videolan/dav1d
1
Fork 0
mirror of https://code.videolan.org/videolan/dav1d synced 2024-11-14 22:58:33 +01:00
Code Releases Activity

fuzzer: use dav1d_parse_sequence_header()

Browse Source 
Should increase function coverage in oss-fuzz to 100%.
This commit is contained in:
Janne Grunau 2018-11-26 12:50:25 +01:00
parent b7c64ad691
commit bbcaf41155
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
tests/libfuzzer/dav1d_fuzzer.c
View File

@ -61,6 +61,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
Dav1dContext * ctx = NULL;
Dav1dPicture pic;
const uint8_t *ptr = data;
int have_seq_hdr = 0;
int err;
dav1d_version();
@ -102,6 +103,17 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
if (!frame_size) continue;
if (!have_seq_hdr) {
Dav1dSequenceHeader seq = { 0 };
int err = dav1d_parse_sequence_header(&seq, ptr, frame_size);
// skip frames until we see a sequence header
if (err != 0) {
ptr += frame_size;
continue;
}
have_seq_hdr = 1;
}
// copy frame data to a new buffer to catch reads past the end of input
p = dav1d_data_create(&buf, frame_size);
if (!p) goto cleanup;