|
|
|
@ -109,6 +109,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { |
|
|
|
int *got_picture_ptr, |
|
|
|
int *got_picture_ptr, |
|
|
|
const AVPacket *avpkt) = NULL; |
|
|
|
const AVPacket *avpkt) = NULL; |
|
|
|
AVCodecParserContext *parser = NULL; |
|
|
|
AVCodecParserContext *parser = NULL; |
|
|
|
|
|
|
|
uint64_t keyframes = 0; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (!c) { |
|
|
|
if (!c) { |
|
|
|
@ -191,6 +192,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { |
|
|
|
ctx->channels = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS; |
|
|
|
ctx->channels = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS; |
|
|
|
ctx->block_align = bytestream2_get_le32(&gbc); |
|
|
|
ctx->block_align = bytestream2_get_le32(&gbc); |
|
|
|
ctx->codec_tag = bytestream2_get_le32(&gbc); |
|
|
|
ctx->codec_tag = bytestream2_get_le32(&gbc); |
|
|
|
|
|
|
|
keyframes = bytestream2_get_le64(&gbc); |
|
|
|
|
|
|
|
|
|
|
|
if (extradata_size < size) { |
|
|
|
if (extradata_size < size) { |
|
|
|
ctx->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE); |
|
|
|
ctx->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE); |
|
|
|
@ -236,6 +238,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { |
|
|
|
if (res < 0) |
|
|
|
if (res < 0) |
|
|
|
error("Failed memory allocation"); |
|
|
|
error("Failed memory allocation"); |
|
|
|
memcpy(parsepkt.data, last, data - last); |
|
|
|
memcpy(parsepkt.data, last, data - last); |
|
|
|
|
|
|
|
parsepkt.flags = (keyframes & 1) * AV_PKT_FLAG_DISCARD + (!!(keyframes & 2)) * AV_PKT_FLAG_KEY; |
|
|
|
|
|
|
|
keyframes = (keyframes >> 2) + (keyframes<<62); |
|
|
|
data += sizeof(fuzz_tag); |
|
|
|
data += sizeof(fuzz_tag); |
|
|
|
last = data; |
|
|
|
last = data; |
|
|
|
|
|
|
|
|
|
|
|
|
Michael Niedermayer
5 years ago