Merge avif_decode_fuzzer into avif_fuzztest_dec.cc (#2006)

AOMediaCodec · Sep 17, 2024 · 3d4c39c · 3d4c39c
1 parent 981b9a2
commit 3d4c39c
Show file tree

Hide file tree

Showing 6 changed files with 19 additions and 147 deletions.
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
@@ -52,17 +52,6 @@ if(AVIF_ENABLE_FUZZTEST OR AVIF_ENABLE_GTEST OR AVIF_BUILD_APPS)
     target_link_libraries(aviftest_helpers_internal PRIVATE avif_enable_warnings)
 endif()
 
-if(CMAKE_CXX_COMPILER_LOADED)
-    # Fuzz target without any fuzzing engine dependency. For easy reproduction of oss-fuzz issues.
-    add_executable(repro_avif_decode_fuzzer oss-fuzz/avif_decode_fuzzer.cc oss-fuzz/repro_fuzz.cc)
-    set_target_properties(repro_avif_decode_fuzzer PROPERTIES LINKER_LANGUAGE "CXX")
-    target_link_libraries(repro_avif_decode_fuzzer avif avif_enable_warnings)
-    # The test below exists for coverage and as a usage example: repro_avif_decode_fuzzer [reproducer file path]
-    add_test(NAME repro_avif_decode_fuzzer COMMAND repro_avif_decode_fuzzer
-                                                   ${CMAKE_CURRENT_SOURCE_DIR}/data/color_grid_alpha_nogrid.avif
-    )
-endif()
-
 ################################################################################
 # GoogleTest
 

diff --git a/tests/gtest/avif_fuzztest_dec.cc b/tests/gtest/avif_fuzztest_dec.cc
@@ -20,24 +20,36 @@ ::testing::Environment* const kStackLimitEnv = SetStackLimitTo512x1024Bytes();
 
 //------------------------------------------------------------------------------
 
-void Decode(const std::string& arbitrary_bytes, DecoderPtr decoder) {
+void Decode(const std::string& arbitrary_bytes, bool is_persistent,
+            DecoderPtr decoder) {
   ASSERT_FALSE(GetSeedDataDirs().empty());  // Make sure seeds are available.
 
   ImagePtr decoded(avifImageCreateEmpty());
   ASSERT_NE(decoded, nullptr);
-  const avifResult result = avifDecoderReadMemory(
-      decoder.get(), decoded.get(),
+
+  avifIO* const io = avifIOCreateMemoryReader(
       reinterpret_cast<const uint8_t*>(arbitrary_bytes.data()),
       arbitrary_bytes.size());
-  if (result == AVIF_RESULT_OK) {
-    EXPECT_GT(decoded->width, 0u);
-    EXPECT_GT(decoded->height, 0u);
+  if (io == nullptr) return;
+  // The Chrome's avifIO object is not persistent.
+  io->persistent = is_persistent;
+  avifDecoderSetIO(decoder.get(), io);
+
+  if (avifDecoderParse(decoder.get()) != AVIF_RESULT_OK) return;
+  while (avifDecoderNextImage(decoder.get()) == AVIF_RESULT_OK) {
+    EXPECT_GT(decoder->image->width, 0u);
+    EXPECT_GT(decoder->image->height, 0u);
+  }
+
+  // Loop once.
+  if (avifDecoderReset(decoder.get()) != AVIF_RESULT_OK) return;
+  while (avifDecoderNextImage(decoder.get()) == AVIF_RESULT_OK) {
   }
 }
 
 FUZZ_TEST(DecodeAvifTest, Decode)
     .WithDomains(ArbitraryImageWithSeeds({AVIF_APP_FILE_FORMAT_AVIF}),
-                 ArbitraryAvifDecoder());
+                 Arbitrary<bool>(), ArbitraryAvifDecoder());
 
 //------------------------------------------------------------------------------
 

diff --git a/tests/oss-fuzz/avif_decode_fuzzer.cc b/tests/oss-fuzz/avif_decode_fuzzer.cc
diff --git a/tests/oss-fuzz/build.sh b/tests/oss-fuzz/build.sh
@@ -83,12 +83,6 @@ cmake .. -G Ninja -DBUILD_SHARED_LIBS=OFF -DAVIF_CODEC_AOM=LOCAL -DAVIF_CODEC_DA
 
 ninja
 
-# build decode fuzzer
-$CXX $CXXFLAGS -std=c++11 -I../include \
-    ../tests/oss-fuzz/avif_decode_fuzzer.cc -o $OUT/avif_decode_fuzzer \
-    $LIB_FUZZING_ENGINE libavif.a ../ext/dav1d/build/src/libdav1d.a \
-    ../ext/libyuv/build/libyuv.a ../ext/aom/build.libavif/libaom.a
-
 # Restrict fuzztest tests to the only compatible fuzz engine: libfuzzer.
 if [[ "$FUZZING_ENGINE" == "libfuzzer" ]]; then
   # build fuzztests

diff --git a/tests/oss-fuzz/repro_fuzz.cc b/tests/oss-fuzz/repro_fuzz.cc