TGA, the only parser where I didn't find any memory-corruption bugs. Yet. Signed-off-by: Daniel Axtens <d...@axtens.net> --- .gitignore | 1 + Makefile.util.def | 21 +++++++++++++++++++++ grub-core/tests/fuzz/tga.c | 3 +++ 3 files changed, 25 insertions(+) create mode 100644 grub-core/tests/fuzz/tga.c
diff --git a/.gitignore b/.gitignore index 1e0340662033..f148cfaf9a75 100644 --- a/.gitignore +++ b/.gitignore @@ -39,6 +39,7 @@ grub-emu-lite.exe grub-emu.exe grub-fuzz-jpeg grub-fuzz-png +grub-fuzz-tga grub-macho2img grub_emu_init.c grub_emu_init.h diff --git a/Makefile.util.def b/Makefile.util.def index 49d2c67a29f1..a5107e48ed42 100644 --- a/Makefile.util.def +++ b/Makefile.util.def @@ -1508,3 +1508,24 @@ program = { condition = COND_ENABLE_FUZZERS; }; + +program = { + name = grub-fuzz-tga; + + nostrip = common; + + common = grub-core/video/readers/tga.c; + common = grub-core/video/bitmap.c; + common = grub-core/io/bufio.c; + + extra_dist = grub-core/tests/fuzz/imageXX.c; + common = grub-core/tests/fuzz/tga.c; + + ldadd = 'libfuzzkern.a grub-core/lib/gnulib/libgnu.a $(LIBDEVMAPPER)'; + + cppflags = '-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION'; + cflags='-fsanitize=fuzzer-no-link'; + ldflags='-fsanitize=fuzzer'; + + condition = COND_ENABLE_FUZZERS; +}; diff --git a/grub-core/tests/fuzz/tga.c b/grub-core/tests/fuzz/tga.c new file mode 100644 index 000000000000..66ae9b32a584 --- /dev/null +++ b/grub-core/tests/fuzz/tga.c @@ -0,0 +1,3 @@ +#define IMG_EXTENSION "tga" +#define MODULE_INIT grub_tga_init +#include "imageXX.c" -- 2.25.1 _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel