From patchwork Fri Nov 24 19:45:47 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Derek Buitenhuis <derek.buitenhuis@gmail.com>
X-Patchwork-Id: 6342
Delivered-To: ffmpegpatchwork@gmail.com
Received: by 10.2.161.94 with SMTP id m30csp2623035jah;
	Fri, 24 Nov 2017 11:54:52 -0800 (PST)
X-Google-Smtp-Source: 
 AGs4zMaxBkpqM+8FrgpeLpZbCJzRzLuaAAl8QsU5m6s8wGz5cPJ7TZhapMCyYzuUwAcdeaKDpApA
X-Received: by 10.223.143.50 with SMTP id p47mr23380813wrb.104.1511553292182;
	Fri, 24 Nov 2017 11:54:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1511553292; cv=none;
	d=google.com; s=arc-20160816;
	b=sl/boO9Xq5TUywZE0SypHpNddS5HYMnycv+1cSfXCspy+nyoI15lsJQKOcXP+wXGEl
	RVv/7CO+UH9D8uuFO7bUsrUz5kQVAn14He6jq2zKoo7TcUNTDDZtJRZcdIJw6yEMNEFH
	eoxJtgcbMpEi2NyGDm9e7Xux/7ogSeJobGWpliVq2JACYgGhQAu0cAjasOCQR4z4qmJ8
	afMLSfwsrL/HDC49S3NEPnwv/vrOj4sTAjNUTtwLcMfxCYIqaj5PwBULFwTjBacy/sZf
	i8xU9ifQ7jjaFuaRJLTKQvkPxlHbxJgsNZ5l/BTVnRkuBgx6sfpkYZ2k5KzoJlpgQRCE
	MVjg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
	:list-subscribe:list-help:list-post:list-archive:list-unsubscribe
	:list-id:precedence:subject:references:in-reply-to:message-id:date
	:to:from:dkim-signature:delivered-to:arc-authentication-results;
	bh=4zeTMfdIrl/GrmP6bNQ9OS9n0AxAF8DiOU8NiEyxeK4=;
	b=B5uj4DSMCrlU9+fCpP8FwQEgPE1fCBYKR3edpe/4x+e/aZWBqQcRyzEHqXVpDozA0p
	w55VsryWTH/gsc0vj3dqtnn5/qzMDUrWwsZxm8KLZCTeG51AkzcQcEvZUUZlCNd7KK6U
	CrtrHlXMTwq3FMG5YmWIHtgG6t/AfQGL1uOMe/5AxSxDiYoqz1WECI4cfm9cEfwSyANm
	uCL4xd7VSRNz0+55P73yaqY5s4exjF1ZmsE3zexJNAosjYwfJjY1B9b/qjKnPqpVGBzz
	ThCsVeVJ8ABv4OcmYKSa66JgMz4lIcnA2JizgHBO82QbAez4d28xRK4/9Q+48f1xJQE1
	M9Zw==
ARC-Authentication-Results: i=1; mx.google.com;
	dkim=neutral (body hash did not verify) header.i=@gmail.com
	header.s=20161025 header.b=ipOzwCxF;
	spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
	designates 79.124.17.100 as permitted sender)
	smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
	dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
	by mx.google.com with ESMTP id k9si7177256wmb.101.2017.11.24.11.54.51;
	Fri, 24 Nov 2017 11:54:52 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
	designates 79.124.17.100 as permitted sender)
	client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
	dkim=neutral (body hash did not verify) header.i=@gmail.com
	header.s=20161025 header.b=ipOzwCxF;
	spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
	designates 79.124.17.100 as permitted sender)
	smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
	dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 93BF168A1FC;
	Fri, 24 Nov 2017 21:54:49 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mail-wr0-f196.google.com (mail-wr0-f196.google.com
	[209.85.128.196])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 159B368A183
	for <ffmpeg-devel@ffmpeg.org>; Fri, 24 Nov 2017 21:54:43 +0200 (EET)
Received: by mail-wr0-f196.google.com with SMTP id k18so16277700wre.1
	for <ffmpeg-devel@ffmpeg.org>; Fri, 24 Nov 2017 11:54:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:subject:date:message-id:in-reply-to:references;
	bh=FtXVInUbjQvnkTeqH/Mmr96M4rwThTjLv/7N28WvYE8=;
	b=ipOzwCxFt/W6maieToP8c8Mggh16bjlxxNluA24vhdWrmjcmRcXHKCTkbdhOr/0th7
	WcGUn6ukJm3RsyMWbIQtMhSmCb+FcTawOYYCpSb7KrIx2Y0i7R318NBjDj8iVdYU79pz
	CkJ3hhhLuO9x7NijblioWYROMkuI/77yxd99C0Si3naJfDfFjwG7C+x315VGZauaW9oa
	8KgEdw4QWHjchBHG2qhAUV/8m7iHv7/mHaWdlSh1uP9ff4GH24zmkqUQLwRKYMlQ0IRQ
	DG0ssQCEIVqv375KdYFpuO2VF5i6gkrQoTFpmwR2l+kQK9VsX+mQajPfNxyy/O+Cb1/E
	BLpA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references;
	bh=FtXVInUbjQvnkTeqH/Mmr96M4rwThTjLv/7N28WvYE8=;
	b=kqqnoYy8voE91pK9Xhuek1O880Prqk6ogMZZo/1Z68K5mgsuLCZ02PA+wNp1YOwDUk
	haBCEozZMzWRNUuzgLaW6eXQbELwUTaDoicshhTg6yndLkJXlCjMz/oybGP8uUyPQOx9
	juRBVOV76w4gZkKQuh4MyoYNUF6Om6gWr+NJbp/6BLOF3FsK90487HofFurwCTdIE2AZ
	6S9dsjQkFQ3AGVUuZwFj8Ow0dLHNuB+yCc/6JvicNDc/kSCqKxDyIjlBcboejY6ACfVR
	MfT9/sdrQ5bkYlPs82ALFXQKCfBVs8ZCcUX4g4dz3mm963+zRhuMYorudDW9uprSUH78
	haUQ==
X-Gm-Message-State: AJaThX6jTaHhBt56sfBOhQ7snbTXqSzclKe9d7BLKZDXIkb4rUFFRz0R
	crR34ccUKbyRq2Ro9hDNUcO5Fi8g
X-Received: by 10.223.184.125 with SMTP id u58mr22375748wrf.33.1511552826354;
	Fri, 24 Nov 2017 11:47:06 -0800 (PST)
Received: from localhost.localdomain ([149.12.3.113])
	by smtp.gmail.com with ESMTPSA id
	d63sm29497804wmh.3.2017.11.24.11.47.05
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Fri, 24 Nov 2017 11:47:05 -0800 (PST)
From: Derek Buitenhuis <derek.buitenhuis@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Date: Fri, 24 Nov 2017 19:45:47 +0000
Message-Id: <20171124194547.13380-2-derek.buitenhuis@gmail.com>
X-Mailer: git-send-email 2.15.0
In-Reply-To: <20171124194547.13380-1-derek.buitenhuis@gmail.com>
References: <20171124194547.13380-1-derek.buitenhuis@gmail.com>
Subject: [FFmpeg-devel] [PATCH 1/1][NO NOT APPLY] Allocation NULL check
	fuzzing tool
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <http://ffmpeg.org/mailman/options/ffmpeg-devel>,
	<mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <http://ffmpeg.org/pipermail/ffmpeg-devel/>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <http://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
	<mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches
	<ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
---
 libavutil/mem.c           |  4 ++-
 libavutil/posixmemalign.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 89 insertions(+), 1 deletion(-)
 create mode 100644 libavutil/posixmemalign.c

diff --git a/libavutil/mem.c b/libavutil/mem.c
index 6ad409daf4..0d9ab3d230 100644
--- a/libavutil/mem.c
+++ b/libavutil/mem.c
@@ -43,6 +43,8 @@
 #include "intreadwrite.h"
 #include "mem.h"
 
+#include "posixmemalign.c"
+
 #ifdef MALLOC_PREFIX
 
 #define malloc         AV_JOIN(MALLOC_PREFIX, malloc)
@@ -84,7 +86,7 @@ void *av_malloc(size_t size)
 
 #if HAVE_POSIX_MEMALIGN
     if (size) //OS X on SDK 10.6 has a broken posix_memalign implementation
-    if (posix_memalign(&ptr, ALIGN, size))
+    if (my_posix_memalign(&ptr, ALIGN, size))
         ptr = NULL;
 #elif HAVE_ALIGNED_MALLOC
     ptr = _aligned_malloc(size, ALIGN);
diff --git a/libavutil/posixmemalign.c b/libavutil/posixmemalign.c
new file mode 100644
index 0000000000..b1970add7b
--- /dev/null
+++ b/libavutil/posixmemalign.c
@@ -0,0 +1,86 @@
+/*
+ * posix_memalign wrapper with random failurres
+ *
+ * Copyright (c) 2013, Derek Buitenhuis
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#define _GNU_SOURCE
+
+#include <dlfcn.h>
+#include <inttypes.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <time.h>
+#include <unistd.h>
+
+#include <backtrace.h>
+
+static void errprint(void *data, const char *msg, int errnum)
+{
+    fprintf(stderr, "ERROR: %s.\n", msg);
+}
+
+static int stackprint(void *data, uintptr_t pc, const char *filename, int lineno, const char *function)
+{
+    fprintf(stderr, "%s:%d in %s\n", function, lineno, filename);
+    return 0;
+}
+
+static int my_posix_memalign(void **memptr, size_t alignment, size_t size)
+{
+    static time_t   seed      = 0;
+    static int      prob      = 0;
+    static uint64_t iteration = 0;
+    int ret;
+
+    struct backtrace_state *state = backtrace_create_state("", 1, errprint, NULL);
+
+    if (state == NULL)
+        abort();
+
+    if (!seed) {
+        char *usertime = getenv("MALLOC_SEED");
+
+        if (!usertime)
+            seed = time(NULL);
+        else
+            seed = atoi(usertime);
+
+        srand(seed);
+    }
+
+    if (!prob) {
+        char *userprob = getenv("MALLOC_FAILPROB");
+
+        if (!userprob)
+            prob = 10000;
+        else
+            prob = atoi(userprob);
+    }
+
+    if (!(rand() % prob)) {
+        fprintf(stderr,
+                "\nFAILED. Iteration = %"PRId64", Seed = %lld.\n\n",
+                iteration, (long long) seed);
+        backtrace_full(state, 0, stackprint, errprint, NULL);
+        ret = 0;
+    } else {
+        ret = posix_memalign(memptr, alignment, size);
+    }
+
+    iteration++;
+
+    return ret;
+}