/src/mozilla-central/media/libaom/test/fuzztest/av1_fuzzer.cpp

Source (jump to first uncovered line)
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=2 et sw=2 tw=80: */
/* Copyright 2018 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License. */

/* This file was originally imported from Google's oss-fuzz project at
 * https://github.com/google/oss-fuzz/tree/master/projects/libaom */

#define DECODE_MODE 1
#include "FuzzingInterface.h"

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <memory>

#include "aom/aom_decoder.h"
#include "aom/aomdx.h"
#include "aom_ports/mem_ops.h"
#include "common/ivfdec.h"

static const char *const kIVFSignature = "DKIF";

static void close_file(FILE *file) { fclose(file); }

void usage_exit(void) { exit(EXIT_FAILURE); }

static int
LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
  std::unique_ptr<FILE, decltype(&close_file)> file(
    fmemopen((void *)data, size, "rb"), &close_file);

  if (file == nullptr) {
    return 0;
  }

  char header[32];
  if (fread(header, 1, 32, file.get()) != 32) {
    return 0;
  }

  const AvxInterface *decoder = get_aom_decoder_by_name("av1");
  if (decoder == nullptr) {
    return 0;
  }

  aom_codec_ctx_t codec;
#if defined(DECODE_MODE)
  const int threads = 1;
#elif defined(DECODE_MODE_threaded)
  const int threads = 16;
#else
#error define one of DECODE_MODE or DECODE_MODE_threaded
#endif
  aom_codec_dec_cfg_t cfg = {threads, 0, 0};
  if (aom_codec_dec_init(&codec, decoder->codec_interface(), &cfg, 0)) {
    return 0;
  }

  int frame_in_cnt = 0;
  int frame_out_cnt = 0;
  uint8_t *buffer = nullptr;
  size_t buffer_size = 0;
  size_t frame_size = 0;
  while (!ivf_read_frame(file.get(), &buffer, &frame_size, &buffer_size,
                         nullptr)) {
    const aom_codec_err_t err =
        aom_codec_decode(&codec, buffer, frame_size, nullptr);
    ++frame_in_cnt;
    aom_codec_iter_t iter = nullptr;
    aom_image_t *img = nullptr;
    while ((img = aom_codec_get_frame(&codec, &iter)) != nullptr) {
      ++frame_out_cnt;
    }
  }
  aom_codec_destroy(&codec);
  free(buffer);
  return 0;
}

MOZ_FUZZING_INTERFACE_RAW(nullptr, LLVMFuzzerTestOneInput, AV1Decode);

Line	Count	Source (jump to first uncovered line)
1		/* -- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -- */
2		/* vim: set ts=2 et sw=2 tw=80: */
3		/* Copyright 2018 Google Inc.
4		*
5		* Licensed under the Apache License, Version 2.0 (the "License");
6		* you may not use this file except in compliance with the License.
7		* You may obtain a copy of the License at
8		*
9		* http://www.apache.org/licenses/LICENSE-2.0
10		*
11		* Unless required by applicable law or agreed to in writing, software
12		* distributed under the License is distributed on an "AS IS" BASIS,
13		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14		* See the License for the specific language governing permissions and
15		* limitations under the License. */
16
17		/* This file was originally imported from Google's oss-fuzz project at
18		* https://github.com/google/oss-fuzz/tree/master/projects/libaom */
19
20		#define DECODE_MODE 1
21		#include "FuzzingInterface.h"
22
23		#include <stdio.h>
24		#include <stdlib.h>
25		#include <string.h>
26		#include <memory>
27
28		#include "aom/aom_decoder.h"
29		#include "aom/aomdx.h"
30		#include "aom_ports/mem_ops.h"
31		#include "common/ivfdec.h"
32
33		static const char *const kIVFSignature = "DKIF";
34
35	0	static void close_file(FILE *file) { fclose(file); }
36
37	0	void usage_exit(void) { exit(EXIT_FAILURE); }
38
39		static int
40	0	LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
41	0	std::unique_ptr<FILE, decltype(&close_file)> file(
42	0	fmemopen((void *)data, size, "rb"), &close_file);
43	0
44	0	if (file == nullptr) {
45	0	return 0;
46	0	}
47	0
48	0	char header[32];
49	0	if (fread(header, 1, 32, file.get()) != 32) {
50	0	return 0;
51	0	}
52	0
53	0	const AvxInterface *decoder = get_aom_decoder_by_name("av1");
54	0	if (decoder == nullptr) {
55	0	return 0;
56	0	}
57	0
58	0	aom_codec_ctx_t codec;
59	0	#if defined(DECODE_MODE)
60	0	const int threads = 1;
61		#elif defined(DECODE_MODE_threaded)
62		const int threads = 16;
63		#else
64		#error define one of DECODE_MODE or DECODE_MODE_threaded
65		#endif
66		aom_codec_dec_cfg_t cfg = {threads, 0, 0};
67	0	if (aom_codec_dec_init(&codec, decoder->codec_interface(), &cfg, 0)) {
68	0	return 0;
69	0	}
70	0
71	0	int frame_in_cnt = 0;
72	0	int frame_out_cnt = 0;
73	0	uint8_t *buffer = nullptr;
74	0	size_t buffer_size = 0;
75	0	size_t frame_size = 0;
76	0	while (!ivf_read_frame(file.get(), &buffer, &frame_size, &buffer_size,
77	0	nullptr)) {
78	0	const aom_codec_err_t err =
79	0	aom_codec_decode(&codec, buffer, frame_size, nullptr);
80	0	++frame_in_cnt;
81	0	aom_codec_iter_t iter = nullptr;
82	0	aom_image_t *img = nullptr;
83	0	while ((img = aom_codec_get_frame(&codec, &iter)) != nullptr) {
84	0	++frame_out_cnt;
85	0	}
86	0	}
87	0	aom_codec_destroy(&codec);
88	0	free(buffer);
89	0	return 0;
90	0	}
91
92		MOZ_FUZZING_INTERFACE_RAW(nullptr, LLVMFuzzerTestOneInput, AV1Decode);

Coverage Report

Created: 2018-09-25 14:53