[FFmpeg-cvslog] tools/target_dec_fuzzer: Fuzz private options of AC3/E-AC3
Michael Niedermayer
git at videolan.org
Tue Jan 21 22:41:57 EET 2020
ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Sun Dec 29 17:09:44 2019 +0100| [4b733a7f5feadbd35a18b4463ebe34f2ca9b4a00] | committer: Michael Niedermayer
tools/target_dec_fuzzer: Fuzz private options of AC3/E-AC3
This should improve AC-3 coverage
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4b733a7f5feadbd35a18b4463ebe34f2ca9b4a00
---
tools/target_dec_fuzzer.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index d6dc7a44a4..281decae94 100644
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -110,7 +110,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
const AVPacket *avpkt) = NULL;
AVCodecParserContext *parser = NULL;
uint64_t keyframes = 0;
-
+ AVDictionary *opts = NULL;
if (!c) {
#ifdef FFMPEG_DECODER
@@ -216,6 +216,19 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
ctx->idct_algo = bytestream2_get_byte(&gbc) % 25;
+ if (flags & 0x20) {
+ switch (ctx->codec_id) {
+ case AV_CODEC_ID_AC3:
+ case AV_CODEC_ID_EAC3:
+ av_dict_set_int(&opts, "cons_noisegen", bytestream2_get_byte(&gbc) & 1, 0);
+ av_dict_set_int(&opts, "heavy_compr", bytestream2_get_byte(&gbc) & 1, 0);
+ av_dict_set_int(&opts, "target_level", (int)(bytestream2_get_byte(&gbc) % 32) - 31, 0);
+ av_dict_set_int(&opts, "dmix_mode", (int)(bytestream2_get_byte(&gbc) % 4) - 1, 0);
+ break;
+ }
+ }
+
+
if (extradata_size < size) {
ctx->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE);
if (ctx->extradata) {
@@ -228,11 +241,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
ctx->width = ctx->height = 0;
}
- int res = avcodec_open2(ctx, c, NULL);
+ int res = avcodec_open2(ctx, c, &opts);
if (res < 0) {
avcodec_free_context(&ctx);
av_free(parser_avctx);
av_parser_close(parser);
+ av_dict_free(&opts);
return 0; // Failure of avcodec_open2() does not imply that a issue was found
}
parser_avctx->codec_id = ctx->codec_id;
@@ -337,5 +351,6 @@ maximums_reached:
avcodec_free_context(&parser_avctx);
av_parser_close(parser);
av_packet_unref(&parsepkt);
+ av_dict_free(&opts);
return 0;
}
More information about the ffmpeg-cvslog
mailing list