diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /media/libaom/test/fuzztest | |
parent | Initial commit. (diff) | |
download | firefox-esr-upstream.tar.xz firefox-esr-upstream.zip |
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'media/libaom/test/fuzztest')
-rw-r--r-- | media/libaom/test/fuzztest/av1_fuzzer.cpp | 88 | ||||
-rw-r--r-- | media/libaom/test/fuzztest/moz.build | 48 |
2 files changed, 136 insertions, 0 deletions
diff --git a/media/libaom/test/fuzztest/av1_fuzzer.cpp b/media/libaom/test/fuzztest/av1_fuzzer.cpp new file mode 100644 index 0000000000..a659446773 --- /dev/null +++ b/media/libaom/test/fuzztest/av1_fuzzer.cpp @@ -0,0 +1,88 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Copyright 2018 Google Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. */ + +/* This file was originally imported from Google's oss-fuzz project at + * https://github.com/google/oss-fuzz/tree/master/projects/libaom */ + +#define DECODE_MODE 1 +#include "FuzzingInterface.h" + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <memory> + +#include "aom/aom_decoder.h" +#include "aom/aomdx.h" +#include "aom_ports/mem_ops.h" +#include "common/ivfdec.h" + +static const char *const kIVFSignature = "DKIF"; + +static void close_file(FILE *file) { fclose(file); } + +void usage_exit(void) { exit(EXIT_FAILURE); } + +static int +LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + std::unique_ptr<FILE, decltype(&close_file)> file( + fmemopen((void *)data, size, "rb"), &close_file); + + if (file == nullptr) { + return 0; + } + + char header[32]; + if (fread(header, 1, 32, file.get()) != 32) { + return 0; + } + + const AvxInterface *decoder = get_aom_decoder_by_name("av1"); + if (decoder == nullptr) { + return 0; + } + + aom_codec_ctx_t codec; +#if defined(DECODE_MODE) + const int threads = 1; +#elif defined(DECODE_MODE_threaded) + const int threads = 16; +#else +#error define one of DECODE_MODE or DECODE_MODE_threaded +#endif + aom_codec_dec_cfg_t cfg = {threads, 0, 0}; + if (aom_codec_dec_init(&codec, decoder->codec_interface(), &cfg, 0)) { + return 0; + } + + uint8_t *buffer = nullptr; + size_t buffer_size = 0; + size_t frame_size = 0; + while (!ivf_read_frame(file.get(), &buffer, &frame_size, &buffer_size, + nullptr)) { + const aom_codec_err_t err = + aom_codec_decode(&codec, buffer, frame_size, nullptr); + aom_codec_iter_t iter = nullptr; + aom_image_t *img = nullptr; + while ((img = aom_codec_get_frame(&codec, &iter)) != nullptr) { + } + } + aom_codec_destroy(&codec); + free(buffer); + return 0; +} + +MOZ_FUZZING_INTERFACE_RAW(nullptr, LLVMFuzzerTestOneInput, AV1Decode); diff --git a/media/libaom/test/fuzztest/moz.build b/media/libaom/test/fuzztest/moz.build new file mode 100644 index 0000000000..810286596f --- /dev/null +++ b/media/libaom/test/fuzztest/moz.build @@ -0,0 +1,48 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +Library('FuzzingAOM') + +LOCAL_INCLUDES += [ + '/media/libaom/config', + '/third_party/aom', +] + +# We currently only support building on Linux for fuzzing here, as guarded +# in media/libaom/moz.build. More support can be added later if necessary. +if CONFIG['CPU_ARCH'] == 'x86_64': + LOCAL_INCLUDES += [ + '/media/libaom/config/linux/x64/', + '/media/libvpx/config/linux/x64/', + ] +elif CONFIG['CPU_ARCH'] == 'x86': + LOCAL_INCLUDES += [ + '/media/libaom/config/linux/ia32/', + '/media/libvpx/config/linux/ia32/', + ] +elif CONFIG['CPU_ARCH'] == 'arm': + LOCAL_INCLUDES += [ + '/media/libaom/config/linux/arm/', + '/media/libvpx/config/linux/arm/', + ] +elif CONFIG['CPU_ARCH'] == 'aarch64': + LOCAL_INCLUDES += [ + '/media/libaom/config/generic/', + '/media/libvpx/config/linux/arm64/', + ] + +SOURCES += [ + '/media/libvpx/libvpx/ivfdec.c', + '/third_party/aom/common/tools_common.c', + 'av1_fuzzer.cpp', +] + +# Ignore unused variables in the imported AV1 fuzzer +SOURCES['av1_fuzzer.cpp'].flags += ['-Wno-unused-variable'] + +include('/tools/fuzzing/libfuzzer-config.mozbuild') + +FINAL_LIBRARY = 'xul-gtest' |