FFmpeg: tools/target_dec_fuzzer.c Source File

FFmpeg
target_dec_fuzzer.c
Go to the documentation of this file.
1 /*
2  * This file is part of FFmpeg.
3  *
4  * FFmpeg is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU Lesser General Public
6  * License as published by the Free Software Foundation; either
7  * version 2.1 of the License, or (at your option) any later version.
8  *
9  * FFmpeg is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * Lesser General Public License for more details.
13  *
14  * You should have received a copy of the GNU Lesser General Public
15  * License along with FFmpeg; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17  */
18 
19 /* Targeted fuzzer that targets specific codecs depending on two
20  compile-time flags.
21  INSTRUCTIONS:
22 
23  * Get the very fresh clang, e.g. see http://libfuzzer.info#versions
24  * Get and build libFuzzer:
25  svn co http://llvm.org/svn/llvm-project/llvm/trunk/lib/Fuzzer
26  ./Fuzzer/build.sh
27  * build ffmpeg for fuzzing:
28  FLAGS="-fsanitize=address -fsanitize-coverage=trace-pc-guard,trace-cmp -g" CC="clang $FLAGS" CXX="clang++ $FLAGS" ./configure --disable-x86asm
29  make clean && make -j
30  * build the fuzz target.
31  Choose the value of FFMPEG_CODEC (e.g. AV_CODEC_ID_DVD_SUBTITLE) and
32  choose one of FUZZ_FFMPEG_VIDEO, FUZZ_FFMPEG_AUDIO, FUZZ_FFMPEG_SUBTITLE.
33  clang -fsanitize=address -fsanitize-coverage=trace-pc-guard,trace-cmp tools/target_dec_fuzzer.c -o target_dec_fuzzer -I. -DFFMPEG_CODEC=AV_CODEC_ID_MPEG1VIDEO -DFUZZ_FFMPEG_VIDEO ../../libfuzzer/libFuzzer.a -Llibavcodec -Llibavdevice -Llibavfilter -Llibavformat -Llibavutil -Llibpostproc -Llibswscale -Llibswresample -Wl,--as-needed -Wl,-z,noexecstack -Wl,--warn-common -Wl,-rpath-link=:libpostproc:libswresample:libswscale:libavfilter:libavdevice:libavformat:libavcodec:libavutil -lavdevice -lavfilter -lavformat -lavcodec -lswresample -lswscale -lavutil -ldl -lxcb -lxcb-shm -lxcb -lxcb-xfixes -lxcb -lxcb-shape -lxcb -lX11 -lasound -lm -lbz2 -lz -pthread
34  * create a corpus directory and put some samples there (empty dir is ok too):
35  mkdir CORPUS && cp some-files CORPUS
36 
37  * Run fuzzing:
38  ./target_dec_fuzzer -max_len=100000 CORPUS
39 
40  More info:
41  http://libfuzzer.info
42  http://tutorial.libfuzzer.info
43  https://github.com/google/oss-fuzz
44  http://lcamtuf.coredump.cx/afl/
45  https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html
46 */
47 
48 #include "config.h"
49 #include "libavutil/avassert.h"
50 #include "libavutil/avstring.h"
51 #include "libavutil/cpu.h"
52 #include "libavutil/imgutils.h"
53 #include "libavutil/intreadwrite.h"
54 #include "libavutil/mem.h"
55 
56 #include "libavcodec/avcodec.h"
57 #include "libavcodec/bytestream.h"
58 #include "libavcodec/codec_internal.h"
59 #include "libavformat/avformat.h"
60 
61 //For FF_SANE_NB_CHANNELS, so we dont waste energy testing things that will get instantly rejected
62 #include "libavcodec/internal.h"
63 
64 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
65 
66 extern const FFCodec * codec_list[];
67 
68  static void error(const char *err)
69 {
70  fprintf(stderr, "%s", err);
71  exit(1);
72 }
73 
74  static const FFCodec *c = NULL;
75  static const FFCodec *AVCodecInitialize(enum AVCodecID codec_id)
76 {
77  const AVCodec *res;
78 
79  res = avcodec_find_decoder(codec_id);
80  if (!res)
81  error("Failed to find decoder");
82  return ffcodec(res);
83 }
84 
85  static int subtitle_handler(AVCodecContext *avctx, AVFrame *unused,
86  int *got_sub_ptr, const AVPacket *avpkt)
87 {
88  AVSubtitle sub;
89  int ret = avcodec_decode_subtitle2(avctx, &sub, got_sub_ptr, avpkt);
90  if (ret >= 0 && *got_sub_ptr)
91  avsubtitle_free(&sub);
92  return ret;
93 }
94 
95  static int audio_video_handler(AVCodecContext *avctx, AVFrame *frame,
96  int *got_frame, const AVPacket *dummy)
97 {
98  int ret = avcodec_receive_frame(avctx, frame);
99  *got_frame = ret >= 0;
100  return ret;
101 }
102 
103 // Ensure we don't loop forever
104  const uint32_t maxiteration = 8096;
105 
106  static const uint64_t FUZZ_TAG = 0x4741542D5A5A5546ULL;
107 
108  static int fuzz_video_get_buffer(AVCodecContext *ctx, AVFrame *frame)
109 {
110  ptrdiff_t linesize1[4];
111  size_t size[4];
112  int linesize_align[AV_NUM_DATA_POINTERS];
113  int i, ret, w = frame->width, h = frame->height;
114 
115  avcodec_align_dimensions2(ctx, &w, &h, linesize_align);
116  ret = av_image_fill_linesizes(frame->linesize, ctx->pix_fmt, w);
117  if (ret < 0)
118  return ret;
119 
120  for (i = 0; i < 4 && frame->linesize[i]; i++)
121  linesize1[i] = frame->linesize[i] =
122  FFALIGN(frame->linesize[i], linesize_align[i]);
123  for (; i < 4; i++)
124  linesize1[i] = 0;
125 
126  ret = av_image_fill_plane_sizes(size, ctx->pix_fmt, h, linesize1);
127  if (ret < 0)
128  return ret;
129 
130  frame->extended_data = frame->data;
131  for (i = 0; i < 4 && size[i]; i++) {
132  switch(ctx->codec_id) {
133  case AV_CODEC_ID_FFV1:
134  frame->buf[i] = av_buffer_alloc(size[i]);
135  break;
136  default:
137  frame->buf[i] = av_buffer_allocz(size[i]);
138  }
139 
140  if (!frame->buf[i])
141  goto fail;
142  frame->data[i] = frame->buf[i]->data;
143  }
144  for (; i < AV_NUM_DATA_POINTERS; i++) {
145  frame->data[i] = NULL;
146  frame->linesize[i] = 0;
147  }
148 
149  return 0;
150 fail:
151  av_frame_unref(frame);
152  return AVERROR(ENOMEM);
153 }
154 
155  static int fuzz_get_buffer2(AVCodecContext *ctx, AVFrame *frame, int flags)
156 {
157  switch (ctx->codec_type) {
158  case AVMEDIA_TYPE_VIDEO:
159  return (ctx->codec->capabilities & AV_CODEC_CAP_DR1)
160  ? fuzz_video_get_buffer(ctx, frame)
161  : avcodec_default_get_buffer2(ctx, frame, flags);
162  case AVMEDIA_TYPE_AUDIO:
163  return avcodec_default_get_buffer2(ctx, frame, flags);
164  default:
165  return AVERROR(EINVAL);
166  }
167 }
168 
169  int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
170  uint64_t maxpixels_per_frame = 4096 * 4096;
171  uint64_t maxpixels;
172 
173  uint64_t maxsamples_per_frame = 256*1024*32;
174  uint64_t maxsamples;
175  const uint64_t fuzz_tag = FUZZ_TAG;
176  const uint8_t *last = data;
177  const uint8_t *end = data + size;
178  uint32_t it = 0;
179  uint64_t ec_pixels = 0;
180  uint64_t nb_samples = 0;
181  int (*decode_handler)(AVCodecContext *avctx, AVFrame *picture,
182  int *got_picture_ptr,
183  const AVPacket *avpkt) = NULL;
184  AVCodecParserContext *parser = NULL;
185  uint64_t keyframes = 0;
186  uint64_t flushpattern = -1;
187  AVDictionary *opts = NULL;
188 
189  if (!c) {
190 #ifdef FFMPEG_DECODER
191 #define DECODER_SYMBOL0(CODEC) ff_##CODEC##_decoder
192 #define DECODER_SYMBOL(CODEC) DECODER_SYMBOL0(CODEC)
193  extern FFCodec DECODER_SYMBOL(FFMPEG_DECODER);
194  codec_list[0] = &DECODER_SYMBOL(FFMPEG_DECODER);
195 
196 #if FFMPEG_DECODER == tiff || FFMPEG_DECODER == tdsc
197  extern FFCodec DECODER_SYMBOL(mjpeg);
198  codec_list[1] = &DECODER_SYMBOL(mjpeg);
199 #endif
200 
201  c = &DECODER_SYMBOL(FFMPEG_DECODER);
202 #else
203  c = AVCodecInitialize(FFMPEG_CODEC); // Done once.
204 #endif
205  av_log_set_level(AV_LOG_PANIC);
206  }
207 
208  switch (c->p.type) {
209  case AVMEDIA_TYPE_AUDIO :
210  case AVMEDIA_TYPE_VIDEO : decode_handler = audio_video_handler ; break;
211  case AVMEDIA_TYPE_SUBTITLE: decode_handler = subtitle_handler ; break;
212  }
213  switch (c->p.id) {
214  case AV_CODEC_ID_APE: maxsamples_per_frame /= 256; break;
215  }
216  maxpixels = maxpixels_per_frame * maxiteration;
217  maxsamples = maxsamples_per_frame * maxiteration;
218  switch (c->p.id) {
219  case AV_CODEC_ID_AASC: maxpixels /= 1024; break;
220  case AV_CODEC_ID_AGM: maxpixels /= 1024; break;
221  case AV_CODEC_ID_ANM: maxpixels /= 1024; break;
222  case AV_CODEC_ID_APE: maxsamples /= 16384; break;
223  case AV_CODEC_ID_ARBC: maxpixels /= 1024; break;
224  case AV_CODEC_ID_ARGO: maxpixels /= 1024; break;
225  case AV_CODEC_ID_BETHSOFTVID: maxpixels /= 8192; break;
226  case AV_CODEC_ID_BINKVIDEO: maxpixels /= 32; break;
227  case AV_CODEC_ID_BONK: maxsamples /= 1<<20; break;
228  case AV_CODEC_ID_CDTOONS: maxpixels /= 1024; break;
229  case AV_CODEC_ID_CFHD: maxpixels /= 16384; break;
230  case AV_CODEC_ID_CINEPAK: maxpixels /= 128; break;
231  case AV_CODEC_ID_COOK: maxsamples /= 1<<20; break;
232  case AV_CODEC_ID_CSCD: maxpixels /= 1024; break;
233  case AV_CODEC_ID_DFA: maxpixels /= 1024; break;
234  case AV_CODEC_ID_DIRAC: maxpixels /= 8192; break;
235  case AV_CODEC_ID_DSICINVIDEO: maxpixels /= 1024; break;
236  case AV_CODEC_ID_DST: maxsamples /= 1<<20; break;
237  case AV_CODEC_ID_DVB_SUBTITLE: av_dict_set_int(&opts, "compute_clut", -2, 0); break;
238  case AV_CODEC_ID_DXA: maxpixels /= 32; break;
239  case AV_CODEC_ID_DXV: maxpixels /= 32; break;
240  case AV_CODEC_ID_CMV: maxpixels /= 256; break;
241  case AV_CODEC_ID_EXR: maxpixels /= 1024; break;
242  case AV_CODEC_ID_FFV1: maxpixels /= 32; break;
243  case AV_CODEC_ID_FFWAVESYNTH: maxsamples /= 16384; break;
244  case AV_CODEC_ID_FLAC: maxsamples /= 1024; break;
245  case AV_CODEC_ID_FLIC: maxpixels /= 1024; break;
246  case AV_CODEC_ID_FLV1: maxpixels /= 1024; break;
247  case AV_CODEC_ID_FMVC: maxpixels /= 1024; break;
248  case AV_CODEC_ID_G2M: maxpixels /= 1024; break;
249  case AV_CODEC_ID_GEM: maxpixels /= 512; break;
250  case AV_CODEC_ID_GDV: maxpixels /= 512; break;
251  case AV_CODEC_ID_GIF: maxpixels /= 16; break;
252  case AV_CODEC_ID_H264: maxpixels /= 256; break;
253  case AV_CODEC_ID_HAP: maxpixels /= 128; break;
254  case AV_CODEC_ID_HEVC: maxpixels /= 16384; break;
255  case AV_CODEC_ID_HNM4_VIDEO: maxpixels /= 128; break;
256  case AV_CODEC_ID_HQ_HQA: maxpixels /= 128; break;
257  case AV_CODEC_ID_IFF_ILBM: maxpixels /= 4096; break;
258  case AV_CODEC_ID_INDEO4: maxpixels /= 128; break;
259  case AV_CODEC_ID_INDEO5: maxpixels /= 1024; break;
260  case AV_CODEC_ID_INTERPLAY_ACM: maxsamples /= 16384; break;
261  case AV_CODEC_ID_JPEG2000: maxpixels /= 16384; break;
262  case AV_CODEC_ID_LAGARITH: maxpixels /= 1024; break;
263  case AV_CODEC_ID_LOCO: maxpixels /= 1024; break;
264  case AV_CODEC_ID_VORBIS: maxsamples /= 1024; break;
265  case AV_CODEC_ID_LSCR: maxpixels /= 16; break;
266  case AV_CODEC_ID_MMVIDEO: maxpixels /= 256; break;
267  case AV_CODEC_ID_MOTIONPIXELS:maxpixels /= 256; break;
268  case AV_CODEC_ID_MP4ALS: maxsamples /= 65536; break;
269  case AV_CODEC_ID_MSA1: maxpixels /= 16384; break;
270  case AV_CODEC_ID_MSRLE: maxpixels /= 16; break;
271  case AV_CODEC_ID_MSS2: maxpixels /= 16384; break;
272  case AV_CODEC_ID_MSZH: maxpixels /= 128; break;
273  case AV_CODEC_ID_MTS2: maxpixels /= 4096; break;
274  case AV_CODEC_ID_MV30: maxpixels /= 128; break;
275  case AV_CODEC_ID_MVC1: maxpixels /= 1024; break;
276  case AV_CODEC_ID_MVC2: maxpixels /= 128; break;
277  case AV_CODEC_ID_MVHA: maxpixels /= 16384; break;
278  case AV_CODEC_ID_MVDV: maxpixels /= 1024; break;
279  case AV_CODEC_ID_MWSC: maxpixels /= 256; break;
280  case AV_CODEC_ID_MXPEG: maxpixels /= 128; break;
281  case AV_CODEC_ID_NUV: maxpixels /= 128; break;
282  case AV_CODEC_ID_OPUS: maxsamples /= 16384; break;
283  case AV_CODEC_ID_PNG: maxpixels /= 128; break;
284  case AV_CODEC_ID_APNG: maxpixels /= 128; break;
285  case AV_CODEC_ID_QTRLE: maxpixels /= 16; break;
286  case AV_CODEC_ID_PAF_VIDEO: maxpixels /= 16; break;
287  case AV_CODEC_ID_PRORES: maxpixels /= 256; break;
288  case AV_CODEC_ID_QPEG: maxpixels /= 256; break;
289  case AV_CODEC_ID_RKA: maxsamples /= 1<<20; break;
290  case AV_CODEC_ID_RSCC: maxpixels /= 256; break;
291  case AV_CODEC_ID_RASC: maxpixels /= 256; break;
292  case AV_CODEC_ID_RTV1: maxpixels /= 16; break;
293  case AV_CODEC_ID_RV30: maxpixels /= 256; break;
294  case AV_CODEC_ID_SANM: maxpixels /= 16; break;
295  case AV_CODEC_ID_SCPR: maxpixels /= 32; break;
296  case AV_CODEC_ID_SCREENPRESSO:maxpixels /= 64; break;
297  case AV_CODEC_ID_SIMBIOSIS_IMX:maxpixels /= 16384; break;
298  case AV_CODEC_ID_SPEEX: maxsamples /= 128; break;
299  case AV_CODEC_ID_SMACKAUDIO: maxsamples /= 4096; break;
300  case AV_CODEC_ID_SMACKVIDEO: maxpixels /= 64; break;
301  case AV_CODEC_ID_SNOW: maxpixels /= 128; break;
302  case AV_CODEC_ID_SRGC: maxpixels /= 128; break;
303  case AV_CODEC_ID_TARGA: maxpixels /= 128; break;
304  case AV_CODEC_ID_TAK: maxsamples /= 1024; break;
305  case AV_CODEC_ID_TGV: maxpixels /= 32; break;
306  case AV_CODEC_ID_THEORA: maxpixels /= 16384; break;
307  case AV_CODEC_ID_TQI: maxpixels /= 1024; break;
308  case AV_CODEC_ID_TRUEMOTION2: maxpixels /= 1024; break;
309  case AV_CODEC_ID_TSCC: maxpixels /= 1024; break;
310  case AV_CODEC_ID_UTVIDEO: maxpixels /= 1024; break;
311  case AV_CODEC_ID_VB: maxpixels /= 1024; break;
312  case AV_CODEC_ID_VC1: maxpixels /= 8192; break;
313  case AV_CODEC_ID_VC1IMAGE: maxpixels /= 8192; break;
314  case AV_CODEC_ID_VMNC: maxpixels /= 8192; break;
315  case AV_CODEC_ID_VMDVIDEO: maxpixels /= 1024; break;
316  case AV_CODEC_ID_VMIX: maxpixels /= 8192; break;
317  case AV_CODEC_ID_VP3: maxpixels /= 4096; break;
318  case AV_CODEC_ID_VP4: maxpixels /= 4096; break;
319  case AV_CODEC_ID_VP5: maxpixels /= 256; break;
320  case AV_CODEC_ID_VP6F: maxpixels /= 4096; break;
321  case AV_CODEC_ID_VP6A: maxpixels /= 4096; break;
322  case AV_CODEC_ID_VP7: maxpixels /= 256; break;
323  case AV_CODEC_ID_VP9: maxpixels /= 4096; break;
324  case AV_CODEC_ID_WAVPACK: maxsamples /= 1024; break;
325  case AV_CODEC_ID_WCMV: maxpixels /= 1024; break;
326  case AV_CODEC_ID_WMV3IMAGE: maxpixels /= 8192; break;
327  case AV_CODEC_ID_WMV2: maxpixels /= 1024; break;
328  case AV_CODEC_ID_WMV3: maxpixels /= 1024; break;
329  case AV_CODEC_ID_WS_VQA: maxpixels /= 16384; break;
330  case AV_CODEC_ID_WMALOSSLESS: maxsamples /= 1024; break;
331  case AV_CODEC_ID_WMAPRO: maxsamples /= 16384; break;
332  case AV_CODEC_ID_YLC: maxpixels /= 1024; break;
333  case AV_CODEC_ID_ZEROCODEC: maxpixels /= 128; break;
334  case AV_CODEC_ID_ZLIB: maxpixels /= 4096; break;
335  }
336 
337  maxsamples_per_frame = FFMIN(maxsamples_per_frame, maxsamples);
338  maxpixels_per_frame = FFMIN(maxpixels_per_frame , maxpixels);
339 
340  AVCodecContext* ctx = avcodec_alloc_context3(&c->p);
341  AVCodecContext* parser_avctx = avcodec_alloc_context3(NULL);
342  if (!ctx || !parser_avctx)
343  error("Failed memory allocation");
344 
345  if (ctx->max_pixels == 0 || ctx->max_pixels > maxpixels_per_frame)
346  ctx->max_pixels = maxpixels_per_frame; //To reduce false positive OOM and hangs
347 
348  ctx->max_samples = maxsamples_per_frame;
349  ctx->get_buffer2 = fuzz_get_buffer2;
350  if (c->p.capabilities & AV_CODEC_CAP_EXPERIMENTAL)
351  ctx->strict_std_compliance = FF_COMPLIANCE_EXPERIMENTAL;
352 
353  if (size > 1024) {
354  GetByteContext gbc;
355  int extradata_size;
356  int flags;
357  uint64_t request_channel_layout;
358  int64_t flags64;
359 
360  size -= 1024;
361  bytestream2_init(&gbc, data + size, 1024);
362  ctx->width = bytestream2_get_le32(&gbc);
363  ctx->height = bytestream2_get_le32(&gbc);
364  ctx->bit_rate = bytestream2_get_le64(&gbc);
365  ctx->bits_per_coded_sample = bytestream2_get_le32(&gbc);
366  // Try to initialize a parser for this codec, note, this may fail which just means we test without one
367  flags = bytestream2_get_byte(&gbc);
368  if (flags & 1)
369  parser = av_parser_init(c->p.id);
370  if (flags & 2)
371  ctx->strict_std_compliance = FF_COMPLIANCE_EXPERIMENTAL;
372  if (flags & 4) {
373  ctx->err_recognition = AV_EF_AGGRESSIVE | AV_EF_COMPLIANT | AV_EF_CAREFUL;
374  if (flags & 8)
375  ctx->err_recognition |= AV_EF_EXPLODE;
376  }
377  if ((flags & 0x10) && c->p.id != AV_CODEC_ID_H264)
378  ctx->flags2 |= AV_CODEC_FLAG2_FAST;
379  if (flags & 0x80)
380  ctx->export_side_data |= AV_CODEC_EXPORT_DATA_MVS;
381 
382  if (flags & 0x40)
383  av_force_cpu_flags(0);
384 
385  extradata_size = bytestream2_get_le32(&gbc);
386 
387  ctx->sample_rate = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;
388  ctx->ch_layout.nb_channels = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;
389  ctx->block_align = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;
390  ctx->codec_tag = bytestream2_get_le32(&gbc);
391  if (c->codec_tags) {
392  int n;
393  for (n = 0; c->codec_tags[n] != FF_CODEC_TAGS_END; n++);
394  ctx->codec_tag = c->codec_tags[ctx->codec_tag % n];
395  }
396  keyframes = bytestream2_get_le64(&gbc);
397  request_channel_layout = bytestream2_get_le64(&gbc);
398 
399  ctx->idct_algo = bytestream2_get_byte(&gbc) % 25;
400  flushpattern = bytestream2_get_le64(&gbc);
401  ctx->skip_frame = bytestream2_get_byte(&gbc) - 254 + AVDISCARD_ALL;
402 
403 
404  if (flags & 0x20) {
405  switch (ctx->codec_id) {
406  case AV_CODEC_ID_AC3:
407  case AV_CODEC_ID_EAC3:
408  av_dict_set_int(&opts, "cons_noisegen", bytestream2_get_byte(&gbc) & 1, 0);
409  av_dict_set_int(&opts, "heavy_compr", bytestream2_get_byte(&gbc) & 1, 0);
410  av_dict_set_int(&opts, "target_level", (int)(bytestream2_get_byte(&gbc) % 32) - 31, 0);
411  av_dict_set_int(&opts, "dmix_mode", (int)(bytestream2_get_byte(&gbc) % 4) - 1, 0);
412  break;
413  }
414  }
415 
416  // Keep the deprecated request_channel_layout behavior to ensure old fuzzing failures
417  // remain reproducible.
418  if (request_channel_layout) {
419  switch (ctx->codec_id) {
420  case AV_CODEC_ID_AC3:
421  case AV_CODEC_ID_EAC3:
422  case AV_CODEC_ID_MLP:
423  case AV_CODEC_ID_TRUEHD:
424  case AV_CODEC_ID_DTS:
425  if (request_channel_layout & ~INT64_MIN) {
426  char *downmix_layout = av_mallocz(19);
427  if (!downmix_layout)
428  error("Failed memory allocation");
429  av_strlcatf(downmix_layout, 19, "0x%"PRIx64, request_channel_layout & ~INT64_MIN);
430  av_dict_set(&opts, "downmix", downmix_layout, AV_DICT_DONT_STRDUP_VAL);
431  }
432  if (ctx->codec_id != AV_CODEC_ID_DTS)
433  break;
434  // fall-through
435  case AV_CODEC_ID_DOLBY_E:
436  av_dict_set_int(&opts, "channel_order", !!(request_channel_layout & INT64_MIN), 0);
437  break;
438  }
439  }
440 
441  flags64 = bytestream2_get_le64(&gbc);
442  if (flags64 &1)
443  ctx->debug |= FF_DEBUG_SKIP;
444  if (flags64 &2)
445  ctx->debug |= FF_DEBUG_QP;
446  if (flags64 &4)
447  ctx->debug |= FF_DEBUG_MB_TYPE;
448  if (flags64 & 8)
449  ctx->export_side_data |= AV_CODEC_EXPORT_DATA_VIDEO_ENC_PARAMS;
450  if (flags64 & 0x10)
451  ctx->err_recognition |= AV_EF_CRCCHECK;
452 
453  ctx->workaround_bugs = bytestream2_get_le32(&gbc);
454 
455  if (c->p.max_lowres) {
456  ctx->lowres = bytestream2_get_byte(&gbc) % (c->p.max_lowres+1);
457  }
458 
459  if (extradata_size < size) {
460  ctx->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE);
461  if (ctx->extradata) {
462  ctx->extradata_size = extradata_size;
463  size -= ctx->extradata_size;
464  memcpy(ctx->extradata, data + size, ctx->extradata_size);
465  }
466  }
467  if (av_image_check_size(ctx->width, ctx->height, 0, ctx))
468  ctx->width = ctx->height = 0;
469  }
470 
471  int res = avcodec_open2(ctx, &c->p, &opts);
472  if (res < 0) {
473  avcodec_free_context(&ctx);
474  av_free(parser_avctx);
475  av_parser_close(parser);
476  av_dict_free(&opts);
477  return 0; // Failure of avcodec_open2() does not imply that a issue was found
478  }
479  parser_avctx->codec_id = ctx->codec_id;
480  parser_avctx->extradata_size = ctx->extradata_size;
481  parser_avctx->extradata = ctx->extradata ? av_memdup(ctx->extradata, ctx->extradata_size + AV_INPUT_BUFFER_PADDING_SIZE) : NULL;
482 
483 
484  int got_frame;
485  AVFrame *frame = av_frame_alloc();
486  AVPacket *avpkt = av_packet_alloc();
487  AVPacket *parsepkt = av_packet_alloc();
488  if (!frame || !avpkt || !parsepkt)
489  error("Failed memory allocation");
490 
491  // Read very simple container
492  while (data < end && it < maxiteration) {
493  // Search for the TAG
494  while (data + sizeof(fuzz_tag) < end) {
495  if (data[0] == (fuzz_tag & 0xFF) && AV_RN64(data) == fuzz_tag)
496  break;
497  data++;
498  }
499  if (data + sizeof(fuzz_tag) > end)
500  data = end;
501 
502  res = av_new_packet(parsepkt, data - last);
503  if (res < 0)
504  error("Failed memory allocation");
505  memcpy(parsepkt->data, last, data - last);
506  parsepkt->flags = (keyframes & 1) * AV_PKT_FLAG_DISCARD + (!!(keyframes & 2)) * AV_PKT_FLAG_KEY;
507  keyframes = (keyframes >> 2) + (keyframes<<62);
508  data += sizeof(fuzz_tag);
509  last = data;
510 
511  while (parsepkt->size > 0) {
512  int decode_more;
513 
514  if (parser) {
515  int ret = av_parser_parse2(parser, parser_avctx, &avpkt->data, &avpkt->size,
516  parsepkt->data, parsepkt->size,
517  parsepkt->pts, parsepkt->dts, parsepkt->pos);
518  if (avpkt->data == parsepkt->data) {
519  avpkt->buf = av_buffer_ref(parsepkt->buf);
520  if (!avpkt->buf)
521  error("Failed memory allocation");
522  } else {
523  if (av_packet_make_refcounted(avpkt) < 0)
524  error("Failed memory allocation");
525  }
526  parsepkt->data += ret;
527  parsepkt->size -= ret;
528  parsepkt->pos += ret;
529  avpkt->pts = parser->pts;
530  avpkt->dts = parser->dts;
531  avpkt->pos = parser->pos;
532  if ( parser->key_frame == 1 ||
533  (parser->key_frame == -1 && parser->pict_type == AV_PICTURE_TYPE_I))
534  avpkt->flags |= AV_PKT_FLAG_KEY;
535  avpkt->flags |= parsepkt->flags & AV_PKT_FLAG_DISCARD;
536  } else {
537  av_packet_move_ref(avpkt, parsepkt);
538  }
539 
540  if (!(flushpattern & 7))
541  avcodec_flush_buffers(ctx);
542  flushpattern = (flushpattern >> 3) + (flushpattern << 61);
543 
544  if (ctx->codec_type != AVMEDIA_TYPE_SUBTITLE) {
545  int ret = avcodec_send_packet(ctx, avpkt);
546  decode_more = ret >= 0;
547  if(!decode_more) {
548  ec_pixels += (ctx->width + 32LL) * (ctx->height + 32LL);
549  if (it > 20 || ec_pixels > 4 * ctx->max_pixels) {
550  ctx->error_concealment = 0;
551  ctx->debug &= ~(FF_DEBUG_SKIP | FF_DEBUG_QP | FF_DEBUG_MB_TYPE);
552  }
553  if (ec_pixels > maxpixels)
554  goto maximums_reached;
555  }
556  } else
557  decode_more = 1;
558 
559  // Iterate through all data
560  while (decode_more && it++ < maxiteration) {
561  av_frame_unref(frame);
562  int ret = decode_handler(ctx, frame, &got_frame, avpkt);
563 
564  ec_pixels += (ctx->width + 32LL) * (ctx->height + 32LL);
565  if (it > 20 || ec_pixels > 4 * ctx->max_pixels) {
566  ctx->error_concealment = 0;
567  ctx->debug &= ~(FF_DEBUG_SKIP | FF_DEBUG_QP | FF_DEBUG_MB_TYPE);
568  }
569  if (ec_pixels > maxpixels)
570  goto maximums_reached;
571 
572  if (ctx->codec_type == AVMEDIA_TYPE_AUDIO &&
573  frame->nb_samples == 0 && !got_frame &&
574  (avpkt->flags & AV_PKT_FLAG_DISCARD))
575  nb_samples += ctx->max_samples;
576 
577  nb_samples += frame->nb_samples;
578  if (nb_samples > maxsamples)
579  goto maximums_reached;
580 
581  if (ret <= 0 || ret > avpkt->size)
582  break;
583 
584  if (ctx->codec_type == AVMEDIA_TYPE_SUBTITLE) {
585  avpkt->data += ret;
586  avpkt->size -= ret;
587  decode_more = avpkt->size > 0;
588  } else
589  decode_more = ret >= 0;
590  }
591  av_packet_unref(avpkt);
592  }
593  av_packet_unref(parsepkt);
594  }
595 maximums_reached:
596 
597  av_packet_unref(avpkt);
598 
599  if (ctx->codec_type != AVMEDIA_TYPE_SUBTITLE)
600  avcodec_send_packet(ctx, NULL);
601 
602  do {
603  got_frame = 0;
604  av_frame_unref(frame);
605  decode_handler(ctx, frame, &got_frame, avpkt);
606 
607  nb_samples += frame->nb_samples;
608  if (nb_samples > maxsamples)
609  break;
610  } while (got_frame == 1 && it++ < maxiteration);
611 
612  fprintf(stderr, "pixels decoded: %"PRId64", samples decoded: %"PRId64", iterations: %d\n", ec_pixels, nb_samples, it);
613 
614  av_frame_free(&frame);
615  avcodec_free_context(&ctx);
616  avcodec_free_context(&parser_avctx);
617  av_parser_close(parser);
618  av_packet_free(&avpkt);
619  av_packet_free(&parsepkt);
620  av_dict_free(&opts);
621  return 0;
622 }
AV_CODEC_ID_TRUEMOTION2
@ AV_CODEC_ID_TRUEMOTION2
Definition: codec_id.h:129
AVSubtitle
Definition: avcodec.h:2238
av_packet_unref
void av_packet_unref(AVPacket *pkt)
Wipe the packet.
Definition: packet.c:429
av_force_cpu_flags
void av_force_cpu_flags(int arg)
Disables cpu detection and forces the specified flags.
Definition: cpu.c:79
AVCodec
AVCodec.
Definition: codec.h:187
AVMEDIA_TYPE_SUBTITLE
@ AVMEDIA_TYPE_SUBTITLE
Definition: avutil.h:204
AV_CODEC_ID_VP6F
@ AV_CODEC_ID_VP6F
Definition: codec_id.h:144
AV_CODEC_ID_SANM
@ AV_CODEC_ID_SANM
Definition: codec_id.h:234
AV_CODEC_ID_LAGARITH
@ AV_CODEC_ID_LAGARITH
Definition: codec_id.h:199
AVCodecParserContext::pts
int64_t pts
Definition: avcodec.h:2767
AV_EF_EXPLODE
#define AV_EF_EXPLODE
abort decoding on minor error detection
Definition: defs.h:51
AV_CODEC_ID_INDEO5
@ AV_CODEC_ID_INDEO5
Definition: codec_id.h:164
AV_CODEC_ID_AC3
@ AV_CODEC_ID_AC3
Definition: codec_id.h:443
AV_EF_CAREFUL
#define AV_EF_CAREFUL
consider things that violate the spec, are fast to calculate and have not been seen in the wild as er...
Definition: defs.h:54
AVERROR
Filter the word "frame" indicates either a video frame or a group of audio as stored in an AVFrame structure Format for each input and each output the list of supported formats For video that means pixel format For audio that means channel sample they are references to shared objects When the negotiation mechanism computes the intersection of the formats supported at each end of a all references to both lists are replaced with a reference to the intersection And when a single format is eventually chosen for a link amongst the remaining all references to the list are updated That means that if a filter requires that its input and output have the same format amongst a supported all it has to do is use a reference to the same list of formats query_formats can leave some formats unset and return AVERROR(EAGAIN) to cause the negotiation mechanism toagain later. That can be used by filters with complex requirements to use the format negotiated on one link to set the formats supported on another. Frame references ownership and permissions
AV_CODEC_ID_APE
@ AV_CODEC_ID_APE
Definition: codec_id.h:472
AV_CODEC_ID_TQI
@ AV_CODEC_ID_TQI
Definition: codec_id.h:174
AV_EF_COMPLIANT
#define AV_EF_COMPLIANT
consider all spec non compliances as errors
Definition: defs.h:55
AVCodecParserContext::pict_type
int pict_type
Definition: avcodec.h:2756
GetByteContext
Definition: bytestream.h:33
AV_CODEC_ID_INTERPLAY_ACM
@ AV_CODEC_ID_INTERPLAY_ACM
Definition: codec_id.h:518
AV_CODEC_ID_SRGC
@ AV_CODEC_ID_SRGC
Definition: codec_id.h:283
AV_CODEC_ID_LOCO
@ AV_CODEC_ID_LOCO
Definition: codec_id.h:124
AV_LOG_PANIC
#define AV_LOG_PANIC
Something went really wrong and we will crash now.
Definition: log.h:167
AV_PKT_FLAG_DISCARD
#define AV_PKT_FLAG_DISCARD
Flag is used to discard packets which are required to maintain valid decoder state but are not requir...
Definition: packet.h:601
AV_CODEC_ID_DIRAC
@ AV_CODEC_ID_DIRAC
Definition: codec_id.h:168
int64_t
long long int64_t
Definition: coverity.c:34
AV_CODEC_ID_MVC2
@ AV_CODEC_ID_MVC2
Definition: codec_id.h:237
av_frame_free
void av_frame_free(AVFrame **frame)
Free the frame and any dynamically allocated objects in it, e.g.
Definition: frame.c:162
AV_RN64
#define AV_RN64(p)
Definition: intreadwrite.h:364
AVFrame
This structure describes decoded (raw) audio or video data.
Definition: frame.h:389
AVCodec::capabilities
int capabilities
Codec capabilities.
Definition: codec.h:206
w
uint8_t w
Definition: llviddspenc.c:38
AVFormatContext::strict_std_compliance
int strict_std_compliance
Allow non-standard and experimental extension.
Definition: avformat.h:1644
AV_CODEC_ID_MWSC
@ AV_CODEC_ID_MWSC
Definition: codec_id.h:289
internal.h
AVPacket::data
uint8_t * data
Definition: packet.h:539
AV_CODEC_ID_FLIC
@ AV_CODEC_ID_FLIC
Definition: codec_id.h:102
data
const char data[16]
Definition: mxf.c:148
AV_CODEC_ID_CDTOONS
@ AV_CODEC_ID_CDTOONS
Definition: codec_id.h:300
FFCodec
Definition: codec_internal.h:127
c
static const FFCodec * c
Definition: target_dec_fuzzer.c:74
AV_CODEC_ID_GDV
@ AV_CODEC_ID_GDV
Definition: codec_id.h:285
AV_CODEC_ID_ARBC
@ AV_CODEC_ID_ARBC
Definition: codec_id.h:293
AV_CODEC_ID_RTV1
@ AV_CODEC_ID_RTV1
Definition: codec_id.h:322
AV_CODEC_ID_SCREENPRESSO
@ AV_CODEC_ID_SCREENPRESSO
Definition: codec_id.h:244
FF_COMPLIANCE_EXPERIMENTAL
#define FF_COMPLIANCE_EXPERIMENTAL
Allow nonstandardized experimental things.
Definition: defs.h:62
AV_CODEC_ID_VB
@ AV_CODEC_ID_VB
Definition: codec_id.h:160
AVDictionary
Definition: dict.c:34
AV_CODEC_ID_FLAC
@ AV_CODEC_ID_FLAC
Definition: codec_id.h:452
av_buffer_ref
AVBufferRef * av_buffer_ref(const AVBufferRef *buf)
Create a new reference to an AVBuffer.
Definition: buffer.c:103
AV_CODEC_ID_APNG
@ AV_CODEC_ID_APNG
Definition: codec_id.h:265
AV_CODEC_ID_MXPEG
@ AV_CODEC_ID_MXPEG
Definition: codec_id.h:198
av_strlcatf
size_t av_strlcatf(char *dst, size_t size, const char *fmt,...)
Definition: avstring.c:103
AV_CODEC_ID_TRUEHD
@ AV_CODEC_ID_TRUEHD
Definition: codec_id.h:484
AV_PKT_FLAG_KEY
#define AV_PKT_FLAG_KEY
The packet contains a keyframe.
Definition: packet.h:594
av_packet_free
void av_packet_free(AVPacket **pkt)
Free the packet, if the packet is reference counted, it will be unreferenced first.
Definition: packet.c:74
AV_CODEC_ID_DSICINVIDEO
@ AV_CODEC_ID_DSICINVIDEO
Definition: codec_id.h:146
AV_CODEC_ID_RSCC
@ AV_CODEC_ID_RSCC
Definition: codec_id.h:245
av_memdup
void * av_memdup(const void *p, size_t size)
Duplicate a buffer with av_malloc().
Definition: mem.c:304
AVCodec::max_lowres
uint8_t max_lowres
maximum value for lowres supported by the decoder
Definition: codec.h:207
AVCodecParserContext::key_frame
int key_frame
Set by parser to 1 for key frames and 0 for non-key frames.
Definition: avcodec.h:2797
FFCodec::p
AVCodec p
The public AVCodec.
Definition: codec_internal.h:131
AV_CODEC_ID_IFF_ILBM
@ AV_CODEC_ID_IFF_ILBM
Definition: codec_id.h:188
AV_CODEC_ID_SPEEX
@ AV_CODEC_ID_SPEEX
Definition: codec_id.h:475
fail
#define fail()
Definition: checkasm.h:188
AV_CODEC_ID_MV30
@ AV_CODEC_ID_MV30
Definition: codec_id.h:301
AV_CODEC_ID_MSZH
@ AV_CODEC_ID_MSZH
Definition: codec_id.h:105
dummy
int dummy
Definition: motion.c:66
AV_CODEC_ID_SMACKAUDIO
@ AV_CODEC_ID_SMACKAUDIO
Definition: codec_id.h:463
AV_CODEC_ID_RKA
@ AV_CODEC_ID_RKA
Definition: codec_id.h:542
av_parser_init
AVCodecParserContext * av_parser_init(int codec_id)
Definition: parser.c:32
AV_CODEC_ID_VMIX
@ AV_CODEC_ID_VMIX
Definition: codec_id.h:323
AV_CODEC_ID_FFWAVESYNTH
@ AV_CODEC_ID_FFWAVESYNTH
Definition: codec_id.h:508
AVCodecParserContext::dts
int64_t dts
Definition: avcodec.h:2768
FF_CODEC_TAGS_END
#define FF_CODEC_TAGS_END
FFCodec.codec_tags termination value.
Definition: codec_internal.h:95
avsubtitle_free
void avsubtitle_free(AVSubtitle *sub)
Free all allocated data in the given subtitle struct.
Definition: avcodec.c:406
AV_DICT_DONT_STRDUP_VAL
#define AV_DICT_DONT_STRDUP_VAL
Take ownership of a value that's been allocated with av_malloc() or another memory allocation functio...
Definition: dict.h:79
av_frame_alloc
AVFrame * av_frame_alloc(void)
Allocate an AVFrame and set its fields to default values.
Definition: frame.c:150
AV_CODEC_ID_DVB_SUBTITLE
@ AV_CODEC_ID_DVB_SUBTITLE
Definition: codec_id.h:551
AVFormatContext::bit_rate
int64_t bit_rate
Total stream bitrate in bit/s, 0 if not available.
Definition: avformat.h:1429
avcodec_decode_subtitle2
int avcodec_decode_subtitle2(AVCodecContext *avctx, AVSubtitle *sub, int *got_sub_ptr, const AVPacket *avpkt)
Decode a subtitle message.
Definition: decode.c:982
avassert.h
AV_CODEC_CAP_EXPERIMENTAL
#define AV_CODEC_CAP_EXPERIMENTAL
Codec is experimental and is thus avoided in favor of non experimental encoders.
Definition: codec.h:102
LLVMFuzzerTestOneInput
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
Definition: target_dec_fuzzer.c:169
AV_CODEC_ID_CFHD
@ AV_CODEC_ID_CFHD
Definition: codec_id.h:267
AVCodecContext::extradata_size
int extradata_size
Definition: avcodec.h:530
avcodec_alloc_context3
AVCodecContext * avcodec_alloc_context3(const AVCodec *codec)
Allocate an AVCodecContext and set its fields to default values.
Definition: options.c:149
av_image_fill_linesizes
int av_image_fill_linesizes(int linesizes[4], enum AVPixelFormat pix_fmt, int width)
Fill plane linesizes for an image with pixel format pix_fmt and width width.
Definition: imgutils.c:89
intreadwrite.h
av_new_packet
int av_new_packet(AVPacket *pkt, int size)
Allocate the payload of a packet and initialize its fields with default values.
Definition: packet.c:98
AV_CODEC_ID_WMAPRO
@ AV_CODEC_ID_WMAPRO
Definition: codec_id.h:477
AVMEDIA_TYPE_AUDIO
@ AVMEDIA_TYPE_AUDIO
Definition: avutil.h:202
AV_CODEC_ID_VP9
@ AV_CODEC_ID_VP9
Definition: codec_id.h:220
AV_CODEC_ID_NUV
@ AV_CODEC_ID_NUV
Definition: codec_id.h:136
AV_CODEC_ID_WS_VQA
@ AV_CODEC_ID_WS_VQA
Definition: codec_id.h:96
AV_CODEC_ID_ARGO
@ AV_CODEC_ID_ARGO
Definition: codec_id.h:307
AV_CODEC_ID_WMV2
@ AV_CODEC_ID_WMV2
Definition: codec_id.h:70
avcodec_receive_frame
int attribute_align_arg avcodec_receive_frame(AVCodecContext *avctx, AVFrame *frame)
Return decoded output data from a decoder or encoder (when the AV_CODEC_FLAG_RECON_FRAME flag is used...
Definition: avcodec.c:713
AV_CODEC_ID_UTVIDEO
@ AV_CODEC_ID_UTVIDEO
Definition: codec_id.h:205
ctx
AVFormatContext * ctx
Definition: movenc.c:49
avcodec_align_dimensions2
void avcodec_align_dimensions2(AVCodecContext *s, int *width, int *height, int linesize_align[AV_NUM_DATA_POINTERS])
Modify width and height values so that they will result in a memory buffer that is acceptable for the...
Definition: utils.c:144
codec_id
enum AVCodecID codec_id
Definition: vaapi_decode.c:394
AV_CODEC_ID_DOLBY_E
@ AV_CODEC_ID_DOLBY_E
Definition: codec_id.h:524
AV_CODEC_ID_VC1IMAGE
@ AV_CODEC_ID_VC1IMAGE
Definition: codec_id.h:204
AV_CODEC_ID_H264
@ AV_CODEC_ID_H264
Definition: codec_id.h:79
AVCodecContext::codec_id
enum AVCodecID codec_id
Definition: avcodec.h:461
AV_CODEC_ID_PNG
@ AV_CODEC_ID_PNG
Definition: codec_id.h:113
if
if(ret)
Definition: filter_design.txt:179
AVDISCARD_ALL
@ AVDISCARD_ALL
discard all
Definition: defs.h:221
AV_CODEC_ID_WMV3
@ AV_CODEC_ID_WMV3
Definition: codec_id.h:123
opts
AVDictionary * opts
Definition: movenc.c:51
FUZZ_TAG
static const uint64_t FUZZ_TAG
Definition: target_dec_fuzzer.c:106
AV_CODEC_ID_EXR
@ AV_CODEC_ID_EXR
Definition: codec_id.h:232
AVPacket::buf
AVBufferRef * buf
A reference to the reference-counted buffer where the packet data is stored.
Definition: packet.h:522
NULL
#define NULL
Definition: coverity.c:32
AV_CODEC_ID_DST
@ AV_CODEC_ID_DST
Definition: codec_id.h:521
AV_CODEC_ID_ZEROCODEC
@ AV_CODEC_ID_ZEROCODEC
Definition: codec_id.h:213
AVCodec::type
enum AVMediaType type
Definition: codec.h:200
av_image_fill_plane_sizes
int av_image_fill_plane_sizes(size_t sizes[4], enum AVPixelFormat pix_fmt, int height, const ptrdiff_t linesizes[4])
Fill plane sizes for an image with pixel format pix_fmt and height height.
Definition: imgutils.c:111
avcodec_free_context
void avcodec_free_context(AVCodecContext **avctx)
Free the codec context and everything associated with it and write NULL to the provided pointer.
Definition: options.c:164
FF_DEBUG_MB_TYPE
#define FF_DEBUG_MB_TYPE
Definition: avcodec.h:1410
AV_CODEC_ID_WMALOSSLESS
@ AV_CODEC_ID_WMALOSSLESS
Definition: codec_id.h:478
AV_CODEC_ID_MVDV
@ AV_CODEC_ID_MVDV
Definition: codec_id.h:298
AV_CODEC_ID_CINEPAK
@ AV_CODEC_ID_CINEPAK
Definition: codec_id.h:95
AV_CODEC_ID_MOTIONPIXELS
@ AV_CODEC_ID_MOTIONPIXELS
Definition: codec_id.h:171
AV_CODEC_FLAG2_FAST
#define AV_CODEC_FLAG2_FAST
Allow non spec compliant speedup tricks.
Definition: avcodec.h:357
AV_PICTURE_TYPE_I
@ AV_PICTURE_TYPE_I
Intra.
Definition: avutil.h:279
AV_CODEC_ID_ZLIB
@ AV_CODEC_ID_ZLIB
Definition: codec_id.h:106
AV_CODEC_ID_FMVC
@ AV_CODEC_ID_FMVC
Definition: codec_id.h:276
AV_CODEC_ID_ANM
@ AV_CODEC_ID_ANM
Definition: codec_id.h:186
avcodec_open2
int attribute_align_arg avcodec_open2(AVCodecContext *avctx, const AVCodec *codec, AVDictionary **options)
Initialize the AVCodecContext to use the given AVCodec.
Definition: avcodec.c:143
av_packet_move_ref
void av_packet_move_ref(AVPacket *dst, AVPacket *src)
Move every field in src to dst and reset src.
Definition: packet.c:486
AV_EF_CRCCHECK
#define AV_EF_CRCCHECK
Verify checksums embedded in the bitstream (could be of either encoded or decoded data,...
Definition: defs.h:48
AV_CODEC_ID_VMDVIDEO
@ AV_CODEC_ID_VMDVIDEO
Definition: codec_id.h:104
AV_CODEC_ID_VP6A
@ AV_CODEC_ID_VP6A
Definition: codec_id.h:158
AV_CODEC_ID_VP4
@ AV_CODEC_ID_VP4
Definition: codec_id.h:296
AV_CODEC_ID_MP4ALS
@ AV_CODEC_ID_MP4ALS
Definition: codec_id.h:485
error
static void error(const char *err)
Definition: target_dec_fuzzer.c:68
AVCodecID
AVCodecID
Identify the syntax and semantics of the bitstream.
Definition: codec_id.h:49
avcodec_find_decoder
const AVCodec * avcodec_find_decoder(enum AVCodecID id)
Find a registered decoder with a matching codec ID.
Definition: allcodecs.c:1007
AV_CODEC_ID_EAC3
@ AV_CODEC_ID_EAC3
Definition: codec_id.h:480
AV_CODEC_ID_LSCR
@ AV_CODEC_ID_LSCR
Definition: codec_id.h:295
AV_CODEC_ID_WCMV
@ AV_CODEC_ID_WCMV
Definition: codec_id.h:290
AV_CODEC_ID_FFV1
@ AV_CODEC_ID_FFV1
Definition: codec_id.h:85
AV_CODEC_CAP_DR1
#define AV_CODEC_CAP_DR1
Codec uses get_buffer() or get_encode_buffer() for allocating buffers and supports custom allocators.
Definition: codec.h:52
AV_CODEC_ID_SCPR
@ AV_CODEC_ID_SCPR
Definition: codec_id.h:277
AVPacket::size
int size
Definition: packet.h:540
codec_internal.h
AV_CODEC_ID_YLC
@ AV_CODEC_ID_YLC
Definition: codec_id.h:272
cpu.h
AV_CODEC_ID_RASC
@ AV_CODEC_ID_RASC
Definition: codec_id.h:291
codec_list
const FFCodec * codec_list[]
AV_CODEC_ID_DXV
@ AV_CODEC_ID_DXV
Definition: codec_id.h:243
AV_CODEC_ID_DTS
@ AV_CODEC_ID_DTS
Definition: codec_id.h:444
size
int size
Definition: twinvq_data.h:10344
AV_NUM_DATA_POINTERS
#define AV_NUM_DATA_POINTERS
Definition: frame.h:390
ffcodec
static const av_always_inline FFCodec * ffcodec(const AVCodec *codec)
Definition: codec_internal.h:330
AV_CODEC_ID_MSRLE
@ AV_CODEC_ID_MSRLE
Definition: codec_id.h:97
AV_CODEC_ID_OPUS
@ AV_CODEC_ID_OPUS
Definition: codec_id.h:500
AVPacket::dts
int64_t dts
Decompression timestamp in AVStream->time_base units; the time at which the packet is decompressed.
Definition: packet.h:538
AV_CODEC_ID_QPEG
@ AV_CODEC_ID_QPEG
Definition: codec_id.h:112
AV_CODEC_ID_RV30
@ AV_CODEC_ID_RV30
Definition: codec_id.h:120
AV_CODEC_ID_MMVIDEO
@ AV_CODEC_ID_MMVIDEO
Definition: codec_id.h:132
av_packet_make_refcounted
int av_packet_make_refcounted(AVPacket *pkt)
Ensure the data described by a given packet is reference counted.
Definition: packet.c:492
AVPacket::flags
int flags
A combination of AV_PKT_FLAG values.
Definition: packet.h:545
av_packet_alloc
AVPacket * av_packet_alloc(void)
Allocate an AVPacket and set its fields to default values.
Definition: packet.c:63
av_dict_free
void av_dict_free(AVDictionary **pm)
Free all the memory allocated for an AVDictionary struct and all keys and values.
Definition: dict.c:223
av_buffer_alloc
AVBufferRef * av_buffer_alloc(size_t size)
Allocate an AVBuffer of the given size using av_malloc().
Definition: buffer.c:77
AV_CODEC_ID_DXA
@ AV_CODEC_ID_DXA
Definition: codec_id.h:150
AV_CODEC_ID_INDEO4
@ AV_CODEC_ID_INDEO4
Definition: codec_id.h:163
AV_CODEC_ID_MSS2
@ AV_CODEC_ID_MSS2
Definition: codec_id.h:219
AVCodec::id
enum AVCodecID id
Definition: codec.h:201
AV_CODEC_ID_HQ_HQA
@ AV_CODEC_ID_HQ_HQA
Definition: codec_id.h:240
AV_CODEC_ID_VP5
@ AV_CODEC_ID_VP5
Definition: codec_id.h:142
AV_CODEC_ID_VP3
@ AV_CODEC_ID_VP3
Definition: codec_id.h:81
AV_CODEC_ID_GIF
@ AV_CODEC_ID_GIF
Definition: codec_id.h:149
AV_CODEC_ID_TGV
@ AV_CODEC_ID_TGV
Definition: codec_id.h:172
AV_CODEC_ID_VP7
@ AV_CODEC_ID_VP7
Definition: codec_id.h:233
avcodec_default_get_buffer2
int avcodec_default_get_buffer2(AVCodecContext *s, AVFrame *frame, int flags)
The default callback for AVCodecContext.get_buffer2().
Definition: get_buffer.c:253
avcodec_send_packet
int avcodec_send_packet(AVCodecContext *avctx, const AVPacket *avpkt)
Supply raw packet data as input to a decoder.
Definition: decode.c:727
av_log_set_level
void av_log_set_level(int level)
Set the log level.
Definition: log.c:447
AVCodecParserContext::pos
int64_t pos
Byte position of currently parsed frame in stream.
Definition: avcodec.h:2850
i
#define i(width, name, range_min, range_max)
Definition: cbs_h2645.c:256
AVPacket::pts
int64_t pts
Presentation timestamp in AVStream->time_base units; the time at which the decompressed packet will b...
Definition: packet.h:532
AV_CODEC_ID_MTS2
@ AV_CODEC_ID_MTS2
Definition: codec_id.h:217
AVCodecContext::extradata
uint8_t * extradata
some codecs need / can use extradata like Huffman tables.
Definition: avcodec.h:529
AV_CODEC_ID_THEORA
@ AV_CODEC_ID_THEORA
Definition: codec_id.h:82
FF_DEBUG_SKIP
#define FF_DEBUG_SKIP
Definition: avcodec.h:1413
AV_CODEC_ID_PAF_VIDEO
@ AV_CODEC_ID_PAF_VIDEO
Definition: codec_id.h:231
AV_CODEC_ID_BONK
@ AV_CODEC_ID_BONK
Definition: codec_id.h:537
AV_CODEC_ID_HEVC
@ AV_CODEC_ID_HEVC
Definition: codec_id.h:226
FFMIN
#define FFMIN(a, b)
Definition: macros.h:49
AV_CODEC_ID_HNM4_VIDEO
@ AV_CODEC_ID_HNM4_VIDEO
Definition: codec_id.h:225
av_frame_unref
void av_frame_unref(AVFrame *frame)
Unreference all the buffers referenced by frame and reset the frame fields.
Definition: frame.c:610
AV_CODEC_ID_CMV
@ AV_CODEC_ID_CMV
Definition: codec_id.h:170
av_mallocz
void * av_mallocz(size_t size)
Allocate a memory block with alignment suitable for all memory accesses (including vectors if availab...
Definition: mem.c:256
AV_CODEC_ID_VC1
@ AV_CODEC_ID_VC1
Definition: codec_id.h:122
AV_CODEC_ID_JPEG2000
@ AV_CODEC_ID_JPEG2000
Definition: codec_id.h:140
AV_CODEC_ID_BETHSOFTVID
@ AV_CODEC_ID_BETHSOFTVID
Definition: codec_id.h:155
AV_CODEC_ID_MVHA
@ AV_CODEC_ID_MVHA
Definition: codec_id.h:299
AV_CODEC_ID_MVC1
@ AV_CODEC_ID_MVC1
Definition: codec_id.h:236
avcodec.h
AVCodecParserContext
Definition: avcodec.h:2748
AVCodecInitialize
static const FFCodec * AVCodecInitialize(enum AVCodecID codec_id)
Definition: target_dec_fuzzer.c:75
fuzz_video_get_buffer
static int fuzz_video_get_buffer(AVCodecContext *ctx, AVFrame *frame)
Definition: target_dec_fuzzer.c:108
AV_CODEC_ID_SMACKVIDEO
@ AV_CODEC_ID_SMACKVIDEO
Definition: codec_id.h:135
av_buffer_allocz
AVBufferRef * av_buffer_allocz(size_t size)
Same as av_buffer_alloc(), except the returned buffer will be initialized to zero.
Definition: buffer.c:93
ret
ret
Definition: filter_design.txt:187
AV_EF_AGGRESSIVE
#define AV_EF_AGGRESSIVE
consider things that a sane encoder/muxer should not do as an error
Definition: defs.h:56
avcodec_flush_buffers
void avcodec_flush_buffers(AVCodecContext *avctx)
Reset the internal codec state / flush internal buffers.
Definition: avcodec.c:374
frame
these buffered frames must be flushed immediately if a new input produces new the filter must not call request_frame to get more It must just process the frame or queue it The task of requesting more frames is left to the filter s request_frame method or the application If a filter has several the filter must be ready for frames arriving randomly on any input any filter with several inputs will most likely require some kind of queuing mechanism It is perfectly acceptable to have a limited queue and to drop frames when the inputs are too unbalanced request_frame For filters that do not use the this method is called when a frame is wanted on an output For a it should directly call filter_frame on the corresponding output For a if there are queued frames already one of these frames should be pushed If the filter should request a frame on one of its repeatedly until at least one frame has been pushed Return or at least make progress towards producing a frame
Definition: filter_design.txt:264
AV_CODEC_ID_CSCD
@ AV_CODEC_ID_CSCD
Definition: codec_id.h:131
avformat.h
audio_video_handler
static int audio_video_handler(AVCodecContext *avctx, AVFrame *frame, int *got_frame, const AVPacket *dummy)
Definition: target_dec_fuzzer.c:95
FF_DEBUG_QP
#define FF_DEBUG_QP
Definition: avcodec.h:1411
AV_INPUT_BUFFER_PADDING_SIZE
#define AV_INPUT_BUFFER_PADDING_SIZE
Definition: defs.h:40
AV_CODEC_EXPORT_DATA_VIDEO_ENC_PARAMS
#define AV_CODEC_EXPORT_DATA_VIDEO_ENC_PARAMS
Decoding only.
Definition: avcodec.h:415
fuzz_get_buffer2
static int fuzz_get_buffer2(AVCodecContext *ctx, AVFrame *frame, int flags)
Definition: target_dec_fuzzer.c:155
AV_CODEC_ID_AGM
@ AV_CODEC_ID_AGM
Definition: codec_id.h:294
AVFormatContext::debug
int debug
Flags to enable debugging.
Definition: avformat.h:1565
AVCodecContext
main external API structure.
Definition: avcodec.h:451
AV_CODEC_ID_SNOW
@ AV_CODEC_ID_SNOW
Definition: codec_id.h:263
AV_CODEC_ID_HAP
@ AV_CODEC_ID_HAP
Definition: codec_id.h:241
AV_CODEC_ID_BINKVIDEO
@ AV_CODEC_ID_BINKVIDEO
Definition: codec_id.h:187
FFCodec::codec_tags
const uint32_t * codec_tags
List of supported codec_tags, terminated by FF_CODEC_TAGS_END.
Definition: codec_internal.h:264
AV_CODEC_ID_SIMBIOSIS_IMX
@ AV_CODEC_ID_SIMBIOSIS_IMX
Definition: codec_id.h:309
AV_CODEC_ID_MSA1
@ AV_CODEC_ID_MSA1
Definition: codec_id.h:215
AV_CODEC_ID_VMNC
@ AV_CODEC_ID_VMNC
Definition: codec_id.h:141
av_dict_set_int
int av_dict_set_int(AVDictionary **pm, const char *key, int64_t value, int flags)
Convenience wrapper for av_dict_set() that converts the value to a string and stores it.
Definition: dict.c:167
AVMEDIA_TYPE_VIDEO
@ AVMEDIA_TYPE_VIDEO
Definition: avutil.h:201
av_parser_parse2
int av_parser_parse2(AVCodecParserContext *s, AVCodecContext *avctx, uint8_t **poutbuf, int *poutbuf_size, const uint8_t *buf, int buf_size, int64_t pts, int64_t dts, int64_t pos)
Parse a packet.
Definition: parser.c:115
mem.h
AV_CODEC_ID_QTRLE
@ AV_CODEC_ID_QTRLE
Definition: codec_id.h:107
AV_CODEC_ID_GEM
@ AV_CODEC_ID_GEM
Definition: codec_id.h:311
AV_CODEC_EXPORT_DATA_MVS
#define AV_CODEC_EXPORT_DATA_MVS
Export motion vectors through frame side data.
Definition: avcodec.h:406
it
s EdgeDetect Foobar g libavfilter vf_edgedetect c libavfilter vf_foobar c edit libavfilter and add an entry for foobar following the pattern of the other filters edit libavfilter allfilters and add an entry for foobar following the pattern of the other filters configure make j< whatever > ffmpeg ffmpeg i you should get a foobar png with Lena edge detected That s it
Definition: writing_filters.txt:31
AV_CODEC_ID_G2M
@ AV_CODEC_ID_G2M
Definition: codec_id.h:223
AV_CODEC_ID_TSCC
@ AV_CODEC_ID_TSCC
Definition: codec_id.h:108
av_free
#define av_free(p)
Definition: tableprint_vlc.h:33
FFALIGN
#define FFALIGN(x, a)
Definition: macros.h:78
AVPacket
This structure stores compressed data.
Definition: packet.h:516
av_dict_set
int av_dict_set(AVDictionary **pm, const char *key, const char *value, int flags)
Set the given entry in *pm, overwriting an existing entry.
Definition: dict.c:88
AVPacket::pos
int64_t pos
byte position in stream, -1 if unknown
Definition: packet.h:559
AV_CODEC_ID_TAK
@ AV_CODEC_ID_TAK
Definition: codec_id.h:502
bytestream.h
imgutils.h
bytestream2_init
static av_always_inline void bytestream2_init(GetByteContext *g, const uint8_t *buf, int buf_size)
Definition: bytestream.h:137
flags
#define flags(name, subs,...)
Definition: cbs_av1.c:482
AV_CODEC_ID_WAVPACK
@ AV_CODEC_ID_WAVPACK
Definition: codec_id.h:465
AV_CODEC_ID_COOK
@ AV_CODEC_ID_COOK
Definition: codec_id.h:460
h
h
Definition: vp9dsp_template.c:2070
AV_CODEC_ID_TARGA
@ AV_CODEC_ID_TARGA
Definition: codec_id.h:145
AV_CODEC_ID_VORBIS
@ AV_CODEC_ID_VORBIS
Definition: codec_id.h:445
AV_CODEC_ID_WMV3IMAGE
@ AV_CODEC_ID_WMV3IMAGE
Definition: codec_id.h:203
avstring.h
av_image_check_size
int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void *log_ctx)
Check if the given dimension of an image is valid, meaning that all bytes of the image can be address...
Definition: imgutils.c:318
FF_SANE_NB_CHANNELS
#define FF_SANE_NB_CHANNELS
Definition: internal.h:37
AV_CODEC_ID_FLV1
@ AV_CODEC_ID_FLV1
Definition: codec_id.h:73
AV_CODEC_ID_DFA
@ AV_CODEC_ID_DFA
Definition: codec_id.h:202
AV_CODEC_ID_AASC
@ AV_CODEC_ID_AASC
Definition: codec_id.h:126
subtitle_handler
static int subtitle_handler(AVCodecContext *avctx, AVFrame *unused, int *got_sub_ptr, const AVPacket *avpkt)
Definition: target_dec_fuzzer.c:85
maxiteration
const uint32_t maxiteration
Definition: target_dec_fuzzer.c:104
AV_CODEC_ID_MLP
@ AV_CODEC_ID_MLP
Definition: codec_id.h:469
av_parser_close
void av_parser_close(AVCodecParserContext *s)
Definition: parser.c:193
AV_CODEC_ID_PRORES
@ AV_CODEC_ID_PRORES
Definition: codec_id.h:200
Generated on Fri Aug 22 2025 13:59:47 for FFmpeg by   doxygen 1.8.17

AltStyle によって変換されたページ (->オリジナル) /