tools/target_{bsf,dec}_fuzzer: convert to new channel layout-API

Signed-off-by: James Almer <jamrial@gmail.com>
3 years ago · 2f8ccca2fa
parent f5ef91e020
commit 2f8ccca2fa
2 changed files with 29 additions and 3 deletions
--- a/tools/target_bsf_fuzzer.c
+++ b/tools/target_bsf_fuzzer.c
@ -85,7 +85,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        extradata_size = bytestream2_get_le32(&gbc);

        bsf->par_in->sample_rate                = bytestream2_get_le32(&gbc);
-        bsf->par_in->channels                   = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;
+        bsf->par_in->ch_layout.nb_channels      = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;
        bsf->par_in->block_align                = bytestream2_get_le32(&gbc);
        keyframes                               = bytestream2_get_le64(&gbc);
        flushpattern                            = bytestream2_get_le64(&gbc);
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@ -242,6 +242,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        GetByteContext gbc;
        int extradata_size;
        int flags;
+        uint64_t request_channel_layout;
        int64_t flags64;

        size -= 1024;
@ -272,7 +273,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        extradata_size = bytestream2_get_le32(&gbc);

        ctx->sample_rate                        = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;
-        ctx->channels                           = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;
+        ctx->ch_layout.channels                 = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;
        ctx->block_align                        = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;
        ctx->codec_tag                          = bytestream2_get_le32(&gbc);
        if (c->codec_tags) {
@ -281,7 +282,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
            ctx->codec_tag = c->codec_tags[ctx->codec_tag % n];
        }
        keyframes                               = bytestream2_get_le64(&gbc);
-        ctx->request_channel_layout             = bytestream2_get_le64(&gbc);
+        request_channel_layout                  = bytestream2_get_le64(&gbc);

        ctx->idct_algo                          = bytestream2_get_byte(&gbc) % 25;
        flushpattern                            = bytestream2_get_le64(&gbc);
@ -300,6 +301,31 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
            }
        }

+        // Keep the deprecated request_channel_layout behavior to ensure old fuzzing failures
+        // remain reproducible.
+        if (request_channel_layout) {
+            switch (ctx->codec_id) {
+            case AV_CODEC_ID_AC3:
+            case AV_CODEC_ID_EAC3:
+            case AV_CODEC_ID_MLP:
+            case AV_CODEC_ID_TRUEHD:
+            case AV_CODEC_ID_DTS:
+                if (request_channel_layout & ~INT64_MIN) {
+                    char *downmix_layout = av_mallocz(19);
+                    if (!downmix_layout)
+                        error("Failed memory allocation");
+                    av_strlcatf(downmix_layout, 19, "0x%"PRIx64, request_channel_layout & ~INT64_MIN);
+                    av_dict_set(&opts, "downmix", downmix_layout, AV_DICT_DONT_STRDUP_VAL);
+                }
+                if (ctx->codec_id != AV_CODEC_ID_DTS)
+                    break;
+            // fall-through
+            case AV_CODEC_ID_DOLBY_E:
+                av_dict_set_int(&opts, "channel_order", !!(request_channel_layout & INT64_MIN), 0);
+                break;
+            }
+        }
+
        flags64 = bytestream2_get_le64(&gbc);
        if (flags64 &1)
            ctx->debug |= FF_DEBUG_SKIP;