Skip to content

Commit

Permalink
Set a proper imageSizeLimit in fuzz tests (AOMediaCodec#1953)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vrabaud
vrabaud authored Jan 18, 2024
1 parent 0803a0c commit 22e95f1
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 3 deletions.
9 changes: 7 additions & 2 deletions tests/gtest/avif_fuzztest_dec_incr.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,13 @@ void DecodeIncr(const std::string& arbitrary_bytes, bool is_persistent,
ASSERT_NE(decoder.get(), nullptr);
avifDecoderSetIO(decoder.get(), &io);
// OSS-Fuzz limits the allocated memory to 2560 MB.
decoder->imageSizeLimit =
2560u * 1024 * 1024 / AVIF_MAX_AV1_LAYER_COUNT / sizeof(uint16_t);
// avifDecoderParse returns AVIF_RESULT_NOT_IMPLEMENTED if kImageSizeLimit is
// bigger than AVIF_DEFAULT_IMAGE_SIZE_LIMIT.
constexpr uint32_t kImageSizeLimit =
2560u * 512 * 512 / AVIF_MAX_AV1_LAYER_COUNT / sizeof(uint16_t);
static_assert(kImageSizeLimit <= AVIF_DEFAULT_IMAGE_SIZE_LIMIT,
"Too big an image size limit");
decoder->imageSizeLimit = kImageSizeLimit;

if (avifDecoderRead(decoder.get(), reference.get()) == AVIF_RESULT_OK) {
// Avoid timeouts by discarding big images decoded many times.
Expand Down
5 changes: 4 additions & 1 deletion tests/oss-fuzz/avif_decode_fuzzer.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* Data, size_t Size) {
// setting decoder->imageSizeLimit to this value allows avif_decode_fuzzer to
// consume no more than 2560 MB of memory. Also limit the dimensions to avoid
// timeouts and to speed the fuzzing up.
// avifDecoderParse returns AVIF_RESULT_NOT_IMPLEMENTED if kImageSizeLimit is
// bigger than AVIF_DEFAULT_IMAGE_SIZE_LIMIT.
constexpr uint32_t kImageSizeLimit = 8 * 1024 * 8 * 1024;
static_assert(kImageSizeLimit <= AVIF_DEFAULT_IMAGE_SIZE_LIMIT, "");
static_assert(kImageSizeLimit <= AVIF_DEFAULT_IMAGE_SIZE_LIMIT,
"Too big an image size limit");
decoder->imageSizeLimit = kImageSizeLimit;

avifIO* const io = avifIOCreateMemoryReader(Data, Size);
Expand Down

0 comments on commit 22e95f1

Please sign in to comment.