har0ke/FFmpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
113,698 Commits 2 Branches 401 Tags
Commit Graph

18 Commits

Author SHA1 Message Date
Michael Niedermayer
c900f2e42c tools/target_dem_fuzzer: Check fmt before dereferencing 
Fixes: NULL pointer dereference
Fixes: 44884/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4656748688965632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-25 22:23:03 +01:00
Michael Niedermayer
1372b30db2 tools/target_dem_fuzzer: Force interrupt for HLS 
Fixes: Timeout
Fixes: 41580/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-5059099224571904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-19 13:27:02 +01:00
Michael Niedermayer
cd4ce3b862 tools/target_dem_fuzzer: Test interrupt callback 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-19 13:27:02 +01:00
Michael Niedermayer
6055b93379 tools/target_dem_fuzzer: Fix packet leak 
Fixes: 32121/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-4512973109460992

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-04-01 10:10:21 +02:00
James Almer
64f092eb5e tools/target_dem_fuzzer: use av_packet_alloc() to allocate packets 
Signed-off-by: James Almer <jamrial@gmail.com>
 2021-03-17 15:19:37 -03:00
Michael Niedermayer
58c7d4a3e3 tools/target_dem_fuzzer.c: Decrease maxblocks 
Fixes: Timeout
Fixes: 28606/clusterfuzz-testcase-minimized-ffmpeg_dem_FRM_fuzzer-5123311424110592
Fixes: 28796/clusterfuzz-testcase-minimized-ffmpeg_dem_R3D_fuzzer-5945803411685376
Fixes: 28821/clusterfuzz-testcase-minimized-ffmpeg_dem_BRSTM_fuzzer-6044239834251264
Fixes: 28841/clusterfuzz-testcase-minimized-ffmpeg_dem_SIFF_fuzzer-5485368388485120
Fixes: 28862/clusterfuzz-testcase-minimized-ffmpeg_dem_AST_fuzzer-5081306790756352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-01-05 02:00:05 +01:00
Michael Niedermayer
f58d0d5bec tools/target_dem_fuzzer: remove unused label 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-12-19 20:07:56 +01:00
James Almer
40dfb4328d tools/target_dem_fuzzer: use avio_context_free() to free the fuzzer's AVIOContext 
The doxy for avio_alloc_context() states it must be used for this.

Signed-off-by: James Almer <jamrial@gmail.com>
 2020-11-20 12:43:51 -03:00
Michael Niedermayer
8fbcc546b8 tools/target_dem_fuzzer: Consider it an EIO when reading position wraps around 64bit 
Fixes: signed integer overflow: 9223372036854775807 + 564 cannot be represented in type 'long'
Fixes: 26494/clusterfuzz-testcase-minimized-ffmpeg_dem_VOC_fuzzer-576754158849228
Fixes: 26549/clusterfuzz-testcase-minimized-ffmpeg_dem_AVS_fuzzer-4844306424397824
FIxes: 26875/clusterfuzz-testcase-minimized-ffmpeg_dem_C93_fuzzer-5996226782429184

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-11-07 20:50:33 +01:00
Michael Niedermayer
6e64d89410 tools/target_dem_fuzzer: Limit max blocks 
With a IO block size of 1 byte potentially megabytes are quite slow to read, thus
limit the number

Fixes: 26511/clusterfuzz-testcase-minimized-ffmpeg_dem_NUV_fuzzer-5679249073373184
Fixes: 26517/clusterfuzz-testcase-minimized-ffmpeg_dem_XMV_fuzzer-6316634501021696
Fixes: 26518/clusterfuzz-testcase-minimized-ffmpeg_dem_WSVQA_fuzzer-485568285324083
Fixes: 26525/clusterfuzz-testcase-minimized-ffmpeg_dem_MSNWC_TCP_fuzzer-5121987011411968
Fixes: 26538/clusterfuzz-testcase-minimized-ffmpeg_dem_DHAV_fuzzer-5441800598454272
Fixes: OOM
Fixes: Timeout

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-10-24 22:38:55 +02:00
James Almer
a8a1a58af3 tools/target_dem_fuzzer: switch to the iterate API 
Signed-off-by: James Almer <jamrial@gmail.com>
 2020-10-19 11:54:46 -03:00
Michael Niedermayer
af701196ec tools/target_dem_fuzzer: Set format independent of c 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-10-16 14:56:24 +02:00
Michael Niedermayer
d40679d89c Add support for building fuzzer tools for an individual demuxer 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-10-12 21:01:48 +02:00
Michael Niedermayer
e3af2a0756 tools:target_dem_fuzzer: Split into a fuzzer fuzzing at the protocol level and one fuzzing a fixed demuxer input 
This should improve coverage and should improve the efficiency of seed files

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-09-13 10:40:02 +02:00
Michael Niedermayer
d3747f4431 tools/target_dem_fuzzer: Use file extensions listed in input formats 
This should make it easier for the fuzzer to fuzz formats being detected only by
file extension and thus increase coverage

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-06-11 13:49:54 +02:00
Michael Niedermayer
3e651eeac4 tools/target_dem_fuzzer: Implement AVSEEK_SIZE 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-06-08 12:27:18 +02:00
Michael Niedermayer
ed4c6ce750 tools/target_dem_fuzzer: ignore avformat_find_stream_info() failure 
Such a failure should not be fatal and its worth testing this path too

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-07-19 11:27:55 +02:00
Michael Niedermayer
710b7ec071 tools: Add fuzzer for demuxers 
This is based on target_dec_fuzzer

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-05-31 22:44:30 +02:00