summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMathis Rosenhauer <rosenhauer@dkrz.de>2017-06-27 15:31:08 (GMT)
committerMathis Rosenhauer <rosenhauer@dkrz.de>2017-06-30 15:06:09 (GMT)
commitd5a9a756ef5dff1f747b2692cdc0e1a31a69e39f (patch)
treeb085eb39358c06a92bc331caf29b2b1e201a58a7
parent2ccc6bcf098936259c979aaf3cd97ddaad3a31de (diff)
downloadlibaec-d5a9a756ef5dff1f747b2692cdc0e1a31a69e39f.zip
libaec-d5a9a756ef5dff1f747b2692cdc0e1a31a69e39f.tar.gz
libaec-d5a9a756ef5dff1f747b2692cdc0e1a31a69e39f.tar.bz2
Fuzzing target
-rw-r--r--fuzz/fuzz_target.cc34
1 files changed, 34 insertions, 0 deletions
diff --git a/fuzz/fuzz_target.cc b/fuzz/fuzz_target.cc
new file mode 100644
index 0000000..4f90055
--- /dev/null
+++ b/fuzz/fuzz_target.cc
@@ -0,0 +1,34 @@
+#include <stdlib.h>
+#include <stdint.h>
+#include "libaec.h"
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+ struct aec_stream strm;
+ int32_t *source;
+ unsigned char *dest;
+
+ if (Size < 2)
+ return 0;
+
+ dest = (unsigned char *)malloc(Size * 4);
+ strm.bits_per_sample = (Data[0] & 0x1f) | 1;
+ strm.block_size = 8 << (Data[1] & 3);
+ strm.rsi = 2;
+ strm.flags = AEC_DATA_PREPROCESS;
+ if (Data[1] & 0x80)
+ strm.flags |= AEC_DATA_MSB;
+ if (Data[1] & 0x40)
+ strm.flags |= AEC_DATA_SIGNED;
+ if (strm.bits_per_sample <= 24 && strm.bits_per_sample > 16)
+ strm.flags |= AEC_DATA_3BYTE;
+ strm.next_in = (unsigned char *)(Data + 2);
+ strm.avail_in = Size - 2;
+ strm.next_out = dest;
+ strm.avail_out = (Size - 2) * 4;
+ if (Data[1] & 0x20)
+ aec_buffer_encode(&strm);
+ else
+ aec_buffer_decode(&strm);
+ free(dest);
+ return 0;
+}