From 95cd77ab8e18d7ccd9393e165dac3c0ce066e789 Mon Sep 17 00:00:00 2001
From: Philippe Antoine <contact@catenacyber.fr>
Date: Wed, 3 Dec 2025 21:58:16 +0100
Subject: [PATCH] oss-fuzz: use nalloc fuzz target

---
 contrib/oss-fuzz/build.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/contrib/oss-fuzz/build.sh b/contrib/oss-fuzz/build.sh
index 7b8f026397..6c0fdc2bf8 100755
--- a/contrib/oss-fuzz/build.sh
+++ b/contrib/oss-fuzz/build.sh
@@ -42,6 +42,15 @@ $CXX $CXXFLAGS -std=c++11 -I. \
      -o $OUT/libpng_read_fuzzer \
      -lFuzzingEngine .libs/libpng16.a -lz
 
+# wrapper script to duplicate target, run with env var NALLOC_FREQ=32
+# having a separate target with allocations failures
+cat << EOF > $OUT/libpng_read_fuzzer_nalloc
+#!/bin/sh
+# LLVMFuzzerTestOneInput for fuzzer detection.
+this_dir=\$(dirname "\$0")
+NALLOC_FREQ=32 \$this_dir/libpng_read_fuzzer \$@
+EOF
+
 # add seed corpus.
 find $SRC/libpng -name "*.png" | grep -v crashers | \
      xargs zip $OUT/libpng_read_fuzzer_seed_corpus.zip