// Copyright 2018 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/351564777): Remove this and convert code to safer constructs. #pragma allow_unsafe_buffers #endif // Converts an Input protobuf Message to a string that can be successfully read // by SkImageFilter::Deserialize and used as an image filter. The string // is essentially a valid flattened skia image filter. Note: We will sometimes // not use the exact values given to us by LPM in cases where those particular // values cause issues with OOMs and timeouts. Other times, we may write a value // that isn't exactly the same as the one given to us by LPM, since we may want // to write invalid values that the proto definition forbids (eg a number that // is not in enum). Also note that the skia unflattening code is necessary to // apply the output of the converter to a canvas, but it isn't the main target // of the fuzzer. This means that we will generally try to produce output that // can be applied to a canvas, even if we will consequently be unable to produce // outputs that allow us to reach paths in the unflattening code (in particular, // code that handles invalid input). We make this tradeoff because being applied // to a canvas makes an image filter more likely to cause bugs than if it were // just deserialized. Thus, increasing the chance that a filter is applied is // more important than hitting all paths in unflattening, particularly if those // paths return nullptr because they've detected an invalid filter. The mutated // enum values are a case where we knowingly generate output that may not be // unflattened successfully, which is why we mutate enums relatively // infrequently. // Note that since this is a work in progress and skia serialization is a // moving target, not everything is finished. Many of these parts of the code // are #defined out if DEVELOPMENT is not defined. #include "testing/libfuzzer/proto/skia_image_filter_proto_converter.h" #include <stdlib.h> #include <algorithm> #include <cmath> #include <limits> #include <random> #include <set> #include <string> #include <tuple> #include <unordered_map> #include <vector> #include "base/check_op.h" #include "base/containers/contains.h" #include "base/containers/span.h" #include "base/notreached.h" #include "base/numerics/byte_conversions.h" #include "base/numerics/safe_conversions.h" #include "third_party/protobuf/src/google/protobuf/descriptor.h" #include "third_party/protobuf/src/google/protobuf/message.h" #include "third_party/protobuf/src/google/protobuf/repeated_field.h" #include "third_party/skia/include/core/SkPoint.h" #include "third_party/skia/include/core/SkRect.h" Descriptor; EnumDescriptor; EnumValueDescriptor; FieldDescriptor; Message; Reflection; skia_image_filter_proto_converter // namespace skia_image_filter_proto_converter
Codebase Browser
chromium