blob: 1ba7c97007e89984e4f3e0a310d119a182aa7109 [file] [log] [blame]
// Copyright 2022 Google LLC
// SPDX-License-Identifier: BSD-2-Clause
// Compare non-incremental and incremental decode results of an arbitrary byte
// sequence.
#include <cstdint>
#include <string>
#include "avif/avif.h"
#include "avif_fuzztest_helpers.h"
#include "avifincrtest_helpers.h"
#include "fuzztest/fuzztest.h"
#include "gtest/gtest.h"
using ::fuzztest::Arbitrary;
namespace avif {
namespace testutil {
namespace {
::testing::Environment* const kStackLimitEnv = SetStackLimitTo512x1024Bytes();
//------------------------------------------------------------------------------
struct DecoderInput {
const uint8_t* available_bytes;
size_t available_size;
size_t read_size;
};
// A custom reader is necessary to get the number of bytes read by libavif.
// See avifIOReadFunc() documentation.
avifResult AvifIoRead(struct avifIO* io, uint32_t read_flags, uint64_t offset,
size_t size, avifROData* out) {
DecoderInput* data = reinterpret_cast<DecoderInput*>(io->data);
if (read_flags != 0 || !data || data->available_size < offset) {
return AVIF_RESULT_IO_ERROR;
}
out->data = data->available_bytes + offset;
out->size = std::min(size, data->available_size - offset);
data->read_size = std::max(data->read_size, offset + out->size);
return AVIF_RESULT_OK;
}
//------------------------------------------------------------------------------
void DecodeIncr(const std::string& arbitrary_bytes, bool is_persistent,
bool give_size_hint, bool use_nth_image_api) {
ASSERT_FALSE(GetSeedDataDirs().empty()); // Make sure seeds are available.
ImagePtr reference(avifImageCreateEmpty());
ASSERT_NE(reference.get(), nullptr);
DecoderInput data = {reinterpret_cast<const uint8_t*>(arbitrary_bytes.data()),
arbitrary_bytes.size(), 0};
avifIO io = {.read = AvifIoRead,
.sizeHint = arbitrary_bytes.size(),
.persistent = AVIF_TRUE,
.data = &data};
DecoderPtr decoder(avifDecoderCreate());
ASSERT_NE(decoder.get(), nullptr);
avifDecoderSetIO(decoder.get(), &io);
// OSS-Fuzz limits the allocated memory to 2560 MB.
// avifDecoderParse returns AVIF_RESULT_NOT_IMPLEMENTED if kImageSizeLimit is
// bigger than AVIF_DEFAULT_IMAGE_SIZE_LIMIT.
constexpr uint32_t kImageSizeLimit =
2560u * 512 * 512 / AVIF_MAX_AV1_LAYER_COUNT / sizeof(uint16_t);
static_assert(kImageSizeLimit <= AVIF_DEFAULT_IMAGE_SIZE_LIMIT,
"Too big an image size limit");
decoder->imageSizeLimit = kImageSizeLimit;
if (avifDecoderRead(decoder.get(), reference.get()) == AVIF_RESULT_OK) {
// Avoid timeouts by discarding big images decoded many times.
// TODO(yguyon): Increase this arbitrary threshold but decode incrementally
// fewer times than as many bytes.
if (reference->width * reference->height * data.read_size >
8 * 1024 * 1024) {
return;
}
// decodeIncrementally() will fail if there are leftover bytes.
const avifRWData encoded_data = {const_cast<uint8_t*>(data.available_bytes),
data.read_size};
// No clue on whether encoded_data is tiled so use a lower bound of a single
// tile for the whole image.
// Note that an AVIF tile is at most as high as an AV1 frame
// (aomediacodec.github.io/av1-spec says max_frame_height_minus_1 < 65536)
// but libavif successfully decodes AVIF files with dimensions unrelated to
// the underlying AV1 frame (for example a 1x1000000 AVIF for a 1x1 AV1).
// Otherwise we could use the minimum of reference->height and 65536u below.
const uint32_t max_cell_height = reference->height;
const avifResult result = DecodeIncrementally(
encoded_data, decoder.get(), is_persistent, give_size_hint,
use_nth_image_api, *reference, max_cell_height);
// The result does not matter, as long as we do not crash.
(void)result;
}
}
FUZZ_TEST(DecodeAvifFuzzTest, DecodeIncr)
.WithDomains(ArbitraryImageWithSeeds({AVIF_APP_FILE_FORMAT_AVIF}),
Arbitrary<bool>(), Arbitrary<bool>(), Arbitrary<bool>());
//------------------------------------------------------------------------------
} // namespace
} // namespace testutil
} // namespace avif