On 2/19/2024 11:49 PM, Michael Niedermayer wrote:
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+ int srcW= 48, srcH = 48;
+ int dstW= 48, dstH = 48;
+ int srcHShift, srcVShift;
+ int dstHShift, dstVShift;
+ unsigned flags = 1;
+ int srcStride[AV_VIDEO_MAX_PLANES] = {0};
+ int dstStride[AV_VIDEO_MAX_PLANES] = {0};
+ int ret;
+ const uint8_t *end = data + size;
+ enum AVPixelFormat srcFormat = AV_PIX_FMT_YUV420P;
+ enum AVPixelFormat dstFormat = AV_PIX_FMT_YUV420P;
+ uint8_t *src[AV_VIDEO_MAX_PLANES] = { 0 };
+ uint8_t *dst[AV_VIDEO_MAX_PLANES] = { 0 };
+ struct SwsContext *sws = NULL;
+ const AVPixFmtDescriptor *desc_src, *desc_dst;
+
+ if (size > 128) {
+ GetByteContext gbc;
+ int64_t flags64;
+
+ size -= 128;
+ bytestream2_init(&gbc, data + size, 128);
+ srcW = bytestream2_get_le32(&gbc) % 16384;
+ srcH = bytestream2_get_le32(&gbc) % 16384;
+ dstW = bytestream2_get_le32(&gbc) % 16384;
+ dstH = bytestream2_get_le32(&gbc) % 16384;
Might as well use bytestream2_get_le16 to save bytes from the input buffer.
+
+ if (srcW * (uint64_t)srcH > 16384 || dstW * (uint64_t)dstH > 16384)
+ return 0; // we avoid high res as its very slow
This will abort in a lot of cases. Would reading only xW then setting xH
to 16384 / xW make sense? You can remove these checks if so.
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
