OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include <stddef.h> | |
6 | |
7 #include "base/numerics/safe_conversions.h" | |
8 #include "media/base/bit_reader.h" | |
9 | |
10 // Given |value|, return a number between 1 and 32. | |
11 static int DetermineNumBits(uint8_t value) { | |
12 return (value % 32) + 1; | |
13 } | |
14 | |
15 // Entry point for LibFuzzer. | |
16 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { | |
17 media::BitReader reader(data, base::checked_cast<int>(size)); | |
18 | |
19 // Read and skip through the data. Since we want the test to be repeatable | |
20 // for a given input, use the values in |data| to determine how many bits | |
21 // to read/skip until the end of the stream (which should fail). | |
22 for (size_t i = 0; i < size && reader.bits_available(); ++i) { | |
DaleCurtis
2016/03/03 00:16:35
Why restrict to size here? Seems you want to keep
jrummell
2016/03/03 23:21:37
I was using the bytes in |data| to determine the o
| |
23 uint8_t value = data[i]; | |
24 if (value < 128) { | |
25 // Read up to 32 bits. This may fail if there is not enough bits | |
DaleCurtis
2016/03/03 00:16:35
Why 32 instead of say 64?
jrummell
2016/03/03 23:21:38
Updated to use a bigger range.
| |
26 // remaining, but it doesn't matter (testing for failures is also good). | |
27 uint32_t data; | |
28 reader.ReadBits(DetermineNumBits(value), &data); | |
29 } else { | |
30 // Skip up to 32 bits. As above, this may fail. | |
31 reader.SkipBits(DetermineNumBits(value)); | |
32 } | |
33 } | |
34 | |
35 // It is possible that we didn't get all the way through the bits, so | |
36 // skip over whatever is left. | |
37 if (reader.bits_available() > 0) | |
38 reader.SkipBits(reader.bits_available()); | |
39 | |
40 return 0; | |
41 } | |
OLD | NEW |