37 static void error(
const char *err)
39 fprintf(stderr,
"%s", err);
52 if (c->
pos > INT64_MAX - size)
55 memcpy(buf, c->
fuzz, size);
68 if (whence == SEEK_CUR) {
69 if (offset > INT64_MAX - c->
pos)
72 }
else if (whence == SEEK_END) {
73 if (offset > INT64_MAX - c->
filesize)
79 if (offset < 0 || offset > c->
filesize)
93 static const uint64_t
FUZZ_TAG = 0x4741542D5A5A5546ULL;
100 char filename[1025] = {0};
103 int io_buffer_size = 32768;
110 #ifdef FFMPEG_DEMUXER 111 #define DEMUXER_SYMBOL0(DEMUXER) ff_##DEMUXER##_demuxer 112 #define DEMUXER_SYMBOL(DEMUXER) DEMUXER_SYMBOL0(DEMUXER) 114 fmt = &DEMUXER_SYMBOL(FFMPEG_DEMUXER);
123 error(
"Failed avformat_alloc_context()");
127 io_buffer_size =
size;
128 }
else if (size > 2048) {
133 memcpy (filename, data + size - 1024, 1024);
137 io_buffer_size = bytestream2_get_le32(&gbc) & 0xFFFFFFF;
138 flags = bytestream2_get_byte(&gbc);
139 seekable = flags & 1;
140 filesize = bytestream2_get_le64(&gbc) & 0x7FFFFFFFFFFFFFFF;
142 if ((flags & 2) && strlen(filename) <
sizeof(filename) / 2) {
144 void *avif_iter =
NULL;
150 avif_count = bytestream2_get_le32(&gbc) % avif_count;
159 if (strchr(extension,
','))
160 *strchr(extension,
',') = 0;
161 av_strlcatf(filename,
sizeof(filename),
".%s", extension);
165 if (!io_buffer_size || size / io_buffer_size >
maxblocks)
166 io_buffer_size =
size;
170 error(
"Failed to allocate io_buffer");
179 error(
"avio_alloc_context failed");
181 avfmt->
pb = fuzzed_pb;
ptrdiff_t const GLvoid * data
void av_log_set_level(int level)
Set the log level.
const uint32_t maxiteration
unsigned char * buffer
Start of the buffer.
static av_always_inline void bytestream2_init(GetByteContext *g, const uint8_t *buf, int buf_size)
int avformat_open_input(AVFormatContext **ps, const char *url, ff_const59 AVInputFormat *fmt, AVDictionary **options)
Open an input stream and read the header.
static int io_read(void *opaque, uint8_t *buf, int buf_size)
#define AV_LOG_PANIC
Something went really wrong and we will crash now.
it s the only field you need to keep assuming you have a context There is some magic you don t need to care about around this just let it vf offset
Undefined Behavior In the C some operations are like signed integer dereferencing freed accessing outside allocated Undefined Behavior must not occur in a C it is not safe even if the output of undefined operations is unused The unsafety may seem nit picking but Optimizing compilers have in fact optimized code on the assumption that no undefined Behavior occurs Optimizing code based on wrong assumptions can and has in some cases lead to effects beyond the output of computations The signed integer overflow problem in speed critical code Code which is highly optimized and works with signed integers sometimes has the problem that often the output of the computation does not c
static const uint64_t FUZZ_TAG
AVFormatContext * avformat_alloc_context(void)
Allocate an AVFormatContext.
s EdgeDetect Foobar g libavfilter vf_edgedetect c libavfilter vf_foobar c edit libavfilter and add an entry for foobar following the pattern of the other filters edit libavfilter allfilters and add an entry for foobar following the pattern of the other filters configure make j< whatever > ffmpeg ffmpeg i you should get a foobar png with Lena edge detected That s it
#define AVERROR_EOF
End of file.
AVIOContext * avio_alloc_context(unsigned char *buffer, int buffer_size, int write_flag, void *opaque, int(*read_packet)(void *opaque, uint8_t *buf, int buf_size), int(*write_packet)(void *opaque, uint8_t *buf, int buf_size), int64_t(*seek)(void *opaque, int64_t offset, int whence))
Allocate and initialize an AVIOContext for buffered I/O.
simple assert() macros that are a bit more flexible than ISO C assert().
size_t av_strlcpy(char *dst, const char *src, size_t size)
Copy the string src to dst, but no more than size - 1 bytes, and null-terminate dst.
const AVInputFormat * av_demuxer_iterate(void **opaque)
Iterate over all registered demuxers.
Libavcodec external API header.
AVIOContext * pb
I/O context.
void av_packet_unref(AVPacket *pkt)
Wipe the packet.
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
size_t av_strlcatf(char *dst, size_t size, const char *fmt,...)
void avformat_free_context(AVFormatContext *s)
Free an AVFormatContext and all its streams.
int av_read_frame(AVFormatContext *s, AVPacket *pkt)
Return the next frame of a stream.
#define flags(name, subs,...)
int avformat_find_stream_info(AVFormatContext *ic, AVDictionary **options)
Read packets of a media file to get stream information.
void avio_context_free(AVIOContext **s)
Free the supplied IO context and everything associated with it.
void av_init_packet(AVPacket *pkt)
Initialize optional fields of a packet with default values.
#define AVSEEK_SIZE
ORing this as the "whence" parameter to a seek function causes it to return the filesize without seek...
void avformat_close_input(AVFormatContext **s)
Close an opened input AVFormatContext.
static void error(const char *err)
Filter the word “frame” indicates either a video frame or a group of audio as stored in an AVFrame structure Format for each input and each output the list of supported formats For video that means pixel format For audio that means channel sample they are references to shared objects When the negotiation mechanism computes the intersection of the formats supported at each end of a all references to both lists are replaced with a reference to the intersection And when a single format is eventually chosen for a link amongst the remaining all references to the list are updated That means that if a filter requires that its input and output have the same format amongst a supported all it has to do is use a reference to the same list of formats query_formats can leave some formats unset and return AVERROR(EAGAIN) to cause the negotiation mechanism toagain later.That can be used by filters with complex requirements to use the format negotiated on one link to set the formats supported on another.Frame references ownership and permissions
This structure stores compressed data.
static int64_t io_seek(void *opaque, int64_t offset, int whence)
1.8.11
