[FFmpeg-devel] [PATCH] Gsoc: add the two fuzzy targets

2021-04-19 Thread a397341575 
From: toseven 

---
 Makefile   |   5 ++
 tools/Makefile |   6 ++
 tools/target_avpacket_fuzzer.c | 125 +
 tools/target_formats_fuzzer.c  | 120 +++
 4 files changed, 256 insertions(+)
 create mode 100644 tools/target_avpacket_fuzzer.c
 create mode 100644 tools/target_formats_fuzzer.c

diff --git a/Makefile b/Makefile
index 7e9d8b08c3..45509ab3b5 100644
--- a/Makefile
+++ b/Makefile
@@ -62,6 +62,11 @@ tools/target_dem_fuzzer$(EXESUF): tools/target_dem_fuzzer.o 
$(FF_DEP_LIBS)
 tools/target_io_dem_fuzzer$(EXESUF): tools/target_io_dem_fuzzer.o 
$(FF_DEP_LIBS)
$(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) 
$(LIBFUZZER_PATH)
 
+tools/target_avpacket_fuzzer$(EXESUF): tools/target_avpacket_fuzzer.o 
$(FF_DEP_LIBS)
+   $(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) 
$(LIBFUZZER_PATH)
+
+tools/target_formats_fuzzer$(EXESUF): tools/target_formats_fuzzer.o 
$(FF_DEP_LIBS)
+   $(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) 
$(LIBFUZZER_PATH)
 
 tools/enum_options$(EXESUF): ELIBS = $(FF_EXTRALIBS)
 tools/enum_options$(EXESUF): $(FF_DEP_LIBS)
diff --git a/tools/Makefile b/tools/Makefile
index 82baa8eadb..7ef720c8ba 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -17,6 +17,12 @@ tools/target_dem_fuzzer.o: tools/target_dem_fuzzer.c
 tools/target_io_dem_fuzzer.o: tools/target_dem_fuzzer.c
$(COMPILE_C) -DIO_FLAT=0
 
+tools/target_avpacket_fuzzer.o: tools/target_avpacket_fuzzer.c
+   $(COMPILE_C) 
+
+tools/target_avpacket_fuzzer.o: tools/target_formats_fuzzer.c
+   $(COMPILE_C) 
+
 OUTDIRS += tools
 
 clean::
diff --git a/tools/target_avpacket_fuzzer.c b/tools/target_avpacket_fuzzer.c
new file mode 100644
index 00..e5e7b3d4c8
--- /dev/null
+++ b/tools/target_avpacket_fuzzer.c
@@ -0,0 +1,125 @@
+/*
+ * This file is part of FFmpeg.
+ *
+ * FFmpeg is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * FFmpeg is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with FFmpeg; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include 
+#include 
+#include 
+#include 
+
+#include "libavcodec/avcodec.h"
+#include "libavutil/error.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static int setup_side_data_entry(AVPacket *avpkt)
+{
+const uint8_t *data_name = NULL;
+int ret = 0, bytes;
+uint8_t *extra_data = NULL;
+
+/* get side_data_name string */
+data_name = av_packet_side_data_name(AV_PKT_DATA_NEW_EXTRADATA);
+
+/* Allocate a memory bloc */
+bytes = strlen(data_name);
+
+if (!(extra_data = av_malloc(bytes)))
+{
+ret = AVERROR(ENOMEM);
+fprintf(stderr, "Error occurred: %s\n", av_err2str(ret));
+exit(1);
+}
+
+/* copy side_data_name to extra_data array */
+memcpy(extra_data, data_name, bytes);
+
+/* create side data for AVPacket */
+ret = av_packet_add_side_data(avpkt, AV_PKT_DATA_NEW_EXTRADATA, extra_data,
+  bytes);
+
+if (ret < 0)
+{
+fprintf(stderr, "Error occurred in av_packet_add_side_data: %s\n",
+av_err2str(ret));
+}
+return ret;
+}
+
+static int initializations(AVPacket *avpkt,const uint8_t *data, size_t size)
+{
+int ret = 0;
+
+/* set values for avpkt */
+avpkt->pts = 17;
+avpkt->dts = 2;
+avpkt->data = (uint8_t *)data;
+avpkt->size = size;
+avpkt->flags = AV_PKT_FLAG_DISCARD;
+avpkt->duration = 100;
+avpkt->pos = 3;
+
+ret = setup_side_data_entry(avpkt);
+
+return ret;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) 
+{
+AVPacket *avpkt = NULL;
+AVPacket *avpkt_clone = NULL;
+
+if(data==NULL || size ==0)
+return 1;  
+
+/* test av_packet_alloc */
+avpkt = av_packet_alloc();
+if (!avpkt)
+{
+av_log(NULL, AV_LOG_ERROR, "av_packet_alloc failed to allcoate 
AVPacket\n");
+return 1;
+}
+
+int fuzz_size =  0;
+memcpy(_size,data,sizeof(int));
+
+if (initializations(avpkt, data, size) < 0)
+{
+printf("failed to initialize variables\n");
+av_packet_free();
+return 1;
+}
+/* test av_packet_clone*/
+avpkt_clone = av_packet_clone(avpkt);
+
+if (!avpkt_clone)
+{
+av_log(NULL, AV_LOG_ERROR, "av_packet_clone failed to clone 
AVPacket\n");
+

[FFmpeg-devel] [PATCH] [GSOC]add a fuzz testing in libavcodec/tests

2020-03-27 Thread a397341575 
From: toseven 

---
 libavcodec/tests/target_avpacket_fuzzer.c | 114 ++
 1 file changed, 114 insertions(+)
 create mode 100644 libavcodec/tests/target_avpacket_fuzzer.c

diff --git a/libavcodec/tests/target_avpacket_fuzzer.c 
b/libavcodec/tests/target_avpacket_fuzzer.c
new file mode 100644
index 00..22f9898210
--- /dev/null
+++ b/libavcodec/tests/target_avpacket_fuzzer.c
@@ -0,0 +1,114 @@
+/*
+ * This file is part of FFmpeg.
+ *
+ * FFmpeg is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * FFmpeg is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with FFmpeg; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include "libavcodec/avcodec.h"
+#include "libavutil/error.h"
+#include "config.h"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static int setup_side_data_entry(AVPacket* avpkt)
+{
+const char *data_name = NULL;
+int ret = 0, bytes;
+uint8_t *extra_data = NULL;
+
+
+/* get side_data_name string */
+data_name = av_packet_side_data_name(AV_PKT_DATA_NEW_EXTRADATA);
+
+/* Allocate a memory bloc */
+bytes = strlen(data_name);
+
+if(!(extra_data = (uint8_t *)av_malloc(bytes))){
+ret = AVERROR(ENOMEM);
+fprintf(stderr, "Error occurred: %s\n", av_err2str(ret));
+exit(1);
+}
+/* copy side_data_name to extra_data array */
+memcpy(extra_data, data_name, bytes);
+
+/* create side data for AVPacket */
+ret = av_packet_add_side_data(avpkt, AV_PKT_DATA_NEW_EXTRADATA,
+extra_data, bytes);
+if(ret < 0){
+fprintf(stderr,
+"Error occurred in av_packet_add_side_data: %s\n",
+av_err2str(ret));
+}
+
+return ret;
+}
+
+static int initializations(AVPacket* avpkt)
+{
+av_init_packet(avpkt);
+int ret;
+ret = setup_side_data_entry(avpkt);
+
+return ret;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) 
+{
+AVPacket avpkt;
+memcmp(,data,sizeof(AVPacket));
+
+int num;
+memcmp(,data+sizeof(AVPacket),sizeof(int));
+AVPacket *avpkt_clone = NULL;
+int ret = 0;
+
+if(initializations() < 0){
+printf("failed to initialize variables\n");
+return 1;
+}
+/* test av_packet_clone*/
+avpkt_clone = av_packet_clone();
+
+if(!avpkt_clone) {
+av_log(NULL, AV_LOG_ERROR,"av_packet_clone failed to clone 
AVPacket\n");
+return 1;
+}
+/*test av_grow_packet*/
+if(av_grow_packet(avpkt_clone, num) < 0){
+av_log(NULL, AV_LOG_ERROR, "av_grow_packet failed\n");
+return 1;
+}
+/* test size error check in av_new_packet*/
+if(av_new_packet(avpkt_clone, num) == 0){
+printf( "av_new_packet failed to return error "
+"when \"size\" parameter is too large.\n" );
+ret = 1;
+}
+/*test size error check in av_packet_from_data*/
+if(av_packet_from_data(avpkt_clone, avpkt_clone->data, num) == 0){
+printf("av_packet_from_data failed to return error "
+"when \"size\" parameter is too large.\n" );
+ret = 1;
+}
+/*clean up*/
+av_packet_free(_clone);
+av_packet_unref();
+
+return ret;
+}
-- 
2.26.0


___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".