]> git.sesse.net Git - ffmpeg/commitdiff
projects / ffmpeg / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f5a61a1)
tools:target_dem_fuzzer: Split into a fuzzer fuzzing at the protocol level and one...
authorMichael Niedermayer <michael@niedermayer.cc>
Sun, 19 Jul 2020 15:54:10 +0000 (17:54 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Sun, 13 Sep 2020 08:40:02 +0000 (10:40 +0200)
This should improve coverage and should improve the efficiency of seed files

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Makefile patch | blob | history
tools/Makefile patch | blob | history
tools/target_dem_fuzzer.c patch | blob | history

diff --git a/Makefile b/Makefile
index 45a22b0cb3c89a870d8394a6f7ac2874e74356ba..6a0dabfc5a7d1045d9476a302fbaffc51e08bf4a 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -56,6 +56,9 @@ tools/target_bsf_%_fuzzer$(EXESUF): tools/target_bsf_%_fuzzer.o $(FF_DEP_LIBS)
 tools/target_dem_fuzzer$(EXESUF): tools/target_dem_fuzzer.o $(FF_DEP_LIBS)
        $(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) $(LIBFUZZER_PATH)
 
+tools/target_io_dem_fuzzer$(EXESUF): tools/target_io_dem_fuzzer.o $(FF_DEP_LIBS)
+       $(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) $(LIBFUZZER_PATH)
+
 tools/sofa2wavs$(EXESUF): ELIBS = $(FF_EXTRALIBS)
 tools/uncoded_frame$(EXESUF): $(FF_DEP_LIBS)
 tools/uncoded_frame$(EXESUF): ELIBS = $(FF_EXTRALIBS)
diff --git a/tools/Makefile b/tools/Makefile
index 001093105ba40cd9e769e7b523cc67b269b62b74..88d64ce6d25531d5d98f57b6664338d8018e3832 100644 (file)
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -9,7 +9,10 @@ tools/target_bsf_%_fuzzer.o: tools/target_bsf_fuzzer.c
        $(COMPILE_C) -DFFMPEG_BSF=$*
 
 tools/target_dem_fuzzer.o: tools/target_dem_fuzzer.c
-       $(COMPILE_C)
+       $(COMPILE_C) -DIO_FLAT=1
+
+tools/target_io_dem_fuzzer.o: tools/target_dem_fuzzer.c
+       $(COMPILE_C) -DIO_FLAT=0
 
 OUTDIRS += tools
 
diff --git a/tools/target_dem_fuzzer.c b/tools/target_dem_fuzzer.c
index b8356c5aa1e137afc3f50da671c7362ce0fcc324..eefb5c5fa39198a7110835e623df9b2e279e365e 100644 (file)
--- a/tools/target_dem_fuzzer.c
+++ b/tools/target_dem_fuzzer.c
@@ -76,6 +76,10 @@ static int64_t io_seek(void *opaque, int64_t offset, int whence)
     }
     if (offset < 0 || offset > c->filesize)
         return -1;
+    if (IO_FLAT) {
+        c->fuzz      += offset - c->pos;
+        c->fuzz_size -= offset - c->pos;
+    }
     c->pos = offset;
     return 0;
 }
@@ -110,7 +114,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     if (!avfmt)
         error("Failed avformat_alloc_context()");
 
-    if (size > 2048) {
+    if (IO_FLAT) {
+        seekable = 1;
+        io_buffer_size = size;
+    } else if (size > 2048) {
         int flags;
         char extension[64];
 
Unnamed repository; edit this file 'description' to name the repository.