Merge pull request #131 from dbrgn/afl
Add afl fuzz target
diff --git a/fuzz-afl/.gitignore b/fuzz-afl/.gitignore
new file mode 100644
index 0000000..155b442
--- /dev/null
+++ b/fuzz-afl/.gitignore
@@ -0,0 +1,2 @@
+out/
+out-*/
diff --git a/fuzz-afl/Cargo.toml b/fuzz-afl/Cargo.toml
new file mode 100644
index 0000000..c8983cb
--- /dev/null
+++ b/fuzz-afl/Cargo.toml
@@ -0,0 +1,25 @@
+[package]
+name = "fuzz-target-jpeg-decoder"
+version = "0.1.0"
+authors = ["jpeg-decoder developers"]
+edition = "2018"
+
+[[bin]]
+name = "fuzz_decode"
+path = "src/fuzz_decode.rs"
+
+[[bin]]
+name = "reproduce_decode"
+path = "src/reproduce_decode.rs"
+
+[[bin]]
+name = "fuzz_info"
+path = "src/fuzz_info.rs"
+
+[[bin]]
+name = "reproduce_info"
+path = "src/reproduce_info.rs"
+
+[dependencies]
+afl = "0.8"
+jpeg-decoder = { path = "../" }
diff --git a/fuzz-afl/README.md b/fuzz-afl/README.md
new file mode 100644
index 0000000..0aecdc5
--- /dev/null
+++ b/fuzz-afl/README.md
@@ -0,0 +1,20 @@
+# Fuzzing harnesses
+
+## Using the fuzzer
+
+Install afl:
+
+ $ cargo install afl
+
+Build fuzz target:
+
+ $ cargo afl build --release --bin fuzz_<format>
+
+Run afl:
+
+ $ mkdir out/
+ $ cargo afl fuzz -i in/ -o out/ target/release/fuzz_<target>
+
+To reproduce a crash:
+
+ $ cargo run --bin reproduce_<target>
diff --git a/fuzz-afl/in/4x4.jpg b/fuzz-afl/in/4x4.jpg
new file mode 100644
index 0000000..d7d2845
--- /dev/null
+++ b/fuzz-afl/in/4x4.jpg
Binary files differ
diff --git a/fuzz-afl/in/grass.jpg b/fuzz-afl/in/grass.jpg
new file mode 100644
index 0000000..e29f850
--- /dev/null
+++ b/fuzz-afl/in/grass.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000006,src_000000,op_flip1,pos_3,+cov.jpg b/fuzz-afl/in/id_000006,src_000000,op_flip1,pos_3,+cov.jpg
new file mode 100644
index 0000000..8aa18b8
--- /dev/null
+++ b/fuzz-afl/in/id_000006,src_000000,op_flip1,pos_3,+cov.jpg
@@ -0,0 +1 @@
+ÿØÿð
\ No newline at end of file
diff --git a/fuzz-afl/in/id_000023,src_000000,op_flip1,pos_21,+cov.jpg b/fuzz-afl/in/id_000023,src_000000,op_flip1,pos_21,+cov.jpg
new file mode 100644
index 0000000..49acc0f
--- /dev/null
+++ b/fuzz-afl/in/id_000023,src_000000,op_flip1,pos_21,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000034,src_000000,op_flip1,pos_159,+cov.jpg b/fuzz-afl/in/id_000034,src_000000,op_flip1,pos_159,+cov.jpg
new file mode 100644
index 0000000..5ce94d6
--- /dev/null
+++ b/fuzz-afl/in/id_000034,src_000000,op_flip1,pos_159,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000046,src_000000,op_flip1,pos_164,+cov.jpg b/fuzz-afl/in/id_000046,src_000000,op_flip1,pos_164,+cov.jpg
new file mode 100644
index 0000000..ed8bf77
--- /dev/null
+++ b/fuzz-afl/in/id_000046,src_000000,op_flip1,pos_164,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000056,src_000000,op_flip1,pos_166,+cov.jpg b/fuzz-afl/in/id_000056,src_000000,op_flip1,pos_166,+cov.jpg
new file mode 100644
index 0000000..b5e7d40
--- /dev/null
+++ b/fuzz-afl/in/id_000056,src_000000,op_flip1,pos_166,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000071,src_000000,op_flip1,pos_172.jpg b/fuzz-afl/in/id_000071,src_000000,op_flip1,pos_172.jpg
new file mode 100644
index 0000000..3055452
--- /dev/null
+++ b/fuzz-afl/in/id_000071,src_000000,op_flip1,pos_172.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000081,src_000000,op_flip1,pos_181,+cov.jpg b/fuzz-afl/in/id_000081,src_000000,op_flip1,pos_181,+cov.jpg
new file mode 100644
index 0000000..6961d08
--- /dev/null
+++ b/fuzz-afl/in/id_000081,src_000000,op_flip1,pos_181,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000170,src_000000,op_flip1,pos_307,+cov.jpg b/fuzz-afl/in/id_000170,src_000000,op_flip1,pos_307,+cov.jpg
new file mode 100644
index 0000000..0d072cb
--- /dev/null
+++ b/fuzz-afl/in/id_000170,src_000000,op_flip1,pos_307,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000182,src_000000,op_flip1,pos_503,+cov.jpg b/fuzz-afl/in/id_000182,src_000000,op_flip1,pos_503,+cov.jpg
new file mode 100644
index 0000000..e62b4f7
--- /dev/null
+++ b/fuzz-afl/in/id_000182,src_000000,op_flip1,pos_503,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000186,src_000000,op_flip2,pos_21,+cov.jpg b/fuzz-afl/in/id_000186,src_000000,op_flip2,pos_21,+cov.jpg
new file mode 100644
index 0000000..01e3cf7
--- /dev/null
+++ b/fuzz-afl/in/id_000186,src_000000,op_flip2,pos_21,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000195,src_000000,op_flip2,pos_167,+cov.jpg b/fuzz-afl/in/id_000195,src_000000,op_flip2,pos_167,+cov.jpg
new file mode 100644
index 0000000..3b80e18
--- /dev/null
+++ b/fuzz-afl/in/id_000195,src_000000,op_flip2,pos_167,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000202,src_000000,op_flip2,pos_178,+cov.jpg b/fuzz-afl/in/id_000202,src_000000,op_flip2,pos_178,+cov.jpg
new file mode 100644
index 0000000..09788f1
--- /dev/null
+++ b/fuzz-afl/in/id_000202,src_000000,op_flip2,pos_178,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000223,src_000000,op_flip2,pos_503,+cov.jpg b/fuzz-afl/in/id_000223,src_000000,op_flip2,pos_503,+cov.jpg
new file mode 100644
index 0000000..0f1478e
--- /dev/null
+++ b/fuzz-afl/in/id_000223,src_000000,op_flip2,pos_503,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000224,src_000000,op_flip2,pos_299.jpg b/fuzz-afl/in/id_000224,src_000000,op_flip2,pos_299.jpg
new file mode 100644
index 0000000..be8f1a7
--- /dev/null
+++ b/fuzz-afl/in/id_000224,src_000000,op_flip2,pos_299.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000227,src_000000,op_flip2,pos_503,+cov.jpg b/fuzz-afl/in/id_000227,src_000000,op_flip2,pos_503,+cov.jpg
new file mode 100644
index 0000000..4479414
--- /dev/null
+++ b/fuzz-afl/in/id_000227,src_000000,op_flip2,pos_503,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000305,src_000000,op_arith8,pos_295,val_+20,+cov.jpg b/fuzz-afl/in/id_000305,src_000000,op_arith8,pos_295,val_+20,+cov.jpg
new file mode 100644
index 0000000..90de45f
--- /dev/null
+++ b/fuzz-afl/in/id_000305,src_000000,op_arith8,pos_295,val_+20,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000324,src_000000,op_arith16,pos_227,val_be_-16.jpg b/fuzz-afl/in/id_000324,src_000000,op_arith16,pos_227,val_be_-16.jpg
new file mode 100644
index 0000000..f9914fb
--- /dev/null
+++ b/fuzz-afl/in/id_000324,src_000000,op_arith16,pos_227,val_be_-16.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000338,src_000000,op_int8,pos_23,val_+0,+cov.jpg b/fuzz-afl/in/id_000338,src_000000,op_int8,pos_23,val_+0,+cov.jpg
new file mode 100644
index 0000000..4ee8c06
--- /dev/null
+++ b/fuzz-afl/in/id_000338,src_000000,op_int8,pos_23,val_+0,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000386,src_000000,op_havoc,rep_128,+cov.jpg b/fuzz-afl/in/id_000386,src_000000,op_havoc,rep_128,+cov.jpg
new file mode 100644
index 0000000..4e3bc51
--- /dev/null
+++ b/fuzz-afl/in/id_000386,src_000000,op_havoc,rep_128,+cov.jpg
@@ -0,0 +1 @@
+Ý
\ No newline at end of file
diff --git a/fuzz-afl/in/id_000393,src_000000,op_int32,pos_500,val_-32768,+cov.jpg b/fuzz-afl/in/id_000393,src_000000,op_int32,pos_500,val_-32768,+cov.jpg
new file mode 100644
index 0000000..5ff60e4
--- /dev/null
+++ b/fuzz-afl/in/id_000393,src_000000,op_int32,pos_500,val_-32768,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000397,src_000000,op_havoc,rep_64.jpg b/fuzz-afl/in/id_000397,src_000000,op_havoc,rep_64.jpg
new file mode 100644
index 0000000..6ea6b43
--- /dev/null
+++ b/fuzz-afl/in/id_000397,src_000000,op_havoc,rep_64.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000400,src_000000,op_havoc,rep_64,+cov.jpg b/fuzz-afl/in/id_000400,src_000000,op_havoc,rep_64,+cov.jpg
new file mode 100644
index 0000000..ce542ef
--- /dev/null
+++ b/fuzz-afl/in/id_000400,src_000000,op_havoc,rep_64,+cov.jpg
@@ -0,0 +1 @@
+ÿ
\ No newline at end of file
diff --git a/fuzz-afl/in/id_000416,src_000000,op_havoc,rep_16.jpg b/fuzz-afl/in/id_000416,src_000000,op_havoc,rep_16.jpg
new file mode 100644
index 0000000..b9eca72
--- /dev/null
+++ b/fuzz-afl/in/id_000416,src_000000,op_havoc,rep_16.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000448,src_000000,op_havoc,rep_32,+cov.jpg b/fuzz-afl/in/id_000448,src_000000,op_havoc,rep_32,+cov.jpg
new file mode 100644
index 0000000..9266b38
--- /dev/null
+++ b/fuzz-afl/in/id_000448,src_000000,op_havoc,rep_32,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000449,src_000000,op_havoc,rep_16,+cov.jpg b/fuzz-afl/in/id_000449,src_000000,op_havoc,rep_16,+cov.jpg
new file mode 100644
index 0000000..3ec2053
--- /dev/null
+++ b/fuzz-afl/in/id_000449,src_000000,op_havoc,rep_16,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000508,src_000000,op_havoc,rep_16,+cov.jpg b/fuzz-afl/in/id_000508,src_000000,op_havoc,rep_16,+cov.jpg
new file mode 100644
index 0000000..e8df477
--- /dev/null
+++ b/fuzz-afl/in/id_000508,src_000000,op_havoc,rep_16,+cov.jpg
@@ -0,0 +1 @@
+ÿØÿïÿ
\ No newline at end of file
diff --git a/fuzz-afl/in/id_000514,src_000000,op_havoc,rep_16,+cov.jpg b/fuzz-afl/in/id_000514,src_000000,op_havoc,rep_16,+cov.jpg
new file mode 100644
index 0000000..fe13d64
--- /dev/null
+++ b/fuzz-afl/in/id_000514,src_000000,op_havoc,rep_16,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000514,src_000000,op_havoc,rep_32,+cov.jpg b/fuzz-afl/in/id_000514,src_000000,op_havoc,rep_32,+cov.jpg
new file mode 100644
index 0000000..fa383f2
--- /dev/null
+++ b/fuzz-afl/in/id_000514,src_000000,op_havoc,rep_32,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000528,src_000000,op_havoc,rep_8.jpg b/fuzz-afl/in/id_000528,src_000000,op_havoc,rep_8.jpg
new file mode 100644
index 0000000..15d15c4
--- /dev/null
+++ b/fuzz-afl/in/id_000528,src_000000,op_havoc,rep_8.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000568,src_000000,op_havoc,rep_8,+cov.jpg b/fuzz-afl/in/id_000568,src_000000,op_havoc,rep_8,+cov.jpg
new file mode 100644
index 0000000..966ce15
--- /dev/null
+++ b/fuzz-afl/in/id_000568,src_000000,op_havoc,rep_8,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000578,src_000000,op_havoc,rep_8,+cov.jpg b/fuzz-afl/in/id_000578,src_000000,op_havoc,rep_8,+cov.jpg
new file mode 100644
index 0000000..28c2fcc
--- /dev/null
+++ b/fuzz-afl/in/id_000578,src_000000,op_havoc,rep_8,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000594,sync_jpeg_turbo,src_000580.jpg b/fuzz-afl/in/id_000594,sync_jpeg_turbo,src_000580.jpg
new file mode 100644
index 0000000..4da2f2e
--- /dev/null
+++ b/fuzz-afl/in/id_000594,sync_jpeg_turbo,src_000580.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000597,sync_jpeg_turbo,src_000558.jpg b/fuzz-afl/in/id_000597,sync_jpeg_turbo,src_000558.jpg
new file mode 100644
index 0000000..a35ffb4
--- /dev/null
+++ b/fuzz-afl/in/id_000597,sync_jpeg_turbo,src_000558.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000647,src_000035,op_flip1,pos_305,+cov.jpg b/fuzz-afl/in/id_000647,src_000035,op_flip1,pos_305,+cov.jpg
new file mode 100644
index 0000000..ba1c94e
--- /dev/null
+++ b/fuzz-afl/in/id_000647,src_000035,op_flip1,pos_305,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000667,src_000035,op_int16,pos_306,val_be_+32,+cov.jpg b/fuzz-afl/in/id_000667,src_000035,op_int16,pos_306,val_be_+32,+cov.jpg
new file mode 100644
index 0000000..78d8c81
--- /dev/null
+++ b/fuzz-afl/in/id_000667,src_000035,op_int16,pos_306,val_be_+32,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000681,src_000036,op_int8,pos_306,val_+1,+cov.jpg b/fuzz-afl/in/id_000681,src_000036,op_int8,pos_306,val_+1,+cov.jpg
new file mode 100644
index 0000000..7ab9d3d
--- /dev/null
+++ b/fuzz-afl/in/id_000681,src_000036,op_int8,pos_306,val_+1,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000687,sync_jpeg9,src_001936,+cov.jpg b/fuzz-afl/in/id_000687,sync_jpeg9,src_001936,+cov.jpg
new file mode 100644
index 0000000..7e8bd89
--- /dev/null
+++ b/fuzz-afl/in/id_000687,sync_jpeg9,src_001936,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000827,sync_jpeg9,src_001156.jpg b/fuzz-afl/in/id_000827,sync_jpeg9,src_001156.jpg
new file mode 100644
index 0000000..77da391
--- /dev/null
+++ b/fuzz-afl/in/id_000827,sync_jpeg9,src_001156.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000831,sync_jpeg9,src_000903.jpg b/fuzz-afl/in/id_000831,sync_jpeg9,src_000903.jpg
new file mode 100644
index 0000000..1af9504
--- /dev/null
+++ b/fuzz-afl/in/id_000831,sync_jpeg9,src_000903.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000838,sync_jpeg9,src_000485,+cov.jpg b/fuzz-afl/in/id_000838,sync_jpeg9,src_000485,+cov.jpg
new file mode 100644
index 0000000..c1d81b3
--- /dev/null
+++ b/fuzz-afl/in/id_000838,sync_jpeg9,src_000485,+cov.jpg
@@ -0,0 +1 @@
+ÿØÿìÙ
\ No newline at end of file
diff --git a/fuzz-afl/in/id_000885,sync_jpeg9,src_000654,+cov.jpg b/fuzz-afl/in/id_000885,sync_jpeg9,src_000654,+cov.jpg
new file mode 100644
index 0000000..77ab8e3
--- /dev/null
+++ b/fuzz-afl/in/id_000885,sync_jpeg9,src_000654,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000903,src_000177,op_havoc,rep_2.jpg b/fuzz-afl/in/id_000903,src_000177,op_havoc,rep_2.jpg
new file mode 100644
index 0000000..3c05348
--- /dev/null
+++ b/fuzz-afl/in/id_000903,src_000177,op_havoc,rep_2.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000961,sync_jpeg9,src_002802.jpg b/fuzz-afl/in/id_000961,sync_jpeg9,src_002802.jpg
new file mode 100644
index 0000000..464722b
--- /dev/null
+++ b/fuzz-afl/in/id_000961,sync_jpeg9,src_002802.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_000989,sync_jpeg9,src_001094.jpg b/fuzz-afl/in/id_000989,sync_jpeg9,src_001094.jpg
new file mode 100644
index 0000000..5596295
--- /dev/null
+++ b/fuzz-afl/in/id_000989,sync_jpeg9,src_001094.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001085,sync_jpeg9,src_000887,+cov.jpg b/fuzz-afl/in/id_001085,sync_jpeg9,src_000887,+cov.jpg
new file mode 100644
index 0000000..5e6c234
--- /dev/null
+++ b/fuzz-afl/in/id_001085,sync_jpeg9,src_000887,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001086,sync_jpeg9,src_000744.jpg b/fuzz-afl/in/id_001086,sync_jpeg9,src_000744.jpg
new file mode 100644
index 0000000..f68a4b8
--- /dev/null
+++ b/fuzz-afl/in/id_001086,sync_jpeg9,src_000744.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001118,sync_jpeg9,src_000623.jpg b/fuzz-afl/in/id_001118,sync_jpeg9,src_000623.jpg
new file mode 100644
index 0000000..882b0b2
--- /dev/null
+++ b/fuzz-afl/in/id_001118,sync_jpeg9,src_000623.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001136,sync_jpeg9,src_000760,+cov.jpg b/fuzz-afl/in/id_001136,sync_jpeg9,src_000760,+cov.jpg
new file mode 100644
index 0000000..122d815
--- /dev/null
+++ b/fuzz-afl/in/id_001136,sync_jpeg9,src_000760,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001156,sync_jpeg9,src_000847,+cov.jpg b/fuzz-afl/in/id_001156,sync_jpeg9,src_000847,+cov.jpg
new file mode 100644
index 0000000..88fc17a
--- /dev/null
+++ b/fuzz-afl/in/id_001156,sync_jpeg9,src_000847,+cov.jpg
@@ -0,0 +1 @@
+ÿØÿÝÙ
\ No newline at end of file
diff --git a/fuzz-afl/in/id_001211,sync_jpeg9,src_001184.jpg b/fuzz-afl/in/id_001211,sync_jpeg9,src_001184.jpg
new file mode 100644
index 0000000..41c226b
--- /dev/null
+++ b/fuzz-afl/in/id_001211,sync_jpeg9,src_001184.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001259,sync_jpeg9,src_001469,+cov.jpg b/fuzz-afl/in/id_001259,sync_jpeg9,src_001469,+cov.jpg
new file mode 100644
index 0000000..c48b8c1
--- /dev/null
+++ b/fuzz-afl/in/id_001259,sync_jpeg9,src_001469,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001265,sync_jpeg9,src_000512,+cov.jpg b/fuzz-afl/in/id_001265,sync_jpeg9,src_000512,+cov.jpg
new file mode 100644
index 0000000..3be2e5c
--- /dev/null
+++ b/fuzz-afl/in/id_001265,sync_jpeg9,src_000512,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001346,sync_jpeg9,src_000740.jpg b/fuzz-afl/in/id_001346,sync_jpeg9,src_000740.jpg
new file mode 100644
index 0000000..618cf46
--- /dev/null
+++ b/fuzz-afl/in/id_001346,sync_jpeg9,src_000740.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001366,sync_jpeg9,src_000537,+cov.jpg b/fuzz-afl/in/id_001366,sync_jpeg9,src_000537,+cov.jpg
new file mode 100644
index 0000000..e85ebb7
--- /dev/null
+++ b/fuzz-afl/in/id_001366,sync_jpeg9,src_000537,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001386,src_000607,op_int32,pos_183,val_be_+1.jpg b/fuzz-afl/in/id_001386,src_000607,op_int32,pos_183,val_be_+1.jpg
new file mode 100644
index 0000000..87dd13a
--- /dev/null
+++ b/fuzz-afl/in/id_001386,src_000607,op_int32,pos_183,val_be_+1.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001411,src_000636,op_flip4,pos_165,+cov.jpg b/fuzz-afl/in/id_001411,src_000636,op_flip4,pos_165,+cov.jpg
new file mode 100644
index 0000000..7df416b
--- /dev/null
+++ b/fuzz-afl/in/id_001411,src_000636,op_flip4,pos_165,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001427,src_000319,op_havoc,rep_1.jpg b/fuzz-afl/in/id_001427,src_000319,op_havoc,rep_1.jpg
new file mode 100644
index 0000000..1b1d766
--- /dev/null
+++ b/fuzz-afl/in/id_001427,src_000319,op_havoc,rep_1.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001458,src_000531,op_flip4,pos_287.jpg b/fuzz-afl/in/id_001458,src_000531,op_flip4,pos_287.jpg
new file mode 100644
index 0000000..6de8c31
--- /dev/null
+++ b/fuzz-afl/in/id_001458,src_000531,op_flip4,pos_287.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001467,src_000666,op_flip4,pos_307,+cov.jpg b/fuzz-afl/in/id_001467,src_000666,op_flip4,pos_307,+cov.jpg
new file mode 100644
index 0000000..25725f1
--- /dev/null
+++ b/fuzz-afl/in/id_001467,src_000666,op_flip4,pos_307,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001505,src_000633,op_flip1,pos_2,+cov.jpg b/fuzz-afl/in/id_001505,src_000633,op_flip1,pos_2,+cov.jpg
new file mode 100644
index 0000000..602eb13
--- /dev/null
+++ b/fuzz-afl/in/id_001505,src_000633,op_flip1,pos_2,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001655,src_001333,op_flip2,pos_455.jpg b/fuzz-afl/in/id_001655,src_001333,op_flip2,pos_455.jpg
new file mode 100644
index 0000000..f1f5ae4
--- /dev/null
+++ b/fuzz-afl/in/id_001655,src_001333,op_flip2,pos_455.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001696,src_001527,op_arith8,pos_296,val_-17.jpg b/fuzz-afl/in/id_001696,src_001527,op_arith8,pos_296,val_-17.jpg
new file mode 100644
index 0000000..b7f9ac9
--- /dev/null
+++ b/fuzz-afl/in/id_001696,src_001527,op_arith8,pos_296,val_-17.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001744,src_001635,op_arith8,pos_164,val_-28.jpg b/fuzz-afl/in/id_001744,src_001635,op_arith8,pos_164,val_-28.jpg
new file mode 100644
index 0000000..7428bec
--- /dev/null
+++ b/fuzz-afl/in/id_001744,src_001635,op_arith8,pos_164,val_-28.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001792,src_000728,op_int32,pos_227,val_be_+1000.jpg b/fuzz-afl/in/id_001792,src_000728,op_int32,pos_227,val_be_+1000.jpg
new file mode 100644
index 0000000..88c9ba7
--- /dev/null
+++ b/fuzz-afl/in/id_001792,src_000728,op_int32,pos_227,val_be_+1000.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_001952,src_001930,op_havoc,rep_4.jpg b/fuzz-afl/in/id_001952,src_001930,op_havoc,rep_4.jpg
new file mode 100644
index 0000000..333cebd
--- /dev/null
+++ b/fuzz-afl/in/id_001952,src_001930,op_havoc,rep_4.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_002005,src_001056,op_flip2,pos_175.jpg b/fuzz-afl/in/id_002005,src_001056,op_flip2,pos_175.jpg
new file mode 100644
index 0000000..94f9287
--- /dev/null
+++ b/fuzz-afl/in/id_002005,src_001056,op_flip2,pos_175.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_002075,src_001092,op_arith8,pos_209,val_+20,+cov.jpg b/fuzz-afl/in/id_002075,src_001092,op_arith8,pos_209,val_+20,+cov.jpg
new file mode 100644
index 0000000..2d245b1
--- /dev/null
+++ b/fuzz-afl/in/id_002075,src_001092,op_arith8,pos_209,val_+20,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_002199,sync_jpeg_turbo,src_001677.jpg b/fuzz-afl/in/id_002199,sync_jpeg_turbo,src_001677.jpg
new file mode 100644
index 0000000..86fc64a
--- /dev/null
+++ b/fuzz-afl/in/id_002199,sync_jpeg_turbo,src_001677.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_002306,src_001438,op_flip4,pos_290,+cov.jpg b/fuzz-afl/in/id_002306,src_001438,op_flip4,pos_290,+cov.jpg
new file mode 100644
index 0000000..cabb233
--- /dev/null
+++ b/fuzz-afl/in/id_002306,src_001438,op_flip4,pos_290,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_002423,src_001504,op_arith32,pos_300,val_-13.jpg b/fuzz-afl/in/id_002423,src_001504,op_arith32,pos_300,val_-13.jpg
new file mode 100644
index 0000000..893175d
--- /dev/null
+++ b/fuzz-afl/in/id_002423,src_001504,op_arith32,pos_300,val_-13.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_002987,sync_jpeg_turbo,src_001510,+cov.jpg b/fuzz-afl/in/id_002987,sync_jpeg_turbo,src_001510,+cov.jpg
new file mode 100644
index 0000000..bb1184f
--- /dev/null
+++ b/fuzz-afl/in/id_002987,sync_jpeg_turbo,src_001510,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_003091,src_002994,op_flip1,pos_159,+cov.jpg b/fuzz-afl/in/id_003091,src_002994,op_flip1,pos_159,+cov.jpg
new file mode 100644
index 0000000..7b55d84
--- /dev/null
+++ b/fuzz-afl/in/id_003091,src_002994,op_flip1,pos_159,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_003098,src_003010,op_flip4,pos_27.jpg b/fuzz-afl/in/id_003098,src_003010,op_flip4,pos_27.jpg
new file mode 100644
index 0000000..ddbe32b
--- /dev/null
+++ b/fuzz-afl/in/id_003098,src_003010,op_flip4,pos_27.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_003112,src_003036,op_arith8,pos_175,val_+13.jpg b/fuzz-afl/in/id_003112,src_003036,op_arith8,pos_175,val_+13.jpg
new file mode 100644
index 0000000..3c089c7
--- /dev/null
+++ b/fuzz-afl/in/id_003112,src_003036,op_arith8,pos_175,val_+13.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_003131,src_003114,op_havoc,rep_128,+cov.jpg b/fuzz-afl/in/id_003131,src_003114,op_havoc,rep_128,+cov.jpg
new file mode 100644
index 0000000..2abddcb
--- /dev/null
+++ b/fuzz-afl/in/id_003131,src_003114,op_havoc,rep_128,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_003141,sync_jpeg_turbo,src_001694.jpg b/fuzz-afl/in/id_003141,sync_jpeg_turbo,src_001694.jpg
new file mode 100644
index 0000000..ab0ec70
--- /dev/null
+++ b/fuzz-afl/in/id_003141,sync_jpeg_turbo,src_001694.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_003632,src_003613,op_havoc,rep_8.jpg b/fuzz-afl/in/id_003632,src_003613,op_havoc,rep_8.jpg
new file mode 100644
index 0000000..46cb8b8
--- /dev/null
+++ b/fuzz-afl/in/id_003632,src_003613,op_havoc,rep_8.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_003685,sync_jpeg_turbo,src_002052,+cov.jpg b/fuzz-afl/in/id_003685,sync_jpeg_turbo,src_002052,+cov.jpg
new file mode 100644
index 0000000..88fab8b
--- /dev/null
+++ b/fuzz-afl/in/id_003685,sync_jpeg_turbo,src_002052,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_003813,sync_jpeg_turbo,src_002223.jpg b/fuzz-afl/in/id_003813,sync_jpeg_turbo,src_002223.jpg
new file mode 100644
index 0000000..f2b5020
--- /dev/null
+++ b/fuzz-afl/in/id_003813,sync_jpeg_turbo,src_002223.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004086,sync_jpeg_turbo,src_002441.jpg b/fuzz-afl/in/id_004086,sync_jpeg_turbo,src_002441.jpg
new file mode 100644
index 0000000..4153997
--- /dev/null
+++ b/fuzz-afl/in/id_004086,sync_jpeg_turbo,src_002441.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004141,src_004138,op_int8,pos_44,val_+1,+cov.jpg b/fuzz-afl/in/id_004141,src_004138,op_int8,pos_44,val_+1,+cov.jpg
new file mode 100644
index 0000000..2d6a2eb
--- /dev/null
+++ b/fuzz-afl/in/id_004141,src_004138,op_int8,pos_44,val_+1,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004143,src_003886+004101,op_splice,rep_2.jpg b/fuzz-afl/in/id_004143,src_003886+004101,op_splice,rep_2.jpg
new file mode 100644
index 0000000..959919b
--- /dev/null
+++ b/fuzz-afl/in/id_004143,src_003886+004101,op_splice,rep_2.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004173,sync_jpeg_turbo,src_002577.jpg b/fuzz-afl/in/id_004173,sync_jpeg_turbo,src_002577.jpg
new file mode 100644
index 0000000..47f375f
--- /dev/null
+++ b/fuzz-afl/in/id_004173,sync_jpeg_turbo,src_002577.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004289,sync_jpeg_turbo,src_002582.jpg b/fuzz-afl/in/id_004289,sync_jpeg_turbo,src_002582.jpg
new file mode 100644
index 0000000..7af06f7
--- /dev/null
+++ b/fuzz-afl/in/id_004289,sync_jpeg_turbo,src_002582.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004294,src_004289,op_flip2,pos_104.jpg b/fuzz-afl/in/id_004294,src_004289,op_flip2,pos_104.jpg
new file mode 100644
index 0000000..45bbf6a
--- /dev/null
+++ b/fuzz-afl/in/id_004294,src_004289,op_flip2,pos_104.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004356,src_004355,op_flip1,pos_49.jpg b/fuzz-afl/in/id_004356,src_004355,op_flip1,pos_49.jpg
new file mode 100644
index 0000000..181c9dd
--- /dev/null
+++ b/fuzz-afl/in/id_004356,src_004355,op_flip1,pos_49.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004623,src_004596,op_havoc,rep_4.jpg b/fuzz-afl/in/id_004623,src_004596,op_havoc,rep_4.jpg
new file mode 100644
index 0000000..f220e73
--- /dev/null
+++ b/fuzz-afl/in/id_004623,src_004596,op_havoc,rep_4.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004630,src_004598,op_arith8,pos_93,val_+9.jpg b/fuzz-afl/in/id_004630,src_004598,op_arith8,pos_93,val_+9.jpg
new file mode 100644
index 0000000..7333282
--- /dev/null
+++ b/fuzz-afl/in/id_004630,src_004598,op_arith8,pos_93,val_+9.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004675,src_004650,op_flip1,pos_103.jpg b/fuzz-afl/in/id_004675,src_004650,op_flip1,pos_103.jpg
new file mode 100644
index 0000000..51a2b64
--- /dev/null
+++ b/fuzz-afl/in/id_004675,src_004650,op_flip1,pos_103.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004829,sync_jpeg_turbo_extras,src_002309.jpg b/fuzz-afl/in/id_004829,sync_jpeg_turbo_extras,src_002309.jpg
new file mode 100644
index 0000000..a2f66e4
--- /dev/null
+++ b/fuzz-afl/in/id_004829,sync_jpeg_turbo_extras,src_002309.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004851,sync_jpeg_turbo,src_003589.jpg b/fuzz-afl/in/id_004851,sync_jpeg_turbo,src_003589.jpg
new file mode 100644
index 0000000..da80fb0
--- /dev/null
+++ b/fuzz-afl/in/id_004851,sync_jpeg_turbo,src_003589.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_004887,src_004848,op_flip1,pos_284.jpg b/fuzz-afl/in/id_004887,src_004848,op_flip1,pos_284.jpg
new file mode 100644
index 0000000..82cc7f4
--- /dev/null
+++ b/fuzz-afl/in/id_004887,src_004848,op_flip1,pos_284.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_005371,src_004601,op_havoc,rep_2.jpg b/fuzz-afl/in/id_005371,src_004601,op_havoc,rep_2.jpg
new file mode 100644
index 0000000..d02a4c5
--- /dev/null
+++ b/fuzz-afl/in/id_005371,src_004601,op_havoc,rep_2.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_005661,src_005658,op_havoc,rep_8,+cov.jpg b/fuzz-afl/in/id_005661,src_005658,op_havoc,rep_8,+cov.jpg
new file mode 100644
index 0000000..521c48d
--- /dev/null
+++ b/fuzz-afl/in/id_005661,src_005658,op_havoc,rep_8,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_005679,src_005671,op_havoc,rep_1,+cov.jpg b/fuzz-afl/in/id_005679,src_005671,op_havoc,rep_1,+cov.jpg
new file mode 100644
index 0000000..ed3fbd3
--- /dev/null
+++ b/fuzz-afl/in/id_005679,src_005671,op_havoc,rep_1,+cov.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_005745,src_005744,op_flip1,pos_97.jpg b/fuzz-afl/in/id_005745,src_005744,op_flip1,pos_97.jpg
new file mode 100644
index 0000000..26c8dcb
--- /dev/null
+++ b/fuzz-afl/in/id_005745,src_005744,op_flip1,pos_97.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_005758,sync_jpeg_turbo,src_004354.jpg b/fuzz-afl/in/id_005758,sync_jpeg_turbo,src_004354.jpg
new file mode 100644
index 0000000..b2d5fd0
--- /dev/null
+++ b/fuzz-afl/in/id_005758,sync_jpeg_turbo,src_004354.jpg
Binary files differ
diff --git a/fuzz-afl/in/id_005761,src_005759,op_flip1,pos_52.jpg b/fuzz-afl/in/id_005761,src_005759,op_flip1,pos_52.jpg
new file mode 100644
index 0000000..a4f53d3
--- /dev/null
+++ b/fuzz-afl/in/id_005761,src_005759,op_flip1,pos_52.jpg
Binary files differ
diff --git a/fuzz-afl/in/relax-jpeg.jpg b/fuzz-afl/in/relax-jpeg.jpg
new file mode 100644
index 0000000..a3fdf50
--- /dev/null
+++ b/fuzz-afl/in/relax-jpeg.jpg
Binary files differ
diff --git a/fuzz-afl/in/relax-jpeg2000.jp2 b/fuzz-afl/in/relax-jpeg2000.jp2
new file mode 100644
index 0000000..3cbabfc
--- /dev/null
+++ b/fuzz-afl/in/relax-jpeg2000.jp2
Binary files differ
diff --git a/fuzz-afl/in/window-q0.jpg b/fuzz-afl/in/window-q0.jpg
new file mode 100644
index 0000000..f1bdf6f
--- /dev/null
+++ b/fuzz-afl/in/window-q0.jpg
Binary files differ
diff --git a/fuzz-afl/in/window-q20.jpg b/fuzz-afl/in/window-q20.jpg
new file mode 100644
index 0000000..a614bb4
--- /dev/null
+++ b/fuzz-afl/in/window-q20.jpg
Binary files differ
diff --git a/fuzz-afl/src/fuzz_decode.rs b/fuzz-afl/src/fuzz_decode.rs
new file mode 100644
index 0000000..0afc891
--- /dev/null
+++ b/fuzz-afl/src/fuzz_decode.rs
@@ -0,0 +1,15 @@
+use afl::fuzz;
+
+use jpeg_decoder::{Decoder, Error};
+
+#[inline(always)]
+fn decode(data: &[u8]) -> Result<Vec<u8>, Error> {
+ let mut decoder = Decoder::new(data);
+ decoder.decode()
+}
+
+fn main() {
+ fuzz(true, |data: &[u8]| {
+ let _ = decode(data);
+ });
+}
diff --git a/fuzz-afl/src/fuzz_info.rs b/fuzz-afl/src/fuzz_info.rs
new file mode 100644
index 0000000..9cecc18
--- /dev/null
+++ b/fuzz-afl/src/fuzz_info.rs
@@ -0,0 +1,15 @@
+use afl::fuzz;
+
+use jpeg_decoder::{Decoder, ImageInfo};
+
+#[inline(always)]
+fn get_info(data: &[u8]) -> Option<ImageInfo> {
+ let mut decoder = Decoder::new(data);
+ decoder.read_info().ok().and_then(|_| decoder.info())
+}
+
+fn main() {
+ fuzz(true, |data: &[u8]| {
+ let _ = get_info(data);
+ });
+}
diff --git a/fuzz-afl/src/reproduce_decode.rs b/fuzz-afl/src/reproduce_decode.rs
new file mode 100644
index 0000000..572fdf3
--- /dev/null
+++ b/fuzz-afl/src/reproduce_decode.rs
@@ -0,0 +1,17 @@
+use jpeg_decoder::{Decoder, Error};
+
+mod utils;
+
+#[inline(always)]
+fn decode(data: &[u8]) -> Result<Vec<u8>, Error> {
+ let mut decoder = Decoder::new(data);
+ decoder.decode()
+}
+
+fn main() {
+ let data = utils::read_file_from_args();
+ match decode(&data) {
+ Ok(bytes) => println!("Decoded {} bytes", bytes.len()),
+ Err(e) => println!("Decoder returned an error: {:?}\nNote: Not a panic, this is fine.", e),
+ };
+}
diff --git a/fuzz-afl/src/reproduce_info.rs b/fuzz-afl/src/reproduce_info.rs
new file mode 100644
index 0000000..1415f24
--- /dev/null
+++ b/fuzz-afl/src/reproduce_info.rs
@@ -0,0 +1,17 @@
+use jpeg_decoder::{Decoder, ImageInfo};
+
+mod utils;
+
+#[inline(always)]
+fn get_info(data: &[u8]) -> Option<ImageInfo> {
+ let mut decoder = Decoder::new(data);
+ decoder.read_info().ok().and_then(|_| decoder.info())
+}
+
+fn main() {
+ let data = utils::read_file_from_args();
+ match get_info(&data) {
+ Some(info) => println!("Info: {:?}", info),
+ None => println!("Found no info in file"),
+ };
+}
diff --git a/fuzz-afl/src/utils.rs b/fuzz-afl/src/utils.rs
new file mode 100644
index 0000000..57fb7e6
--- /dev/null
+++ b/fuzz-afl/src/utils.rs
@@ -0,0 +1,10 @@
+pub fn read_file_from_args() -> Vec<u8> {
+ let args: Vec<String> = std::env::args().collect();
+ if args.len() != 2 {
+ println!("Usage: {} <path-to-crash>", args[0]);
+ std::process::exit(1);
+ }
+ let data = std::fs::read(&args[1])
+ .expect(&format!("Could not open file {}", args[1]));
+ data
+}
