commit | 7d8bd3ff4572720aa61c533561cf754d5869ec05 | [log] [tgz] |
---|---|---|
author | Amin Hassani <ahassani@google.com> | Wed May 30 16:01:01 2018 -0700 |
committer | Amin Hassani <ahassani@google.com> | Thu May 31 10:03:34 2018 -0700 |
tree | d9d26baeb41d60e2435e98d230778b6b6f20ea43 | |
parent | 7c4c62ba3dfbd220efd6dd78eebfd13a189ed95d [diff] |
Prevent fuzzer from going out-of-memory on valid but outragous input data Currently, the puffpatch fuzzer fails once in a while with out-of-memory or segfaults that are caused by valid input data but such that the requested puff and deflate buffers are very large. To fix this we first decode the header and make sure the deflate and puff buffer sizes do not excede some limits. Then, we go ahead with calling the puffpatch. Bug: crbug.com/848058 Test: USE="fuzzer asan" FEATURES=test emerge-amd64-generic puffin Change-Id: Iedf9b7cf6988322364bbef944296dfc87c099d7d
Source code for Puffin: A utility for deterministic DEFLATE recompression.
TODO(ahassani): Describe the directory structure and how-tos.
Alphabet A value that occurs in the input stream. It can be either a literal:[0..255], and end of block sign [256], a length[257..285], or a distance [0..29].
Huffman code A variable length code representing the Huffman encoded of an alphabet. Huffman codes can be created uniquely using Huffman code length array.
Huffman code array An array which an array index identifies a Huffman code and the array element in that index represents the corresponding alphabet. Throughout the code, Huffman code arrays are identified by vectors with postfix hcodes_
.
Huffman reverse code array An array which an array index identifies an alphabet and the array element in that index contains the Huffman code of the alphabet. Throughout the code, The Huffman reverse code arrays are identified by vectors with postfix rcodes_
.
Huffman code length The number of bits in a Huffman code.
Huffman code length array An array of Huffman code lengths with the array index as the alphabet. Throughout the code, Huffman code length arrays are identified by vectors with postfix lens_
.