tools/target_dec_fuzzer: Call avcodec_flush_buffers() in a fuzzer choosen pattern

This should increase coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>

diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index 4eb59bd296027842035b3ae5c38b17cf45e7a91d..11530cbf7927c96185134abaadbecbe4ab1d5fd6 100644 (file)
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -110,6 +110,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
                           const AVPacket *avpkt) = NULL;
     AVCodecParserContext *parser = NULL;
     uint64_t keyframes = 0;
+    uint64_t flushpattern = -1;
     AVDictionary *opts = NULL;
 
     if (!c) {
@@ -239,6 +240,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         ctx->request_channel_layout             = bytestream2_get_le64(&gbc);
 
         ctx->idct_algo                          = bytestream2_get_byte(&gbc) % 25;
+        flushpattern                            = bytestream2_get_le64(&gbc);
 
         if (flags & 0x20) {
             switch (ctx->codec_id) {
@@ -332,6 +334,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
                 av_packet_move_ref(&avpkt, &parsepkt);
             }
 
+          if (!(flushpattern & 7))
+              avcodec_flush_buffers(ctx);
+          flushpattern = (flushpattern >> 3) + (flushpattern << 61);
+
           // Iterate through all data
           while (avpkt.size > 0 && it++ < maxiteration) {
             av_frame_unref(frame);