[FFmpeg-devel] [PATCH 2/2] tools/target_dec_fuzzer: List valid codec tags (based on fate)

Michael Niedermayer michael at niedermayer.cc
Sat Dec 28 22:16:17 EET 2019

I am a bit undecided on listing them like this but it seems the
fuzzer has difficulty finding valid tags (like in hapdec/snappy)

With this it finds issues in hapdec within seconds locally (with constrained w/h)
while before on googles machienes it seemed not to get past the codec_tag
switch at all on the days i checked

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
 tools/target_dec_fuzzer.c | 40 ++++++++++++++++++++++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/tools/target_dec_fuzzer.c b/tools/target_dec_fuzzer.c
index 2d9d28b46d..03ff45a0f4 100644
--- a/tools/target_dec_fuzzer.c
+++ b/tools/target_dec_fuzzer.c
@@ -57,6 +57,43 @@
 //For FF_SANE_NB_CHANNELS, so we dont waste energy testing things that will get instantly rejected
 #include "libavcodec/internal.h"
+unsigned codec_tags[] = {
+ 0x00000000, 0x00000001, 0x00000002, 0x00000003, 0x00000004, 0x00000006, 0x00000007, 0x0000000A,
+ 0x0000000F, 0x00000011, 0x00000017, 0x0000001B, 0x00000020, 0x00000022, 0x00000024, 0x00000031,
+ 0x00000045, 0x00000050, 0x00000055, 0x00000061, 0x00000062, 0x00000065, 0x00000069, 0x0000007C,
+ 0x00000081, 0x00000082, 0x00000100, 0x00000160, 0x00000161, 0x00000162, 0x00000163, 0x00000200,
+ 0x00000270, 0x0000028F, 0x00000401, 0x00000500, 0x00002000, 0x0000A109, 0x0200736D, 0x08505350,
+ 0x0F424752, 0x10424752, 0x10445350, 0x10445550, 0x10505350, 0x10544942, 0x1100736D, 0x18424752,
+ 0x18445550, 0x18505350, 0x18524742, 0x2033504D, 0x20335056, 0x20445550, 0x20455041, 0x204D4250,
+ 0x20505350, 0x20545344, 0x20636D73, 0x20637664, 0x20656C72, 0x20776172, 0x302E3151, 0x30303859,
+ 0x30313272, 0x30313276, 0x30313476, 0x30315652, 0x30323449, 0x30324C4D, 0x30324D54, 0x30325254,
+ 0x30325652, 0x30335652, 0x30345056, 0x30345652, 0x30355056, 0x30355649, 0x30375056, 0x30385056,
+ 0x30395056, 0x30484C55, 0x30573142, 0x30594C55, 0x312D6376, 0x31325452, 0x31335056, 0x31345649,
+ 0x31363248, 0x31474E50, 0x31515653, 0x31524356, 0x31535046, 0x3153534D, 0x31564256, 0x31564646,
+ 0x3156474B, 0x31564D57, 0x31564E57, 0x31565053, 0x31565341, 0x31573042, 0x31637661, 0x31637668,
+ 0x31706148, 0x31766568, 0x32335649, 0x32336E69, 0x3234504D, 0x32484C55, 0x324B4D53, 0x324D3247,
+ 0x324D4451, 0x32514853, 0x32524356, 0x32525541, 0x3253534D, 0x3253544D, 0x32564D57, 0x32565341,
+ 0x32594C55, 0x32595559, 0x32637374, 0x3267706D, 0x32706A6D, 0x332D6365, 0x3334504D, 0x33363248,
+ 0x3343414D, 0x33445844, 0x334D3247, 0x33515653, 0x33564D57, 0x33637661, 0x34326E69, 0x34355053,
+ 0x34363248, 0x3447504D, 0x34484C55, 0x344D3247, 0x34504D46, 0x34616D69, 0x34767579, 0x3535354C,
+ 0x3536354C, 0x35706148, 0x3643414D, 0x38303376, 0x38303476, 0x385F3832, 0x39565559, 0x3A44534C,
+ 0x41365056, 0x41424752, 0x414B4D53, 0x41524742, 0x41524C55, 0x41525541, 0x41706148, 0x42313459,
+ 0x42323459, 0x42494C5A, 0x43414658, 0x43435349, 0x43435352, 0x434C4C43, 0x43534141, 0x43534454,
+ 0x43564D46, 0x43564D4B, 0x4356534D, 0x43565543, 0x44435343, 0x44484643, 0x44495658, 0x44535342,
+ 0x454C4256, 0x454D414C, 0x454E4F4E, 0x4649464A, 0x46564D41, 0x47423432, 0x474E504D, 0x47504A4C,
+ 0x47504A4D, 0x47504A52, 0x47524C55, 0x48564646, 0x485A534D, 0x49445844, 0x49544C55, 0x49555641,
+ 0x4A63706C, 0x4B435544, 0x4C584956, 0x4D415243, 0x4D424C49, 0x4D435041, 0x4D706148, 0x4F43455A,
+ 0x4F434F4C, 0x50303434, 0x50313459, 0x50343434, 0x50444147, 0x50444152, 0x50535010, 0x50554410,
+ 0x50554418, 0x50554420, 0x524A4C43, 0x5347414C, 0x534C4A4D, 0x53504238, 0x55575246, 0x55594648,
+ 0x56424D5A, 0x56434946, 0x574D5632, 0x574F4E53, 0x58514843, 0x58565338, 0x5947414D, 0x59706148,
+ 0x6134706D, 0x617A7072, 0x624B4942, 0x62706A6D, 0x62776173, 0x63616C61, 0x63617264, 0x63637374,
+ 0x636E4D56, 0x64697663, 0x646F6369, 0x64756164, 0x664B4942, 0x67337874, 0x68347061, 0x68637061,
+ 0x68645641, 0x694B4942, 0x6B6F6F63, 0x6D63706C, 0x6D736761, 0x6E617858, 0x6E637061, 0x6E645641,
+ 0x6F56736D, 0x6F637061, 0x726D6173, 0x726F7478, 0x72706973, 0x73637061, 0x736F7774, 0x7375704F,
+ 0x74656E64, 0x746C7870, 0x74776F73, 0x76323130, 0x7634706D, 0x76757963, 0x77616C61, 0x77616C75,
+ 0x77726471, 0xFFFFFFFF,
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
 extern AVCodec * codec_list[];
@@ -209,7 +246,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         ctx->sample_rate                        = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;
         ctx->channels                           = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;
         ctx->block_align                        = bytestream2_get_le32(&gbc) & 0x7FFFFFFF;
-        ctx->codec_tag                          = bytestream2_get_le32(&gbc);
+        ctx->codec_tag                          = codec_tags[bytestream2_get_le32(&gbc) % FF_ARRAY_ELEMS(codec_tags)];
         keyframes                               = bytestream2_get_le64(&gbc);
         ctx->request_channel_layout             = bytestream2_get_le64(&gbc);

More information about the ffmpeg-devel mailing list