1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <cstddef>
6 #include <cstdint>
7 #include <random>
8
9 #include "base/logging.h"
10 #include "base/stl_util.h"
11 #include "testing/libfuzzer/fuzzers/color_space_data.h"
12 #include "third_party/qcms/src/qcms.h"
13
14 static constexpr size_t kPixels = 2048 / 4;
15
16 static uint32_t pixels[kPixels];
17
GeneratePixels(size_t hash)18 static void GeneratePixels(size_t hash) {
19 static std::uniform_int_distribution<uint32_t> uniform(0u, ~0u);
20
21 std::mt19937_64 random(hash);
22 for (size_t i = 0; i < base::size(pixels); ++i)
23 pixels[i] = uniform(random);
24 }
25
26 static qcms_profile* test;
27 static qcms_profile* srgb;
28
ColorTransform(bool input)29 static void ColorTransform(bool input) {
30 if (!test)
31 return;
32
33 const qcms_intent intent = QCMS_INTENT_DEFAULT;
34 const qcms_data_type format = QCMS_DATA_RGBA_8;
35
36 auto* transform =
37 input ? qcms_transform_create(test, format, srgb, format, intent)
38 : qcms_transform_create(srgb, format, test, format, intent);
39 if (!transform)
40 return;
41
42 static uint32_t output[kPixels];
43
44 qcms_transform_data(transform, pixels, output, kPixels);
45 qcms_transform_release(transform);
46 }
47
SelectProfile(size_t hash)48 static qcms_profile* SelectProfile(size_t hash) {
49 static qcms_profile* profiles[4] = {
50 qcms_profile_from_memory(kSRGBData, base::size(kSRGBData)),
51 qcms_profile_from_memory(kSRGBPara, base::size(kSRGBPara)),
52 qcms_profile_from_memory(kAdobeData, base::size(kAdobeData)),
53 qcms_profile_sRGB(),
54 };
55
56 return profiles[hash & 3];
57 }
58
Hash(const char * data,size_t size,size_t hash=~0)59 inline size_t Hash(const char* data, size_t size, size_t hash = ~0) {
60 for (size_t i = 0; i < size; ++i)
61 hash = hash * 131 + *data++;
62 return hash;
63 }
64
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)65 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
66 constexpr size_t kSizeLimit = 4 * 1024 * 1024;
67 if (size < 128 || size > kSizeLimit)
68 return 0;
69
70 test = qcms_profile_from_memory(data, size);
71 if (!test)
72 return 0;
73
74 const size_t hash = Hash(reinterpret_cast<const char*>(data), size);
75 srgb = SelectProfile(hash);
76 GeneratePixels(hash);
77
78 qcms_profile_precache_output_transform(srgb);
79 ColorTransform(true);
80
81 qcms_profile_precache_output_transform(test);
82 ColorTransform(false);
83
84 qcms_profile_release(test);
85 return 0;
86 }
87