diff mbox series

[FFmpeg-devel,6/6] tools:target_dem_fuzzer: Split into a fuzzer fuzzing at the protocol level and one fuzzing a fixed demuxer input

Message ID 20200719174218.30659-6-michael@niedermayer.cc
State Accepted
Commit e3af2a07562c020c960f40bee00f9a78a8b9baf8
Headers show
Series [FFmpeg-devel,1/6] avformat/wc3movie: Move wc3_read_close() up | expand

Checks

Context Check Description
andriy/default pending
andriy/make success Make finished
andriy/make_fate success Make fate finished

Commit Message

Michael Niedermayer July 19, 2020, 5:42 p.m. UTC 
This should improve coverage and should improve the efficiency of seed files

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 Makefile                  | 3 +++
 tools/Makefile            | 5 ++++-
 tools/target_dem_fuzzer.c | 9 ++++++++-
 3 files changed, 15 insertions(+), 2 deletions(-)

Comments

Michael Niedermayer Sept. 12, 2020, 10:56 p.m. UTC | #1 
On Sun, Jul 19, 2020 at 07:42:18PM +0200, Michael Niedermayer wrote:
> This should improve coverage and should improve the efficiency of seed files
> 
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  Makefile                  | 3 +++
>  tools/Makefile            | 5 ++++-
>  tools/target_dem_fuzzer.c | 9 ++++++++-
>  3 files changed, 15 insertions(+), 2 deletions(-)

will apply


[...]
diff mbox series

Patch

diff --git a/Makefile b/Makefile
index 45a22b0cb3..6a0dabfc5a 100644
--- a/Makefile
+++ b/Makefile
@@ -56,6 +56,9 @@  tools/target_bsf_%_fuzzer$(EXESUF): tools/target_bsf_%_fuzzer.o $(FF_DEP_LIBS)
 tools/target_dem_fuzzer$(EXESUF): tools/target_dem_fuzzer.o $(FF_DEP_LIBS)
 	$(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) $(LIBFUZZER_PATH)
 
+tools/target_io_dem_fuzzer$(EXESUF): tools/target_io_dem_fuzzer.o $(FF_DEP_LIBS)
+	$(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) $(LIBFUZZER_PATH)
+
 tools/sofa2wavs$(EXESUF): ELIBS = $(FF_EXTRALIBS)
 tools/uncoded_frame$(EXESUF): $(FF_DEP_LIBS)
 tools/uncoded_frame$(EXESUF): ELIBS = $(FF_EXTRALIBS)
diff --git a/tools/Makefile b/tools/Makefile
index 001093105b..88d64ce6d2 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -9,7 +9,10 @@  tools/target_bsf_%_fuzzer.o: tools/target_bsf_fuzzer.c
 	$(COMPILE_C) -DFFMPEG_BSF=$*
 
 tools/target_dem_fuzzer.o: tools/target_dem_fuzzer.c
-	$(COMPILE_C)
+	$(COMPILE_C) -DIO_FLAT=1
+
+tools/target_io_dem_fuzzer.o: tools/target_dem_fuzzer.c
+	$(COMPILE_C) -DIO_FLAT=0
 
 OUTDIRS += tools
 
diff --git a/tools/target_dem_fuzzer.c b/tools/target_dem_fuzzer.c
index b8356c5aa1..eefb5c5fa3 100644
--- a/tools/target_dem_fuzzer.c
+++ b/tools/target_dem_fuzzer.c
@@ -76,6 +76,10 @@  static int64_t io_seek(void *opaque, int64_t offset, int whence)
     }
     if (offset < 0 || offset > c->filesize)
         return -1;
+    if (IO_FLAT) {
+        c->fuzz      += offset - c->pos;
+        c->fuzz_size -= offset - c->pos;
+    }
     c->pos = offset;
     return 0;
 }
@@ -110,7 +114,10 @@  int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     if (!avfmt)
         error("Failed avformat_alloc_context()");
 
-    if (size > 2048) {
+    if (IO_FLAT) {
+        seekable = 1;
+        io_buffer_size = size;
+    } else if (size > 2048) {
         int flags;
         char extension[64];