[FFmpeg-devel] [PATCH 06/12] tools/target_dec_fuzzer: Check number of all samples decoded too, like max pixels

Paul B Mahol onemda at gmail.com
Thu Sep 26 10:56:26 EEST 2019 

lgtm

On 9/25/19, Michael Niedermayer <michael at niedermayer.cc> wrote:
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
>  tools/target_dec_fuzzer.c | 7 +++++++
>  1 file changed, 7 insertions(+)
>
> diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
> index 0dc1854738..6c670d8eb9 100644
> --- a/tools/target_dec_fuzzer.c
> +++ b/tools/target_dec_fuzzer.c
> @@ -94,6 +94,7 @@ const uint64_t maxpixels_per_frame = 4096 * 4096;
>  uint64_t maxpixels;
>
>  const uint64_t maxsamples_per_frame = 256*1024*32;
> +uint64_t maxsamples;
>
>  static const uint64_t FUZZ_TAG = 0x4741542D5A5A5546ULL;
>
> @@ -103,6 +104,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t
> size) {
>      const uint8_t *end = data + size;
>      uint32_t it = 0;
>      uint64_t ec_pixels = 0;
> +    uint64_t nb_samples = 0;
>      int (*decode_handler)(AVCodecContext *avctx, AVFrame *picture,
>                            int *got_picture_ptr,
>                            const AVPacket *avpkt) = NULL;
> @@ -131,6 +133,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t
> size) {
>      case AVMEDIA_TYPE_SUBTITLE: decode_handler = subtitle_handler     ;
> break;
>      }
>      maxpixels = maxpixels_per_frame * maxiteration;
> +    maxsamples = maxsamples_per_frame * maxiteration;
>      switch (c->id) {
>          // Allows a small input to generate gigantic output
>      case AV_CODEC_ID_BINKVIDEO: maxpixels /= 32; break;
> @@ -269,6 +272,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t
> size) {
>              if (ec_pixels > maxpixels)
>                  goto maximums_reached;
>
> +            nb_samples += frame->nb_samples;
> +            if (nb_samples > maxsamples)
> +                goto maximums_reached;
> +
>              if (ret <= 0 || ret > avpkt.size)
>                 break;
>              if (ctx->codec_type != AVMEDIA_TYPE_AUDIO)
> --
> 2.23.0
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".

More information about the ffmpeg-devel mailing list