FFmpeg: tools/target_dec_fuzzer.c Source File

FFmpeg

[フレーム]

tools

target_dec_fuzzer.c

Go to the documentation of this file.

1 /*

2 * This file is part of FFmpeg.

3 *

4 * FFmpeg is free software; you can redistribute it and/or

5 * modify it under the terms of the GNU Lesser General Public

6 * License as published by the Free Software Foundation; either

7 * version 2.1 of the License, or (at your option) any later version.

8 *

9 * FFmpeg is distributed in the hope that it will be useful,

10 * but WITHOUT ANY WARRANTY; without even the implied warranty of

11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

12 * Lesser General Public License for more details.

13 *

14 * You should have received a copy of the GNU Lesser General Public

15 * License along with FFmpeg; if not, write to the Free Software

16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

17 */

19 /* Targeted fuzzer that targets specific codecs depending on two

20 compile-time flags.

21 INSTRUCTIONS:

23 * Get the very fresh clang, e.g. see http://libfuzzer.info#versions

24 * Get and build libFuzzer:

25 svn co http://llvm.org/svn/llvm-project/llvm/trunk/lib/Fuzzer

26 ./Fuzzer/build.sh

27 * build ffmpeg for fuzzing:

28 FLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard,trace-cmp -g" CC="clang $FLAGS" CXX="clang++ $FLAGS" ./configure --disable-x86asm

29 make clean && make -j

30 * build the fuzz target.

31 Choose the value of FFMPEG_CODEC (e.g. AV_CODEC_ID_DVD_SUBTITLE) and

32 choose one of FUZZ_FFMPEG_VIDEO, FUZZ_FFMPEG_AUDIO, FUZZ_FFMPEG_SUBTITLE.

33 clang -fsanitize=address -fsanitize-coverage=trace-pc-guard,trace-cmp tools/target_dec_fuzzer.c -o target_dec_fuzzer -I. -DFFMPEG_CODEC=AV_CODEC_ID_MPEG1VIDEO -DFUZZ_FFMPEG_VIDEO ../../libfuzzer/libFuzzer.a -Llibavcodec -Llibavdevice -Llibavfilter -Llibavformat -Llibavutil -Llibpostproc -Llibswscale -Llibswresample -Wl,--as-needed -Wl,-z,noexecstack -Wl,--warn-common -Wl,-rpath-link=:libpostproc:libswresample:libswscale:libavfilter:libavdevice:libavformat:libavcodec:libavutil -lavdevice -lavfilter -lavformat -lavcodec -lswresample -lswscale -lavutil -ldl -lxcb -lxcb-shm -lxcb -lxcb-xfixes -lxcb -lxcb-shape -lxcb -lX11 -lasound -lm -lbz2 -lz -pthread

34 * create a corpus directory and put some samples there (empty dir is ok too):

35 mkdir CORPUS && cp some-files CORPUS

37 * Run fuzzing:

38 ./target_dec_fuzzer -max_len=100000 CORPUS

40 More info:

41 http://libfuzzer.info

42 http://tutorial.libfuzzer.info

43 https://github.com/google/oss-fuzz

44 http://lcamtuf.coredump.cx/afl/

45 https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html

46 */

48 #include "config.h"

49 #include "libavutil/avassert.h"

50 #include "libavutil/avstring.h"

51 #include "libavutil/cpu.h"

52 #include "libavutil/imgutils.h"

53 #include "libavutil/intreadwrite.h"

55 #include "libavcodec/avcodec.h"

56 #include "libavcodec/bytestream.h"

57 #include "libavcodec/codec_internal.h"

58 #include "libavformat/avformat.h"

60 //For FF_SANE_NB_CHANNELS, so we dont waste energy testing things that will get instantly rejected

61 #include "libavcodec/internal.h"

63 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);

65 extern const FFCodec * codec_list[];

67 static void error(const char *err)

68 {

69 fprintf(stderr, "%s", err);

70 exit(1);

71 }

73 static const FFCodec *c = NULL;

74 static const FFCodec *AVCodecInitialize(enum AVCodecID codec_id)

75 {

76 const AVCodec *res;

78 res = avcodec_find_decoder(codec_id);

79 if (!res)

80 error("Failed to find decoder");

81 return ffcodec(res);

82 }

84 static int subtitle_handler(AVCodecContext *avctx, void *frame,

85 int *got_sub_ptr, AVPacket *avpkt)

86 {

87 AVSubtitle sub;

88 int ret = avcodec_decode_subtitle2(avctx, &sub, got_sub_ptr, avpkt);

89 if (ret >= 0 && *got_sub_ptr)

90 avsubtitle_free(&sub);

91 return ret;

92 }

94 static int audio_video_handler(AVCodecContext *avctx, AVFrame *frame,

95 int *got_frame, const AVPacket *dummy)

96 {

97 int ret = avcodec_receive_frame(avctx, frame);

98 *got_frame = ret >= 0;

99 return ret;

100 }

101

102 // Ensure we don't loop forever

103 const uint32_t maxiteration = 8096;

104

105 static const uint64_t FUZZ_TAG = 0x4741542D5A5A5546ULL;

106

107 static int fuzz_video_get_buffer(AVCodecContext *ctx, AVFrame *frame)

108 {

109 ptrdiff_t linesize1[4];

110 size_t size[4];

111 int linesize_align[AV_NUM_DATA_POINTERS];

112 int i, ret, w = frame->width, h = frame->height;

113

114 avcodec_align_dimensions2(ctx, &w, &h, linesize_align);

115 ret = av_image_fill_linesizes(frame->linesize, ctx->pix_fmt, w);

116 if (ret < 0)

117 return ret;

118

119 for (i = 0; i < 4 && frame->linesize[i]; i++)

120 linesize1[i] = frame->linesize[i] =

121 FFALIGN(frame->linesize[i], linesize_align[i]);

122 for (; i < 4; i++)

123 linesize1[i] = 0;

124

125 ret = av_image_fill_plane_sizes(size, ctx->pix_fmt, h, linesize1);

126 if (ret < 0)

127 return ret;

128

129 frame->extended_data = frame->data;

130 for (i = 0; i < 4 && size[i]; i++) {

131 frame->buf[i] = av_buffer_alloc(size[i]);

132 if (!frame->buf[i])

133 goto fail;

134 frame->data[i] = frame->buf[i]->data;

135 }

136 for (; i < AV_NUM_DATA_POINTERS; i++) {

137 frame->data[i] = NULL;

138 frame->linesize[i] = 0;

139 }

140

141 return 0;

142 fail:

143 av_frame_unref(frame);

144 return AVERROR(ENOMEM);

145 }

146

147 static int fuzz_get_buffer2(AVCodecContext *ctx, AVFrame *frame, int flags)

148 {

149 switch (ctx->codec_type) {

150 case AVMEDIA_TYPE_VIDEO:

151 return (ctx->codec->capabilities & AV_CODEC_CAP_DR1)

152 ? fuzz_video_get_buffer(ctx, frame)

153 : avcodec_default_get_buffer2(ctx, frame, flags);

154 case AVMEDIA_TYPE_AUDIO:

155 return avcodec_default_get_buffer2(ctx, frame, flags);

156 default:

157 return AVERROR(EINVAL);

158 }

159 }

160

161 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {

162 uint64_t maxpixels_per_frame = 4096 * 4096;

163 uint64_t maxpixels;

164

165 uint64_t maxsamples_per_frame = 256*1024*32;

166 uint64_t maxsamples;

167 const uint64_t fuzz_tag = FUZZ_TAG;

168 const uint8_t *last = data;

169 const uint8_t *end = data + size;

170 uint32_t it = 0;

171 uint64_t ec_pixels = 0;

172 uint64_t nb_samples = 0;

173 int (*decode_handler)(AVCodecContext *avctx, AVFrame *picture,

174 int *got_picture_ptr,

175 const AVPacket *avpkt) = NULL;

176 AVCodecParserContext *parser = NULL;

177 uint64_t keyframes = 0;

178 uint64_t flushpattern = -1;

179 AVDictionary *opts = NULL;

180

181 if (!c) {

182 #ifdef FFMPEG_DECODER

183 #define DECODER_SYMBOL0(CODEC) ff_##CODEC##_decoder

184 #define DECODER_SYMBOL(CODEC) DECODER_SYMBOL0(CODEC)

185 extern FFCodec DECODER_SYMBOL(FFMPEG_DECODER);

186 codec_list[0] = &DECODER_SYMBOL(FFMPEG_DECODER);

187

188 #if FFMPEG_DECODER == tiff || FFMPEG_DECODER == tdsc

189 extern FFCodec DECODER_SYMBOL(mjpeg);

190 codec_list[1] = &DECODER_SYMBOL(mjpeg);

191 #endif

192

193 c = &DECODER_SYMBOL(FFMPEG_DECODER);

194 #else

195 c = AVCodecInitialize(FFMPEG_CODEC); // Done once.

196 #endif

197 av_log_set_level(AV_LOG_PANIC);

198 }

199

200 switch (c->p.type) {

201 case AVMEDIA_TYPE_AUDIO :

202 case AVMEDIA_TYPE_VIDEO : decode_handler = audio_video_handler ; break;

203 case AVMEDIA_TYPE_SUBTITLE: decode_handler = subtitle_handler ; break;

204 }

205 switch (c->p.id) {

206 case AV_CODEC_ID_APE: maxsamples_per_frame /= 256; break;

207 }

208 maxpixels = maxpixels_per_frame * maxiteration;

209 maxsamples = maxsamples_per_frame * maxiteration;

210 switch (c->p.id) {

211 case AV_CODEC_ID_AASC: maxpixels /= 1024; break;

212 case AV_CODEC_ID_AGM: maxpixels /= 1024; break;

213 case AV_CODEC_ID_ANM: maxpixels /= 1024; break;

214 case AV_CODEC_ID_ARBC: maxpixels /= 1024; break;

215 case AV_CODEC_ID_ARGO: maxpixels /= 1024; break;

216 case AV_CODEC_ID_BINKVIDEO: maxpixels /= 32; break;

217 case AV_CODEC_ID_CDTOONS: maxpixels /= 1024; break;

218 case AV_CODEC_ID_CFHD: maxpixels /= 16384; break;

219 case AV_CODEC_ID_CINEPAK: maxpixels /= 128; break;

220 case AV_CODEC_ID_COOK: maxsamples /= 1<<20; break;

221 case AV_CODEC_ID_DFA: maxpixels /= 1024; break;

222 case AV_CODEC_ID_DIRAC: maxpixels /= 8192; break;

223 case AV_CODEC_ID_DSICINVIDEO: maxpixels /= 1024; break;

224 case AV_CODEC_ID_DST: maxsamples /= 1<<20; break;

225 case AV_CODEC_ID_DVB_SUBTITLE: av_dict_set_int(&opts, "compute_clut", -2, 0); break;

226 case AV_CODEC_ID_DXA: maxpixels /= 32; break;

227 case AV_CODEC_ID_DXV: maxpixels /= 32; break;

228 case AV_CODEC_ID_FFWAVESYNTH: maxsamples /= 16384; break;

229 case AV_CODEC_ID_FLAC: maxsamples /= 1024; break;

230 case AV_CODEC_ID_FLIC: maxpixels /= 1024; break;

231 case AV_CODEC_ID_FLV1: maxpixels /= 1024; break;

232 case AV_CODEC_ID_G2M: maxpixels /= 1024; break;

233 case AV_CODEC_ID_GEM: maxpixels /= 512; break;

234 case AV_CODEC_ID_GDV: maxpixels /= 512; break;

235 case AV_CODEC_ID_GIF: maxpixels /= 16; break;

236 case AV_CODEC_ID_H264: maxpixels /= 256; break;

237 case AV_CODEC_ID_HAP: maxpixels /= 128; break;

238 case AV_CODEC_ID_HEVC: maxpixels /= 16384; break;

239 case AV_CODEC_ID_HNM4_VIDEO: maxpixels /= 128; break;

240 case AV_CODEC_ID_HQ_HQA: maxpixels /= 128; break;

241 case AV_CODEC_ID_IFF_ILBM: maxpixels /= 128; break;

242 case AV_CODEC_ID_INDEO4: maxpixels /= 128; break;

243 case AV_CODEC_ID_INTERPLAY_ACM: maxsamples /= 16384; break;

244 case AV_CODEC_ID_JPEG2000: maxpixels /= 16; break;

245 case AV_CODEC_ID_LAGARITH: maxpixels /= 1024; break;

246 case AV_CODEC_ID_LOCO: maxpixels /= 1024; break;

247 case AV_CODEC_ID_VORBIS: maxsamples /= 1024; break;

248 case AV_CODEC_ID_LSCR: maxpixels /= 16; break;

249 case AV_CODEC_ID_MMVIDEO: maxpixels /= 256; break;

250 case AV_CODEC_ID_MOTIONPIXELS:maxpixels /= 256; break;

251 case AV_CODEC_ID_MP4ALS: maxsamples /= 65536; break;

252 case AV_CODEC_ID_MSA1: maxpixels /= 16384; break;

253 case AV_CODEC_ID_MSRLE: maxpixels /= 16; break;

254 case AV_CODEC_ID_MSS2: maxpixels /= 16384; break;

255 case AV_CODEC_ID_MSZH: maxpixels /= 128; break;

256 case AV_CODEC_ID_MVC2: maxpixels /= 128; break;

257 case AV_CODEC_ID_MXPEG: maxpixels /= 128; break;

258 case AV_CODEC_ID_OPUS: maxsamples /= 16384; break;

259 case AV_CODEC_ID_PNG: maxpixels /= 128; break;

260 case AV_CODEC_ID_APNG: maxpixels /= 128; break;

261 case AV_CODEC_ID_QTRLE: maxpixels /= 16; break;

262 case AV_CODEC_ID_PAF_VIDEO: maxpixels /= 16; break;

263 case AV_CODEC_ID_PRORES: maxpixels /= 256; break;

264 case AV_CODEC_ID_RASC: maxpixels /= 16; break;

265 case AV_CODEC_ID_SANM: maxpixels /= 16; break;

266 case AV_CODEC_ID_SCPR: maxpixels /= 32; break;

267 case AV_CODEC_ID_SCREENPRESSO:maxpixels /= 64; break;

268 case AV_CODEC_ID_SIMBIOSIS_IMX:maxpixels /= 16384; break;

269 case AV_CODEC_ID_SMACKAUDIO: maxsamples /= 4096; break;

270 case AV_CODEC_ID_SMACKVIDEO: maxpixels /= 64; break;

271 case AV_CODEC_ID_SNOW: maxpixels /= 128; break;

272 case AV_CODEC_ID_TARGA: maxpixels /= 128; break;

273 case AV_CODEC_ID_TAK: maxsamples /= 1024; break;

274 case AV_CODEC_ID_TGV: maxpixels /= 32; break;

275 case AV_CODEC_ID_THEORA: maxpixels /= 16384; break;

276 case AV_CODEC_ID_TQI: maxpixels /= 1024; break;

277 case AV_CODEC_ID_TRUEMOTION2: maxpixels /= 1024; break;

278 case AV_CODEC_ID_TSCC: maxpixels /= 1024; break;

279 case AV_CODEC_ID_VC1: maxpixels /= 8192; break;

280 case AV_CODEC_ID_VC1IMAGE: maxpixels /= 8192; break;

281 case AV_CODEC_ID_VMNC: maxpixels /= 8192; break;

282 case AV_CODEC_ID_VP3: maxpixels /= 4096; break;

283 case AV_CODEC_ID_VP4: maxpixels /= 4096; break;

284 case AV_CODEC_ID_VP5: maxpixels /= 256; break;

285 case AV_CODEC_ID_VP6F: maxpixels /= 4096; break;

286 case AV_CODEC_ID_VP7: maxpixels /= 256; break;

287 case AV_CODEC_ID_VP9: maxpixels /= 4096; break;

288 case AV_CODEC_ID_WAVPACK: maxsamples /= 1024; break;

289 case AV_CODEC_ID_WCMV: maxpixels /= 1024; break;

290 case AV_CODEC_ID_WMV3IMAGE: maxpixels /= 8192; break;

291 case AV_CODEC_ID_WMV2: maxpixels /= 1024; break;

292 case AV_CODEC_ID_WMV3: maxpixels /= 1024; break;

293 case AV_CODEC_ID_WS_VQA: maxpixels /= 16384; break;

294 case AV_CODEC_ID_WMALOSSLESS: maxsamples /= 1024; break;

295 case AV_CODEC_ID_YLC: maxpixels /= 1024; break;

296 case AV_CODEC_ID_ZEROCODEC: maxpixels /= 128; break;

297 }

298

299 maxsamples_per_frame = FFMIN(maxsamples_per_frame, maxsamples);

300 maxpixels_per_frame = FFMIN(maxpixels_per_frame , maxpixels);

301

302 AVCodecContext* ctx = avcodec_alloc_context3(&c->p);

303 AVCodecContext* parser_avctx = avcodec_alloc_context3(NULL);

304 if (!ctx || !parser_avctx)

305 error("Failed memory allocation");

306

307 if (ctx->max_pixels == 0 || ctx->max_pixels > maxpixels_per_frame)

308 ctx->max_pixels = maxpixels_per_frame; //To reduce false positive OOM and hangs

309

310 ctx->max_samples = maxsamples_per_frame;

311 ctx->get_buffer2 = fuzz_get_buffer2;

312

313 if (size > 1024) {

314 GetByteContext gbc;

315 int extradata_size;

316 int flags;

317 uint64_t request_channel_layout;

318 int64_t flags64;

319

320 size -= 1024;

321 bytestream2_init(&gbc, data + size, 1024);

322 ctx->width = bytestream2_get_le32(&gbc);

323 ctx->height = bytestream2_get_le32(&gbc);

324 ctx->bit_rate = bytestream2_get_le64(&gbc);

325 ctx->bits_per_coded_sample = bytestream2_get_le32(&gbc);

326 // Try to initialize a parser for this codec, note, this may fail which just means we test without one

327 flags = bytestream2_get_byte(&gbc);

328 if (flags & 1)

329 parser = av_parser_init(c->p.id);

330 if (flags & 2)

331 ctx->strict_std_compliance = FF_COMPLIANCE_EXPERIMENTAL;

332 if (flags & 4) {

333 ctx->err_recognition = AV_EF_AGGRESSIVE | AV_EF_COMPLIANT | AV_EF_CAREFUL;

334 if (flags & 8)

335 ctx->err_recognition |= AV_EF_EXPLODE;

336 }

337 if ((flags & 0x10) && c->p.id != AV_CODEC_ID_H264)

338 ctx->flags2 |= AV_CODEC_FLAG2_FAST;

339 if (flags & 0x80)

340 ctx->flags2 |= AV_CODEC_FLAG2_EXPORT_MVS;

341

342 if (flags & 0x40)

343 av_force_cpu_flags(0);

344

345 extradata_size = bytestream2_get_le32(&gbc);

346

347 ctx->sample_rate = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;

348 ctx->ch_layout.nb_channels = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;

349 ctx->block_align = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;

350 ctx->codec_tag = bytestream2_get_le32(&gbc);

351 if (c->codec_tags) {

352 int n;

353 for (n = 0; c->codec_tags[n] != FF_CODEC_TAGS_END; n++);

354 ctx->codec_tag = c->codec_tags[ctx->codec_tag % n];

355 }

356 keyframes = bytestream2_get_le64(&gbc);

357 request_channel_layout = bytestream2_get_le64(&gbc);

358

359 ctx->idct_algo = bytestream2_get_byte(&gbc) % 25;

360 flushpattern = bytestream2_get_le64(&gbc);

361 ctx->skip_frame = bytestream2_get_byte(&gbc) - 254 + AVDISCARD_ALL;

362

363

364 if (flags & 0x20) {

365 switch (ctx->codec_id) {

366 case AV_CODEC_ID_AC3:

367 case AV_CODEC_ID_EAC3:

368 av_dict_set_int(&opts, "cons_noisegen", bytestream2_get_byte(&gbc) & 1, 0);

369 av_dict_set_int(&opts, "heavy_compr", bytestream2_get_byte(&gbc) & 1, 0);

370 av_dict_set_int(&opts, "target_level", (int)(bytestream2_get_byte(&gbc) % 32) - 31, 0);

371 av_dict_set_int(&opts, "dmix_mode", (int)(bytestream2_get_byte(&gbc) % 4) - 1, 0);

372 break;

373 }

374 }

375

376 // Keep the deprecated request_channel_layout behavior to ensure old fuzzing failures

377 // remain reproducible.

378 if (request_channel_layout) {

379 switch (ctx->codec_id) {

380 case AV_CODEC_ID_AC3:

381 case AV_CODEC_ID_EAC3:

382 case AV_CODEC_ID_MLP:

383 case AV_CODEC_ID_TRUEHD:

384 case AV_CODEC_ID_DTS:

385 if (request_channel_layout & ~INT64_MIN) {

386 char *downmix_layout = av_mallocz(19);

387 if (!downmix_layout)

388 error("Failed memory allocation");

389 av_strlcatf(downmix_layout, 19, "0x%"PRIx64, request_channel_layout & ~INT64_MIN);

390 av_dict_set(&opts, "downmix", downmix_layout, AV_DICT_DONT_STRDUP_VAL);

391 }

392 if (ctx->codec_id != AV_CODEC_ID_DTS)

393 break;

394 // fall-through

395 case AV_CODEC_ID_DOLBY_E:

396 av_dict_set_int(&opts, "channel_order", !!(request_channel_layout & INT64_MIN), 0);

397 break;

398 }

399 }

400

401 flags64 = bytestream2_get_le64(&gbc);

402 if (flags64 &1)

403 ctx->debug |= FF_DEBUG_SKIP;

404 if (flags64 &2)

405 ctx->debug |= FF_DEBUG_QP;

406 if (flags64 &4)

407 ctx->debug |= FF_DEBUG_MB_TYPE;

408

409 if (extradata_size < size) {

410 ctx->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE);

411 if (ctx->extradata) {

412 ctx->extradata_size = extradata_size;

413 size -= ctx->extradata_size;

414 memcpy(ctx->extradata, data + size, ctx->extradata_size);

415 }

416 }

417 if (av_image_check_size(ctx->width, ctx->height, 0, ctx))

418 ctx->width = ctx->height = 0;

419 }

420

421 int res = avcodec_open2(ctx, &c->p, &opts);

422 if (res < 0) {

423 avcodec_free_context(&ctx);

424 av_free(parser_avctx);

425 av_parser_close(parser);

426 av_dict_free(&opts);

427 return 0; // Failure of avcodec_open2() does not imply that a issue was found

428 }

429 parser_avctx->codec_id = ctx->codec_id;

430 parser_avctx->extradata_size = ctx->extradata_size;

431 parser_avctx->extradata = ctx->extradata ? av_memdup(ctx->extradata, ctx->extradata_size + AV_INPUT_BUFFER_PADDING_SIZE) : NULL;

432

433

434 int got_frame;

435 AVFrame *frame = av_frame_alloc();

436 AVPacket *avpkt = av_packet_alloc();

437 AVPacket *parsepkt = av_packet_alloc();

438 if (!frame || !avpkt || !parsepkt)

439 error("Failed memory allocation");

440

441 // Read very simple container

442 while (data < end && it < maxiteration) {

443 // Search for the TAG

444 while (data + sizeof(fuzz_tag) < end) {

445 if (data[0] == (fuzz_tag & 0xFF) && AV_RN64(data) == fuzz_tag)

446 break;

447 data++;

448 }

449 if (data + sizeof(fuzz_tag) > end)

450 data = end;

451

452 res = av_new_packet(parsepkt, data - last);

453 if (res < 0)

454 error("Failed memory allocation");

455 memcpy(parsepkt->data, last, data - last);

456 parsepkt->flags = (keyframes & 1) * AV_PKT_FLAG_DISCARD + (!!(keyframes & 2)) * AV_PKT_FLAG_KEY;

457 keyframes = (keyframes >> 2) + (keyframes<<62);

458 data += sizeof(fuzz_tag);

459 last = data;

460

461 while (parsepkt->size > 0) {

462 int decode_more;

463

464 if (parser) {

465 int ret = av_parser_parse2(parser, parser_avctx, &avpkt->data, &avpkt->size,

466 parsepkt->data, parsepkt->size,

467 parsepkt->pts, parsepkt->dts, parsepkt->pos);

468 if (avpkt->data == parsepkt->data) {

469 avpkt->buf = av_buffer_ref(parsepkt->buf);

470 if (!avpkt->buf)

471 error("Failed memory allocation");

472 } else {

473 if (av_packet_make_refcounted(avpkt) < 0)

474 error("Failed memory allocation");

475 }

476 parsepkt->data += ret;

477 parsepkt->size -= ret;

478 parsepkt->pos += ret;

479 avpkt->pts = parser->pts;

480 avpkt->dts = parser->dts;

481 avpkt->pos = parser->pos;

482 if ( parser->key_frame == 1 ||

483 (parser->key_frame == -1 && parser->pict_type == AV_PICTURE_TYPE_I))

484 avpkt->flags |= AV_PKT_FLAG_KEY;

485 avpkt->flags |= parsepkt->flags & AV_PKT_FLAG_DISCARD;

486 } else {

487 av_packet_move_ref(avpkt, parsepkt);

488 }

489

490 if (!(flushpattern & 7))

491 avcodec_flush_buffers(ctx);

492 flushpattern = (flushpattern >> 3) + (flushpattern << 61);

493

494 if (ctx->codec_type != AVMEDIA_TYPE_SUBTITLE) {

495 int ret = avcodec_send_packet(ctx, avpkt);

496 decode_more = ret >= 0;

497 if(!decode_more) {

498 ec_pixels += (ctx->width + 32LL) * (ctx->height + 32LL);

499 if (it > 20 || ec_pixels > 4 * ctx->max_pixels) {

500 ctx->error_concealment = 0;

501 ctx->debug &= ~(FF_DEBUG_SKIP | FF_DEBUG_QP | FF_DEBUG_MB_TYPE);

502 }

503 if (ec_pixels > maxpixels)

504 goto maximums_reached;

505 }

506 } else

507 decode_more = 1;

508

509 // Iterate through all data

510 while (decode_more && it++ < maxiteration) {

511 av_frame_unref(frame);

512 int ret = decode_handler(ctx, frame, &got_frame, avpkt);

513

514 ec_pixels += (ctx->width + 32LL) * (ctx->height + 32LL);

515 if (it > 20 || ec_pixels > 4 * ctx->max_pixels) {

516 ctx->error_concealment = 0;

517 ctx->debug &= ~(FF_DEBUG_SKIP | FF_DEBUG_QP | FF_DEBUG_MB_TYPE);

518 }

519 if (ec_pixels > maxpixels)

520 goto maximums_reached;

521

522 if (ctx->codec_type == AVMEDIA_TYPE_AUDIO &&

523 frame->nb_samples == 0 && !got_frame &&

524 (avpkt->flags & AV_PKT_FLAG_DISCARD))

525 nb_samples += ctx->max_samples;

526

527 nb_samples += frame->nb_samples;

528 if (nb_samples > maxsamples)

529 goto maximums_reached;

530

531 if (ret <= 0 || ret > avpkt->size)

532 break;

533

534 if (ctx->codec_type == AVMEDIA_TYPE_SUBTITLE) {

535 avpkt->data += ret;

536 avpkt->size -= ret;

537 decode_more = avpkt->size > 0;

538 } else

539 decode_more = ret >= 0;

540 }

541 av_packet_unref(avpkt);

542 }

543 av_packet_unref(parsepkt);

544 }

545 maximums_reached:

546

547 av_packet_unref(avpkt);

548

549 if (ctx->codec_type != AVMEDIA_TYPE_SUBTITLE)

550 avcodec_send_packet(ctx, NULL);

551

552 do {

553 got_frame = 0;

554 av_frame_unref(frame);

555 decode_handler(ctx, frame, &got_frame, avpkt);

556

557 nb_samples += frame->nb_samples;

558 if (nb_samples > maxsamples)

559 break;

560 } while (got_frame == 1 && it++ < maxiteration);

561

562 fprintf(stderr, "pixels decoded: %"PRId64", samples decoded: %"PRId64", iterations: %d\n", ec_pixels, nb_samples, it);

563

564 av_frame_free(&frame);

565 avcodec_free_context(&ctx);

566 avcodec_free_context(&parser_avctx);

567 av_parser_close(parser);

568 av_packet_free(&avpkt);

569 av_packet_free(&parsepkt);

570 av_dict_free(&opts);

571 return 0;

572 }

AV_CODEC_ID_TRUEMOTION2

@ AV_CODEC_ID_TRUEMOTION2

Definition: codec_id.h:127

AVSubtitle

Definition: avcodec.h:2305

av_packet_unref

void av_packet_unref(AVPacket *pkt)

Wipe the packet.

Definition: avpacket.c:422

av_force_cpu_flags

void av_force_cpu_flags(int arg)

Disables cpu detection and forces the specified flags.

Definition: cpu.c:73

AVCodec

AVCodec.

Definition: codec.h:196

AVMEDIA_TYPE_SUBTITLE

@ AVMEDIA_TYPE_SUBTITLE

Definition: avutil.h:204

AV_CODEC_ID_VP6F

@ AV_CODEC_ID_VP6F

Definition: codec_id.h:142

AV_CODEC_ID_SANM

@ AV_CODEC_ID_SANM

Definition: codec_id.h:232

AV_CODEC_ID_LAGARITH

@ AV_CODEC_ID_LAGARITH

Definition: codec_id.h:197

AVCodecParserContext::pts

int64_t pts

Definition: avcodec.h:2808

AV_CODEC_ID_AC3

@ AV_CODEC_ID_AC3

Definition: codec_id.h:430

AVERROR

Filter the word "frame" indicates either a video frame or a group of audio as stored in an AVFrame structure Format for each input and each output the list of supported formats For video that means pixel format For audio that means channel sample they are references to shared objects When the negotiation mechanism computes the intersection of the formats supported at each end of a all references to both lists are replaced with a reference to the intersection And when a single format is eventually chosen for a link amongst the remaining all references to the list are updated That means that if a filter requires that its input and output have the same format amongst a supported all it has to do is use a reference to the same list of formats query_formats can leave some formats unset and return AVERROR(EAGAIN) to cause the negotiation mechanism toagain later. That can be used by filters with complex requirements to use the format negotiated on one link to set the formats supported on another. Frame references ownership and permissions

AV_CODEC_ID_APE

@ AV_CODEC_ID_APE

Definition: codec_id.h:459

AV_CODEC_ID_TQI

@ AV_CODEC_ID_TQI

Definition: codec_id.h:172

FF_COMPLIANCE_EXPERIMENTAL

#define FF_COMPLIANCE_EXPERIMENTAL

Allow nonstandardized experimental things.

Definition: avcodec.h:1305

AVCodecParserContext::pict_type

int pict_type

Definition: avcodec.h:2797

GetByteContext

Definition: bytestream.h:33

AV_CODEC_ID_INTERPLAY_ACM

@ AV_CODEC_ID_INTERPLAY_ACM

Definition: codec_id.h:505

sub

static float sub(float src0, float src1)

Definition: dnn_backend_native_layer_mathbinary.c:31

AV_CODEC_ID_LOCO

@ AV_CODEC_ID_LOCO

Definition: codec_id.h:122

AV_LOG_PANIC

#define AV_LOG_PANIC

Something went really wrong and we will crash now.

Definition: log.h:167

AV_PKT_FLAG_DISCARD

#define AV_PKT_FLAG_DISCARD

Flag is used to discard packets which are required to maintain valid decoder state but are not requir...

Definition: packet.h:436

AV_CODEC_ID_DIRAC

@ AV_CODEC_ID_DIRAC

Definition: codec_id.h:166

AV_CODEC_ID_MVC2

@ AV_CODEC_ID_MVC2

Definition: codec_id.h:235

av_frame_free

void av_frame_free(AVFrame **frame)

Free the frame and any dynamically allocated objects in it, e.g.

Definition: frame.c:111

AV_RN64

#define AV_RN64(p)

Definition: intreadwrite.h:368

AVFrame

This structure describes decoded (raw) audio or video data.

Definition: frame.h:325

uint8_t w

Definition: llviddspenc.c:38

AVFormatContext::strict_std_compliance

int strict_std_compliance

Allow non-standard and experimental extension.

Definition: avformat.h:1510

avcodec_decode_subtitle2

int avcodec_decode_subtitle2(AVCodecContext *avctx, AVSubtitle *sub, int *got_sub_ptr, AVPacket *avpkt)

Decode a subtitle message.

Definition: decode.c:816

internal.h

AVPacket::data

uint8_t * data

Definition: packet.h:374

AV_CODEC_ID_FLIC

@ AV_CODEC_ID_FLIC

Definition: codec_id.h:100

data

const char data[16]

Definition: mxf.c:143

AV_CODEC_ID_CDTOONS

@ AV_CODEC_ID_CDTOONS

Definition: codec_id.h:299

FFCodec

Definition: codec_internal.h:112

static const FFCodec * c

Definition: target_dec_fuzzer.c:73

AV_CODEC_ID_GDV

@ AV_CODEC_ID_GDV

Definition: codec_id.h:284

AV_CODEC_ID_ARBC

@ AV_CODEC_ID_ARBC

Definition: codec_id.h:292

AV_CODEC_ID_SCREENPRESSO

@ AV_CODEC_ID_SCREENPRESSO

Definition: codec_id.h:242

AV_EF_COMPLIANT

#define AV_EF_COMPLIANT

consider all spec non compliances as errors

Definition: avcodec.h:1359

AVDictionary

Definition: dict.c:30

AV_CODEC_ID_FLAC

@ AV_CODEC_ID_FLAC

Definition: codec_id.h:439

av_buffer_ref

AVBufferRef * av_buffer_ref(const AVBufferRef *buf)

Create a new reference to an AVBuffer.

Definition: buffer.c:103

AV_CODEC_ID_APNG

@ AV_CODEC_ID_APNG

Definition: codec_id.h:264

AV_CODEC_ID_MXPEG

@ AV_CODEC_ID_MXPEG

Definition: codec_id.h:196

av_strlcatf

size_t av_strlcatf(char *dst, size_t size, const char *fmt,...)

Definition: avstring.c:104

AV_CODEC_ID_TRUEHD

@ AV_CODEC_ID_TRUEHD

Definition: codec_id.h:471

AV_PKT_FLAG_KEY

#define AV_PKT_FLAG_KEY

The packet contains a keyframe.

Definition: packet.h:429

av_packet_free

void av_packet_free(AVPacket **pkt)

Free the packet, if the packet is reference counted, it will be unreferenced first.

Definition: avpacket.c:73

AV_CODEC_ID_DSICINVIDEO

@ AV_CODEC_ID_DSICINVIDEO

Definition: codec_id.h:144

av_memdup

void * av_memdup(const void *p, size_t size)

Duplicate a buffer with av_malloc().

Definition: mem.c:312

AVCodecParserContext::key_frame

int key_frame

Set by parser to 1 for key frames and 0 for non-key frames.

Definition: avcodec.h:2838

FFCodec::p

AVCodec p

The public AVCodec.

Definition: codec_internal.h:116

AV_CODEC_ID_IFF_ILBM

@ AV_CODEC_ID_IFF_ILBM

Definition: codec_id.h:186

fail

#define fail()

Definition: checkasm.h:131

AV_CODEC_ID_MSZH

@ AV_CODEC_ID_MSZH

Definition: codec_id.h:103

dummy

int dummy

Definition: motion.c:65

AV_CODEC_ID_SMACKAUDIO

@ AV_CODEC_ID_SMACKAUDIO

Definition: codec_id.h:450

av_parser_init

AVCodecParserContext * av_parser_init(int codec_id)

Definition: parser.c:32

AV_CODEC_ID_FFWAVESYNTH

@ AV_CODEC_ID_FFWAVESYNTH

Definition: codec_id.h:495

AVCodecParserContext::dts

int64_t dts

Definition: avcodec.h:2809

FF_CODEC_TAGS_END

#define FF_CODEC_TAGS_END

FFCodec.codec_tags termination value.

Definition: codec_internal.h:80

avsubtitle_free

void avsubtitle_free(AVSubtitle *sub)

Free all allocated data in the given subtitle struct.

Definition: avcodec.c:418

AV_DICT_DONT_STRDUP_VAL

#define AV_DICT_DONT_STRDUP_VAL

Take ownership of a value that's been allocated with av_malloc() or another memory allocation functio...

Definition: dict.h:72

av_frame_alloc

AVFrame * av_frame_alloc(void)

Allocate an AVFrame and set its fields to default values.

Definition: frame.c:99

AV_CODEC_ID_DVB_SUBTITLE

@ AV_CODEC_ID_DVB_SUBTITLE

Definition: codec_id.h:528

AVFormatContext::bit_rate

int64_t bit_rate

Total stream bitrate in bit/s, 0 if not available.

Definition: avformat.h:1322

avassert.h

LLVMFuzzerTestOneInput

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)

Definition: target_dec_fuzzer.c:161

AV_CODEC_ID_CFHD

@ AV_CODEC_ID_CFHD

Definition: codec_id.h:266

AVCodecContext::extradata_size

int extradata_size

Definition: avcodec.h:491

avcodec_alloc_context3

AVCodecContext * avcodec_alloc_context3(const AVCodec *codec)

Allocate an AVCodecContext and set its fields to default values.

Definition: options.c:149

av_image_fill_linesizes

int av_image_fill_linesizes(int linesizes[4], enum AVPixelFormat pix_fmt, int width)

Fill plane linesizes for an image with pixel format pix_fmt and width width.

Definition: imgutils.c:89

intreadwrite.h

av_new_packet

int av_new_packet(AVPacket *pkt, int size)

Allocate the payload of a packet and initialize its fields with default values.

Definition: avpacket.c:97

AVMEDIA_TYPE_AUDIO

@ AVMEDIA_TYPE_AUDIO

Definition: avutil.h:202

AV_CODEC_ID_VP9

@ AV_CODEC_ID_VP9

Definition: codec_id.h:218

AV_CODEC_ID_WS_VQA

@ AV_CODEC_ID_WS_VQA

Definition: codec_id.h:94

AV_CODEC_ID_ARGO

@ AV_CODEC_ID_ARGO

Definition: codec_id.h:306

AV_CODEC_ID_WMV2

@ AV_CODEC_ID_WMV2

Definition: codec_id.h:68

avcodec_receive_frame

int avcodec_receive_frame(AVCodecContext *avctx, AVFrame *frame)

Return decoded output data from a decoder.

Definition: decode.c:639

ctx

AVFormatContext * ctx

Definition: movenc.c:48

avcodec_align_dimensions2

void avcodec_align_dimensions2(AVCodecContext *s, int *width, int *height, int linesize_align[AV_NUM_DATA_POINTERS])

Modify width and height values so that they will result in a memory buffer that is acceptable for the...

Definition: utils.c:140

codec_id

enum AVCodecID codec_id

Definition: vaapi_decode.c:371

AV_CODEC_ID_DOLBY_E

@ AV_CODEC_ID_DOLBY_E

Definition: codec_id.h:511

AV_CODEC_ID_VC1IMAGE

@ AV_CODEC_ID_VC1IMAGE

Definition: codec_id.h:202

AV_CODEC_ID_H264

@ AV_CODEC_ID_H264

Definition: codec_id.h:77

AVCodecContext::codec_id

enum AVCodecID codec_id

Definition: avcodec.h:399

AV_CODEC_ID_PNG

@ AV_CODEC_ID_PNG

Definition: codec_id.h:111

if(ret)

Definition: filter_design.txt:179

AVDISCARD_ALL

@ AVDISCARD_ALL

discard all

Definition: defs.h:54

AV_CODEC_ID_WMV3

@ AV_CODEC_ID_WMV3

Definition: codec_id.h:121

opts

AVDictionary * opts

Definition: movenc.c:50

FUZZ_TAG

static const uint64_t FUZZ_TAG

Definition: target_dec_fuzzer.c:105

AVPacket::buf

AVBufferRef * buf

A reference to the reference-counted buffer where the packet data is stored.

Definition: packet.h:357

NULL

#define NULL

Definition: coverity.c:32

AV_CODEC_ID_DST

@ AV_CODEC_ID_DST

Definition: codec_id.h:508

AV_CODEC_ID_ZEROCODEC

@ AV_CODEC_ID_ZEROCODEC

Definition: codec_id.h:211

AVCodec::type

enum AVMediaType type

Definition: codec.h:209

av_image_fill_plane_sizes

int av_image_fill_plane_sizes(size_t sizes[4], enum AVPixelFormat pix_fmt, int height, const ptrdiff_t linesizes[4])

Fill plane sizes for an image with pixel format pix_fmt and height height.

Definition: imgutils.c:111

avcodec_free_context

void avcodec_free_context(AVCodecContext **avctx)

Free the codec context and everything associated with it and write NULL to the provided pointer.

Definition: options.c:164

FF_DEBUG_MB_TYPE

#define FF_DEBUG_MB_TYPE

Definition: avcodec.h:1326

AV_CODEC_ID_WMALOSSLESS

@ AV_CODEC_ID_WMALOSSLESS

Definition: codec_id.h:465

AV_CODEC_ID_CINEPAK

@ AV_CODEC_ID_CINEPAK

Definition: codec_id.h:93

AV_CODEC_ID_MOTIONPIXELS

@ AV_CODEC_ID_MOTIONPIXELS

Definition: codec_id.h:169

AV_CODEC_FLAG2_FAST

#define AV_CODEC_FLAG2_FAST

Allow non spec compliant speedup tricks.

Definition: avcodec.h:293

AV_PICTURE_TYPE_I

@ AV_PICTURE_TYPE_I

Intra.

Definition: avutil.h:274

AV_CODEC_ID_ANM

@ AV_CODEC_ID_ANM

Definition: codec_id.h:184

avcodec_open2

int attribute_align_arg avcodec_open2(AVCodecContext *avctx, const AVCodec *codec, AVDictionary **options)

Initialize the AVCodecContext to use the given AVCodec.

Definition: avcodec.c:115

AV_EF_EXPLODE

#define AV_EF_EXPLODE

abort decoding on minor error detection

Definition: avcodec.h:1355

av_packet_move_ref

void av_packet_move_ref(AVPacket *dst, AVPacket *src)

Move every field in src to dst and reset src.

Definition: avpacket.c:479

AV_CODEC_ID_VP4

@ AV_CODEC_ID_VP4

Definition: codec_id.h:295

AV_CODEC_ID_MP4ALS

@ AV_CODEC_ID_MP4ALS

Definition: codec_id.h:472

error

static void error(const char *err)

Definition: target_dec_fuzzer.c:67

AV_EF_CAREFUL

#define AV_EF_CAREFUL

consider things that violate the spec, are fast to calculate and have not been seen in the wild as er...

Definition: avcodec.h:1358

AVCodecID

Identify the syntax and semantics of the bitstream.

Definition: codec_id.h:47

avcodec_find_decoder

const AVCodec * avcodec_find_decoder(enum AVCodecID id)

Find a registered decoder with a matching codec ID.

Definition: allcodecs.c:935

AV_CODEC_ID_EAC3

@ AV_CODEC_ID_EAC3

Definition: codec_id.h:467

AV_CODEC_ID_LSCR

@ AV_CODEC_ID_LSCR

Definition: codec_id.h:294

AV_CODEC_ID_WCMV

@ AV_CODEC_ID_WCMV

Definition: codec_id.h:289

subtitle_handler

static int subtitle_handler(AVCodecContext *avctx, void *frame, int *got_sub_ptr, AVPacket *avpkt)

Definition: target_dec_fuzzer.c:84

AV_CODEC_CAP_DR1

#define AV_CODEC_CAP_DR1

Codec uses get_buffer() or get_encode_buffer() for allocating buffers and supports custom allocators.

Definition: codec.h:52

AV_CODEC_ID_SCPR

@ AV_CODEC_ID_SCPR

Definition: codec_id.h:276

AVPacket::size

int size

Definition: packet.h:375

codec_internal.h

AV_CODEC_ID_YLC

@ AV_CODEC_ID_YLC

Definition: codec_id.h:271

cpu.h

AV_CODEC_ID_RASC

@ AV_CODEC_ID_RASC

Definition: codec_id.h:290

codec_list

const FFCodec * codec_list[]

AV_CODEC_ID_DXV

@ AV_CODEC_ID_DXV

Definition: codec_id.h:241

AV_CODEC_ID_DTS

@ AV_CODEC_ID_DTS

Definition: codec_id.h:431

size

int size

Definition: twinvq_data.h:10344

AV_NUM_DATA_POINTERS

#define AV_NUM_DATA_POINTERS

Definition: frame.h:326

ffcodec

static const av_always_inline FFCodec * ffcodec(const AVCodec *codec)

Definition: codec_internal.h:273

AV_CODEC_ID_MSRLE

@ AV_CODEC_ID_MSRLE

Definition: codec_id.h:95

AV_CODEC_ID_OPUS

@ AV_CODEC_ID_OPUS

Definition: codec_id.h:487

AVPacket::dts

int64_t dts

Decompression timestamp in AVStream->time_base units; the time at which the packet is decompressed.

Definition: packet.h:373

AV_CODEC_ID_MMVIDEO

@ AV_CODEC_ID_MMVIDEO

Definition: codec_id.h:130

av_packet_make_refcounted

int av_packet_make_refcounted(AVPacket *pkt)

Ensure the data described by a given packet is reference counted.

Definition: avpacket.c:485

AVPacket::flags

int flags

A combination of AV_PKT_FLAG values.

Definition: packet.h:380

av_packet_alloc

AVPacket * av_packet_alloc(void)

Allocate an AVPacket and set its fields to default values.

Definition: avpacket.c:62

av_dict_free

void av_dict_free(AVDictionary **pm)

Free all the memory allocated for an AVDictionary struct and all keys and values.

Definition: dict.c:203

av_buffer_alloc

AVBufferRef * av_buffer_alloc(size_t size)

Allocate an AVBuffer of the given size using av_malloc().

Definition: buffer.c:77

AV_CODEC_ID_DXA

@ AV_CODEC_ID_DXA

Definition: codec_id.h:148

AV_CODEC_ID_INDEO4

@ AV_CODEC_ID_INDEO4

Definition: codec_id.h:161

AV_CODEC_ID_MSS2

@ AV_CODEC_ID_MSS2

Definition: codec_id.h:217

AVCodec::id

enum AVCodecID id

Definition: codec.h:210

AV_CODEC_ID_HQ_HQA

@ AV_CODEC_ID_HQ_HQA

Definition: codec_id.h:238

AV_CODEC_ID_VP5

@ AV_CODEC_ID_VP5

Definition: codec_id.h:140

AV_CODEC_ID_VP3

@ AV_CODEC_ID_VP3

Definition: codec_id.h:79

AV_CODEC_ID_GIF

@ AV_CODEC_ID_GIF

Definition: codec_id.h:147

AV_CODEC_ID_TGV

@ AV_CODEC_ID_TGV

Definition: codec_id.h:170

AV_CODEC_ID_VP7

@ AV_CODEC_ID_VP7

Definition: codec_id.h:231

avcodec_default_get_buffer2

int avcodec_default_get_buffer2(AVCodecContext *s, AVFrame *frame, int flags)

The default callback for AVCodecContext.get_buffer2().

Definition: get_buffer.c:290

avcodec_send_packet

int avcodec_send_packet(AVCodecContext *avctx, const AVPacket *avpkt)

Supply raw packet data as input to a decoder.

Definition: decode.c:576

av_log_set_level

void av_log_set_level(int level)

Set the log level.

Definition: log.c:442

AVCodecParserContext::pos

int64_t pos

Byte position of currently parsed frame in stream.

Definition: avcodec.h:2891

#define i(width, name, range_min, range_max)

Definition: cbs_h2645.c:269

AVPacket::pts

int64_t pts

Presentation timestamp in AVStream->time_base units; the time at which the decompressed packet will b...

Definition: packet.h:367

AVCodecContext::extradata

uint8_t * extradata

some codecs need / can use extradata like Huffman tables.

Definition: avcodec.h:490

AV_CODEC_ID_THEORA

@ AV_CODEC_ID_THEORA

Definition: codec_id.h:80

FF_DEBUG_SKIP

#define FF_DEBUG_SKIP

Definition: avcodec.h:1329

AV_CODEC_ID_PAF_VIDEO

@ AV_CODEC_ID_PAF_VIDEO

Definition: codec_id.h:229

AV_CODEC_ID_HEVC

@ AV_CODEC_ID_HEVC

Definition: codec_id.h:224

FFMIN

#define FFMIN(a, b)

Definition: macros.h:49

AV_CODEC_ID_HNM4_VIDEO

@ AV_CODEC_ID_HNM4_VIDEO

Definition: codec_id.h:223

av_frame_unref

void av_frame_unref(AVFrame *frame)

Unreference all the buffers referenced by frame and reset the frame fields.

Definition: frame.c:477

av_mallocz

void * av_mallocz(size_t size)

Allocate a memory block with alignment suitable for all memory accesses (including vectors if availab...

Definition: mem.c:264

AV_CODEC_ID_VC1

@ AV_CODEC_ID_VC1

Definition: codec_id.h:120

AV_CODEC_ID_JPEG2000

@ AV_CODEC_ID_JPEG2000

Definition: codec_id.h:138

avcodec.h

AVCodecParserContext

Definition: avcodec.h:2789

AVCodecInitialize

static const FFCodec * AVCodecInitialize(enum AVCodecID codec_id)

Definition: target_dec_fuzzer.c:74

fuzz_video_get_buffer

static int fuzz_video_get_buffer(AVCodecContext *ctx, AVFrame *frame)

Definition: target_dec_fuzzer.c:107

AV_CODEC_ID_SMACKVIDEO

@ AV_CODEC_ID_SMACKVIDEO

Definition: codec_id.h:133

ret

Definition: filter_design.txt:187

avcodec_flush_buffers

void avcodec_flush_buffers(AVCodecContext *avctx)

Reset the internal codec state / flush internal buffers.

Definition: avcodec.c:377

frame

these buffered frames must be flushed immediately if a new input produces new the filter must not call request_frame to get more It must just process the frame or queue it The task of requesting more frames is left to the filter s request_frame method or the application If a filter has several the filter must be ready for frames arriving randomly on any input any filter with several inputs will most likely require some kind of queuing mechanism It is perfectly acceptable to have a limited queue and to drop frames when the inputs are too unbalanced request_frame For filters that do not use the this method is called when a frame is wanted on an output For a it should directly call filter_frame on the corresponding output For a if there are queued frames already one of these frames should be pushed If the filter should request a frame on one of its repeatedly until at least one frame has been pushed Return or at least make progress towards producing a frame

Definition: filter_design.txt:264

avformat.h

audio_video_handler

static int audio_video_handler(AVCodecContext *avctx, AVFrame *frame, int *got_frame, const AVPacket *dummy)

Definition: target_dec_fuzzer.c:94

FF_DEBUG_QP

#define FF_DEBUG_QP

Definition: avcodec.h:1327

AV_INPUT_BUFFER_PADDING_SIZE

#define AV_INPUT_BUFFER_PADDING_SIZE

Definition: defs.h:40

fuzz_get_buffer2

static int fuzz_get_buffer2(AVCodecContext *ctx, AVFrame *frame, int flags)

Definition: target_dec_fuzzer.c:147

AV_CODEC_ID_AGM

@ AV_CODEC_ID_AGM

Definition: codec_id.h:293

AVFormatContext::debug

int debug

Flags to enable debugging.

Definition: avformat.h:1485

AVCodecContext

main external API structure.

Definition: avcodec.h:389

AV_CODEC_ID_SNOW

@ AV_CODEC_ID_SNOW

Definition: codec_id.h:262

AV_CODEC_ID_HAP

@ AV_CODEC_ID_HAP

Definition: codec_id.h:239

AV_CODEC_ID_BINKVIDEO

@ AV_CODEC_ID_BINKVIDEO

Definition: codec_id.h:185

FFCodec::codec_tags

const uint32_t * codec_tags

List of supported codec_tags, terminated by FF_CODEC_TAGS_END.

Definition: codec_internal.h:251

AV_CODEC_ID_SIMBIOSIS_IMX

@ AV_CODEC_ID_SIMBIOSIS_IMX

Definition: codec_id.h:308

AV_CODEC_ID_MSA1

@ AV_CODEC_ID_MSA1

Definition: codec_id.h:213

AV_CODEC_ID_VMNC

@ AV_CODEC_ID_VMNC

Definition: codec_id.h:139

AV_EF_AGGRESSIVE

#define AV_EF_AGGRESSIVE

consider things that a sane encoder should not do as an error

Definition: avcodec.h:1360

av_dict_set_int

int av_dict_set_int(AVDictionary **pm, const char *key, int64_t value, int flags)

Convenience wrapper for av_dict_set that converts the value to a string and stores it.

Definition: dict.c:147

AVMEDIA_TYPE_VIDEO

@ AVMEDIA_TYPE_VIDEO

Definition: avutil.h:201

av_parser_parse2

int av_parser_parse2(AVCodecParserContext *s, AVCodecContext *avctx, uint8_t **poutbuf, int *poutbuf_size, const uint8_t *buf, int buf_size, int64_t pts, int64_t dts, int64_t pos)

Parse a packet.

Definition: parser.c:115

AV_CODEC_ID_QTRLE

@ AV_CODEC_ID_QTRLE

Definition: codec_id.h:105

AV_CODEC_ID_GEM

@ AV_CODEC_ID_GEM

Definition: codec_id.h:310

s EdgeDetect Foobar g libavfilter vf_edgedetect c libavfilter vf_foobar c edit libavfilter and add an entry for foobar following the pattern of the other filters edit libavfilter allfilters and add an entry for foobar following the pattern of the other filters configure make j< whatever > ffmpeg ffmpeg i you should get a foobar png with Lena edge detected That s it

Definition: writing_filters.txt:31

AV_CODEC_ID_G2M

@ AV_CODEC_ID_G2M

Definition: codec_id.h:221

AV_CODEC_ID_TSCC

@ AV_CODEC_ID_TSCC

Definition: codec_id.h:106

AV_CODEC_FLAG2_EXPORT_MVS

#define AV_CODEC_FLAG2_EXPORT_MVS

Export motion vectors through frame side data.

Definition: avcodec.h:325

av_free