS workarounds
and upstream the changes.
This way one will be able to do some extensive testing prior to
rolling a potentially vulnerable pixman release to the masses.

HTH
Emil
___
Pixman mailing list
Pixman@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/pixman

[Pixman] Crash during stress-test

[LE GARREC Vincent]

Dear,

I ran stress-test under fuzzing and I found a crash.

I'm not really comfortable with pixman so I don't really know how to report
you the problem.

Please find enclosed modifications I needed to apply to allow fuzzing with
afl.
I disabled HAVE_GCC_VECTOR_EXTENSIONS and adapt smallprng_rand_r to read
from buffer instead of random data based on seed.

To make the stress-test crashes, run ./stress-test rasterize_edges_8.crash

I hope it's not my patch that make pixman crashes.

Please, tell me if you need further information or if I did something wrong.

Best regards,

Vincent LE GARREC


backtrace
Description: Binary data


pixman_fuzzing.patch
Description: Binary data


rasterize_edges_8.crash
Description: Binary data
___
Pixman mailing list
Pixman@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/pixman