summaryrefslogtreecommitdiffstats
path: root/media/libaom/test/fuzztest
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
commit36d22d82aa202bb199967e9512281e9a53db42c9 (patch)
tree105e8c98ddea1c1e4784a60a5a6410fa416be2de /media/libaom/test/fuzztest
parentInitial commit. (diff)
downloadfirefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz
firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'media/libaom/test/fuzztest')
-rw-r--r--media/libaom/test/fuzztest/av1_fuzzer.cpp88
-rw-r--r--media/libaom/test/fuzztest/moz.build48
2 files changed, 136 insertions, 0 deletions
diff --git a/media/libaom/test/fuzztest/av1_fuzzer.cpp b/media/libaom/test/fuzztest/av1_fuzzer.cpp
new file mode 100644
index 0000000000..a659446773
--- /dev/null
+++ b/media/libaom/test/fuzztest/av1_fuzzer.cpp
@@ -0,0 +1,88 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Copyright 2018 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. */
+
+/* This file was originally imported from Google's oss-fuzz project at
+ * https://github.com/google/oss-fuzz/tree/master/projects/libaom */
+
+#define DECODE_MODE 1
+#include "FuzzingInterface.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <memory>
+
+#include "aom/aom_decoder.h"
+#include "aom/aomdx.h"
+#include "aom_ports/mem_ops.h"
+#include "common/ivfdec.h"
+
+static const char *const kIVFSignature = "DKIF";
+
+static void close_file(FILE *file) { fclose(file); }
+
+void usage_exit(void) { exit(EXIT_FAILURE); }
+
+static int
+LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+ std::unique_ptr<FILE, decltype(&close_file)> file(
+ fmemopen((void *)data, size, "rb"), &close_file);
+
+ if (file == nullptr) {
+ return 0;
+ }
+
+ char header[32];
+ if (fread(header, 1, 32, file.get()) != 32) {
+ return 0;
+ }
+
+ const AvxInterface *decoder = get_aom_decoder_by_name("av1");
+ if (decoder == nullptr) {
+ return 0;
+ }
+
+ aom_codec_ctx_t codec;
+#if defined(DECODE_MODE)
+ const int threads = 1;
+#elif defined(DECODE_MODE_threaded)
+ const int threads = 16;
+#else
+#error define one of DECODE_MODE or DECODE_MODE_threaded
+#endif
+ aom_codec_dec_cfg_t cfg = {threads, 0, 0};
+ if (aom_codec_dec_init(&codec, decoder->codec_interface(), &cfg, 0)) {
+ return 0;
+ }
+
+ uint8_t *buffer = nullptr;
+ size_t buffer_size = 0;
+ size_t frame_size = 0;
+ while (!ivf_read_frame(file.get(), &buffer, &frame_size, &buffer_size,
+ nullptr)) {
+ const aom_codec_err_t err =
+ aom_codec_decode(&codec, buffer, frame_size, nullptr);
+ aom_codec_iter_t iter = nullptr;
+ aom_image_t *img = nullptr;
+ while ((img = aom_codec_get_frame(&codec, &iter)) != nullptr) {
+ }
+ }
+ aom_codec_destroy(&codec);
+ free(buffer);
+ return 0;
+}
+
+MOZ_FUZZING_INTERFACE_RAW(nullptr, LLVMFuzzerTestOneInput, AV1Decode);
diff --git a/media/libaom/test/fuzztest/moz.build b/media/libaom/test/fuzztest/moz.build
new file mode 100644
index 0000000000..810286596f
--- /dev/null
+++ b/media/libaom/test/fuzztest/moz.build
@@ -0,0 +1,48 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+Library('FuzzingAOM')
+
+LOCAL_INCLUDES += [
+ '/media/libaom/config',
+ '/third_party/aom',
+]
+
+# We currently only support building on Linux for fuzzing here, as guarded
+# in media/libaom/moz.build. More support can be added later if necessary.
+if CONFIG['CPU_ARCH'] == 'x86_64':
+ LOCAL_INCLUDES += [
+ '/media/libaom/config/linux/x64/',
+ '/media/libvpx/config/linux/x64/',
+ ]
+elif CONFIG['CPU_ARCH'] == 'x86':
+ LOCAL_INCLUDES += [
+ '/media/libaom/config/linux/ia32/',
+ '/media/libvpx/config/linux/ia32/',
+ ]
+elif CONFIG['CPU_ARCH'] == 'arm':
+ LOCAL_INCLUDES += [
+ '/media/libaom/config/linux/arm/',
+ '/media/libvpx/config/linux/arm/',
+ ]
+elif CONFIG['CPU_ARCH'] == 'aarch64':
+ LOCAL_INCLUDES += [
+ '/media/libaom/config/generic/',
+ '/media/libvpx/config/linux/arm64/',
+ ]
+
+SOURCES += [
+ '/media/libvpx/libvpx/ivfdec.c',
+ '/third_party/aom/common/tools_common.c',
+ 'av1_fuzzer.cpp',
+]
+
+# Ignore unused variables in the imported AV1 fuzzer
+SOURCES['av1_fuzzer.cpp'].flags += ['-Wno-unused-variable']
+
+include('/tools/fuzzing/libfuzzer-config.mozbuild')
+
+FINAL_LIBRARY = 'xul-gtest'