This commit places the basics for libFuzzer integration with one
fuzzer which fuzzes the readMetadata function. The fuzzer is
located at fuzz/read-metadata.
To add more fuzzers please add them to ./fuzz directory as
described in the README.
Also a memory corruption bug is found using this fuzzer which
might lead to additional bugs after fix is pushed.
Add BUILD_WITH_STACK_PROTECTOR to avoid the following build failure with
toolchains that don't support stack-protector:
/home/buildroot/autobuild/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/mipsel-buildroot-linux-uclibc/9.3.0/../../../../mipsel-buildroot-linux-uclibc/bin/ld: utils.cpp:(.text._ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_M_constructIPcEEvT_S7_St20forward_iterator_tag[_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_M_constructIPcEEvT_S7_St20forward_iterator_tag]+0xd0): undefined reference to `__stack_chk_fail'
Indeed, support for -fstack-protector-strong can't be detected through
check_cxx_compiler_flag as some toolchains need to link with -lssp to
enable SSP support
Fixes:
- http://autobuild.buildroot.org/results/ae4635899124c602c70d2b342a76f95c34aa4a3d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
When compiling with -Wunused-variable, `EXT_STRERROR_R_CHAR_P` gets undefined because of a failing compilation check.
An alternative would be to mark `c` as `__attribute__((undefined))`, but MSVC doesn't have `__attribute__((undefined))`.
* avoid re-declaration of constant variables
* Replace pthreads critical section with std::mutex
* ci - better naming
* cmake - increase minimum version to 3.11. Use project DESCRIPTION
* fix - do not treat string::find() return type as bool
* remove conditions that were always true
* remove condition that were always false
* Remove EXV_HAVE_GMTIME_R which is not used anymore
* pixelWidth_ was inherited from Exiv2::Image
The width & height variables in the TiffImage class need to be mutable
to be able to change their values on the getters pixelHeight() and
pixelWidth() ... Do not ask me why ...
* Remove superfluous if
* pvs:V766 item with identical key added already
* pvs:V730 not all members were initialized (time)
* pvs:V730 not all members are initialized
* pvs:v668 no point in testing pointer against null after new
* pvs:V1048 variable assigned the same value
* replace c-style dynamic vector with std one
* pvs:547 fakeData is always true
* Remove useless constructor in derived class
* pvs:V690 modern way to disable copy-ctor
* Replace malloc/free with new/delete. No need to check for null
* pvs:V1028 cast operands and not result
* Remove custom MIN/MAX functions
* pvs:V595 pointer used before verified against null
* pvs: index used before being checked
* pvs:V1028 possible overflow. Cast operands
* pvs:v575 potential null pointer passed to other functions
* pvs:V547 deal with always true/false expressions
* pvs:V560 part of conditional expressions always false or true
* pvs:V701 possible break in realloc -> move to std::vector
* Make some classes 'final'
* Replace sprintf with std::to_string()
* fix compilation on windows
Some of the CI-Linux-Distros jobs failed because of this. Python3 is not
available by default on Debian:9 nor in Centos:8.
Since we are not currently running the tests in those platforms, and
python3 is just used for testing, we do not want to enforce this project
dependency.
Instead of relying on fragile and complex logic to decide if a
compiler flag is available or not, use the check_c_compiler_flag()
macro provided by the CMake standard library.
This for example avoids using -fcf-protection on architectures that
don't support this option.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dd2d181755a6e642c0a8e3225ef5407fff49eb3a)
When resolving the conflict from applying the patch, I also took the liberty
of re-indenting the snippet correcly and fixing mismatching
HAS_FCF_PROTECTION and HAS_FSTACK_PROTECTOR_STRONG variables
(the conditionals used GCC_ prefix but the variables were definded without it).
Signed-off-by: Jan Tojnar <jtojnar@gmail.com>
Christoph Hasse
Kevin Backhouse
Jeka Pats
Fabrice Fontaine
Robin Mills
Attila Oláh
Luis Díaz Más
Miloš Komarčević
Peter Kovář
Jan Tojnar
Thomas Petazzoni