Add fuzz target for previews

[kevinbackhouse]

This fuzz target mimics this code:

exiv2/app/actions.cpp

Lines 584 to 616 in 45c8b18

	int Print::printPreviewList() {
	if (!Exiv2::fileExists(path_)) {
	std::cerr << path_ << ": " << _("Failed to open the file") << "\n";
	return -1;
	}
	auto image = Exiv2::ImageFactory::open(path_);
	image->readMetadata();
	bool const manyFiles = Params::instance().files_.size() > 1;
	int cnt = 0;
	Exiv2::PreviewManager pm(*image);
	std::ostringstream os;
	std::ios::fmtflags f(os.flags());
	Exiv2::PreviewPropertiesList list = pm.getPreviewProperties();
	for (const auto& pos : list) {
	if (manyFiles)
	os << std::setfill(' ') << std::left << std::setw(20) << path_ << " ";
	os << _("Preview") << " " << ++cnt << ": " << pos.mimeType_ << ", ";
	if (pos.width_ != 0 && pos.height_ != 0)
	os << pos.width_ << "x" << pos.height_ << " " << _("pixels") << ", ";
	os << pos.size_ << " " << _("bytes") << "\n";
	}
	binaryOutput(os);
	os.flags(f);
	return 0;
	} // Print::printPreviewList
	Task::UniquePtr Print::clone() const {
	return std::make_unique<Print>(*this);
	}

I'll add it to OSS-Fuzz once it's merged.

[kevinbackhouse]

@mergify backport 0.28.x

[mergify]

backport 0.28.x

✅ Backports have been created

Details

• #3507 Add fuzz target for previews (backport #3505) has been created for branch 0.28.x but encountered conflicts

Cherry-pick of d114ebb has failed:

On branch mergify/bp/0.28.x/pr-3505
Your branch is up to date with 'origin/0.28.x'.

You are currently cherry-picking commit d114ebbb.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	new file:   fuzz/fuzz-preview.cpp

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   fuzz/CMakeLists.txt

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

[Copilot]

Pull request overview

This PR adds a new fuzz target for testing preview metadata extraction functionality in Exiv2. The fuzz target simulates the preview extraction code path from the main application, helping identify potential crashes or errors when processing malformed image files.

Changes:

• Added new fuzz target fuzz-preview.cpp that exercises the PreviewManager API
• Integrated the new fuzz target into the CMake build system

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
fuzz/fuzz-preview.cpp	New fuzz target that reads image metadata and extracts preview properties
fuzz/CMakeLists.txt	Added build configuration for the new fuzz-preview target

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The output written to the ostringstream is never used or validated. In a fuzz target, this creates unnecessary overhead. Consider removing the ostringstream entirely or using the output to exercise additional code paths if that's the intent.

Suggested change

	std::ostringstream os;
	Exiv2::PreviewPropertiesList list = pm.getPreviewProperties();
	for (const auto& pos : list) {
	os << pos.mimeType_ << "\n";
	if (pos.width_ != 0 && pos.height_ != 0)
	os << pos.width_ << " " << pos.height_ << " ";
	os << pos.size_ << "\n";
	}
	Exiv2::PreviewPropertiesList list = pm.getPreviewProperties();
	std::size_t preview_count = 0;
	for (const auto& pos : list) {
	// Touch the fields to ensure they are exercised without incurring
	// the overhead of building an unused ostringstream.
	if (pos.width_ != 0 && pos.height_ != 0) {
	++preview_count;
	}
	preview_count += static_cast<std::size_t>(pos.size_ != 0);
	}
	(void)preview_count;