commit 063a46195485a17e9b5136d6c6d91ea773ed48f5
author Yannis Guyon <yguyon@google.com> Thu Feb 08 09:20:40 2024 +0000
committer GitHub <noreply@github.com> Thu Feb 08 10:20:40 2024 +0100
tree fe026bae4cda30fea63b9282a627ef2c943f92fd
parent 0bcc007d296f9765de25cccb30a0222cfd453ded

Same size limit in read_image fuzzer as dec_incr (#1995)

tests/gtest/avif_fuzztest_dec_incr.cc

diff --git a/tests/gtest/avif_fuzztest_dec_incr.cc b/tests/gtest/avif_fuzztest_dec_incr.cc
index 1ba7c97..328ceb1 100644
--- a/tests/gtest/avif_fuzztest_dec_incr.cc
+++ b/tests/gtest/avif_fuzztest_dec_incr.cc
@@ -62,10 +62,15 @@
   ASSERT_NE(decoder.get(), nullptr);
   avifDecoderSetIO(decoder.get(), &io);
   // OSS-Fuzz limits the allocated memory to 2560 MB.
+  constexpr uint32_t kMaxMem = 2560u * 1024 * 1024;
+  // Consider at most four planes of 16-bit samples.
+  constexpr uint32_t kMaxImageSize =
+      kMaxMem / (AVIF_PLANE_COUNT_YUV + 1) / sizeof(uint16_t);
+  // Reduce the limit further to include pixel buffer copies and other memory
+  // allocations.
+  constexpr uint32_t kImageSizeLimit = kMaxImageSize / 4;
   // avifDecoderParse returns AVIF_RESULT_NOT_IMPLEMENTED if kImageSizeLimit is
   // bigger than AVIF_DEFAULT_IMAGE_SIZE_LIMIT.
-  constexpr uint32_t kImageSizeLimit =
-      2560u * 512 * 512 / AVIF_MAX_AV1_LAYER_COUNT / sizeof(uint16_t);
   static_assert(kImageSizeLimit <= AVIF_DEFAULT_IMAGE_SIZE_LIMIT,
                 "Too big an image size limit");
   decoder->imageSizeLimit = kImageSizeLimit;

tests/gtest/avif_fuzztest_read_image.cc

diff --git a/tests/gtest/avif_fuzztest_read_image.cc b/tests/gtest/avif_fuzztest_read_image.cc
index 608861b..b0b893d 100644
--- a/tests/gtest/avif_fuzztest_read_image.cc
+++ b/tests/gtest/avif_fuzztest_read_image.cc
@@ -60,9 +60,14 @@
   ImagePtr avif_image(avifImageCreateEmpty());
   avif_image->matrixCoefficients = matrix_coefficients;
 
-  // OSS-Fuzz limits the allocated memory to 2560 MB. Consider 16-bit samples.
-  constexpr uint32_t kImageSizeLimit =
-      2560u * 1024 * 1024 / AVIF_MAX_AV1_LAYER_COUNT / sizeof(uint16_t);
+  // OSS-Fuzz limits the allocated memory to 2560 MB.
+  constexpr uint32_t kMaxMem = 2560u * 1024 * 1024;
+  // Consider at most four planes of 16-bit samples.
+  constexpr uint32_t kMaxImageSize =
+      kMaxMem / (AVIF_PLANE_COUNT_YUV + 1) / sizeof(uint16_t);
+  // Reduce the limit further to include pixel buffer copies and other memory
+  // allocations.
+  constexpr uint32_t kImageSizeLimit = kMaxImageSize / 4;
   // SharpYUV is computationally expensive. Avoid timeouts.
   const uint32_t imageSizeLimit =
       (chroma_downsampling == AVIF_CHROMA_DOWNSAMPLING_SHARP_YUV &&