Chromium Code Reviews Chromium Code Reviews
Issue 1770583002:
Add fuzzer test for various media parsers (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: media/filters/vp8_parser_fuzzertest.cc |
| diff --git a/media/filters/vp8_parser_fuzzertest.cc b/media/filters/vp8_parser_fuzzertest.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..5a03f30c821d03535126fedbfad5e0a6955b0935 |
| --- /dev/null |
| +++ b/media/filters/vp8_parser_fuzzertest.cc |
| @@ -0,0 +1,33 @@ |
| +// Copyright 2016 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include <stddef.h> |
| +#include <stdint.h> |
| + |
| +#include "base/numerics/safe_conversions.h" |
| +#include "media/filters/ivf_parser.h" |
| +#include "media/filters/vp8_parser.h" |
| + |
| +// Entry point for LibFuzzer. |
| +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { |
| + const uint8_t* ivf_payload = nullptr; |
| + media::IvfParser ivf_parser; |
| + media::IvfFileHeader ivf_file_header; |
| + media::IvfFrameHeader ivf_frame_header; |
| + |
| + if (!ivf_parser.Initialize(data, size, &ivf_file_header)) |
| + return 0; |
| + if (ivf_file_header.fourcc != 0x30385056u) // VP80 |
|
DaleCurtis
2016/03/05 01:30:06
Does this trigger a dcheck otherwise? Seems you co
jrummell
2016/03/07 20:07:28
Since we're testing with random files, I removed t
|
| + return 0; |
| + |
| + // Parse until the end of stream/unsupported stream/error in stream is found. |
| + while (ivf_parser.ParseNextFrame(&ivf_frame_header, &ivf_payload)) { |
| + media::Vp8Parser vp8_parser; |
| + media::Vp8FrameHeader vp8_frame_header; |
| + vp8_parser.ParseFrame(ivf_payload, ivf_frame_header.frame_size, |
| + &vp8_frame_header); |
| + } |
| + |
| + return 0; |
| +} |
