Skip to content
Snippets Groups Projects
Select Git revision
  • aosp-new/busytown-mac-infra-release
  • aosp-new/sdk-release
  • aosp-new/build-tools-release
  • aosp-new/mirror-goog-main-external
  • aosp-new/main
  • aosp-new/master
  • aosp-new/upstream-master
  • aosp-new/emu-dev
  • aosp-new/simpleperf-release
  • ks-aosp.lnx.15.0.r1-rel
  • aosp-new/emu-35-4-release
  • aosp-new/emu-35-4-dev
  • aosp-new/emu-35-5-dev
  • aosp-new/emu-35-5-release
  • aosp-new/emu-35-6-release
  • aosp-new/emu-master-dev
  • aosp-new/android15-qpr2-release
  • aosp-new/android15-qpr2-s1-release
  • aosp-new/android15-qpr2-s2-release
  • aosp-new/studio-2024.3.1
  • LA.UM.8.8.2.c25-00700-QCS605.0
  • LAW.QWSI.14.0.r1-04400-qssi.0
  • LA.UM.12.2.1.c26-00300-sdm660.0
  • LA.AU.1.4.1.r2-08400-sa8155.0
  • LA.UM.10.2.1.c25-05400-sdm660.0
  • android-platform-15.0.0_r6
  • android-platform-14.0.0_r17
  • android-platform-13.0.0_r29
  • android-platform-12.1.0_r37
  • android-platform-12.0.0_r41
  • LA.QSSI.12.0.r1-17200-qssi.0
  • LA.QSSI.13.0.r1-15500-qssi.0
  • LA.QSSI.11.0.r1-24500-qssi.0
  • LA_AU.QSSI.14.0.0.r1-09000-qssi.0
  • LA.QSSI.11.0.c31-04500-qssi.0
  • LA.QSSI.12.0.c28-05300-qssi.0
  • LA_AU.QSSI.15.0.0.r1-03800-qssi.0
  • LA.QSSI.13.0.r2-03600-qssi.0
  • LA.QSSI.11.0.r2-01500-qssi.0
  • android-automotiveos-14.0.0_lts5
40 results
Blame History Permalink
  • Hans Wennborg's avatar
    [zlib] Add streaming inflate fuzzer · 493d4299
    Hans Wennborg authored 
    This adds a new fuzzer which first deflates and then inflates some data
one chunk at a time and verifies that it round-trips correctly. It's
targeted at the recent bug where inffast_chunk was called with
overlapping from and out buffers.

I've verified that the fuzzer detects the incorrect inflate results when
using Clang's -basic-aa-recphi option before the bug fix in e0f88a9.

Furthermore, this patch adds asserts in inffast_chunk and other
functions that verify there's no overlap of restrict-qualified buffers.
(I've checked that the fuzzer hits the inffast_chunk assert before
e0f88a9).

To make those asserts work, this changes the build config to define
ZLIB_DEBUG in debug and fuzzer builds.

Bug: 1103818, 708726
Change-Id: Ia3d5e7906b8b1a65d56a589d8a81d17661e638c2
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2332705


Commit-Queue: Hans Wennborg <hans@chromium.org>
Reviewed-by: default avatarNico Weber <thakis@chromium.org>
Reviewed-by: default avatarAdenilson Cavalcanti <cavalcantii@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#794482}
Cr-Mirrored-From: https://chromium.googlesource.com/chromium/src
Cr-Mirrored-Commit: 3eda17e22e6a3c4e44fdfa778b7d55f0a7c82e75
    493d4299