From 4bafa5689952251fccee9b88ae4758a33a199faf Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 11 May 2020 05:48:25 +0200
Subject: [PATCH 1/9] rename fuzz target, add entry point

---
 tests/fuzz_main.c                             | 54 +++++++++++++++++++
 ..._read_fuzzer.cpp => stb_png_read_fuzzer.c} |  2 +-
 2 files changed, 55 insertions(+), 1 deletion(-)
 create mode 100644 tests/fuzz_main.c
 rename tests/{stb_png_read_fuzzer.cpp => stb_png_read_fuzzer.c} (84%)

diff --git a/tests/fuzz_main.c b/tests/fuzz_main.c
new file mode 100644
index 0000000..40c0cc8
--- /dev/null
+++ b/tests/fuzz_main.c
@@ -0,0 +1,54 @@
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+/* fuzz target entry point, works without libFuzzer */
+
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size);
+
+int main(int argc, char **argv)
+{
+    FILE *f;
+    char *buf = NULL;
+    long siz_buf;
+
+    if(argc < 2)
+    {
+        fprintf(stderr, "no input file\n");
+        goto err;
+    }
+
+    f = fopen(argv[1], "rb");
+    if(f == NULL)
+    {
+        fprintf(stderr, "error opening input file %s\n", argv[1]);
+        goto err;
+    }
+
+    fseek(f, 0, SEEK_END);
+
+    siz_buf = ftell(f);
+    rewind(f);
+
+    if(siz_buf < 1) goto err;
+
+    buf = (char*)malloc((size_t)siz_buf);
+    if(buf == NULL)
+    {
+        fprintf(stderr, "malloc() failed\n");
+        goto err;
+    }
+
+    if(fread(buf, (size_t)siz_buf, 1, f) != 1)
+    {
+        fprintf(stderr, "fread() failed\n");
+        goto err;
+    }
+
+    (void)LLVMFuzzerTestOneInput((uint8_t*)buf, (size_t)siz_buf);
+
+err:
+    free(buf);
+
+    return 0;
+}
diff --git a/tests/stb_png_read_fuzzer.cpp b/tests/stb_png_read_fuzzer.c
similarity index 84%
rename from tests/stb_png_read_fuzzer.cpp
rename to tests/stb_png_read_fuzzer.c
index 0e14e1b..97c9083 100644
--- a/tests/stb_png_read_fuzzer.cpp
+++ b/tests/stb_png_read_fuzzer.c
@@ -2,7 +2,7 @@
 #define STBI_ONLY_PNG
 #include "../stb_image.h"
 
-extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
     int x, y, channels;
 

From b75413f8a4acd25bf1a26eb2ec818d2797c3f348 Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 11 May 2020 08:18:15 +0200
Subject: [PATCH 2/9] do not define STBI_ONLY_PNG in fuzz target

---
 tests/stb_png_read_fuzzer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/stb_png_read_fuzzer.c b/tests/stb_png_read_fuzzer.c
index 97c9083..fc5d8e9 100644
--- a/tests/stb_png_read_fuzzer.c
+++ b/tests/stb_png_read_fuzzer.c
@@ -1,5 +1,5 @@
 #define STB_IMAGE_IMPLEMENTATION
-#define STBI_ONLY_PNG
+
 #include "../stb_image.h"
 
 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)

From 88062723ff0d589360164a8a94ff4c90c777d6e9 Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 11 May 2020 08:18:56 +0200
Subject: [PATCH 3/9] rename fuzz target

---
 tests/{stb_png_read_fuzzer.c => stbi_read_fuzzer.c} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename tests/{stb_png_read_fuzzer.c => stbi_read_fuzzer.c} (100%)

diff --git a/tests/stb_png_read_fuzzer.c b/tests/stbi_read_fuzzer.c
similarity index 100%
rename from tests/stb_png_read_fuzzer.c
rename to tests/stbi_read_fuzzer.c

From 5a7af50fa5ca6f2e75bac7e0e02ab64354df160a Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 11 May 2020 08:47:45 +0200
Subject: [PATCH 4/9] remove stb_png_read_fuzzer.options

---
 tests/stb_png_read_fuzzer.options | 2 --
 1 file changed, 2 deletions(-)
 delete mode 100644 tests/stb_png_read_fuzzer.options

diff --git a/tests/stb_png_read_fuzzer.options b/tests/stb_png_read_fuzzer.options
deleted file mode 100644
index e0c8a84..0000000
--- a/tests/stb_png_read_fuzzer.options
+++ /dev/null
@@ -1,2 +0,0 @@
-[libfuzzer]
-dict = stb_png.dict

From d1d0e9fdb078cbc27f406607dcee775645270e2b Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 11 May 2020 08:59:07 +0200
Subject: [PATCH 5/9] add fuzz target to Makefile

---
 tests/Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/Makefile b/tests/Makefile
index b1e99ae..62aeca0 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -2,9 +2,11 @@ INCLUDES = -I..
 CFLAGS = -Wno-pointer-to-int-cast -Wno-int-to-pointer-cast -DSTB_DIVIDE_TEST
 CPPFLAGS = -Wno-write-strings -DSTB_DIVIDE_TEST
 
+# Uncomment this for reproducing OSS-Fuzz bugs
 #CFLAGS += -O -fsanitize=address
 
 all:
 	$(CC) $(INCLUDES) $(CFLAGS) ../stb_vorbis.c test_c_compilation.c test_c_lexer.c test_dxt.c test_easyfont.c test_image.c test_image_write.c test_perlin.c test_sprintf.c test_truetype.c test_voxel.c -lm
 	$(CC) $(INCLUDES) $(CPPFLAGS) -std=c++0x test_cpp_compilation.cpp -lm -lstdc++
 	$(CC) $(INCLUDES) $(CFLAGS) -DIWT_TEST image_write_test.c -lm -o image_write_test
+	$(CC) $(INCLUDES) $(CFLAGS) fuzz_main.c stbi_read_fuzzer.c -lm -o image_fuzzer

From a7fed59fe42b8157b8711d73e38cd79ff86e7ee5 Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 11 May 2020 08:59:07 +0200
Subject: [PATCH 6/9] add fuzz target to Makefile

---
 tests/Makefile | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/Makefile b/tests/Makefile
index b1e99ae..1782ea6 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -2,9 +2,11 @@ INCLUDES = -I..
 CFLAGS = -Wno-pointer-to-int-cast -Wno-int-to-pointer-cast -DSTB_DIVIDE_TEST
 CPPFLAGS = -Wno-write-strings -DSTB_DIVIDE_TEST
 
-#CFLAGS += -O -fsanitize=address
+# Uncomment this line for reproducing OSS-Fuzz bugs with image_fuzzer
+#CFLAGS += -O -fsanitize=address 
 
 all:
 	$(CC) $(INCLUDES) $(CFLAGS) ../stb_vorbis.c test_c_compilation.c test_c_lexer.c test_dxt.c test_easyfont.c test_image.c test_image_write.c test_perlin.c test_sprintf.c test_truetype.c test_voxel.c -lm
 	$(CC) $(INCLUDES) $(CPPFLAGS) -std=c++0x test_cpp_compilation.cpp -lm -lstdc++
 	$(CC) $(INCLUDES) $(CFLAGS) -DIWT_TEST image_write_test.c -lm -o image_write_test
+	$(CC) $(INCLUDES) $(CFLAGS) fuzz_main.c stbi_read_fuzzer.c -lm -o image_fuzzer

From 9cd6cdc0e55ec3d4c002313fd5f0e6b255e8e06c Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 1 Jun 2020 06:09:16 +0200
Subject: [PATCH 7/9] add ossfuzz build script

---
 tests/ossfuzz.sh | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100755 tests/ossfuzz.sh

diff --git a/tests/ossfuzz.sh b/tests/ossfuzz.sh
new file mode 100755
index 0000000..2af98f5
--- /dev/null
+++ b/tests/ossfuzz.sh
@@ -0,0 +1,25 @@
+#!/bin/bash -eu
+# This script is meant to be run by
+# https://github.com/google/oss-fuzz/blob/master/projects/stb/Dockerfile
+
+$CXX $CXXFLAGS -std=c++11 -I. -DSTBI_ONLY_PNG  \
+    $SRC/stb/tests/stbi_read_fuzzer.c \
+    -o $OUT/stb_png_read_fuzzer $LIB_FUZZING_ENGINE
+
+$CXX $CXXFLAGS -std=c++11 -I. \
+    $SRC/stb/tests/stbi_read_fuzzer.c \
+    -o $OUT/stbi_read_fuzzer $LIB_FUZZING_ENGINE
+
+find $SRC/stb/tests/pngsuite -name "*.png" | \
+     xargs zip $OUT/stb_png_read_fuzzer_seed_corpus.zip
+
+cp $SRC/stb/tests/stb_png.dict $OUT/stb_png_read_fuzzer.dict
+
+tar xvzf $SRC/stb/jpg.tar.gz --directory $SRC/stb/tests
+tar xvzf $SRC/stb/gif.tar.gz --directory $SRC/stb/tests
+
+find $SRC/stb/tests -name "*.png" -o -name "*.jpg" -o -name ".gif" | \
+     xargs zip $OUT/stbi_read_fuzzer_seed_corpus.zip
+
+echo "" >> $SRC/stb/tests/gif.dict
+cat $SRC/stb/tests/gif.dict $SRC/stb/tests/stb_png.dict > $OUT/stbi_read_fuzzer.dict

From c8303509fa8d1236846637b8fc7bdbe0b829cc6e Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 1 Jun 2020 06:18:13 +0200
Subject: [PATCH 8/9] make fuzz target compilable as c++ code

---
 tests/stbi_read_fuzzer.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/tests/stbi_read_fuzzer.c b/tests/stbi_read_fuzzer.c
index fc5d8e9..c25398e 100644
--- a/tests/stbi_read_fuzzer.c
+++ b/tests/stbi_read_fuzzer.c
@@ -1,7 +1,12 @@
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 #define STB_IMAGE_IMPLEMENTATION
 
 #include "../stb_image.h"
 
+
 int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 {
     int x, y, channels;
@@ -17,3 +22,7 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
 
     return 0;
 }
+
+#ifdef __cplusplus
+}
+#endif
\ No newline at end of file

From 3b14b5afa6348d756d7cf49f53cc3a3fe5f30cac Mon Sep 17 00:00:00 2001
From: Randy <randy408@protonmail.com>
Date: Mon, 1 Jun 2020 06:22:44 +0200
Subject: [PATCH 9/9] Update Makefile

---
 tests/Makefile | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/tests/Makefile b/tests/Makefile
index d4a3651..1782ea6 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -2,13 +2,8 @@ INCLUDES = -I..
 CFLAGS = -Wno-pointer-to-int-cast -Wno-int-to-pointer-cast -DSTB_DIVIDE_TEST
 CPPFLAGS = -Wno-write-strings -DSTB_DIVIDE_TEST
 
-<<<<<<< HEAD
 # Uncomment this line for reproducing OSS-Fuzz bugs with image_fuzzer
 #CFLAGS += -O -fsanitize=address 
-=======
-# Uncomment this for reproducing OSS-Fuzz bugs
-#CFLAGS += -O -fsanitize=address
->>>>>>> d1d0e9fdb078cbc27f406607dcee775645270e2b
 
 all:
 	$(CC) $(INCLUDES) $(CFLAGS) ../stb_vorbis.c test_c_compilation.c test_c_lexer.c test_dxt.c test_easyfont.c test_image.c test_image_write.c test_perlin.c test_sprintf.c test_truetype.c test_voxel.c -lm