Opened 2 years ago

Closed 2 years ago

#6928 closed defect (fixed)

pngdataset with FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION

Reported by: Kurt Schwehr Owned by: warmerdam
Priority: normal Milestone:
Component: default Version: svn-trunk
Severity: normal Keywords: fuzzing libpng
Cc:

Description (last modified by Kurt Schwehr)

With r38981, I'm getting an build failure with fuzzing when using libpng 1.6.29. I've not yet figured out a patch that will work across libpng versions, but this got 1.6.29 to work for me.

in pngdataset.cpp

#ifdef DISABLE_CRC_CHECK
#  include "pngpriv.h"
#  include "pngstruct.h"
#endif
frmts/png/pngdataset.cpp:472:9: error: member access into incomplete type 'png_struct' (aka 'png_struct_def')
    hPNG->flags &= ~PNG_FLAG_CRC_CRITICAL_MASK;

Change History (4)

comment:1 Changed 2 years ago by Kurt Schwehr

Description: modified (diff)

comment:2 Changed 2 years ago by Even Rouault

After all, I'm not completely sure we need this disabling of PNG CRC checking. I saw it somewhere, but it is not like we want to fuzz libpng itself after all ?

comment:3 Changed 2 years ago by Kurt Schwehr

Always a bonus for finding bugs anywhere in the stack, but it's not critical that gdal focus on fuzzing libpng as libpng is a part of oss-fuzz:

https://github.com/google/oss-fuzz/tree/master/projects/libpng

comment:4 Changed 2 years ago by Even Rouault

Resolution: fixed
Status: newclosed

In 39155:

PNG: disable DISABLE_CRC_CHECK for now since it is broken with libpng 1.6 (fixes #6928)

Note: See TracTickets for help on using tickets.