[FFmpeg-devel] [PATCH] Gsoc: add the two fuzzy targets

Michael Niedermayer michael at niedermayer.cc
Mon Apr 19 12:47:42 EEST 2021 

On Mon, Apr 19, 2021 at 05:06:10PM +0800, a397341575 at 163.com wrote:
> From: toseven <Byone.heng at gmail.com>
> 
> ---
>  Makefile                       |   5 ++
>  tools/Makefile                 |   6 ++
>  tools/target_avpacket_fuzzer.c | 125 +++++++++++++++++++++++++++++++++
>  tools/target_formats_fuzzer.c  | 120 +++++++++++++++++++++++++++++++
>  4 files changed, 256 insertions(+)
>  create mode 100644 tools/target_avpacket_fuzzer.c
>  create mode 100644 tools/target_formats_fuzzer.c
> 
> diff --git a/Makefile b/Makefile
> index 7e9d8b08c3..45509ab3b5 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -62,6 +62,11 @@ tools/target_dem_fuzzer$(EXESUF): tools/target_dem_fuzzer.o $(FF_DEP_LIBS)
>  tools/target_io_dem_fuzzer$(EXESUF): tools/target_io_dem_fuzzer.o $(FF_DEP_LIBS)
>  	$(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) $(LIBFUZZER_PATH)
>  
> +tools/target_avpacket_fuzzer$(EXESUF): tools/target_avpacket_fuzzer.o $(FF_DEP_LIBS)
> +	$(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) $(LIBFUZZER_PATH)
> +
> +tools/target_formats_fuzzer$(EXESUF): tools/target_formats_fuzzer.o $(FF_DEP_LIBS)
> +	$(LD) $(LDFLAGS) $(LDEXEFLAGS) $(LD_O) $^ $(ELIBS) $(FF_EXTRALIBS) $(LIBFUZZER_PATH)
>  
>  tools/enum_options$(EXESUF): ELIBS = $(FF_EXTRALIBS)
>  tools/enum_options$(EXESUF): $(FF_DEP_LIBS)

> diff --git a/tools/Makefile b/tools/Makefile
> index 82baa8eadb..7ef720c8ba 100644
> --- a/tools/Makefile
> +++ b/tools/Makefile
> @@ -17,6 +17,12 @@ tools/target_dem_fuzzer.o: tools/target_dem_fuzzer.c
>  tools/target_io_dem_fuzzer.o: tools/target_dem_fuzzer.c
>  	$(COMPILE_C) -DIO_FLAT=0
>  
> +tools/target_avpacket_fuzzer.o: tools/target_avpacket_fuzzer.c
> +	$(COMPILE_C) 
> +
> +tools/target_avpacket_fuzzer.o: tools/target_formats_fuzzer.c
> +	$(COMPILE_C) 
> +

The target is duplicate




>  OUTDIRS += tools
>  
>  clean::
> diff --git a/tools/target_avpacket_fuzzer.c b/tools/target_avpacket_fuzzer.c
> new file mode 100644
> index 0000000000..e5e7b3d4c8
> --- /dev/null
> +++ b/tools/target_avpacket_fuzzer.c
> @@ -0,0 +1,125 @@
> +/*
> + * This file is part of FFmpeg.
> + *
> + * FFmpeg is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU Lesser General Public
> + * License as published by the Free Software Foundation; either
> + * version 2.1 of the License, or (at your option) any later version.
> + *
> + * FFmpeg is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> + * Lesser General Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License along with FFmpeg; if not, write to the Free Software
> + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
> + */
> +
> +#include <inttypes.h>
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <string.h>
> +
> +#include "libavcodec/avcodec.h"
> +#include "libavutil/error.h"
> +
> +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
> +
> +static int setup_side_data_entry(AVPacket *avpkt)
> +{
> +    const uint8_t *data_name = NULL;
> +    int ret = 0, bytes;
> +    uint8_t *extra_data = NULL;
> +
> +    /* get side_data_name string */
> +    data_name = av_packet_side_data_name(AV_PKT_DATA_NEW_EXTRADATA);
> +    
> +    /* Allocate a memory bloc */
> +    bytes = strlen(data_name);
> +
> +    if (!(extra_data = av_malloc(bytes)))
> +    {
> +        ret = AVERROR(ENOMEM);
> +        fprintf(stderr, "Error occurred: %s\n", av_err2str(ret));
> +        exit(1);
> +    }
> +
> +    /* copy side_data_name to extra_data array */
> +    memcpy(extra_data, data_name, bytes);
> +
> +    /* create side data for AVPacket */
> +    ret = av_packet_add_side_data(avpkt, AV_PKT_DATA_NEW_EXTRADATA, extra_data,
> +                                  bytes);
> +    
> +    if (ret < 0)
> +    {
> +        fprintf(stderr, "Error occurred in av_packet_add_side_data: %s\n",
> +        av_err2str(ret));
> +    }
> +    return ret;

the { } placing style mismatches whats used in FFmpeg (i dont mind but some people do mind)

more general, how much code coverage is gained with these 2 fuzzers compared to what already exists ?

thanks

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

"Nothing to hide" only works if the folks in power share the values of
you and everyone you know entirely and always will -- Tom Scott

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20210419/3be0a213/attachment.sig>

More information about the ffmpeg-devel mailing list