[FFmpeg-devel] [PATCH 1/3] tools/target_dec_fuzzer: Call avcodec_flush_buffers() in a fuzzer choosen pattern

[James Almer]

From: Michael Niedermayer <michael at niedermayer.cc>

This should increase coverage

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
Signed-off-by: James Almer <jamrial at gmail.com>
---
 tools/target_dec_fuzzer.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index 4eb59bd296..11530cbf79 100644
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -110,6 +110,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
                           const AVPacket *avpkt) = NULL;
     AVCodecParserContext *parser = NULL;
     uint64_t keyframes = 0;
+    uint64_t flushpattern = -1;
     AVDictionary *opts = NULL;
 
     if (!c) {
@@ -239,6 +240,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         ctx->request_channel_layout             = bytestream2_get_le64(&gbc);
 
         ctx->idct_algo                          = bytestream2_get_byte(&gbc) % 25;
+        flushpattern                            = bytestream2_get_le64(&gbc);
 
         if (flags & 0x20) {
             switch (ctx->codec_id) {
@@ -332,6 +334,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
                 av_packet_move_ref(&avpkt, &parsepkt);
             }
 
+          if (!(flushpattern & 7))
+              avcodec_flush_buffers(ctx);
+          flushpattern = (flushpattern >> 3) + (flushpattern << 61);
+
           // Iterate through all data
           while (avpkt.size > 0 && it++ < maxiteration) {
             av_frame_unref(frame);
-- 
2.29.2