This should reduces the number of uninteresting timeouts encountered Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> --- tools/target_dec_fuzzer.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c index 8ba25b4e8a..0c398da95b 100644 --- a/tools/target_dec_fuzzer.c +++ b/tools/target_dec_fuzzer.c @@ -128,6 +128,8 @@ static void FDBPrepare(FuzzDataBuffer *FDB, AVPacket *dst, const uint8_t *data, // Ensure we don't loop forever const uint32_t maxiteration = 8096; +const uint64_t maxpixels_per_frame = 4096 * 4096; +const uint64_t maxpixels = maxpixels_per_frame * maxiteration / 8; static const uint64_t FUZZ_TAG = 0x4741542D5A5A5546ULL; @@ -171,7 +173,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (!ctx || !parser_avctx) error("Failed memory allocation"); - ctx->max_pixels = 4096 * 4096; //To reduce false positive OOM and hangs + ctx->max_pixels = maxpixels_per_frame; //To reduce false positive OOM and hangs if (size > 1024) { GetByteContext gbc; @@ -260,6 +262,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { ec_pixels += ctx->width * ctx->height; if (it > 20 || ec_pixels > 4 * ctx->max_pixels) ctx->error_concealment = 0; + if (ec_pixels > maxpixels) + goto maximums_reached; if (ret <= 0 || ret > avpkt.size) break; @@ -270,6 +274,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { } } } +maximums_reached: av_init_packet(&avpkt); avpkt.data = NULL; -- 2.22.0 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".