Bob Friesenhahn
The problem is that automated fuzzing systems like oss-fuzz do not support human input to analyze and dismiss issues. Instead, all issues are equally important and can only be eliminated...
> libavif 1.0.0 is ABI-incompatible with versions prior to 1.0.0, which was released August 2023, and promises more stability going forward: That is interesting. Has a policy decision been made...
I was able to avoid the issue by adding this CMake option: ``` -DJPEGXL_ENABLE_BENCHMARK=OFF ```
I have re-enabled libde265 in the oss-fuzz builds and so hopefully it will be building again in a day or two. I also wrote a FIXME note about switching to...
The configure-based build works as before. I have switched the GraphicsMagick oss-fuzz build to use CMake instead.
Oss-fuzz has verified that this issue no longer exists.
I have since enhanced the tracing of libheif security_limits to include the values set by libheif, as well as values over-ridden by GraphicsMagick. This is the full trace of the...
> % git show > commit 388d4b35697cb06e18a36d24fea9da83fdc42fee (HEAD -> master, origin/master, origin/HEAD) > Author: Dirk Farin > Date: Sat Nov 29 22:51:36 2025 +0100 > > fix invalid read during...
Oss-fuzz reports that this issue has been fixed.