/src/mpv/fuzzers/common.h
Line | Count | Source |
1 | | /* |
2 | | * This file is part of mpv. |
3 | | * |
4 | | * mpv is free software; you can redistribute it and/or |
5 | | * modify it under the terms of the GNU Lesser General Public |
6 | | * License as published by the Free Software Foundation; either |
7 | | * version 2.1 of the License, or (at your option) any later version. |
8 | | * |
9 | | * mpv is distributed in the hope that it will be useful, |
10 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 | | * GNU Lesser General Public License for more details. |
13 | | * |
14 | | * You should have received a copy of the GNU Lesser General Public |
15 | | * License along with mpv. If not, see <http://www.gnu.org/licenses/>. |
16 | | */ |
17 | | |
18 | | #pragma once |
19 | | |
20 | | #include <stdbool.h> |
21 | | #include <stdint.h> |
22 | | #include <stdio.h> |
23 | | #include <stdlib.h> |
24 | | #include <string.h> |
25 | | |
26 | | #include <mpv/client.h> |
27 | | |
28 | 105k | #define MAX_FUZZ_SIZE (100 << 10) // 100 KiB |
29 | | |
30 | | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); |
31 | | |
32 | 102k | #define MPV_STRINGIFY_(X) #X |
33 | 102k | #define MPV_STRINGIFY(X) MPV_STRINGIFY_(X) |
34 | | |
35 | | static inline void check_error(int status) |
36 | 1.09M | { |
37 | 1.09M | if (status < 0) { |
38 | 0 | fprintf(stderr, "mpv API error: %s\n", mpv_error_string(status)); |
39 | 0 | exit(1); |
40 | 0 | } |
41 | 1.09M | } fuzzer_loadfile_direct.c:check_error Line | Count | Source | 36 | 520k | { | 37 | 520k | if (status < 0) { | 38 | | fprintf(stderr, "mpv API error: %s\n", mpv_error_string(status)); | 39 | 0 | exit(1); | 40 | 0 | } | 41 | 520k | } |
Unexecuted instantiation: fuzzer_options_parser.c:check_error fuzzer_load.c:check_error Line | Count | Source | 36 | 353k | { | 37 | 353k | if (status < 0) { | 38 | | fprintf(stderr, "mpv API error: %s\n", mpv_error_string(status)); | 39 | 0 | exit(1); | 40 | 0 | } | 41 | 353k | } |
fuzzer_set_property.c:check_error Line | Count | Source | 36 | 221k | { | 37 | 221k | if (status < 0) { | 38 | | fprintf(stderr, "mpv API error: %s\n", mpv_error_string(status)); | 39 | 0 | exit(1); | 40 | 0 | } | 41 | 221k | } |
Unexecuted instantiation: fuzzer_json.c:check_error |
42 | | |
43 | | static inline bool str_startswith(const char *str, size_t str_len, |
44 | | const char *prefix, size_t prefix_len) |
45 | 51.2k | { |
46 | 51.2k | if (str_len < prefix_len) |
47 | 9 | return false; |
48 | 51.1k | return !memcmp(str, prefix, prefix_len); |
49 | 51.2k | } fuzzer_loadfile_direct.c:str_startswith Line | Count | Source | 45 | 51.2k | { | 46 | 51.2k | if (str_len < prefix_len) | 47 | 9 | return false; | 48 | 51.1k | return !memcmp(str, prefix, prefix_len); | 49 | 51.2k | } |
Unexecuted instantiation: fuzzer_options_parser.c:str_startswith Unexecuted instantiation: fuzzer_load.c:str_startswith Unexecuted instantiation: fuzzer_set_property.c:str_startswith Unexecuted instantiation: fuzzer_json.c:str_startswith |
50 | | |
51 | | static inline void set_fontconfig_sysroot(void) |
52 | 139k | { |
53 | | #ifdef MPV_FONTCONFIG_SYSROOT |
54 | | setenv("FONTCONFIG_SYSROOT", MPV_STRINGIFY(MPV_FONTCONFIG_SYSROOT), 1); |
55 | | #endif |
56 | 139k | } fuzzer_loadfile_direct.c:set_fontconfig_sysroot Line | Count | Source | 52 | 57.8k | { | 53 | | #ifdef MPV_FONTCONFIG_SYSROOT | 54 | | setenv("FONTCONFIG_SYSROOT", MPV_STRINGIFY(MPV_FONTCONFIG_SYSROOT), 1); | 55 | | #endif | 56 | 57.8k | } |
fuzzer_options_parser.c:set_fontconfig_sysroot Line | Count | Source | 52 | 16.0k | { | 53 | | #ifdef MPV_FONTCONFIG_SYSROOT | 54 | | setenv("FONTCONFIG_SYSROOT", MPV_STRINGIFY(MPV_FONTCONFIG_SYSROOT), 1); | 55 | | #endif | 56 | 16.0k | } |
fuzzer_load.c:set_fontconfig_sysroot Line | Count | Source | 52 | 38.4k | { | 53 | | #ifdef MPV_FONTCONFIG_SYSROOT | 54 | | setenv("FONTCONFIG_SYSROOT", MPV_STRINGIFY(MPV_FONTCONFIG_SYSROOT), 1); | 55 | | #endif | 56 | 38.4k | } |
fuzzer_set_property.c:set_fontconfig_sysroot Line | Count | Source | 52 | 27.5k | { | 53 | | #ifdef MPV_FONTCONFIG_SYSROOT | 54 | | setenv("FONTCONFIG_SYSROOT", MPV_STRINGIFY(MPV_FONTCONFIG_SYSROOT), 1); | 55 | | #endif | 56 | 27.5k | } |
Unexecuted instantiation: fuzzer_json.c:set_fontconfig_sysroot |
57 | | |
58 | | #ifndef PLAYBACK_TIME_LIMIT |
59 | 4.67M | #define PLAYBACK_TIME_LIMIT 5 |
60 | | #endif |
61 | | |
62 | | #ifndef EVENTS_LIMIT |
63 | 409k | #define EVENTS_LIMIT 10 |
64 | | #endif |
65 | | |
66 | | static inline void player_loop(mpv_handle *ctx) |
67 | 88.1k | { |
68 | 88.1k | bool playing = false; |
69 | 88.1k | bool loaded = false; |
70 | 88.1k | int timeout = -1; |
71 | 88.1k | int events_limit_after_restart = EVENTS_LIMIT; |
72 | 1.15M | while (1) { |
73 | 1.15M | mpv_event *event = mpv_wait_event(ctx, timeout); |
74 | | // If some events are spamming, like audio-reconfig preventing our |
75 | | // timeout to trigger stop after N events. |
76 | 1.15M | if (timeout == PLAYBACK_TIME_LIMIT && events_limit_after_restart-- < 0) |
77 | 534 | break; |
78 | 1.15M | if (timeout == PLAYBACK_TIME_LIMIT && event->event_id == MPV_EVENT_NONE) |
79 | 66 | break; |
80 | 1.15M | if (event->event_id == MPV_EVENT_START_FILE) |
81 | 321k | loaded = playing = true; |
82 | 1.15M | if (event->event_id == MPV_EVENT_END_FILE) { |
83 | 321k | playing = false; |
84 | 321k | events_limit_after_restart = EVENTS_LIMIT; |
85 | 321k | timeout = -1; |
86 | 321k | } |
87 | 1.15M | if (playing && event->event_id == MPV_EVENT_PLAYBACK_RESTART) |
88 | 57.0k | timeout = PLAYBACK_TIME_LIMIT; |
89 | 1.15M | if (loaded && event->event_id == MPV_EVENT_IDLE) |
90 | 87.5k | break; |
91 | 1.15M | } |
92 | 88.1k | } fuzzer_loadfile_direct.c:player_loop Line | Count | Source | 67 | 57.8k | { | 68 | 57.8k | bool playing = false; | 69 | 57.8k | bool loaded = false; | 70 | 57.8k | int timeout = -1; | 71 | 57.8k | int events_limit_after_restart = EVENTS_LIMIT; | 72 | 842k | while (1) { | 73 | 842k | mpv_event *event = mpv_wait_event(ctx, timeout); | 74 | | // If some events are spamming, like audio-reconfig preventing our | 75 | | // timeout to trigger stop after N events. | 76 | 842k | if (timeout == PLAYBACK_TIME_LIMIT && events_limit_after_restart-- < 0) | 77 | 363 | break; | 78 | 842k | if (timeout == PLAYBACK_TIME_LIMIT && event->event_id == MPV_EVENT_NONE) | 79 | 0 | break; | 80 | 842k | if (event->event_id == MPV_EVENT_START_FILE) | 81 | 291k | loaded = playing = true; | 82 | 842k | if (event->event_id == MPV_EVENT_END_FILE) { | 83 | 291k | playing = false; | 84 | 291k | events_limit_after_restart = EVENTS_LIMIT; | 85 | 291k | timeout = -1; | 86 | 291k | } | 87 | 842k | if (playing && event->event_id == MPV_EVENT_PLAYBACK_RESTART) | 88 | 31.0k | timeout = PLAYBACK_TIME_LIMIT; | 89 | 842k | if (loaded && event->event_id == MPV_EVENT_IDLE) | 90 | 57.4k | break; | 91 | 842k | } | 92 | 57.8k | } |
Unexecuted instantiation: fuzzer_options_parser.c:player_loop Unexecuted instantiation: fuzzer_load.c:player_loop fuzzer_load.c:player_loop Line | Count | Source | 67 | 20.4k | { | 68 | 20.4k | bool playing = false; | 69 | 20.4k | bool loaded = false; | 70 | 20.4k | int timeout = -1; | 71 | 20.4k | int events_limit_after_restart = EVENTS_LIMIT; | 72 | 177k | while (1) { | 73 | 177k | mpv_event *event = mpv_wait_event(ctx, timeout); | 74 | | // If some events are spamming, like audio-reconfig preventing our | 75 | | // timeout to trigger stop after N events. | 76 | 177k | if (timeout == PLAYBACK_TIME_LIMIT && events_limit_after_restart-- < 0) | 77 | 171 | break; | 78 | 177k | if (timeout == PLAYBACK_TIME_LIMIT && event->event_id == MPV_EVENT_NONE) | 79 | 34 | break; | 80 | 177k | if (event->event_id == MPV_EVENT_START_FILE) | 81 | 20.4k | loaded = playing = true; | 82 | 177k | if (event->event_id == MPV_EVENT_END_FILE) { | 83 | 20.2k | playing = false; | 84 | 20.2k | events_limit_after_restart = EVENTS_LIMIT; | 85 | 20.2k | timeout = -1; | 86 | 20.2k | } | 87 | 177k | if (playing && event->event_id == MPV_EVENT_PLAYBACK_RESTART) | 88 | 16.0k | timeout = PLAYBACK_TIME_LIMIT; | 89 | 177k | if (loaded && event->event_id == MPV_EVENT_IDLE) | 90 | 20.2k | break; | 91 | 177k | } | 92 | 20.4k | } |
Unexecuted instantiation: fuzzer_set_property.c:player_loop Unexecuted instantiation: fuzzer_json.c:player_loop fuzzer_set_property.c:player_loop Line | Count | Source | 67 | 9.92k | { | 68 | 9.92k | bool playing = false; | 69 | 9.92k | bool loaded = false; | 70 | 9.92k | int timeout = -1; | 71 | 9.92k | int events_limit_after_restart = EVENTS_LIMIT; | 72 | 134k | while (1) { | 73 | 134k | mpv_event *event = mpv_wait_event(ctx, timeout); | 74 | | // If some events are spamming, like audio-reconfig preventing our | 75 | | // timeout to trigger stop after N events. | 76 | 134k | if (timeout == PLAYBACK_TIME_LIMIT && events_limit_after_restart-- < 0) | 77 | 0 | break; | 78 | 134k | if (timeout == PLAYBACK_TIME_LIMIT && event->event_id == MPV_EVENT_NONE) | 79 | 32 | break; | 80 | 134k | if (event->event_id == MPV_EVENT_START_FILE) | 81 | 9.92k | loaded = playing = true; | 82 | 134k | if (event->event_id == MPV_EVENT_END_FILE) { | 83 | 9.89k | playing = false; | 84 | 9.89k | events_limit_after_restart = EVENTS_LIMIT; | 85 | 9.89k | timeout = -1; | 86 | 9.89k | } | 87 | 134k | if (playing && event->event_id == MPV_EVENT_PLAYBACK_RESTART) | 88 | 9.91k | timeout = PLAYBACK_TIME_LIMIT; | 89 | 134k | if (loaded && event->event_id == MPV_EVENT_IDLE) | 90 | 9.89k | break; | 91 | 134k | } | 92 | 9.92k | } |
|