diff --git a/fuzzers/filename_fuzzer.cpp b/fuzzers/filename_fuzzer.cpp index 75a4fa2d66f4..a2e512b9363d 100644 --- a/fuzzers/filename_fuzzer.cpp +++ b/fuzzers/filename_fuzzer.cpp @@ -35,13 +35,13 @@ #include "cpl_vsi.h" #include "gdal_priv.h" -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); -int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) +int LLVMFuzzerInitialize(int * /*argc*/, char ***argv) { - const char* exe_path = (*argv)[0]; - if( CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr ) + const char *exe_path = (*argv)[0]; + if (CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr) { CPLSetConfigOption("GDAL_DATA", CPLGetPath(exe_path)); } @@ -53,7 +53,7 @@ int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) CPLSetConfigOption("GDAL_WMS_ABORT_CURL_REQUEST", "YES"); CPLSetConfigOption("GDAL_HTTP_TIMEOUT", "1"); CPLSetConfigOption("GDAL_HTTP_CONNECTTIMEOUT", "1"); - CPLSetConfigOption("GDAL_CACHEMAX", "1000"); // Limit to 1 GB + CPLSetConfigOption("GDAL_CACHEMAX", "1000"); // Limit to 1 GB #ifdef GTIFF_USE_MMAP CPLSetConfigOption("GTIFF_USE_MMAP", "YES"); #endif @@ -68,36 +68,40 @@ int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { - VSIFCloseL(VSIFileFromMemBuffer( "/vsimem/input.tar", - reinterpret_cast(const_cast(buf)), len, FALSE )); + VSIFCloseL(VSIFileFromMemBuffer( + "/vsimem/input.tar", + reinterpret_cast(const_cast(buf)), len, FALSE)); CPLErrorHandlerPusher oErrorHandler(CPLQuietErrorHandler); - GByte* paby = nullptr; + GByte *paby = nullptr; vsi_l_offset nSize = 0; - if( !VSIIngestFile(nullptr, "/vsitar//vsimem/input.tar/filename", &paby, &nSize, -1) ) + if (!VSIIngestFile(nullptr, "/vsitar//vsimem/input.tar/filename", &paby, + &nSize, -1)) { VSIUnlink("/vsimem/input.tar"); return 0; } - const std::string osFilename(reinterpret_cast(paby)); + const std::string osFilename(reinterpret_cast(paby)); VSIFree(paby); paby = nullptr; nSize = 0; - int ret = VSIIngestFile(nullptr, "/vsitar//vsimem/input.tar/content", &paby, &nSize, -1); + int ret = VSIIngestFile(nullptr, "/vsitar//vsimem/input.tar/content", &paby, + &nSize, -1); VSIUnlink("/vsimem/input.tar"); - if( !ret ) + if (!ret) { return 0; } const std::string osRealFilename("/vsimem/" + osFilename); - VSIFCloseL(VSIFileFromMemBuffer(osRealFilename.c_str(), paby, static_cast(nSize), TRUE )); + VSIFCloseL(VSIFileFromMemBuffer(osRealFilename.c_str(), paby, + static_cast(nSize), TRUE)); - delete GDALDataset::Open( osRealFilename.c_str() ); + delete GDALDataset::Open(osRealFilename.c_str()); - VSIUnlink( osRealFilename.c_str() ); + VSIUnlink(osRealFilename.c_str()); return 0; } diff --git a/fuzzers/fuzzingengine.cpp b/fuzzers/fuzzingengine.cpp index ad1043d40780..b824351a6a74 100644 --- a/fuzzers/fuzzingengine.cpp +++ b/fuzzers/fuzzingengine.cpp @@ -32,43 +32,45 @@ extern "C" { -int LLVMFuzzerTestOneInput(const void *buf, size_t len); -int LLVMFuzzerInitialize(int* argc, char*** argv); + int LLVMFuzzerTestOneInput(const void *buf, size_t len); + int LLVMFuzzerInitialize(int *argc, char ***argv); } -template static void CPL_IGNORE_RET_VAL(T) {} +template static void CPL_IGNORE_RET_VAL(T) +{ +} -static void Usage(int, char* argv[]) +static void Usage(int, char *argv[]) { fprintf(stderr, "%s [--help] [-repeat N] filename.\n", argv[0]); exit(1); } -int main(int argc, char* argv[]) +int main(int argc, char *argv[]) { LLVMFuzzerInitialize(&argc, &argv); int nRet = 0; - void* buf = nullptr; + void *buf = nullptr; int nLen = 0; int nLoops = 1; - const char* pszFilename = nullptr; - for(int i = 1; i < argc; i++ ) + const char *pszFilename = nullptr; + for (int i = 1; i < argc; i++) { - if( i + 1 < argc && strcmp(argv[i], "-repeat") == 0 ) + if (i + 1 < argc && strcmp(argv[i], "-repeat") == 0) { - nLoops = atoi(argv[i+1]); + nLoops = atoi(argv[i + 1]); i++; } - else if( strcmp(argv[i], "-dummy") == 0 ) + else if (strcmp(argv[i], "-dummy") == 0) { return LLVMFuzzerTestOneInput(" ", 1); } - else if( strcmp(argv[i], "--help") == 0 ) + else if (strcmp(argv[i], "--help") == 0) { Usage(argc, argv); } - else if( argv[i][0] == '-' ) + else if (argv[i][0] == '-') { fprintf(stderr, "Unrecognized option: %s", argv[i]); Usage(argc, argv); @@ -78,13 +80,13 @@ int main(int argc, char* argv[]) pszFilename = argv[i]; } } - if( pszFilename == nullptr ) + if (pszFilename == nullptr) { fprintf(stderr, "No filename specified\n"); Usage(argc, argv); } - FILE* f = fopen(pszFilename, "rb"); - if( !f ) + FILE *f = fopen(pszFilename, "rb"); + if (!f) { fprintf(stderr, "%s does not exist.\n", pszFilename); exit(1); @@ -93,7 +95,7 @@ int main(int argc, char* argv[]) nLen = (int)ftell(f); fseek(f, 0, SEEK_SET); buf = malloc(nLen); - if( !buf ) + if (!buf) { fprintf(stderr, "malloc failed.\n"); fclose(f); @@ -101,10 +103,10 @@ int main(int argc, char* argv[]) } CPL_IGNORE_RET_VAL(fread(buf, nLen, 1, f)); fclose(f); - for( int i = 0; i < nLoops; i++ ) + for (int i = 0; i < nLoops; i++) { nRet = LLVMFuzzerTestOneInput(buf, nLen); - if( nRet != 0 ) + if (nRet != 0) break; } free(buf); diff --git a/fuzzers/gdal_fuzzer.cpp b/fuzzers/gdal_fuzzer.cpp index 42d6ac03cc93..61e72fc4ff19 100644 --- a/fuzzers/gdal_fuzzer.cpp +++ b/fuzzers/gdal_fuzzer.cpp @@ -60,13 +60,13 @@ #define GDAL_FILENAME MEM_FILENAME #endif -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); -int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) +int LLVMFuzzerInitialize(int * /*argc*/, char ***argv) { - const char* exe_path = (*argv)[0]; - if( CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr ) + const char *exe_path = (*argv)[0]; + if (CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr) { CPLSetConfigOption("GDAL_DATA", CPLGetPath(exe_path)); } @@ -78,7 +78,7 @@ int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) CPLSetConfigOption("GDAL_WMS_ABORT_CURL_REQUEST", "YES"); CPLSetConfigOption("GDAL_HTTP_TIMEOUT", "1"); CPLSetConfigOption("GDAL_HTTP_CONNECTTIMEOUT", "1"); - CPLSetConfigOption("GDAL_CACHEMAX", "1000"); // Limit to 1 GB + CPLSetConfigOption("GDAL_CACHEMAX", "1000"); // Limit to 1 GB #ifdef GTIFF_USE_MMAP CPLSetConfigOption("GTIFF_USE_MMAP", "YES"); #endif @@ -91,10 +91,10 @@ int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) return 0; } -static void ExploreAttributes(const GDALIHasAttribute* attributeHolder) +static void ExploreAttributes(const GDALIHasAttribute *attributeHolder) { const auto attributes = attributeHolder->GetAttributes(); - for( const auto& attribute: attributes ) + for (const auto &attribute : attributes) { attribute->ReadAsRaw(); } @@ -102,8 +102,8 @@ static void ExploreAttributes(const GDALIHasAttribute* attributeHolder) attributeHolder->GetAttribute("i_do_not_exist"); } -static void ExploreArray(const std::shared_ptr& poArray, - const char* pszDriverName) +static void ExploreArray(const std::shared_ptr &poArray, + const char *pszDriverName) { ExploreAttributes(poArray.get()); @@ -119,12 +119,12 @@ static void ExploreArray(const std::shared_ptr& poArray, const auto nDimCount = poArray->GetDimensionCount(); bool bRead = true; constexpr size_t MAX_ALLOC = 1000 * 1000 * 1000U; - if( pszDriverName && EQUAL(pszDriverName, "GRIB") ) + if (pszDriverName && EQUAL(pszDriverName, "GRIB")) { const auto poDims = poArray->GetDimensions(); - if( nDimCount >= 2 && - poDims[nDimCount-2]->GetSize() > MAX_ALLOC / - sizeof(double) / poDims[nDimCount-1]->GetSize() ) + if (nDimCount >= 2 && + poDims[nDimCount - 2]->GetSize() > + MAX_ALLOC / sizeof(double) / poDims[nDimCount - 1]->GetSize()) { bRead = false; } @@ -133,13 +133,13 @@ static void ExploreArray(const std::shared_ptr& poArray, { const auto anBlockSize = poArray->GetBlockSize(); size_t nBlockSize = poArray->GetDataType().GetSize(); - for( const auto nDimBlockSize: anBlockSize ) + for (const auto nDimBlockSize : anBlockSize) { - if( nDimBlockSize == 0 ) + if (nDimBlockSize == 0) { break; } - if( nBlockSize > MAX_ALLOC / nDimBlockSize ) + if (nBlockSize > MAX_ALLOC / nDimBlockSize) { bRead = false; break; @@ -148,43 +148,39 @@ static void ExploreArray(const std::shared_ptr& poArray, } } - if( bRead && - poArray->GetDataType().GetClass() == GEDTC_NUMERIC ) + if (bRead && poArray->GetDataType().GetClass() == GEDTC_NUMERIC) { std::vector anArrayStartIdx(nDimCount); std::vector anCount(nDimCount, 1); std::vector anArrayStep(nDimCount); std::vector anBufferStride(nDimCount); - std::vector abyData( poArray->GetDataType().GetSize() ); - poArray->Read(anArrayStartIdx.data(), - anCount.data(), - anArrayStep.data(), - anBufferStride.data(), - poArray->GetDataType(), - &abyData[0]); + std::vector abyData(poArray->GetDataType().GetSize()); + poArray->Read(anArrayStartIdx.data(), anCount.data(), + anArrayStep.data(), anBufferStride.data(), + poArray->GetDataType(), &abyData[0]); } } -static void ExploreGroup(const std::shared_ptr& poGroup, - const char* pszDriverName) +static void ExploreGroup(const std::shared_ptr &poGroup, + const char *pszDriverName) { ExploreAttributes(poGroup.get()); const auto groupNames = poGroup->GetGroupNames(); poGroup->OpenGroup("i_do_not_exist"); - for( const auto& name: groupNames ) + for (const auto &name : groupNames) { auto poSubGroup = poGroup->OpenGroup(name); - if( poSubGroup ) + if (poSubGroup) ExploreGroup(poSubGroup, pszDriverName); } const auto arrayNames = poGroup->GetMDArrayNames(); poGroup->OpenMDArray("i_do_not_exist"); - for( const auto& name: arrayNames ) + for (const auto &name : arrayNames) { auto poArray = poGroup->OpenMDArray(name); - if( poArray ) + if (poArray) { ExploreArray(poArray, pszDriverName); } @@ -195,54 +191,54 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { #ifdef USE_FILESYSTEM char szTempFilename[64]; - snprintf(szTempFilename, sizeof(szTempFilename), - "/tmp/gdal_fuzzer_%d.%s", + snprintf(szTempFilename, sizeof(szTempFilename), "/tmp/gdal_fuzzer_%d.%s", (int)getpid(), EXTENSION); - VSILFILE* fp = VSIFOpenL(szTempFilename, "wb"); - if( !fp ) + VSILFILE *fp = VSIFOpenL(szTempFilename, "wb"); + if (!fp) { fprintf(stderr, "Cannot create %s\n", szTempFilename); return 1; } - VSIFWriteL( buf, 1, len, fp ); + VSIFWriteL(buf, 1, len, fp); #else - VSILFILE* fp = VSIFileFromMemBuffer( MEM_FILENAME, - reinterpret_cast(const_cast(buf)), len, FALSE ); + VSILFILE *fp = VSIFileFromMemBuffer( + MEM_FILENAME, reinterpret_cast(const_cast(buf)), + len, FALSE); #endif VSIFCloseL(fp); CPLPushErrorHandler(CPLQuietErrorHandler); #ifdef USE_FILESYSTEM - const char* pszGDALFilename = szTempFilename; + const char *pszGDALFilename = szTempFilename; #else - const char* pszGDALFilename = GDAL_FILENAME; + const char *pszGDALFilename = GDAL_FILENAME; #endif - GDALDatasetH hDS = GDALOpen( pszGDALFilename, GA_ReadOnly ); - if( hDS ) + GDALDatasetH hDS = GDALOpen(pszGDALFilename, GA_ReadOnly); + if (hDS) { const int nTotalBands = GDALGetRasterCount(hDS); const int nBands = std::min(10, nTotalBands); bool bDoCheckSum = true; int nXSizeToRead = std::min(1024, GDALGetRasterXSize(hDS)); int nYSizeToRead = std::min(1024, GDALGetRasterYSize(hDS)); - if( nBands > 0 ) + if (nBands > 0) { - const char* pszInterleave = - GDALGetMetadataItem( hDS, "INTERLEAVE", "IMAGE_STRUCTURE" ); + const char *pszInterleave = + GDALGetMetadataItem(hDS, "INTERLEAVE", "IMAGE_STRUCTURE"); int nSimultaneousBands = - (pszInterleave && EQUAL(pszInterleave, "PIXEL")) ? - nTotalBands : 1; + (pszInterleave && EQUAL(pszInterleave, "PIXEL")) ? nTotalBands + : 1; // When using the RGBA interface in pixel-interleaved mode, take // into account the raw number of bands to compute memory // requirements - if( nBands == 4 && nSimultaneousBands != 1 && - GDALGetDatasetDriver(hDS) == GDALGetDriverByName("GTiff") ) + if (nBands == 4 && nSimultaneousBands != 1 && + GDALGetDatasetDriver(hDS) == GDALGetDriverByName("GTiff")) { GDALDatasetH hRawDS = GDALOpen( - (CPLString("GTIFF_RAW:")+pszGDALFilename).c_str(), - GA_ReadOnly ); - if( hRawDS ) + (CPLString("GTIFF_RAW:") + pszGDALFilename).c_str(), + GA_ReadOnly); + if (hRawDS) { nSimultaneousBands = GDALGetRasterCount(hRawDS); GDALClose(hRawDS); @@ -253,28 +249,28 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) // given the block size and interleaving mode, do not read // pixels to avoid out of memory conditions by ASAN GIntBig nPixels = 0; - for( int i = 0; i < nBands; i++ ) + for (int i = 0; i < nBands; i++) { int nBXSize = 0, nBYSize = 0; - GDALGetBlockSize( GDALGetRasterBand(hDS, i+1), &nBXSize, - &nBYSize ); - if( nBXSize == 0 || nBYSize == 0 || - nBXSize > INT_MAX / nBYSize ) + GDALGetBlockSize(GDALGetRasterBand(hDS, i + 1), &nBXSize, + &nBYSize); + if (nBXSize == 0 || nBYSize == 0 || nBXSize > INT_MAX / nBYSize) { bDoCheckSum = false; break; } // Limit to 1000 blocks read for each band. - while( (nXSizeToRead > 1 || nYSizeToRead > 1) && + while ((nXSizeToRead > 1 || nYSizeToRead > 1) && (DIV_ROUND_UP(nXSizeToRead, nBXSize) * - DIV_ROUND_UP(nYSizeToRead, nBYSize) > 1000) ) + DIV_ROUND_UP(nYSizeToRead, nBYSize) > + 1000)) { - if( nXSizeToRead > 1 && + if (nXSizeToRead > 1 && DIV_ROUND_UP(nXSizeToRead, nBXSize) > - DIV_ROUND_UP(nYSizeToRead, nBYSize) ) + DIV_ROUND_UP(nYSizeToRead, nBYSize)) nXSizeToRead /= 2; - else if( nYSizeToRead > 1 ) + else if (nYSizeToRead > 1) nYSizeToRead /= 2; else nXSizeToRead /= 2; @@ -286,36 +282,45 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) // GTiffSplitBand // Could probably be fixed for the CHUNKY_STRIP_READ_SUPPORT // mode. - // Workaround https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2606 - const char* pszCompress = + // Workaround + // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2606 + const char *pszCompress = GDALGetMetadataItem(hDS, "COMPRESSION", "IMAGE_STRUCTURE"); - if( pszCompress != nullptr && + if (pszCompress != nullptr && ((nBYSize == 1 && GDALGetRasterYSize(hDS) > 1 && GDALGetMetadataItem(GDALGetRasterBand(hDS, 1), - "BLOCK_OFFSET_0_1", "TIFF") == nullptr) || + "BLOCK_OFFSET_0_1", + "TIFF") == nullptr) || nBXSize != GDALGetRasterXSize(hDS)) && - GDALGetDatasetDriver(hDS) == GDALGetDriverByName("GTiff") ) + GDALGetDatasetDriver(hDS) == GDALGetDriverByName("GTiff")) { - if( EQUAL(pszCompress, "PIXARLOG") && - GDALGetRasterYSize(hDS) > (INT_MAX / 2) / - static_cast(sizeof(GUInt16)) / - nSimultaneousBands / GDALGetRasterXSize(hDS) ) + if (EQUAL(pszCompress, "PIXARLOG") && + GDALGetRasterYSize(hDS) > + (INT_MAX / 2) / static_cast(sizeof(GUInt16)) / + nSimultaneousBands / GDALGetRasterXSize(hDS)) { bDoCheckSum = false; } // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2874 - else if( EQUAL(pszCompress, "SGILOG24") && - GDALGetRasterYSize(hDS) > (INT_MAX / 2) / - static_cast(sizeof(GUInt32)) / - nSimultaneousBands / GDALGetRasterXSize(hDS) ) + else if (EQUAL(pszCompress, "SGILOG24") && + GDALGetRasterYSize(hDS) > + (INT_MAX / 2) / + static_cast(sizeof(GUInt32)) / + nSimultaneousBands / + GDALGetRasterXSize(hDS)) { bDoCheckSum = false; } // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38051 - else if( STARTS_WITH_CI(pszCompress, "LERC") && - (GDALGetRasterYSize(hDS) > (INT_MAX / 2) / - nSimultaneousBands / GDALGetRasterXSize(hDS) || - static_cast(GDALGetRasterYSize(hDS)) * nSimultaneousBands * GDALGetRasterXSize(hDS) * 4 / 3 + 100 > (INT_MAX / 2)) ) + else if (STARTS_WITH_CI(pszCompress, "LERC") && + (GDALGetRasterYSize(hDS) > + (INT_MAX / 2) / nSimultaneousBands / + GDALGetRasterXSize(hDS) || + static_cast(GDALGetRasterYSize(hDS)) * + nSimultaneousBands * + GDALGetRasterXSize(hDS) * 4 / 3 + + 100 > + (INT_MAX / 2))) { bDoCheckSum = false; } @@ -324,27 +329,27 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) GIntBig nNewPixels = static_cast(nBXSize) * nBYSize; nNewPixels *= DIV_ROUND_UP(nXSizeToRead, nBXSize); nNewPixels *= DIV_ROUND_UP(nYSizeToRead, nBYSize); - if( nNewPixels > nPixels ) + if (nNewPixels > nPixels) nPixels = nNewPixels; } - if( bDoCheckSum ) + if (bDoCheckSum) { const GDALDataType eDT = - GDALGetRasterDataType( GDALGetRasterBand(hDS, 1) ); + GDALGetRasterDataType(GDALGetRasterBand(hDS, 1)); const int nDTSize = GDALGetDataTypeSizeBytes(eDT); - if( nPixels > 10 * 1024 * 1024 / nDTSize / nSimultaneousBands ) + if (nPixels > 10 * 1024 * 1024 / nDTSize / nSimultaneousBands) { bDoCheckSum = false; } } } - if( bDoCheckSum ) + if (bDoCheckSum) { - for( int i = 0; i < nBands; i++ ) + for (int i = 0; i < nBands; i++) { - GDALRasterBandH hBand = GDALGetRasterBand(hDS, i+1); - CPLDebug("FUZZER", "Checksum band %d: %d,%d,%d,%d", - i+1,0, 0, nXSizeToRead, nYSizeToRead); + GDALRasterBandH hBand = GDALGetRasterBand(hDS, i + 1); + CPLDebug("FUZZER", "Checksum band %d: %d,%d,%d,%d", i + 1, 0, 0, + nXSizeToRead, nYSizeToRead); GDALChecksumImage(hBand, 0, 0, nXSizeToRead, nYSizeToRead); } } @@ -360,7 +365,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) GDALGetMetadata(hDS, nullptr); GDALGetMetadataItem(hDS, "foo", nullptr); CSLDestroy(GDALGetFileList(hDS)); - if( nBands > 0 ) + if (nBands > 0) { GDALRasterBandH hBand = GDALGetRasterBand(hDS, 1); @@ -375,23 +380,24 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) int nFlags = GDALGetMaskFlags(hBand); GDALRasterBandH hMaskBand = GDALGetMaskBand(hBand); GDALGetRasterBandXSize(hMaskBand); - if( bDoCheckSum && nFlags == GMF_PER_DATASET ) + if (bDoCheckSum && nFlags == GMF_PER_DATASET) { int nBXSize = 0, nBYSize = 0; - GDALGetBlockSize( hMaskBand, &nBXSize, &nBYSize ); - if( nBXSize == 0 || nBYSize == 0 || - nBXSize > INT_MAX / 2 / nBYSize ) + GDALGetBlockSize(hMaskBand, &nBXSize, &nBYSize); + if (nBXSize == 0 || nBYSize == 0 || + nBXSize > INT_MAX / 2 / nBYSize) { // do nothing } else { - GDALChecksumImage(hMaskBand, 0, 0, nXSizeToRead, nYSizeToRead); + GDALChecksumImage(hMaskBand, 0, 0, nXSizeToRead, + nYSizeToRead); } } int nOverviewCount = GDALGetOverviewCount(hBand); - for( int i = 0; i < nOverviewCount; i++ ) + for (int i = 0; i < nOverviewCount; i++) { GDALGetOverview(hBand, i); } @@ -401,24 +407,24 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) } auto poDS = std::unique_ptr( - GDALDataset::Open( pszGDALFilename, GDAL_OF_MULTIDIM_RASTER )); - if( poDS ) + GDALDataset::Open(pszGDALFilename, GDAL_OF_MULTIDIM_RASTER)); + if (poDS) { auto poDriver = poDS->GetDriver(); - const char* pszDriverName = nullptr; - if( poDriver ) + const char *pszDriverName = nullptr; + if (poDriver) pszDriverName = poDriver->GetDescription(); auto poRootGroup = poDS->GetRootGroup(); poDS.reset(); - if( poRootGroup ) + if (poRootGroup) ExploreGroup(poRootGroup, pszDriverName); } CPLPopErrorHandler(); #ifdef USE_FILESYSTEM - VSIUnlink( szTempFilename ); + VSIUnlink(szTempFilename); #else - VSIUnlink( MEM_FILENAME ); + VSIUnlink(MEM_FILENAME); #endif return 0; } diff --git a/fuzzers/gdal_translate_fuzzer.cpp b/fuzzers/gdal_translate_fuzzer.cpp index 688027e7b719..07a850867bad 100644 --- a/fuzzers/gdal_translate_fuzzer.cpp +++ b/fuzzers/gdal_translate_fuzzer.cpp @@ -33,13 +33,13 @@ #include "gdal_priv.h" #include "gdal_utils.h" -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); -int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) +int LLVMFuzzerInitialize(int * /*argc*/, char ***argv) { - const char* exe_path = (*argv)[0]; - if( CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr ) + const char *exe_path = (*argv)[0]; + if (CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr) { CPLSetConfigOption("GDAL_DATA", CPLGetPath(exe_path)); } @@ -51,20 +51,21 @@ int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) CPLSetConfigOption("GDAL_WMS_ABORT_CURL_REQUEST", "YES"); CPLSetConfigOption("GDAL_HTTP_TIMEOUT", "1"); CPLSetConfigOption("GDAL_HTTP_CONNECTTIMEOUT", "1"); - CPLSetConfigOption("GDAL_CACHEMAX", "1000"); // Limit to 1 GB + CPLSetConfigOption("GDAL_CACHEMAX", "1000"); // Limit to 1 GB GDALAllRegister(); return 0; } int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { - VSILFILE* fp = VSIFileFromMemBuffer( "/vsimem/test.tar", - reinterpret_cast(const_cast(buf)), len, FALSE ); + VSILFILE *fp = VSIFileFromMemBuffer( + "/vsimem/test.tar", + reinterpret_cast(const_cast(buf)), len, FALSE); VSIFCloseL(fp); CPLPushErrorHandler(CPLQuietErrorHandler); - char** papszArgv = nullptr; + char **papszArgv = nullptr; // Prevent generating too big output raster. Make sure they are set at // the beginning to avoid being accidentally eaten by invalid arguments @@ -73,12 +74,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) papszArgv = CSLAddString(papszArgv, "1000000"); fp = VSIFOpenL("/vsitar//vsimem/test.tar/cmd.txt", "rb"); - if( fp != nullptr ) + if (fp != nullptr) { - const char* pszLine = nullptr; - while( (pszLine = CPLReadLineL(fp)) != nullptr ) + const char *pszLine = nullptr; + while ((pszLine = CPLReadLineL(fp)) != nullptr) { - if( !EQUAL(pszLine, "-limit_outsize") ) + if (!EQUAL(pszLine, "-limit_outsize")) papszArgv = CSLAddString(papszArgv, pszLine); } VSIFCloseL(fp); @@ -93,54 +94,61 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) int nBlockYSize = 0; bool bStatsEnabled = false; bool bHFA = false; - if( papszArgv != nullptr ) + if (papszArgv != nullptr) { int nCount = CSLCount(papszArgv); - for( int i = 0; i < nCount; i++ ) + for (int i = 0; i < nCount; i++) { - if( EQUAL(papszArgv[i], "-outsize") && i + 2 < nCount ) + if (EQUAL(papszArgv[i], "-outsize") && i + 2 < nCount) { - nXDim = atoi(papszArgv[i+1]); - bXDimPct = (papszArgv[i+1][0] != '\0' && - papszArgv[i+1][strlen(papszArgv[i+1])-1] == '%'); - nYDim = atoi(papszArgv[i+2]); - bYDimPct = (papszArgv[i+2][0] != '\0' && - papszArgv[i+2][strlen(papszArgv[i+2])-1] == '%'); + nXDim = atoi(papszArgv[i + 1]); + bXDimPct = + (papszArgv[i + 1][0] != '\0' && + papszArgv[i + 1][strlen(papszArgv[i + 1]) - 1] == '%'); + nYDim = atoi(papszArgv[i + 2]); + bYDimPct = + (papszArgv[i + 2][0] != '\0' && + papszArgv[i + 2][strlen(papszArgv[i + 2]) - 1] == '%'); } - else if( EQUAL(papszArgv[i], "-r") && i + 1 < nCount ) + else if (EQUAL(papszArgv[i], "-r") && i + 1 < nCount) { - bNonNearestResampling = !STARTS_WITH_CI(papszArgv[i+1], "NEAR"); + bNonNearestResampling = + !STARTS_WITH_CI(papszArgv[i + 1], "NEAR"); } - else if( EQUAL(papszArgv[i], "-co") && i + 1 < nCount ) + else if (EQUAL(papszArgv[i], "-co") && i + 1 < nCount) { - if( STARTS_WITH_CI(papszArgv[i+1], "BLOCKSIZE=") ) + if (STARTS_WITH_CI(papszArgv[i + 1], "BLOCKSIZE=")) { - nBlockXSize = std::max(nBlockXSize, - atoi(papszArgv[i+1]+strlen("BLOCKSIZE="))); - nBlockYSize = std::max(nBlockYSize, - atoi(papszArgv[i+1]+strlen("BLOCKSIZE="))); + nBlockXSize = + std::max(nBlockXSize, + atoi(papszArgv[i + 1] + strlen("BLOCKSIZE="))); + nBlockYSize = + std::max(nBlockYSize, + atoi(papszArgv[i + 1] + strlen("BLOCKSIZE="))); } - else if( STARTS_WITH_CI(papszArgv[i+1], "BLOCKXSIZE=") ) + else if (STARTS_WITH_CI(papszArgv[i + 1], "BLOCKXSIZE=")) { - nBlockXSize = std::max(nBlockXSize, - atoi(papszArgv[i+1]+strlen("BLOCKXSIZE="))); + nBlockXSize = + std::max(nBlockXSize, atoi(papszArgv[i + 1] + + strlen("BLOCKXSIZE="))); } - else if( STARTS_WITH_CI(papszArgv[i+1], "BLOCKYSIZE=") ) + else if (STARTS_WITH_CI(papszArgv[i + 1], "BLOCKYSIZE=")) { - nBlockYSize = std::max(nBlockYSize, - atoi(papszArgv[i+1]+strlen("BLOCKYSIZE="))); + nBlockYSize = + std::max(nBlockYSize, atoi(papszArgv[i + 1] + + strlen("BLOCKYSIZE="))); } } - else if( EQUAL(papszArgv[i], "-stats") ) + else if (EQUAL(papszArgv[i], "-stats")) { bStatsEnabled = true; } - else if( EQUAL(papszArgv[i], "-of") && i + 1 < nCount ) + else if (EQUAL(papszArgv[i], "-of") && i + 1 < nCount) { - bHFA = EQUAL( papszArgv[i+1], "HFA" ); + bHFA = EQUAL(papszArgv[i + 1], "HFA"); } } - if( bHFA ) + if (bHFA) { // Disable statistics computation for HFA, as it can be time // consuming. @@ -150,89 +158,94 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) } } - if( papszArgv != nullptr ) + if (papszArgv != nullptr) { - GDALTranslateOptions* psOptions = GDALTranslateOptionsNew(papszArgv, nullptr); - if( psOptions ) + GDALTranslateOptions *psOptions = + GDALTranslateOptionsNew(papszArgv, nullptr); + if (psOptions) { - GDALDatasetH hSrcDS = GDALOpen( "/vsitar//vsimem/test.tar/in", GA_ReadOnly ); - if( hSrcDS != nullptr ) + GDALDatasetH hSrcDS = + GDALOpen("/vsitar//vsimem/test.tar/in", GA_ReadOnly); + if (hSrcDS != nullptr) { // Also check that reading the source doesn't involve too // much memory - GDALDataset* poSrcDS = reinterpret_cast(hSrcDS); + GDALDataset *poSrcDS = reinterpret_cast(hSrcDS); const int nBands = poSrcDS->GetRasterCount(); const int nXSize = poSrcDS->GetRasterXSize(); const int nYSize = poSrcDS->GetRasterYSize(); - if( nBands < 10 ) + if (nBands < 10) { // Prevent excessive downsampling which might require huge // memory allocation bool bOKForResampling = true; - if( bNonNearestResampling && nXDim >= 0 && nYDim >= 0 ) + if (bNonNearestResampling && nXDim >= 0 && nYDim >= 0) { - if( bXDimPct && nXDim > 0 ) + if (bXDimPct && nXDim > 0) { - nXDim = static_cast( - nXSize / 100.0 * nXDim); + nXDim = static_cast(nXSize / 100.0 * nXDim); } - if( bYDimPct && nYDim > 0 ) + if (bYDimPct && nYDim > 0) { - nYDim = static_cast( - nYSize / 100.0 * nYDim); + nYDim = static_cast(nYSize / 100.0 * nYDim); } - if( nXDim > 0 && nXSize / nXDim > 100 ) + if (nXDim > 0 && nXSize / nXDim > 100) bOKForResampling = false; - if( nYDim > 0 && nYSize / nYDim > 100 ) + if (nYDim > 0 && nYSize / nYDim > 100) bOKForResampling = false; } bool bOKForSrc = true; - if( nBands > 0 ) + if (nBands > 0) { const int nDTSize = GDALGetDataTypeSizeBytes( - poSrcDS->GetRasterBand(1)->GetRasterDataType() ); - if( nXSize > 0 && nYSize > 0 && - nBands * nDTSize > 10 * 1024 * 1024 / nXSize / nYSize ) + poSrcDS->GetRasterBand(1)->GetRasterDataType()); + if (nXSize > 0 && nYSize > 0 && + nBands * nDTSize > + 10 * 1024 * 1024 / nXSize / nYSize) { bOKForSrc = false; } int nBXSize = 0, nBYSize = 0; - GDALGetBlockSize( GDALGetRasterBand(hSrcDS, 1), &nBXSize, - &nBYSize ); - const char* pszInterleave = - GDALGetMetadataItem( hSrcDS, "INTERLEAVE", - "IMAGE_STRUCTURE" ); + GDALGetBlockSize(GDALGetRasterBand(hSrcDS, 1), &nBXSize, + &nBYSize); + const char *pszInterleave = GDALGetMetadataItem( + hSrcDS, "INTERLEAVE", "IMAGE_STRUCTURE"); int nSimultaneousBands = - (pszInterleave && EQUAL(pszInterleave, "PIXEL")) ? - nBands : 1; - if( static_cast(nSimultaneousBands)* - nBXSize * nBYSize * nDTSize > 10 * 1024 * 1024 ) + (pszInterleave && EQUAL(pszInterleave, "PIXEL")) + ? nBands + : 1; + if (static_cast(nSimultaneousBands) * nBXSize * + nBYSize * nDTSize > + 10 * 1024 * 1024) { bOKForSrc = false; } - if( static_cast(nBlockXSize) * nBlockYSize - > 10 * 1024 * 1024 / (nBands * nDTSize) ) + if (static_cast(nBlockXSize) * nBlockYSize > + 10 * 1024 * 1024 / (nBands * nDTSize)) { bOKForSrc = false; } } bool bOKForStats = true; - if( nBands && bStatsEnabled ) + if (nBands && bStatsEnabled) { - // Other types might be too slow with sanitization enabled - // See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10029 - bOKForStats = poSrcDS->GetRasterBand(1)->GetRasterDataType() == GDT_Byte; + // Other types might be too slow with sanitization + // enabled See + // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10029 + bOKForStats = + poSrcDS->GetRasterBand(1)->GetRasterDataType() == + GDT_Byte; } - if( bOKForSrc && bOKForResampling && bOKForStats ) + if (bOKForSrc && bOKForResampling && bOKForStats) { - GDALDatasetH hOutDS = GDALTranslate("/vsimem/out", hSrcDS, - psOptions, nullptr); - if( hOutDS ) + GDALDatasetH hOutDS = GDALTranslate( + "/vsimem/out", hSrcDS, psOptions, nullptr); + if (hOutDS) GDALClose(hOutDS); } } diff --git a/fuzzers/gdal_vector_translate_fuzzer.cpp b/fuzzers/gdal_vector_translate_fuzzer.cpp index 6a4ed37f1657..39222280cedc 100644 --- a/fuzzers/gdal_vector_translate_fuzzer.cpp +++ b/fuzzers/gdal_vector_translate_fuzzer.cpp @@ -37,13 +37,13 @@ #define REGISTER_FUNC OGRRegisterAll #endif -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); -int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) +int LLVMFuzzerInitialize(int * /*argc*/, char ***argv) { - const char* exe_path = (*argv)[0]; - if( CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr ) + const char *exe_path = (*argv)[0]; + if (CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr) { CPLSetConfigOption("GDAL_DATA", CPLGetPath(exe_path)); } @@ -60,31 +60,32 @@ int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { - VSILFILE* fp = VSIFileFromMemBuffer( "/vsimem/test.tar", - reinterpret_cast(const_cast(buf)), len, FALSE ); + VSILFILE *fp = VSIFileFromMemBuffer( + "/vsimem/test.tar", + reinterpret_cast(const_cast(buf)), len, FALSE); VSIFCloseL(fp); CPLPushErrorHandler(CPLQuietErrorHandler); - char** papszArgv = nullptr; + char **papszArgv = nullptr; CPLString osOutFilename("out"); fp = VSIFOpenL("/vsitar//vsimem/test.tar/cmd.txt", "rb"); - if( fp != nullptr ) + if (fp != nullptr) { - const char* pszLine = nullptr; - if( (pszLine = CPLReadLineL(fp)) != nullptr ) + const char *pszLine = nullptr; + if ((pszLine = CPLReadLineL(fp)) != nullptr) { osOutFilename = pszLine; osOutFilename = osOutFilename.replaceAll('/', '_'); } int nCandidateLayerNames = 0; - while( (pszLine = CPLReadLineL(fp)) != nullptr ) + while ((pszLine = CPLReadLineL(fp)) != nullptr) { - if( pszLine[0] != '-' ) + if (pszLine[0] != '-') { - nCandidateLayerNames ++; - if( nCandidateLayerNames == 10 ) + nCandidateLayerNames++; + if (nCandidateLayerNames == 10) break; } papszArgv = CSLAddString(papszArgv, pszLine); @@ -92,22 +93,23 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) VSIFCloseL(fp); } - char** papszDrivers = CSLAddString(nullptr, "CSV"); - GDALDatasetH hSrcDS = GDALOpenEx( "/vsitar//vsimem/test.tar/in", - GDAL_OF_VECTOR, papszDrivers, nullptr, nullptr ); + char **papszDrivers = CSLAddString(nullptr, "CSV"); + GDALDatasetH hSrcDS = + GDALOpenEx("/vsitar//vsimem/test.tar/in", GDAL_OF_VECTOR, papszDrivers, + nullptr, nullptr); CSLDestroy(papszDrivers); - if( papszArgv != nullptr && hSrcDS != nullptr ) + if (papszArgv != nullptr && hSrcDS != nullptr) { const int nLayerCount = GDALDatasetGetLayerCount(hSrcDS); - for( int i = 0; i < nLayerCount; i++ ) + for (int i = 0; i < nLayerCount; i++) { OGRLayerH hLayer = GDALDatasetGetLayer(hSrcDS, i); - if( hLayer ) + if (hLayer) { - int nFieldCount = OGR_FD_GetFieldCount( - OGR_L_GetLayerDefn(hLayer)); - if( nFieldCount > 100 ) + int nFieldCount = + OGR_FD_GetFieldCount(OGR_L_GetLayerDefn(hLayer)); + if (nFieldCount > 100) { papszArgv = CSLAddString(papszArgv, "-limit"); papszArgv = CSLAddString(papszArgv, "100"); @@ -116,25 +118,24 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) } } - GDALVectorTranslateOptions* psOptions = + GDALVectorTranslateOptions *psOptions = GDALVectorTranslateOptionsNew(papszArgv, nullptr); - if( psOptions ) + if (psOptions) { CPLString osFullOutFilename("/vsimem/" + osOutFilename); - GDALDatasetH hOutDS = GDALVectorTranslate( - osFullOutFilename.c_str(), - nullptr, 1, &hSrcDS, psOptions, nullptr); - if( hOutDS ) + GDALDatasetH hOutDS = + GDALVectorTranslate(osFullOutFilename.c_str(), nullptr, 1, + &hSrcDS, psOptions, nullptr); + if (hOutDS) { GDALDriverH hOutDrv = GDALGetDatasetDriver(hOutDS); GDALClose(hOutDS); // Try re-opening generated file - GDALClose( - GDALOpenEx(osFullOutFilename, GDAL_OF_VECTOR, - nullptr, nullptr, nullptr)); + GDALClose(GDALOpenEx(osFullOutFilename, GDAL_OF_VECTOR, nullptr, + nullptr, nullptr)); - if( hOutDrv ) + if (hOutDrv) GDALDeleteDataset(hOutDrv, osFullOutFilename); } GDALVectorTranslateOptionsFree(psOptions); diff --git a/fuzzers/get_jpeg2000_structure_fuzzer.cpp b/fuzzers/get_jpeg2000_structure_fuzzer.cpp index 35c79024c394..ff54e7c98882 100644 --- a/fuzzers/get_jpeg2000_structure_fuzzer.cpp +++ b/fuzzers/get_jpeg2000_structure_fuzzer.cpp @@ -34,9 +34,9 @@ #include "cpl_string.h" #include "gdal_frmts.h" -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); -int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/) +int LLVMFuzzerInitialize(int * /*argc*/, char *** /*argv*/) { return 0; } @@ -49,15 +49,16 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { GDALRegister_GTiff(); GDALRegister_VRT(); - VSILFILE* fp = VSIFileFromMemBuffer( MEM_FILENAME, - reinterpret_cast(const_cast(buf)), len, FALSE ); + VSILFILE *fp = VSIFileFromMemBuffer( + MEM_FILENAME, reinterpret_cast(const_cast(buf)), + len, FALSE); VSIFCloseL(fp); - char** papszOptions = CSLSetNameValue(nullptr, "ALL", "YES"); + char **papszOptions = CSLSetNameValue(nullptr, "ALL", "YES"); CPLPushErrorHandler(CPLQuietErrorHandler); - CPLXMLNode* psNode = GDALGetJPEG2000Structure(MEM_FILENAME, papszOptions); + CPLXMLNode *psNode = GDALGetJPEG2000Structure(MEM_FILENAME, papszOptions); CPLPopErrorHandler(); CSLDestroy(papszOptions); - if( psNode ) + if (psNode) CPLDestroyXMLNode(psNode); VSIUnlink(MEM_FILENAME); return 0; diff --git a/fuzzers/gml_geom_import_fuzzer.cpp b/fuzzers/gml_geom_import_fuzzer.cpp index e0a032ff5e46..62e7e9098ce2 100644 --- a/fuzzers/gml_geom_import_fuzzer.cpp +++ b/fuzzers/gml_geom_import_fuzzer.cpp @@ -33,9 +33,9 @@ #include "cpl_conv.h" #include "cpl_error.h" -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); -int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/) +int LLVMFuzzerInitialize(int * /*argc*/, char *** /*argv*/) { return 0; } @@ -44,11 +44,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { - char* pszGML = static_cast(CPLMalloc( len + 1 )); + char *pszGML = static_cast(CPLMalloc(len + 1)); memcpy(pszGML, buf, len); pszGML[len] = '\0'; CPLPushErrorHandler(CPLQuietErrorHandler); - OGRGeometryH hGeom = OGR_G_CreateFromGML( pszGML ); + OGRGeometryH hGeom = OGR_G_CreateFromGML(pszGML); CPLPopErrorHandler(); CPLFree(pszGML); OGR_G_DestroyGeometry(hGeom); diff --git a/fuzzers/ogr_fuzzer.cpp b/fuzzers/ogr_fuzzer.cpp index f503bddbe315..75286078a614 100644 --- a/fuzzers/ogr_fuzzer.cpp +++ b/fuzzers/ogr_fuzzer.cpp @@ -54,13 +54,13 @@ #define GDAL_FILENAME MEM_FILENAME #endif -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); -int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) +int LLVMFuzzerInitialize(int * /*argc*/, char ***argv) { - const char* exe_path = (*argv)[0]; - if( CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr ) + const char *exe_path = (*argv)[0]; + if (CPLGetConfigOption("GDAL_DATA", nullptr) == nullptr) { CPLSetConfigOption("GDAL_DATA", CPLGetPath(exe_path)); } @@ -70,8 +70,11 @@ int LLVMFuzzerInitialize(int* /*argc*/, char*** argv) CPLSetConfigOption("GDAL_HTTP_CONNECTTIMEOUT", "1"); // To avoid timeouts. See https://github.com/OSGeo/gdal/issues/502 CPLSetConfigOption("DXF_MAX_BSPLINE_CONTROL_POINTS", "100"); - CPLSetConfigOption("NAS_INDICATOR","NAS-Operationen;AAA-Fachschema;aaa.xsd;aaa-suite"); - CPLSetConfigOption("USERNAME", "unknown"); // see GMLASConfiguration::GetBaseCacheDirectory() + CPLSetConfigOption("NAS_INDICATOR", + "NAS-Operationen;AAA-Fachschema;aaa.xsd;aaa-suite"); + CPLSetConfigOption( + "USERNAME", + "unknown"); // see GMLASConfiguration::GetBaseCacheDirectory() #ifdef OGR_SKIP CPLSetConfigOption("OGR_SKIP", OGR_SKIP); @@ -85,34 +88,34 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { #ifdef USE_FILESYSTEM char szTempFilename[64]; - snprintf(szTempFilename, sizeof(szTempFilename), - "/tmp/gdal_fuzzer_%d.%s", + snprintf(szTempFilename, sizeof(szTempFilename), "/tmp/gdal_fuzzer_%d.%s", (int)getpid(), EXTENSION); - VSILFILE* fp = VSIFOpenL(szTempFilename, "wb"); - if( !fp ) + VSILFILE *fp = VSIFOpenL(szTempFilename, "wb"); + if (!fp) { fprintf(stderr, "Cannot create %s\n", szTempFilename); return 1; } - VSIFWriteL( buf, 1, len, fp ); + VSIFWriteL(buf, 1, len, fp); #else - VSILFILE* fp = VSIFileFromMemBuffer( MEM_FILENAME, - reinterpret_cast(const_cast(buf)), len, FALSE ); + VSILFILE *fp = VSIFileFromMemBuffer( + MEM_FILENAME, reinterpret_cast(const_cast(buf)), + len, FALSE); #endif VSIFCloseL(fp); CPLPushErrorHandler(CPLQuietErrorHandler); #ifdef USE_FILESYSTEM - OGRDataSourceH hDS = OGROpen( szTempFilename, FALSE, nullptr ); + OGRDataSourceH hDS = OGROpen(szTempFilename, FALSE, nullptr); #else - OGRDataSourceH hDS = OGROpen( GDAL_FILENAME, FALSE, nullptr ); + OGRDataSourceH hDS = OGROpen(GDAL_FILENAME, FALSE, nullptr); #endif - if( hDS ) + if (hDS) { const int nLayers = OGR_DS_GetLayerCount(hDS); time_t nStartTime = time(nullptr); bool bStop = false; - for( int i = 0; !bStop && i < 10 && i < nLayers; i++ ) + for (int i = 0; !bStop && i < 10 && i < nLayers; i++) { OGRLayerH hLayer = OGR_DS_GetLayer(hDS, i); OGR_L_GetSpatialRef(hLayer); @@ -121,36 +124,38 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) OGR_L_GetGeometryColumn(hLayer); OGRFeatureH hFeature; OGRFeatureH hFeaturePrev = nullptr; - for( int j = 0; j < 1000 && !bStop && - (hFeature = OGR_L_GetNextFeature(hLayer)) != nullptr; j++ ) + for (int j = 0; + j < 1000 && !bStop && + (hFeature = OGR_L_GetNextFeature(hLayer)) != nullptr; + j++) { // Limit runtime to 20 seconds if features returned are // different. Otherwise this may be a sign of a bug in the // reader and we want the infinite loop to be revealed. - if( time(nullptr) - nStartTime > 20 ) + if (time(nullptr) - nStartTime > 20) { bool bIsSameAsPrevious = (hFeaturePrev != nullptr && OGR_F_Equal(hFeature, hFeaturePrev)); - if( !bIsSameAsPrevious ) + if (!bIsSameAsPrevious) { bStop = true; } } - if( hFeaturePrev ) + if (hFeaturePrev) OGR_F_Destroy(hFeaturePrev); hFeaturePrev = hFeature; } - if( hFeaturePrev ) + if (hFeaturePrev) OGR_F_Destroy(hFeaturePrev); } OGR_DS_Destroy(hDS); } CPLPopErrorHandler(); #ifdef USE_FILESYSTEM - VSIUnlink( szTempFilename ); + VSIUnlink(szTempFilename); #else - VSIUnlink( MEM_FILENAME ); + VSIUnlink(MEM_FILENAME); #endif return 0; } diff --git a/fuzzers/osr_set_from_user_input_fuzzer.cpp b/fuzzers/osr_set_from_user_input_fuzzer.cpp index 7f3a22a568ca..f3f1d71f9055 100644 --- a/fuzzers/osr_set_from_user_input_fuzzer.cpp +++ b/fuzzers/osr_set_from_user_input_fuzzer.cpp @@ -33,9 +33,9 @@ #include "cpl_conv.h" #include "cpl_error.h" -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); -int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/) +int LLVMFuzzerInitialize(int * /*argc*/, char *** /*argv*/) { CPLSetConfigOption("GDAL_HTTP_TIMEOUT", "1"); CPLSetConfigOption("GDAL_HTTP_CONNECTTIMEOUT", "1"); @@ -48,31 +48,31 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { OGRSpatialReferenceH hSRS = OSRNewSpatialReference(nullptr); - char* pszStr = static_cast(CPLMalloc( len + 1 )); + char *pszStr = static_cast(CPLMalloc(len + 1)); memcpy(pszStr, buf, len); pszStr[len] = '\0'; CPLPushErrorHandler(CPLQuietErrorHandler); - OGRErr eErr = OSRSetFromUserInput( hSRS, pszStr ); + OGRErr eErr = OSRSetFromUserInput(hSRS, pszStr); CPLFree(pszStr); - if( eErr == OGRERR_NONE ) + if (eErr == OGRERR_NONE) { - OGRSpatialReferenceH hSRSClone = OSRClone( hSRS ); - OSRMorphFromESRI( hSRSClone ); - OSRDestroySpatialReference( hSRSClone ); + OGRSpatialReferenceH hSRSClone = OSRClone(hSRS); + OSRMorphFromESRI(hSRSClone); + OSRDestroySpatialReference(hSRSClone); } - if( eErr == OGRERR_NONE ) + if (eErr == OGRERR_NONE) { - OGRSpatialReferenceH hSRSClone = OSRClone( hSRS ); - OSRMorphToESRI( hSRSClone ); - OSRDestroySpatialReference( hSRSClone ); + OGRSpatialReferenceH hSRSClone = OSRClone(hSRS); + OSRMorphToESRI(hSRSClone); + OSRDestroySpatialReference(hSRSClone); } CPLPopErrorHandler(); - OSRDestroySpatialReference( hSRS ); + OSRDestroySpatialReference(hSRS); return 0; } diff --git a/fuzzers/spatialite_geom_import_fuzzer.cpp b/fuzzers/spatialite_geom_import_fuzzer.cpp index 106b532a1543..4eb688565bea 100644 --- a/fuzzers/spatialite_geom_import_fuzzer.cpp +++ b/fuzzers/spatialite_geom_import_fuzzer.cpp @@ -33,9 +33,9 @@ #include "cpl_error.h" #include "ogrsqlitebase.h" -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); -int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/) +int LLVMFuzzerInitialize(int * /*argc*/, char *** /*argv*/) { return 0; } @@ -44,10 +44,10 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { - OGRGeometry* poGeom = nullptr; + OGRGeometry *poGeom = nullptr; CPLPushErrorHandler(CPLQuietErrorHandler); - OGRSQLiteImportSpatiaLiteGeometry( - const_cast(buf), static_cast(len), &poGeom ); + OGRSQLiteImportSpatiaLiteGeometry(const_cast(buf), + static_cast(len), &poGeom); CPLPopErrorHandler(); delete poGeom; return 0; diff --git a/fuzzers/tests/test_gdal_fuzzer.cpp b/fuzzers/tests/test_gdal_fuzzer.cpp index 26e553ea4a8b..221aa37c9afd 100644 --- a/fuzzers/tests/test_gdal_fuzzer.cpp +++ b/fuzzers/tests/test_gdal_fuzzer.cpp @@ -30,8 +30,11 @@ int main() { - const char szVRT[] = "Real"; - LLVMFuzzerTestOneInput(reinterpret_cast(szVRT), + const char szVRT[] = + "Real"; + LLVMFuzzerTestOneInput(reinterpret_cast(szVRT), strlen(szVRT)); return 0; } diff --git a/fuzzers/tests/test_ogr_fuzzer.cpp b/fuzzers/tests/test_ogr_fuzzer.cpp index d1d68b927395..28775e78ea53 100644 --- a/fuzzers/tests/test_ogr_fuzzer.cpp +++ b/fuzzers/tests/test_ogr_fuzzer.cpp @@ -30,8 +30,14 @@ int main() { - const char szGEOJSON[] = "{ \"type\": \"FeatureCollection\", \"features\":[ { \"type\": \"Feature\", \"properties\": { \"AREA\": 5268.813, \"EAS_ID\": 170, \"PRFEDEA\": \"35043413\" }, \"geometry\": { \"type\": \"Polygon\", \"coordinates\": [ [ [ 479750.6875, 4764702.0 ], [ 479658.59375, 4764670.0 ], [ 479640.09375, 4764721.0 ], [ 479735.90625, 4764752.0 ], [ 479750.6875, 4764702.0 ] ] ] } } ] }"; - LLVMFuzzerTestOneInput(reinterpret_cast(szGEOJSON), + const char szGEOJSON[] = + "{ \"type\": \"FeatureCollection\", \"features\":[ { \"type\": " + "\"Feature\", \"properties\": { \"AREA\": 5268.813, \"EAS_ID\": 170, " + "\"PRFEDEA\": \"35043413\" }, \"geometry\": { \"type\": \"Polygon\", " + "\"coordinates\": [ [ [ 479750.6875, 4764702.0 ], [ 479658.59375, " + "4764670.0 ], [ 479640.09375, 4764721.0 ], [ 479735.90625, 4764752.0 " + "], [ 479750.6875, 4764702.0 ] ] ] } } ] }"; + LLVMFuzzerTestOneInput(reinterpret_cast(szGEOJSON), strlen(szGEOJSON)); return 0; } diff --git a/fuzzers/tests/test_osr_set_from_user_input_fuzzer.cpp b/fuzzers/tests/test_osr_set_from_user_input_fuzzer.cpp index 0cca32a093e1..5ce60244a047 100644 --- a/fuzzers/tests/test_osr_set_from_user_input_fuzzer.cpp +++ b/fuzzers/tests/test_osr_set_from_user_input_fuzzer.cpp @@ -31,7 +31,7 @@ int main() { const char szPROJ4[] = "+proj=longlat +datum=WGS84 +nodefs"; - LLVMFuzzerTestOneInput(reinterpret_cast(szPROJ4), + LLVMFuzzerTestOneInput(reinterpret_cast(szPROJ4), strlen(szPROJ4)); return 0; } diff --git a/fuzzers/tests/test_wkb_import_fuzzer.cpp b/fuzzers/tests/test_wkb_import_fuzzer.cpp index c58cfda7200c..adfd4d678bb4 100644 --- a/fuzzers/tests/test_wkb_import_fuzzer.cpp +++ b/fuzzers/tests/test_wkb_import_fuzzer.cpp @@ -32,11 +32,12 @@ int main() { // Set to 9 bytes to please Coverity CID 1490711 const char szJUNK[9] = "junk"; - LLVMFuzzerTestOneInput(reinterpret_cast(szJUNK), + LLVMFuzzerTestOneInput(reinterpret_cast(szJUNK), strlen(szJUNK)); - const char szPOINT[] = "\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\xF0\x3F\x00\x00\x00\x00\x00\x00\x00\x40"; - LLVMFuzzerTestOneInput(reinterpret_cast(szPOINT), - sizeof(szPOINT)-1); + const char szPOINT[] = "\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\xF0" + "\x3F\x00\x00\x00\x00\x00\x00\x00\x40"; + LLVMFuzzerTestOneInput(reinterpret_cast(szPOINT), + sizeof(szPOINT) - 1); return 0; } diff --git a/fuzzers/tests/test_wkt_import_fuzzer.cpp b/fuzzers/tests/test_wkt_import_fuzzer.cpp index ff6bdc62f702..0ea44d490f96 100644 --- a/fuzzers/tests/test_wkt_import_fuzzer.cpp +++ b/fuzzers/tests/test_wkt_import_fuzzer.cpp @@ -31,7 +31,7 @@ int main() { const char szJUNK[] = "junk"; - LLVMFuzzerTestOneInput(reinterpret_cast(szJUNK), + LLVMFuzzerTestOneInput(reinterpret_cast(szJUNK), strlen(szJUNK)); return 0; } diff --git a/fuzzers/wkb_import_fuzzer.cpp b/fuzzers/wkb_import_fuzzer.cpp index 1651747781ef..efe8c25c6e79 100644 --- a/fuzzers/wkb_import_fuzzer.cpp +++ b/fuzzers/wkb_import_fuzzer.cpp @@ -34,9 +34,9 @@ #include "cpl_error.h" #include "cpl_string.h" -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); -int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/) +int LLVMFuzzerInitialize(int * /*argc*/, char *** /*argv*/) { return 0; } @@ -47,20 +47,20 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { OGRGeometryH hGeom = nullptr; CPLPushErrorHandler(CPLQuietErrorHandler); - OGR_G_CreateFromWkb( const_cast(buf), nullptr, &hGeom, - static_cast(len) ); - if( hGeom ) + OGR_G_CreateFromWkb(const_cast(buf), nullptr, &hGeom, + static_cast(len)); + if (hGeom) { const int nWKBSize = OGR_G_WkbSize(hGeom); - if( nWKBSize ) + if (nWKBSize) { - GByte* pabyWKB = new GByte[nWKBSize]; + GByte *pabyWKB = new GByte[nWKBSize]; OGR_G_ExportToWkb(hGeom, wkbNDR, pabyWKB); OGR_G_ExportToIsoWkb(hGeom, wkbNDR, pabyWKB); delete[] pabyWKB; } - char* pszWKT = nullptr; + char *pszWKT = nullptr; OGR_G_ExportToWkt(hGeom, &pszWKT); CPLFree(pszWKT); @@ -70,7 +70,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) CPLFree(OGR_G_ExportToGML(hGeom)); - char** papszOptions = CSLSetNameValue(nullptr, "FORMAT", "GML3"); + char **papszOptions = CSLSetNameValue(nullptr, "FORMAT", "GML3"); CPLFree(OGR_G_ExportToGMLEx(hGeom, papszOptions)); CSLDestroy(papszOptions); diff --git a/fuzzers/wkt_import_fuzzer.cpp b/fuzzers/wkt_import_fuzzer.cpp index 74db5cefe6e4..41428c2bfd0d 100644 --- a/fuzzers/wkt_import_fuzzer.cpp +++ b/fuzzers/wkt_import_fuzzer.cpp @@ -33,9 +33,9 @@ #include "cpl_conv.h" #include "cpl_error.h" -extern "C" int LLVMFuzzerInitialize(int* argc, char*** argv); +extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv); -int LLVMFuzzerInitialize(int* /*argc*/, char*** /*argv*/) +int LLVMFuzzerInitialize(int * /*argc*/, char *** /*argv*/) { return 0; } @@ -45,12 +45,12 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len); int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { OGRGeometryH hGeom = nullptr; - char* pszWKT = static_cast(CPLMalloc( len + 1 )); + char *pszWKT = static_cast(CPLMalloc(len + 1)); memcpy(pszWKT, buf, len); pszWKT[len] = '\0'; - char* pszWKTParam = pszWKT; + char *pszWKTParam = pszWKT; CPLPushErrorHandler(CPLQuietErrorHandler); - OGR_G_CreateFromWkt( &pszWKTParam, nullptr, &hGeom ); + OGR_G_CreateFromWkt(&pszWKTParam, nullptr, &hGeom); CPLPopErrorHandler(); CPLFree(pszWKT); OGR_G_DestroyGeometry(hGeom);