X-Git-Url: https://git.sesse.net/?a=blobdiff_plain;f=tools%2Ftarget_dec_fuzzer.c;h=4eb59bd296027842035b3ae5c38b17cf45e7a91d;hb=77e8c959aa0e6bbe2ddfa9a11f3592cde2087f9a;hp=66ee99a91dfec6b8255b6eec2114d2cd56b79395;hpb=3371d0611fcd31e0bc72553d88774512a58bd2ef;p=ffmpeg diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c index 66ee99a91df..4eb59bd2960 100644 --- a/tools/target_dec_fuzzer.c +++ b/tools/target_dec_fuzzer.c @@ -118,17 +118,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { #define DECODER_SYMBOL(CODEC) DECODER_SYMBOL0(CODEC) extern AVCodec DECODER_SYMBOL(FFMPEG_DECODER); codec_list[0] = &DECODER_SYMBOL(FFMPEG_DECODER); - avcodec_register(&DECODER_SYMBOL(FFMPEG_DECODER)); #if FFMPEG_DECODER == tiff || FFMPEG_DECODER == tdsc extern AVCodec DECODER_SYMBOL(mjpeg); codec_list[1] = &DECODER_SYMBOL(mjpeg); - avcodec_register(&DECODER_SYMBOL(mjpeg)); #endif c = &DECODER_SYMBOL(FFMPEG_DECODER); #else - avcodec_register_all(); c = AVCodecInitialize(FFMPEG_CODEC); // Done once. #endif av_log_set_level(AV_LOG_PANIC); @@ -145,10 +142,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { maxpixels = maxpixels_per_frame * maxiteration; maxsamples = maxsamples_per_frame * maxiteration; switch (c->id) { + case AV_CODEC_ID_AGM: maxpixels /= 1024; break; case AV_CODEC_ID_BINKVIDEO: maxpixels /= 32; break; case AV_CODEC_ID_CFHD: maxpixels /= 128; break; case AV_CODEC_ID_DIRAC: maxpixels /= 8192; break; - case AV_CODEC_ID_DST: maxsamples /= 8192; break; + case AV_CODEC_ID_DST: maxsamples /= 1<<20; break; case AV_CODEC_ID_DXV: maxpixels /= 32; break; case AV_CODEC_ID_FFWAVESYNTH: maxsamples /= 16384; break; case AV_CODEC_ID_G2M: maxpixels /= 64; break; @@ -159,12 +157,14 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { case AV_CODEC_ID_HNM4_VIDEO: maxpixels /= 128; break; case AV_CODEC_ID_IFF_ILBM: maxpixels /= 128; break; case AV_CODEC_ID_INDEO4: maxpixels /= 128; break; + case AV_CODEC_ID_LAGARITH: maxpixels /= 1024; break; case AV_CODEC_ID_LSCR: maxpixels /= 16; break; case AV_CODEC_ID_MOTIONPIXELS:maxpixels /= 256; break; case AV_CODEC_ID_MP4ALS: maxsamples /= 65536; break; case AV_CODEC_ID_MSRLE: maxpixels /= 16; break; case AV_CODEC_ID_MSS2: maxpixels /= 16384; break; case AV_CODEC_ID_MSZH: maxpixels /= 128; break; + case AV_CODEC_ID_OPUS: maxsamples /= 16384; break; case AV_CODEC_ID_PNG: maxpixels /= 128; break; case AV_CODEC_ID_APNG: maxpixels /= 128; break; case AV_CODEC_ID_QTRLE: maxpixels /= 16; break; @@ -178,9 +178,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { case AV_CODEC_ID_TRUEMOTION2: maxpixels /= 1024; break; case AV_CODEC_ID_VP7: maxpixels /= 256; break; case AV_CODEC_ID_VP9: maxpixels /= 4096; break; + case AV_CODEC_ID_WMV3IMAGE: maxpixels /= 8192; break; + case AV_CODEC_ID_WS_VQA: maxpixels /= 16384; break; + case AV_CODEC_ID_WMALOSSLESS: maxsamples /= 1024; break; case AV_CODEC_ID_ZEROCODEC: maxpixels /= 128; break; } + maxsamples_per_frame = FFMIN(maxsamples_per_frame, maxsamples); AVCodecContext* ctx = avcodec_alloc_context3(c); AVCodecContext* parser_avctx = avcodec_alloc_context3(NULL); @@ -339,6 +343,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (ec_pixels > maxpixels) goto maximums_reached; + if (ctx->codec_type == AVMEDIA_TYPE_AUDIO && + frame->nb_samples == 0 && !got_frame && + (avpkt.flags & AV_PKT_FLAG_DISCARD)) + nb_samples += ctx->max_samples; + nb_samples += frame->nb_samples; if (nb_samples > maxsamples) goto maximums_reached;