Add Seven New Fuzzer Drivers that Unblocked Fuzz Blockers to Increase the Code Coverage

[qiutianchloe]

Hi! LibPNG development team,

We are researchers from the University of Melbourne in collaboration with the OSS-Fuzz team.
This pull request adds seven new fuzz drivers and corresponding command lines in build.sh.
This change will used for OSS-Fuzz to run fuzzers.

According to the Fuzz Introspector Report, The code coverage stopped improving because of the fuzz blockers that impede the progress of fuzzers.
Our team study analysed the fuzz blockers in LibPNG and has revealed that the majority of top fuzz blockers are related to the fuzz drivers instead of input.

Based on the study result, we came up with 7 new fuzz drivers that unblocked 10 top fuzz blockers.

The local experiments demonstrate that with new fuzz drivers included, the code coverage has increased to 51.67% from 39.29%

[ace-dent]

@ctruta - should fuzzing be moved out of the main repo, to mitigate xz style attacks? (Note: Soc-eng aspect).

[thuanpv]

Thanks @ace-dent for your comment. Our results show that the new fuzz drivers can substantially increase the code coverage of LibPNG. We would like to work with you and @ctruta to address your comments and merge them into the main codebase.

[ctruta]

@ctruta - should fuzzing be moved out of the main repo, to mitigate xz style attacks? (Note: Soc-eng aspect).

I've been dragging my feet on this for a long time and I kindly ask forgiveness 🙂
Will do.

[ctruta]

@ctruta - should fuzzing be moved out of the main repo, to mitigate xz style attacks? (Note: Soc-eng aspect).

I've been dragging my feet on this for a long time and I kindly ask forgiveness 🙂 Will do.

So I just published the new libpng-1.6.44, and I will send the public announcement shortly. I have a bunch of other things to do as well, but my plan for tomorrow is to move contrib/oss-fuzz/ out of libpng and into its own repository.