2018.04.16 00:36 "Re: [Tiff] fuzzing libtiff with google's oss-fuzz", by Paul Kehrer
Thanks for the reminder! I've submitted the PR to gitlab to move the build script and fuzzer. Once that merges we can merge a change on the oss-fuzz side and it'll all be in the libtiff source tree!
On April 15, 2018 at 10:36:03 PM, Even Rouault (firstname.lastname@example.org) wrote:
one of the issue raised is a integer overflow in the tiff_read_rgba_fuzzer.cc code itself
/src/tiff_read_rgba_fuzzer.cc:36:22: runtime error: signed integer overflow: -3977127075081250816 * 4 cannot be represented in type 'long'
Would probably be good to move most of the code&scripts in a fuzzers/ subdir of the libtiff repo with minimal bootstrapping in the ossfuzz repo