1
0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2024-12-02 03:06:28 +02:00
Commit Graph

32 Commits

Author SHA1 Message Date
Michael Niedermayer
df7e79a5c3 tools/target_dec_fuzzer: adjust pixel threshold for MSRLE, as it allows coding gigantic images on tiny input
Fixes: Timeout (12sec ->2sec)
Fixes: 16125/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSRLE_fuzzer-5650846364205056

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-15 01:26:21 +02:00
Michael Niedermayer
1e2e47e348 tools/target_dec_fuzzer: Print max_pixels and iterations at the end
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-13 16:48:38 +02:00
Michael Niedermayer
faa9cd312f tools/target_dec_fuzzer: Add missing breaks
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-12 08:51:09 +02:00
Michael Niedermayer
9e0e9a5f36 tools/target_dec_fuzzer: Limit number off all pixels decoded
This should reduces the number of uninteresting timeouts encountered

A single threshold for all codecs did not work

Fixes: 13979/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QTRLE_fuzzer-5629872380051456 (14sec -> 4sec)
Fixes: 14709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5704215281795072 (179sec -> 7sec)
Fixes: 16296/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HNM4_VIDEO_fuzzer-5756304521428992 (108sec -> 9sec)
Fixes: 15620/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GIF_fuzzer-5657214435459072 (26sec -> 26ms)

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-08-12 08:45:07 +02:00
Michael Niedermayer
42a2edcc1d tools/target_dec_fuzzer: fix memleak of extradata
Fixes: memleak
Fixes: 15535/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKER_fuzzer-5692162424963072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-31 20:35:07 +02:00
Michael Niedermayer
508ce5839e tools/target_dec_fuzzer: Free parser in case of avcodec_open2() failure
Fixes: memleak
Fixes: part of 15529/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBVPX_VP8_fuzzer-5140143700180992

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-21 12:33:35 +02:00
Michael Niedermayer
9b5249a441 tools/target_dec_fuzzer: Remove redundant av_free()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-07-13 14:42:57 +02:00
Michael Niedermayer
6f2625aafc tools/target_dec_fuzzer: Also fuzz extradata
This should improve coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-06-14 21:36:39 +02:00
Michael Niedermayer
0a2b768d3e tools/target_dec_fuzzer: Limit error concealment on pixels instead of just frames
This should reduce the amount of timeout issues overall

Fixes: Timeout (34->10sec)
Fixes: 14682/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV2_fuzzer-5728608414334976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2019-06-05 13:19:59 +02:00
Carl Eugen Hoyos
1a6cca1989 configure: Make sure libpostproc can be found if -rpath-link doesn't work.
Solaris ld takes "-rpath-link=libpostproc" as indication to search in "-link=libpostproc".
2018-12-28 00:22:13 +01:00
Michael Niedermayer
5c0fd9df87 tools/target_dec_fuzzer: set parser codec id to avoid assertion failure
Fixes: 9211/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GSM_fuzzer-5680396581732352
Fixes: assertion failure

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-07-07 12:09:34 +02:00
Michael Niedermayer
9f0077cc03 tools/target_dec_fuzzer: Fix parser_avctx memleak on error path
Fixes: oss-fuzz issue 9195

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-30 16:13:48 +02:00
Michael Niedermayer
310a49f71d tools/target_dec_fuzzer: Also optionally fuzz with a parser
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-06-28 21:35:01 +02:00
Michael Niedermayer
42f40d36b7 avcodec/allcodecs: Provide empty codec_list in allcodecs when ossfuzz is used
The last workaround is not sufficient to make oss fuzz work with the iterate API
as it did not provide a FFmpeg that external libs can be linked to.

This patch does not fully restore the pre iterate functionality. My attempts to
do this have so far failed.

The problem with this solution is that it renders the fuzzers virtual system
ffmpeg (libs) non functional. Which differs from a real system compared to the
virtual system tested by the fuzzer.
It should theoretically not matter as the system ffmpeg wouldnt be used.
But with more cases being fuzzed we likely will hit a case where a external
lib is involved and it does matter ...

Working around this may be possible with weak symbols but so far my attempts
failed

Alternatively multiple ffmpeg could be built, this becomes messy though
quickly as they need to be all linked together. That is we need a FFmpeg
that has the iterate API modified so it can work with the resources
available to ossfuzz. And at the same time we need a ffmpeg that has
its full functionality for any external libs which use ffmpeg and are
used by ffmpeg.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-05-28 23:17:32 +02:00
Michael Niedermayer
64f59a21b3 avcodec: Disable new iterate API for ossfuzz
A few days ago ossfuzz stoped testing new FFmpeg as it run out of diskspacee

https://oss-fuzz-build-logs.storage.googleapis.com/index.html

An alternative would be to revert the API.

This changes for example
-rwxr-x--- 1 michael michael 144803654 May 14 12:54 tools/target_dec_ac3_fixed_fuzzer*
to
-rwxr-x--- 1 michael michael  30333852 May 14 12:51 tools/target_dec_ac3_fixed_fuzzer*

Which should massively decrease space requirements

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2018-05-16 00:39:52 +02:00
Michael Niedermayer
c23209f63d tools/target_dec_fuzzer: Fix build after AV_CODEC_CAP_HWACCEL_VDPAU was removed
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-10-25 21:50:37 +02:00
Michael Niedermayer
e6debcaaed tools/target_dec_fuzzer: Fix build after FF_INPUT_BUFFER_PADDING_SIZE was removed
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-10-25 21:50:37 +02:00
Diego Biurrun
fd502f4f5f build: Generalize yasm/nasm-related variable names
None of them are specific to the YASM assembler.

(Cherry-picked from libav commit 39e208f4d4)

Signed-off-by: James Almer <jamrial@gmail.com>
2017-06-21 17:00:29 -03:00
Michael Niedermayer
718f8a01df tools/target_dec_fuzzer: Move the hwaccel check outside the initialization if
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-29 03:40:47 +02:00
Michael Niedermayer
38e79d9d9c tools/target_dec_fuzzer: Do not attempt to fuzz VDPAU, its not supported
Fixes: 1364/clusterfuzz-testcase-minimized-6459843441328128
Fixes: 1392

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-06 15:15:14 +02:00
Michael Niedermayer
d58fe01774 tools/target_dec_fuzzer: Do not use codec_id to look up decoder, but use selected decoder directly
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-06 15:12:05 +02:00
Michael Niedermayer
390c6ee42c tools/target_dec_fuzzer: Fix memleak on open failure
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-04 13:51:50 +02:00
Michael Niedermayer
dec2fa8cc7 tools/target_dec_fuzzer: Use decoder and not codec_id as argument
This allows fuzzing decoders with the same codec_id
We also avoid register all to allow the linker to prune unused sections and symbols

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-03 17:22:13 +02:00
Michael Niedermayer
56ddb923c6 tools/target_dec_fuzzer: Use avcodec_register_all() instead of register_all()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-05-02 00:55:19 +02:00
Michael Niedermayer
a9b5b6a97f tools: Eliminate codec_type complexity from fuzzer
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-04-30 14:24:51 +02:00
Michael Niedermayer
966cbfbc83 tools/target_dec_fuzzer: Fix return code on open failure
Fixes: 1271/clusterfuzz-testcase-minimized-6095220498235392

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-04-27 04:25:31 +02:00
Michael Niedermayer
550a9c547e tools/target_dec_fuzzer: Remove FuzzerInterface.h dependancy
The header is not always available in the docker build environment

Suggested-by: Kostya Serebryany
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-04-25 03:13:00 +02:00
Michael Niedermayer
d976d2ec78 tools/target_dec_fuzzer: Fix build with default FFmpeg build flags
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-04-24 23:16:53 +02:00
Michael Niedermayer
164758a831 tools/target_dec_fuzzer: Fuzz video decoder related fields in context.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-04-19 23:52:20 +02:00
Michael Niedermayer
c87ea47481 tools/target_dec_fuzzer: Fix misaligned read
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-02-24 14:12:13 +01:00
Michael Niedermayer
8bdba1092f tools/target_dec_fuzzer: Only audio uses the return value to decode packets in pieces, correct the code to match that
Fixes: Timeout
Fixes: 483/fuzz-0-ffmpeg_VIDEO_AV_CODEC_ID_H263I_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2017-01-31 23:43:41 +01:00
Rostislav Pehlivanov
e05d2dd86a doc/examples/decoder_targeted: move to tools/target_dec_fuzzer.c
Name and purpose are more appropriate there since the code isn't
an ideal example.

Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
2017-01-29 16:14:18 +00:00