doxygen/trunk/target__dec__fuzzer_8c_source.html

 /*
  * This file is part of FFmpeg.
  *
  * FFmpeg is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
  * version 2.1 of the License, or (at your option) any later version.
  *
  * FFmpeg is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with FFmpeg; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  */

 /* Targeted fuzzer that targets specific codecs depending on two
    compile-time flags.
   INSTRUCTIONS:

   * Get the very fresh clang, e.g. see http://libfuzzer.info#versions
   * Get and build libFuzzer:
      svn co http://llvm.org/svn/llvm-project/llvm/trunk/lib/Fuzzer
      ./Fuzzer/build.sh
   * build ffmpeg for fuzzing:
     FLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard,trace-cmp -g" CC="clang $FLAGS" CXX="clang++ $FLAGS" ./configure  --disable-x86asm
     make clean && make -j
   * build the fuzz target.
     Choose the value of FFMPEG_CODEC (e.g. AV_CODEC_ID_DVD_SUBTITLE) and
     choose one of FUZZ_FFMPEG_VIDEO, FUZZ_FFMPEG_AUDIO, FUZZ_FFMPEG_SUBTITLE.
     clang -fsanitize=address -fsanitize-coverage=trace-pc-guard,trace-cmp tools/target_dec_fuzzer.c -o target_dec_fuzzer -I.   -DFFMPEG_CODEC=AV_CODEC_ID_MPEG1VIDEO -DFUZZ_FFMPEG_VIDEO ../../libfuzzer/libFuzzer.a   -Llibavcodec -Llibavdevice -Llibavfilter -Llibavformat -Llibavresample -Llibavutil -Llibpostproc -Llibswscale -Llibswresample -Wl,--as-needed -Wl,-z,noexecstack -Wl,--warn-common -Wl,-rpath-link=:libpostproc:libswresample:libswscale:libavfilter:libavdevice:libavformat:libavcodec:libavutil:libavresample -lavdevice -lavfilter -lavformat -lavcodec -lswresample -lswscale -lavutil -ldl -lxcb -lxcb-shm -lxcb -lxcb-xfixes  -lxcb -lxcb-shape -lxcb -lX11 -lasound -lm -lbz2 -lz -pthread
   * create a corpus directory and put some samples there (empty dir is ok too):
     mkdir CORPUS && cp some-files CORPUS

   * Run fuzzing:
     ./target_dec_fuzzer -max_len=100000 CORPUS

    More info:
    http://libfuzzer.info
    http://tutorial.libfuzzer.info
    https://github.com/google/oss-fuzz
    http://lcamtuf.coredump.cx/afl/
    https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html
 */

 #include "config.h"
 #include "libavutil/avassert.h"
 #include "libavutil/imgutils.h"
 #include "libavutil/intreadwrite.h"

 #include "libavcodec/avcodec.h"
 #include "libavcodec/bytestream.h"
 #include "libavformat/avformat.h"

 //For FF_SANE_NB_CHANNELS, so we dont waste energy testing things that will get instantly rejected
 #include "libavcodec/internal.h"

 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);

 extern AVCodec * codec_list[];

 static void error(const char *err)
 {
     fprintf(stderr, "%s", err);
     exit(1);
 }

 static AVCodec *c = NULL;
 static AVCodec *AVCodecInitialize(enum AVCodecID codec_id)
 {
     AVCodec *res;

     res = avcodec_find_decoder(codec_id);
     if (!res)
         error("Failed to find decoder");
     return res;
 }

 static int subtitle_handler(AVCodecContext *avctx, void *frame,
                             int *got_sub_ptr, AVPacket *avpkt)
 {
     AVSubtitle sub;
     int ret = avcodec_decode_subtitle2(avctx, &sub, got_sub_ptr, avpkt);
     if (ret >= 0 && *got_sub_ptr)
         avsubtitle_free(&sub);
     return ret;
 }

 // Ensure we don't loop forever
 const uint32_t maxiteration = 8096;
 const uint64_t maxpixels_per_frame = 4096 * 4096;
 uint64_t maxpixels;

 uint64_t maxsamples_per_frame = 256*1024*32;
 uint64_t maxsamples;

 static const uint64_t FUZZ_TAG = 0x4741542D5A5A5546ULL;

 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     const uint64_t fuzz_tag = FUZZ_TAG;
     const uint8_t *last = data;
     const uint8_t *end = data + size;
     uint32_t it = 0;
     uint64_t ec_pixels = 0;
     uint64_t nb_samples = 0;
     int (*decode_handler)(AVCodecContext *avctx, AVFrame *picture,
                           int *got_picture_ptr,
                           const AVPacket *avpkt) = NULL;
     AVCodecParserContext *parser = NULL;
     uint64_t keyframes = 0;
     AVDictionary *opts = NULL;

     if (!c) {
 #ifdef FFMPEG_DECODER
 #define DECODER_SYMBOL0(CODEC) ff_##CODEC##_decoder
 #define DECODER_SYMBOL(CODEC) DECODER_SYMBOL0(CODEC)
         extern AVCodec DECODER_SYMBOL(FFMPEG_DECODER);
         codec_list[0] = &DECODER_SYMBOL(FFMPEG_DECODER);
         avcodec_register(&DECODER_SYMBOL(FFMPEG_DECODER));

 #if FFMPEG_DECODER == tiff || FFMPEG_DECODER == tdsc
         extern AVCodec DECODER_SYMBOL(mjpeg);
         codec_list[1] = &DECODER_SYMBOL(mjpeg);
         avcodec_register(&DECODER_SYMBOL(mjpeg));
 #endif

         c = &DECODER_SYMBOL(FFMPEG_DECODER);
 #else
         avcodec_register_all();
         c = AVCodecInitialize(FFMPEG_CODEC);  // Done once.
 #endif
         av_log_set_level(AV_LOG_PANIC);
     }

     switch (c->type) {
     case AVMEDIA_TYPE_AUDIO   : decode_handler = avcodec_decode_audio4; break;
     case AVMEDIA_TYPE_VIDEO   : decode_handler = avcodec_decode_video2; break;
     case AVMEDIA_TYPE_SUBTITLE: decode_handler = subtitle_handler     ; break;
     }
     switch (c->id) {
     case AV_CODEC_ID_APE:       maxsamples_per_frame /= 256; break;
     }
     maxpixels = maxpixels_per_frame * maxiteration;
     maxsamples = maxsamples_per_frame * maxiteration;
     switch (c->id) {
     case AV_CODEC_ID_BINKVIDEO:   maxpixels  /= 32;    break;
     case AV_CODEC_ID_CFHD:        maxpixels  /= 128;   break;
     case AV_CODEC_ID_DIRAC:       maxpixels  /= 8192;  break;
     case AV_CODEC_ID_DST:         maxsamples /= 8192;  break;
     case AV_CODEC_ID_DXV:         maxpixels  /= 32;    break;
     case AV_CODEC_ID_FFWAVESYNTH: maxsamples /= 16384; break;
     case AV_CODEC_ID_G2M:         maxpixels  /= 64;    break;
     case AV_CODEC_ID_GDV:         maxpixels  /= 512;   break;
     case AV_CODEC_ID_GIF:         maxpixels  /= 16;    break;
     case AV_CODEC_ID_HAP:         maxpixels  /= 128;   break;
     case AV_CODEC_ID_HEVC:        maxpixels  /= 16384; break;
     case AV_CODEC_ID_HNM4_VIDEO:  maxpixels  /= 128;   break;
     case AV_CODEC_ID_IFF_ILBM:    maxpixels  /= 128;   break;
     case AV_CODEC_ID_INDEO4:      maxpixels  /= 128;   break;
     case AV_CODEC_ID_LAGARITH:    maxpixels  /= 1024;  break;
     case AV_CODEC_ID_LSCR:        maxpixels  /= 16;    break;
     case AV_CODEC_ID_MOTIONPIXELS:maxpixels  /= 256;   break;
     case AV_CODEC_ID_MP4ALS:      maxsamples /= 65536; break;
     case AV_CODEC_ID_MSRLE:       maxpixels  /= 16;    break;
     case AV_CODEC_ID_MSS2:        maxpixels  /= 16384; break;
     case AV_CODEC_ID_MSZH:        maxpixels  /= 128;   break;
     case AV_CODEC_ID_PNG:         maxpixels  /= 128;   break;
     case AV_CODEC_ID_APNG:        maxpixels  /= 128;   break;
     case AV_CODEC_ID_QTRLE:       maxpixels  /= 16;    break;
     case AV_CODEC_ID_RASC:        maxpixels  /= 16;    break;
     case AV_CODEC_ID_SANM:        maxpixels  /= 16;    break;
     case AV_CODEC_ID_SCPR:        maxpixels  /= 32;    break;
     case AV_CODEC_ID_SCREENPRESSO:maxpixels  /= 64;    break;
     case AV_CODEC_ID_SMACKVIDEO:  maxpixels  /= 64;    break;
     case AV_CODEC_ID_SNOW:        maxpixels  /= 128;   break;
     case AV_CODEC_ID_TGV:         maxpixels  /= 32;    break;
     case AV_CODEC_ID_TRUEMOTION2: maxpixels  /= 1024;  break;
     case AV_CODEC_ID_VP7:         maxpixels  /= 256;   break;
     case AV_CODEC_ID_VP9:         maxpixels  /= 4096;  break;
     case AV_CODEC_ID_ZEROCODEC:   maxpixels  /= 128;   break;
     }


     AVCodecContext* ctx = avcodec_alloc_context3(c);
     AVCodecContext* parser_avctx = avcodec_alloc_context3(NULL);
     if (!ctx || !parser_avctx)
         error("Failed memory allocation");

     if (ctx->max_pixels == 0 || ctx->max_pixels > maxpixels_per_frame)
         ctx->max_pixels = maxpixels_per_frame; //To reduce false positive OOM and hangs
     ctx->refcounted_frames = 1; //To reduce false positive timeouts and focus testing on the refcounted API

     ctx->max_samples = maxsamples_per_frame;

     if (size > 1024) {
         GetByteContext gbc;
         int extradata_size;
         int flags;
         size -= 1024;
         bytestream2_init(&gbc, data + size, 1024);
         ctx->width                              = bytestream2_get_le32(&gbc);
         ctx->height                             = bytestream2_get_le32(&gbc);
         ctx->bit_rate                           = bytestream2_get_le64(&gbc);
         ctx->bits_per_coded_sample              = bytestream2_get_le32(&gbc);
         // Try to initialize a parser for this codec, note, this may fail which just means we test without one
         flags = bytestream2_get_byte(&gbc);
         if (flags & 1)
             parser = av_parser_init(c->id);
         if (flags & 2)
             ctx->strict_std_compliance = FF_COMPLIANCE_EXPERIMENTAL;
         if (flags & 4) {
             ctx->err_recognition = AV_EF_AGGRESSIVE | AV_EF_COMPLIANT | AV_EF_CAREFUL;
             if (flags & 8)
                 ctx->err_recognition |= AV_EF_EXPLODE;
         }
         if ((flags & 0x10) && c->id != AV_CODEC_ID_H264)
             ctx->flags2 |= AV_CODEC_FLAG2_FAST;

         if (flags & 0x40)
             av_force_cpu_flags(0);

         extradata_size = bytestream2_get_le32(&gbc);

         ctx->sample_rate                        = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;
         ctx->channels                           = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;
         ctx->block_align                        = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;
         ctx->codec_tag                          = bytestream2_get_le32(&gbc);
         if (c->codec_tags) {
             int n;
             for (n = 0; c->codec_tags[n] != FF_CODEC_TAGS_END; n++);
             ctx->codec_tag = c->codec_tags[ctx->codec_tag % n];
         }
         keyframes                               = bytestream2_get_le64(&gbc);
         ctx->request_channel_layout             = bytestream2_get_le64(&gbc);

         ctx->idct_algo                          = bytestream2_get_byte(&gbc) % 25;

         if (flags & 0x20) {
             switch (ctx->codec_id) {
             case AV_CODEC_ID_AC3:
             case AV_CODEC_ID_EAC3:
                 av_dict_set_int(&opts, "cons_noisegen", bytestream2_get_byte(&gbc) & 1, 0);
                 av_dict_set_int(&opts, "heavy_compr",   bytestream2_get_byte(&gbc) & 1, 0);
                 av_dict_set_int(&opts, "target_level",  (int)(bytestream2_get_byte(&gbc) % 32) - 31, 0);
                 av_dict_set_int(&opts, "dmix_mode",     (int)(bytestream2_get_byte(&gbc) %  4) -  1, 0);
                 break;
             }
         }


         if (extradata_size < size) {
             ctx->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE);
             if (ctx->extradata) {
                 ctx->extradata_size = extradata_size;
                 size -= ctx->extradata_size;
                 memcpy(ctx->extradata, data + size, ctx->extradata_size);
             }
         }
         if (av_image_check_size(ctx->width, ctx->height, 0, ctx))
             ctx->width = ctx->height = 0;
     }

     int res = avcodec_open2(ctx, c, &opts);
     if (res < 0) {
         avcodec_free_context(&ctx);
         av_free(parser_avctx);
         av_parser_close(parser);
         av_dict_free(&opts);
         return 0; // Failure of avcodec_open2() does not imply that a issue was found
     }
     parser_avctx->codec_id = ctx->codec_id;

     int got_frame;
     AVFrame *frame = av_frame_alloc();
     if (!frame)
         error("Failed memory allocation");

     // Read very simple container
     AVPacket avpkt, parsepkt;
     av_init_packet(&avpkt);
     av_init_packet(&parsepkt);
     while (data < end && it < maxiteration) {
         // Search for the TAG
         while (data + sizeof(fuzz_tag) < end) {
             if (data[0] == (fuzz_tag & 0xFF) && AV_RN64(data) == fuzz_tag)
                 break;
             data++;
         }
         if (data + sizeof(fuzz_tag) > end)
             data = end;

         res = av_new_packet(&parsepkt, data - last);
         if (res < 0)
             error("Failed memory allocation");
         memcpy(parsepkt.data, last, data - last);
         parsepkt.flags = (keyframes & 1) * AV_PKT_FLAG_DISCARD + (!!(keyframes & 2)) * AV_PKT_FLAG_KEY;
         keyframes = (keyframes >> 2) + (keyframes<<62);
         data += sizeof(fuzz_tag);
         last = data;

         while (parsepkt.size > 0) {

             if (parser) {
                 av_init_packet(&avpkt);
                 int ret = av_parser_parse2(parser, parser_avctx, &avpkt.data, &avpkt.size,
                                            parsepkt.data, parsepkt.size,
                                            parsepkt.pts, parsepkt.dts, parsepkt.pos);
                 if (avpkt.data == parsepkt.data) {
                     avpkt.buf = av_buffer_ref(parsepkt.buf);
                     if (!avpkt.buf)
                         error("Failed memory allocation");
                 } else {
                     if (av_packet_make_refcounted(&avpkt) < 0)
                         error("Failed memory allocation");
                 }
                 parsepkt.data += ret;
                 parsepkt.size -= ret;
                 parsepkt.pos  += ret;
                 avpkt.pts = parser->pts;
                 avpkt.dts = parser->dts;
                 avpkt.pos = parser->pos;
                 if ( parser->key_frame == 1 ||
                     (parser->key_frame == -1 && parser->pict_type == AV_PICTURE_TYPE_I))
                     avpkt.flags |= AV_PKT_FLAG_KEY;
                 avpkt.flags |= parsepkt.flags & AV_PKT_FLAG_DISCARD;
             } else {
                 av_packet_move_ref(&avpkt, &parsepkt);
             }

           // Iterate through all data
           while (avpkt.size > 0 && it++ < maxiteration) {
             av_frame_unref(frame);
             int ret = decode_handler(ctx, frame, &got_frame, &avpkt);

             ec_pixels += (ctx->width + 32LL) * (ctx->height + 32LL);
             if (it > 20 || ec_pixels > 4 * ctx->max_pixels)
                 ctx->error_concealment = 0;
             if (ec_pixels > maxpixels)
                 goto maximums_reached;

             nb_samples += frame->nb_samples;
             if (nb_samples > maxsamples)
                 goto maximums_reached;

             if (ret <= 0 || ret > avpkt.size)
                break;
             if (ctx->codec_type != AVMEDIA_TYPE_AUDIO)
                 ret = avpkt.size;
             avpkt.data += ret;
             avpkt.size -= ret;
           }
           av_packet_unref(&avpkt);
         }
         av_packet_unref(&parsepkt);
     }
 maximums_reached:

     av_packet_unref(&avpkt);

     do {
         got_frame = 0;
         av_frame_unref(frame);
         decode_handler(ctx, frame, &got_frame, &avpkt);
     } while (got_frame == 1 && it++ < maxiteration);

     fprintf(stderr, "pixels decoded: %"PRId64", samples decoded: %"PRId64", iterations: %d\n", ec_pixels, nb_samples, it);

     av_frame_free(&frame);
     avcodec_free_context(&ctx);
     avcodec_free_context(&parser_avctx);
     av_parser_close(parser);
     av_packet_unref(&parsepkt);
     av_dict_free(&opts);
     return 0;
 }
FF_SANE_NB_CHANNELS
#define FF_SANE_NB_CHANNELS
Definition: internal.h:97

FF_COMPLIANCE_EXPERIMENTAL
#define FF_COMPLIANCE_EXPERIMENTAL
Allow nonstandardized experimental things.
Definition: avcodec.h:1594

maxiteration
const uint32_t maxiteration
Definition: target_dec_fuzzer.c:92

AV_EF_AGGRESSIVE
#define AV_EF_AGGRESSIVE
consider things that a sane encoder should not do as an error
Definition: avcodec.h:1671

NULL
#define NULL
Definition: coverity.c:32

AV_CODEC_ID_VP9
Definition: codec_id.h:217

GetByteContext
Definition: bytestream.h:33

AV_CODEC_ID_G2M
Definition: codec_id.h:220

AVFrame
This structure describes decoded (raw) audio or video data.
Definition: frame.h:308

data
ptrdiff_t const GLvoid * data
Definition: opengl_enc.c:100

maxsamples
uint64_t maxsamples
Definition: target_dec_fuzzer.c:97

ret
ret
Definition: filter_design.txt:187

imgutils.h
misc image utilities

AV_CODEC_ID_PNG
Definition: codec_id.h:110

AVCodecContext::bit_rate
int64_t bit_rate
the average bitrate
Definition: avcodec.h:576

AVPacket::pos
int64_t pos
byte position in stream, -1 if unknown
Definition: packet.h:375

av_log_set_level
void av_log_set_level(int level)
Set the log level.
Definition: log.c:440

AV_CODEC_ID_GDV
Definition: codec_id.h:280

AV_CODEC_ID_SMACKVIDEO
Definition: codec_id.h:132

AVPacket::size
int size
Definition: packet.h:356

AV_EF_COMPLIANT
#define AV_EF_COMPLIANT
consider all spec non compliances as errors
Definition: avcodec.h:1670

bytestream2_init
static av_always_inline void bytestream2_init(GetByteContext *g, const uint8_t *buf, int buf_size)
Definition: bytestream.h:133

avcodec_decode_audio4
attribute_deprecated int avcodec_decode_audio4(AVCodecContext *avctx, AVFrame *frame, int *got_frame_ptr, const AVPacket *avpkt)
Decode the audio frame of size avpkt->size from avpkt->data into frame.
Definition: decode.c:813

AV_CODEC_ID_QTRLE
Definition: codec_id.h:104

AVCodec::type
enum AVMediaType type
Definition: codec.h:203

av_mallocz
void * av_mallocz(size_t size)
Allocate a memory block with alignment suitable for all memory accesses (including vectors if availab...
Definition: mem.c:237

avcodec_decode_subtitle2
int avcodec_decode_subtitle2(AVCodecContext *avctx, AVSubtitle *sub, int *got_sub_ptr, AVPacket *avpkt)
Decode a subtitle message.
Definition: decode.c:978

AV_CODEC_ID_H264
Definition: codec_id.h:76

AVCodec
AVCodec.
Definition: codec.h:190

AV_CODEC_ID_LSCR
Definition: codec_id.h:290

AVCodecContext::block_align
int block_align
number of bytes per packet if constant and known or 0 Used by some WAV based audio codecs...
Definition: avcodec.h:1223

uint8_t
uint8_t
Definition: audio_convert.c:194

av_frame_alloc
AVFrame * av_frame_alloc(void)
Allocate an AVFrame and set its fields to default values.
Definition: frame.c:190

AV_LOG_PANIC
#define AV_LOG_PANIC
Something went really wrong and we will crash now.
Definition: log.h:181

AV_CODEC_ID_DIRAC
Definition: codec_id.h:165

end
static av_cold int end(AVCodecContext *avctx)
Definition: avrndec.c:90

LLVMFuzzerTestOneInput
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
Definition: target_dec_fuzzer.c:101

AVCodecContext::extradata
uint8_t * extradata
some codecs need / can use extradata like Huffman tables.
Definition: avcodec.h:627

AVPacket::data
uint8_t * data
Definition: packet.h:355

AV_CODEC_ID_TGV
Definition: codec_id.h:169

AV_CODEC_ID_VP7
Definition: codec_id.h:230

it
s EdgeDetect Foobar g libavfilter vf_edgedetect c libavfilter vf_foobar c edit libavfilter and add an entry for foobar following the pattern of the other filters edit libavfilter allfilters and add an entry for foobar following the pattern of the other filters configure make j< whatever > ffmpeg ffmpeg i you should get a foobar png with Lena edge detected That s it
Definition: writing_filters.txt:20

av_packet_move_ref
void av_packet_move_ref(AVPacket *dst, AVPacket *src)
Move every field in src to dst and reset src.
Definition: avpacket.c:663

AV_CODEC_ID_DST
Definition: codec_id.h:493

AV_CODEC_ID_DXV
Definition: codec_id.h:240

avcodec_register
av_cold void avcodec_register(AVCodec *codec)
Register the codec codec and initialize libavcodec.
Definition: allcodecs.c:863

size
ptrdiff_t size
Definition: opengl_enc.c:100

AVCodec::codec_tags
const uint32_t * codec_tags
List of supported codec_tags, terminated by FF_CODEC_TAGS_END.
Definition: codec.h:326

AVCodecContext::bits_per_coded_sample
int bits_per_coded_sample
bits per sample/pixel from the demuxer (needed for huffyuv).
Definition: avcodec.h:1750

avcodec_register_all
void avcodec_register_all(void)
Register all the codecs, parsers and bitstream filters which were enabled at configuration time...
Definition: allcodecs.c:878

AVSubtitle
Definition: avcodec.h:2694

AV_PKT_FLAG_KEY
#define AV_PKT_FLAG_KEY
The packet contains a keyframe.
Definition: packet.h:388

c
static AVCodec * c
Definition: target_dec_fuzzer.c:70

AVCodecParserContext::pict_type
int pict_type
Definition: avcodec.h:3361

AVCodecParserContext::dts
int64_t dts
Definition: avcodec.h:3373

av_new_packet
int av_new_packet(AVPacket *pkt, int size)
Allocate the payload of a packet and initialize its fields with default values.
Definition: avpacket.c:88

AVCodec::id
enum AVCodecID id
Definition: codec.h:204

FUZZ_TAG
static const uint64_t FUZZ_TAG
Definition: target_dec_fuzzer.c:99

AVDictionary
Definition: dict.c:30

AV_CODEC_ID_LAGARITH
Definition: codec_id.h:196

AVCodecID
AVCodecID
Identify the syntax and semantics of the bitstream.
Definition: codec_id.h:46

AVCodecParserContext::pos
int64_t pos
Byte position of currently parsed frame in stream.
Definition: avcodec.h:3463

av_frame_free
void av_frame_free(AVFrame **frame)
Free the frame and any dynamically allocated objects in it, e.g.
Definition: frame.c:203

AV_CODEC_ID_IFF_ILBM
Definition: codec_id.h:185

AVCodecContext::error_concealment
int error_concealment
error concealment flags
Definition: avcodec.h:1601

av_dict_free
void av_dict_free(AVDictionary **pm)
Free all the memory allocated for an AVDictionary struct and all keys and values. ...
Definition: dict.c:203

AVPacket::buf
AVBufferRef * buf
A reference to the reference-counted buffer where the packet data is stored.
Definition: packet.h:338

AVMEDIA_TYPE_AUDIO
Definition: avutil.h:202

avassert.h
simple assert() macros that are a bit more flexible than ISO C assert().

AVCodecContext::max_pixels
int64_t max_pixels
The number of pixels per image to maximally accept.
Definition: avcodec.h:2256

maxpixels_per_frame
const uint64_t maxpixels_per_frame
Definition: target_dec_fuzzer.c:93

AV_CODEC_ID_FFWAVESYNTH
Definition: codec_id.h:480

bytestream.h

AVPacket::flags
int flags
A combination of AV_PKT_FLAG values.
Definition: packet.h:361

opts
AVDictionary * opts
Definition: movenc.c:50

av_image_check_size
int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void *log_ctx)
Check if the given dimension of an image is valid, meaning that all bytes of the image can be address...
Definition: imgutils.c:282

AV_CODEC_ID_MSZH
Definition: codec_id.h:102

AV_PICTURE_TYPE_I
Intra.
Definition: avutil.h:274

AVCodecContext::err_recognition
int err_recognition
Error recognition; may misdetect some more or less valid parts as errors.
Definition: avcodec.h:1655

avcodec_alloc_context3
AVCodecContext * avcodec_alloc_context3(const AVCodec *codec)
Allocate an AVCodecContext and set its fields to default values.
Definition: options.c:172

av_parser_parse2
int av_parser_parse2(AVCodecParserContext *s, AVCodecContext *avctx, uint8_t **poutbuf, int *poutbuf_size, const uint8_t *buf, int buf_size, int64_t pts, int64_t dts, int64_t pos)
Parse a packet.
Definition: parser.c:120

intreadwrite.h

AVCodecInitialize
static AVCodec * AVCodecInitialize(enum AVCodecID codec_id)
Definition: target_dec_fuzzer.c:71

AVCodecContext::width
int width
picture width / height.
Definition: avcodec.h:699

AVCodecContext::idct_algo
int idct_algo
IDCT algorithm, see FF_IDCT_* below.
Definition: avcodec.h:1729

AV_CODEC_ID_APNG
Definition: codec_id.h:260

av_packet_make_refcounted
int av_packet_make_refcounted(AVPacket *pkt)
Ensure the data described by a given packet is reference counted.
Definition: avpacket.c:671

ctx
AVFormatContext * ctx
Definition: movenc.c:48

av_parser_close
void av_parser_close(AVCodecParserContext *s)
Definition: parser.c:224

frame
these buffered frames must be flushed immediately if a new input produces new the filter must not call request_frame to get more It must just process the frame or queue it The task of requesting more frames is left to the filter s request_frame method or the application If a filter has several the filter must be ready for frames arriving randomly on any input any filter with several inputs will most likely require some kind of queuing mechanism It is perfectly acceptable to have a limited queue and to drop frames when the inputs are too unbalanced request_frame For filters that do not use the this method is called when a frame is wanted on an output For a it should directly call filter_frame on the corresponding output For a if there are queued frames already one of these frames should be pushed If the filter should request a frame on one of its repeatedly until at least one frame has been pushed Return or at least make progress towards producing a frame
Definition: filter_design.txt:255

AV_EF_EXPLODE
#define AV_EF_EXPLODE
abort decoding on minor error detection
Definition: avcodec.h:1666

codec_id
enum AVCodecID codec_id
Definition: vaapi_decode.c:369

AV_CODEC_ID_CFHD
Definition: codec_id.h:262

AVCodecContext::height
int height
Definition: avcodec.h:699

error
static void error(const char *err)
Definition: target_dec_fuzzer.c:64

subtitle_handler
static int subtitle_handler(AVCodecContext *avctx, void *frame, int *got_sub_ptr, AVPacket *avpkt)
Definition: target_dec_fuzzer.c:81

AVCodecParserContext
Definition: avcodec.h:3353

av_parser_init
AVCodecParserContext * av_parser_init(int codec_id)
Definition: parser.c:34

avcodec.h
Libavcodec external API header.

AVCodecContext::codec_type
enum AVMediaType codec_type
Definition: avcodec.h:534

avcodec_decode_video2
attribute_deprecated int avcodec_decode_video2(AVCodecContext *avctx, AVFrame *picture, int *got_picture_ptr, const AVPacket *avpkt)
Decode the video frame of size avpkt->size from avpkt->data into picture.
Definition: decode.c:806

avcodec_free_context
void avcodec_free_context(AVCodecContext **avctx)
Free the codec context and everything associated with it and write NULL to the provided pointer...
Definition: options.c:187

AVCodecContext::codec_id
enum AVCodecID codec_id
Definition: avcodec.h:536

AV_CODEC_ID_MOTIONPIXELS
Definition: codec_id.h:168

AVCodecContext::sample_rate
int sample_rate
samples per second
Definition: avcodec.h:1186

AV_CODEC_FLAG2_FAST
#define AV_CODEC_FLAG2_FAST
Allow non spec compliant speedup tricks.
Definition: avcodec.h:348

AVCodecContext
main external API structure.
Definition: avcodec.h:526

av_packet_unref
void av_packet_unref(AVPacket *pkt)
Wipe the packet.
Definition: avpacket.c:605

AV_CODEC_ID_AC3
Definition: codec_id.h:414

AV_CODEC_ID_SNOW
Definition: codec_id.h:258

avsubtitle_free
void avsubtitle_free(AVSubtitle *sub)
Free all allocated data in the given subtitle struct.
Definition: utils.c:1109

AVCodecContext::codec_tag
unsigned int codec_tag
fourcc (LSB first, so "ABCD" -> (&#39;D&#39;<<24) + (&#39;C&#39;<<16) + (&#39;B&#39;<<8) + &#39;A&#39;).
Definition: avcodec.h:551

AV_CODEC_ID_EAC3
Definition: codec_id.h:451

AVCodecContext::max_samples
int64_t max_samples
The number of samples per frame to maximally accept.
Definition: avcodec.h:2344

AVCodecContext::extradata_size
int extradata_size
Definition: avcodec.h:628

AV_EF_CAREFUL
#define AV_EF_CAREFUL
consider things that violate the spec, are fast to calculate and have not been seen in the wild as er...
Definition: avcodec.h:1669

AV_CODEC_ID_RASC
Definition: codec_id.h:286

AV_CODEC_ID_MSS2
Definition: codec_id.h:216

AV_CODEC_ID_SCPR
Definition: codec_id.h:272

avcodec_open2
int avcodec_open2(AVCodecContext *avctx, const AVCodec *codec, AVDictionary **options)
Initialize the AVCodecContext to use the given AVCodec.
Definition: utils.c:549

AVCodecContext::refcounted_frames
attribute_deprecated int refcounted_frames
If non-zero, the decoded audio and video frames returned from avcodec_decode_video2() and avcodec_dec...
Definition: avcodec.h:1357

avcodec_find_decoder
AVCodec * avcodec_find_decoder(enum AVCodecID id)
Find a registered decoder with a matching codec ID.
Definition: allcodecs.c:920

AV_CODEC_ID_SANM
Definition: codec_id.h:231

AV_CODEC_ID_HEVC
Definition: codec_id.h:223

av_frame_unref
void av_frame_unref(AVFrame *frame)
Unreference all the buffers referenced by frame and reset the frame fields.
Definition: frame.c:554

flags
#define flags(name, subs,...)
Definition: cbs_av1.c:560

AV_CODEC_ID_HAP
Definition: codec_id.h:238

AV_CODEC_ID_SCREENPRESSO
Definition: codec_id.h:241

avformat.h
Main libavformat public API header.

int
int
Definition: ffmpeg_filter.c:192

AV_PKT_FLAG_DISCARD
#define AV_PKT_FLAG_DISCARD
Flag is used to discard packets which are required to maintain valid decoder state but are not requir...
Definition: packet.h:395

internal.h
common internal api header.

AV_CODEC_ID_ZEROCODEC
Definition: codec_id.h:210

av_dict_set_int
int av_dict_set_int(AVDictionary **pm, const char *key, int64_t value, int flags)
Convenience wrapper for av_dict_set that converts the value to a string and stores it...
Definition: dict.c:147

av_buffer_ref
AVBufferRef * av_buffer_ref(AVBufferRef *buf)
Create a new reference to an AVBuffer.
Definition: buffer.c:93

av_init_packet
void av_init_packet(AVPacket *pkt)
Initialize optional fields of a packet with default values.
Definition: avpacket.c:35

AV_CODEC_ID_BINKVIDEO
Definition: codec_id.h:184

AV_INPUT_BUFFER_PADDING_SIZE
#define AV_INPUT_BUFFER_PADDING_SIZE
Required number of additionally allocated bytes at the end of the input bitstream for decoding...
Definition: avcodec.h:215

av_free
#define av_free(p)
Definition: tableprint_vlc.h:34

maxpixels
uint64_t maxpixels
Definition: target_dec_fuzzer.c:94

AVCodecContext::channels
int channels
number of audio channels
Definition: avcodec.h:1187

AV_CODEC_ID_INDEO4
Definition: codec_id.h:160

AV_CODEC_ID_MP4ALS
Definition: codec_id.h:456

AV_RN64
#define AV_RN64(p)
Definition: intreadwrite.h:368

AVCodecContext::flags2
int flags2
AV_CODEC_FLAG2_*.
Definition: avcodec.h:613

AVPacket::dts
int64_t dts
Decompression timestamp in AVStream->time_base units; the time at which the packet is decompressed...
Definition: packet.h:354

AVMEDIA_TYPE_VIDEO
Definition: avutil.h:201

AV_CODEC_ID_GIF
Definition: codec_id.h:146

FF_CODEC_TAGS_END
#define FF_CODEC_TAGS_END
AVCodec.codec_tags termination value.
Definition: internal.h:80

av_force_cpu_flags
void av_force_cpu_flags(int arg)
Disables cpu detection and forces the specified flags.
Definition: cpu.c:65

AVCodecParserContext::pts
int64_t pts
Definition: avcodec.h:3372

AVMEDIA_TYPE_SUBTITLE
Definition: avutil.h:204

maxsamples_per_frame
uint64_t maxsamples_per_frame
Definition: target_dec_fuzzer.c:96

AVCodecContext::request_channel_layout
uint64_t request_channel_layout
Request decoder to use this channel layout if it can (0 for default)
Definition: avcodec.h:1244

AV_CODEC_ID_TRUEMOTION2
Definition: codec_id.h:126

AV_CODEC_ID_HNM4_VIDEO
Definition: codec_id.h:222

AVPacket
This structure stores compressed data.
Definition: packet.h:332

AVCodecParserContext::key_frame
int key_frame
Set by parser to 1 for key frames and 0 for non-key frames.
Definition: avcodec.h:3402

AVFrame::nb_samples
int nb_samples
number of audio samples (per channel) described by this frame
Definition: frame.h:374

AV_CODEC_ID_MSRLE
Definition: codec_id.h:94

AVCodecContext::strict_std_compliance
int strict_std_compliance
strictly follow the standard (MPEG-4, ...).
Definition: avcodec.h:1589

AVPacket::pts
int64_t pts
Presentation timestamp in AVStream->time_base units; the time at which the decompressed packet will b...
Definition: packet.h:348

AV_CODEC_ID_APE
Definition: codec_id.h:443

codec_list
AVCodec * codec_list[]