1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-11-26 19:01:44 +02:00
Commit Graph

56 Commits

Author SHA1 Message Date
Michael Niedermayer
ec9d48da19 tools/target_dec_fuzzer: Also fuzz keyframe & disposal flags
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-15 17:09:22 +02:00
Michael Niedermayer
cc50d113c8 tools/target_dec_fuzzer: Also fuzz codec_tag
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-14 21:16:00 +02:00
Michael Niedermayer
2d3ccfa863 tools/target_dec_fuzzer: Also fuzz FF_COMPLIANCE_EXPERIMENTAL
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-14 21:16:00 +02:00
Michael Niedermayer
0c07eb5205 tools/target_dec_fuzzer: Also fuzz block_align
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-10-14 21:16:00 +02:00
Michael Niedermayer
47b0d0812e tools/target_dec_fuzzer: Adjust VP7 threshold
Fixes: Timeout (110sec -> 10sec)
Fixes: 17705/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP7_fuzzer-5765834135306240

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-29 22:18:58 +02:00
Michael Niedermayer
ec4ad6fb9e tools/target_dec_fuzzer: Print samples decoded like pixels
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-26 21:02:34 +02:00
Michael Niedermayer
db614008bc tools/target_dec_fuzzer: Check number of all samples decoded too, like max pixels
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-26 21:02:34 +02:00
Michael Niedermayer
68c80dc312 tools/target_dec_fuzzer: Set max_samples
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-25 17:18:37 +02:00
Michael Niedermayer
59163731e9 tools/target_dec_fuzzer: consider potential padding/edge in pixel threshold
Fixes: Timeout (73sec ->30ms)
Fixes: 16921/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5689384594046976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-24 17:53:39 +02:00
Michael Niedermayer
5fe6a9db15 tools/target_dec_fuzzer: Adjust threshold for MSS2
The decoder is slow

Fixes: Timeout (94sec -> 7sec)
Fixes: 16417/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSS2_fuzzer-5711668050395136

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-24 17:53:39 +02:00
Michael Niedermayer
87a7fc692d tools/target_dec_fuzzer: fuzz channels and sample_rate too
This should increase coverage over more audio decoders.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-20 23:26:34 +02:00
Michael Niedermayer
65589ad553 tools/target_dec_fuzzer: Adjust threshold for binkvideo
Fixes: Timeout (89sec -> 7sec)
Fixes: 17035/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINK_fuzzer-5737222422134784

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-17 14:45:08 +02:00
Michael Niedermayer
305f6dbb06 tools/target_dec_fuzzer: increase snows threshold
snow allows creating large output from tiny input, like other
wavelet codecs

Fixes: Timeout (82sec -> 1.5sec)
Fixes: 9520/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-6286612576075776

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-16 00:53:18 +02:00
Michael Niedermayer
9fd62b84d5 tools/target_dec_fuzzer: Adjust motionpixels threshold
Fixes: Timeout (151sec -> 173ms)
Fixes: 16053/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOTIONPIXELS_fuzzer-5647069169057792
Fixes: 16053/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOTIONPIXELS_fuzzer-5108957126852608

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-16 00:04:18 +02:00
Michael Niedermayer
9d1e98afee tools/target_dec_fuzzer: Adjust threshold for LSCR
Fixes: Timeout (12sec -> 3sec)
Fixes: 15327/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LSCR_fuzzer-5702887719567360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-09-09 23:04:53 +02:00
Michael Niedermayer
5a3dee65d4 tools/target_dec_fuzzer: adjust pixel threshold for TRUEMOTION2, as it allows coding gigantic images on tiny input
Fixes: Timeout (137sec -> 6sec)
Fixes: 16090/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5674245178261504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 18:34:05 +02:00
Michael Niedermayer
a370582ba9 tools/target_dec_fuzzer: Init parsepkt
Fixes: memory corruption
Fixes: 16702/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-5768418552184832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-31 17:33:56 +02:00
Michael Niedermayer
ba823394f6 tools/target_dec_fuzzer: Adjust maxpixels for indeo4
Fixes: Timeout (131sec -> 4sec)
Fixes: 15581/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5651105515569152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
96efaa9a1a tools/target_dec_fuzzer: Adjust GDV pixel threshold down by a factor of 2
Fixes: Timeout (7sec -> 1sec)
Fixes: 14709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5704215281795072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
738ff94f7c tools/target_dec_fuzzer: adjust pixel threshold for SANM, as it allows coding gigantic images on tiny input
Fixes: Timeout (13sec ->1sec)
Fixes: 16122/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SANM_fuzzer-5724944247291904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-29 15:57:54 +02:00
Michael Niedermayer
02a44ed0c8 tools/target_dec_fuzzer: Increase maxpixels threshold for dirac
wavelets allow significant size expansion and they are also not
very fast.

Fixes: Timeout
Fixes: 16480/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5659892689403904 (108sec -> 17ms)
Fixes: 16480/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5749422717140992 (big ->15sec)

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-26 10:36:40 +02:00
Michael Niedermayer
5af613cc48 tools/target_dec_fuzzer: Do not corrupt the packet size return
Fixes: Timeout (infinite)
Fixes: 16732/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-5642166377906176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-26 10:36:40 +02:00
James Almer
92c32b0f0c tools/target_dec_fuzzer: use refcounted packets
Should reduce allocations and data copying.

Signed-off-by: James Almer <jamrial@gmail.com>
2019-08-23 11:08:36 -03:00
Michael Niedermayer
ac77c5492f tools/target_dec_fuzzer: Do not increase max_pixels
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-23 14:38:42 +02:00
Michael Niedermayer
df7e79a5c3 tools/target_dec_fuzzer: adjust pixel threshold for MSRLE, as it allows coding gigantic images on tiny input
Fixes: Timeout (12sec ->2sec)
Fixes: 16125/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSRLE_fuzzer-5650846364205056

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-15 01:26:21 +02:00
Michael Niedermayer
1e2e47e348 tools/target_dec_fuzzer: Print max_pixels and iterations at the end
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-13 16:48:38 +02:00
Michael Niedermayer
faa9cd312f tools/target_dec_fuzzer: Add missing breaks
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-12 08:51:09 +02:00
Michael Niedermayer
9e0e9a5f36 tools/target_dec_fuzzer: Limit number off all pixels decoded
This should reduces the number of uninteresting timeouts encountered

A single threshold for all codecs did not work

Fixes: 13979/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QTRLE_fuzzer-5629872380051456 (14sec -> 4sec)
Fixes: 14709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5704215281795072 (179sec -> 7sec)
Fixes: 16296/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HNM4_VIDEO_fuzzer-5756304521428992 (108sec -> 9sec)
Fixes: 15620/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GIF_fuzzer-5657214435459072 (26sec -> 26ms)

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-12 08:45:07 +02:00
Michael Niedermayer
42a2edcc1d tools/target_dec_fuzzer: fix memleak of extradata
Fixes: memleak
Fixes: 15535/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKER_fuzzer-5692162424963072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-31 20:35:07 +02:00
Michael Niedermayer
508ce5839e tools/target_dec_fuzzer: Free parser in case of avcodec_open2() failure
Fixes: memleak
Fixes: part of 15529/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBVPX_VP8_fuzzer-5140143700180992

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-21 12:33:35 +02:00
Michael Niedermayer
9b5249a441 tools/target_dec_fuzzer: Remove redundant av_free()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-13 14:42:57 +02:00
Michael Niedermayer
6f2625aafc tools/target_dec_fuzzer: Also fuzz extradata
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-06-14 21:36:39 +02:00
Michael Niedermayer
0a2b768d3e tools/target_dec_fuzzer: Limit error concealment on pixels instead of just frames
This should reduce the amount of timeout issues overall

Fixes: Timeout (34->10sec)
Fixes: 14682/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV2_fuzzer-5728608414334976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-06-05 13:19:59 +02:00
Carl Eugen Hoyos
1a6cca1989 configure: Make sure libpostproc can be found if -rpath-link doesn't work.
Solaris ld takes "-rpath-link=libpostproc" as indication to search in "-link=libpostproc".
2018-12-28 00:22:13 +01:00
Michael Niedermayer
5c0fd9df87 tools/target_dec_fuzzer: set parser codec id to avoid assertion failure
Fixes: 9211/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GSM_fuzzer-5680396581732352
Fixes: assertion failure

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-07-07 12:09:34 +02:00
Michael Niedermayer
9f0077cc03 tools/target_dec_fuzzer: Fix parser_avctx memleak on error path
Fixes: oss-fuzz issue 9195

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-30 16:13:48 +02:00
Michael Niedermayer
310a49f71d tools/target_dec_fuzzer: Also optionally fuzz with a parser
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-28 21:35:01 +02:00
Michael Niedermayer
42f40d36b7 avcodec/allcodecs: Provide empty codec_list in allcodecs when ossfuzz is used
The last workaround is not sufficient to make oss fuzz work with the iterate API
as it did not provide a FFmpeg that external libs can be linked to.

This patch does not fully restore the pre iterate functionality. My attempts to
do this have so far failed.

The problem with this solution is that it renders the fuzzers virtual system
ffmpeg (libs) non functional. Which differs from a real system compared to the
virtual system tested by the fuzzer.
It should theoretically not matter as the system ffmpeg wouldnt be used.
But with more cases being fuzzed we likely will hit a case where a external
lib is involved and it does matter ...

Working around this may be possible with weak symbols but so far my attempts
failed

Alternatively multiple ffmpeg could be built, this becomes messy though
quickly as they need to be all linked together. That is we need a FFmpeg
that has the iterate API modified so it can work with the resources
available to ossfuzz. And at the same time we need a ffmpeg that has
its full functionality for any external libs which use ffmpeg and are
used by ffmpeg.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-05-28 23:17:32 +02:00
Michael Niedermayer
64f59a21b3 avcodec: Disable new iterate API for ossfuzz
A few days ago ossfuzz stoped testing new FFmpeg as it run out of diskspacee

https://oss-fuzz-build-logs.storage.googleapis.com/index.html

An alternative would be to revert the API.

This changes for example
-rwxr-x--- 1 michael michael 144803654 May 14 12:54 tools/target_dec_ac3_fixed_fuzzer*
to
-rwxr-x--- 1 michael michael  30333852 May 14 12:51 tools/target_dec_ac3_fixed_fuzzer*

Which should massively decrease space requirements

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-05-16 00:39:52 +02:00
Michael Niedermayer
c23209f63d tools/target_dec_fuzzer: Fix build after AV_CODEC_CAP_HWACCEL_VDPAU was removed
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-10-25 21:50:37 +02:00
Michael Niedermayer
e6debcaaed tools/target_dec_fuzzer: Fix build after FF_INPUT_BUFFER_PADDING_SIZE was removed
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-10-25 21:50:37 +02:00
Diego Biurrun
fd502f4f5f build: Generalize yasm/nasm-related variable names
None of them are specific to the YASM assembler.

(Cherry-picked from libav commit 39e208f4d4)

Signed-off-by: James Almer <jamrial@gmail.com>
2017-06-21 17:00:29 -03:00
Michael Niedermayer
718f8a01df tools/target_dec_fuzzer: Move the hwaccel check outside the initialization if
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-29 03:40:47 +02:00
Michael Niedermayer
38e79d9d9c tools/target_dec_fuzzer: Do not attempt to fuzz VDPAU, its not supported
Fixes: 1364/clusterfuzz-testcase-minimized-6459843441328128
Fixes: 1392

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-06 15:15:14 +02:00
Michael Niedermayer
d58fe01774 tools/target_dec_fuzzer: Do not use codec_id to look up decoder, but use selected decoder directly
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-06 15:12:05 +02:00
Michael Niedermayer
390c6ee42c tools/target_dec_fuzzer: Fix memleak on open failure
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-04 13:51:50 +02:00
Michael Niedermayer
dec2fa8cc7 tools/target_dec_fuzzer: Use decoder and not codec_id as argument
This allows fuzzing decoders with the same codec_id
We also avoid register all to allow the linker to prune unused sections and symbols

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-03 17:22:13 +02:00
Michael Niedermayer
56ddb923c6 tools/target_dec_fuzzer: Use avcodec_register_all() instead of register_all()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-02 00:55:19 +02:00
Michael Niedermayer
a9b5b6a97f tools: Eliminate codec_type complexity from fuzzer
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-04-30 14:24:51 +02:00
Michael Niedermayer
966cbfbc83 tools/target_dec_fuzzer: Fix return code on open failure
Fixes: 1271/clusterfuzz-testcase-minimized-6095220498235392

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-04-27 04:25:31 +02:00