• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2025 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #include <cstddef>
16 #include <cstdint>
17 #include "avcodec_suspend.h"
18 #include "native_avcodec_videodecoder.h"
19 #include "native_averrors.h"
20 #include "native_avcodec_base.h"
21 #include <unistd.h>
22 #include "videodec_sample.h"
23 #include <fuzzer/FuzzedDataProvider.h>
24 using namespace std;
25 using namespace OHOS::Media;
26 #define FUZZ_PROJECT_NAME "avcodecsuspend_fuzzer"
27 
28 namespace OHOS {
AvcodecSuspend001FuzzTest(const uint8_t * data,size_t size)29 bool AvcodecSuspend001FuzzTest(const uint8_t *data, size_t size)
30 {
31     std::vector<pid_t> pid;
32     pid_t pid0 = getpid();
33     pid.push_back(pid0);
34     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pid);
35     MediaAVCodec::AVCodecSuspend::SuspendActive(pid);
36 
37     if (size < sizeof(pid_t)) {
38         return false;
39     }
40     size_t length = size / sizeof(pid_t);
41     size_t copyLength = length * sizeof(pid_t);
42     std::vector<pid_t> pidFuzz(length);
43     errno_t result = memcpy_s(pidFuzz.data(), copyLength, data, copyLength);
44     if (result != 0) {
45         return false;
46     }
47     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pidFuzz);
48     MediaAVCodec::AVCodecSuspend::SuspendActive(pidFuzz);
49     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pid);
50     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pidFuzz);
51     MediaAVCodec::AVCodecSuspend::SuspendActiveAll();
52     return true;
53 }
54 
AvcodecSuspend002FuzzTest(const uint8_t * data,size_t size)55 bool AvcodecSuspend002FuzzTest(const uint8_t *data, size_t size)
56 {
57     if (size < sizeof(pid_t)) {
58         return false;
59     }
60     size_t length = size / sizeof(pid_t);
61     size_t copyLength = length * sizeof(pid_t);
62     std::vector<pid_t> pidFuzz(length);
63     errno_t result = memcpy_s(pidFuzz.data(), copyLength, data, copyLength);
64     if (result != 0) {
65         return false;
66     }
67     std::vector<pid_t> pid;
68     pid_t pid0 = getpid();
69     pid.push_back(pid0);
70 
71     VDecFuzzSample *vDecSample = new VDecFuzzSample();
72     int32_t ret = vDecSample->CreateVideoDecoder();
73     if (ret != 0) {
74         delete vDecSample;
75         vDecSample = nullptr;
76         return false;
77     }
78     vDecSample->ConfigureVideoDecoder();
79     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pidFuzz);
80     MediaAVCodec::AVCodecSuspend::SuspendActive(pidFuzz);
81     MediaAVCodec::AVCodecSuspend::SuspendActiveAll();
82     vDecSample->SetVideoDecoderCallback();
83     vDecSample->StartVideoDecoder();
84     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pidFuzz);
85     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pid);
86     MediaAVCodec::AVCodecSuspend::SuspendActiveAll();
87     vDecSample->Flush();
88     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pidFuzz);
89     MediaAVCodec::AVCodecSuspend::SuspendActive(pidFuzz);
90     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pid);
91     MediaAVCodec::AVCodecSuspend::SuspendActive(pid);
92     vDecSample->Stop();
93     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pidFuzz);
94     MediaAVCodec::AVCodecSuspend::SuspendActive(pidFuzz);
95     MediaAVCodec::AVCodecSuspend::SuspendActiveAll();
96     vDecSample->Release();
97     delete vDecSample;
98     vDecSample = nullptr;
99     return true;
100 }
101 
AvcodecSuspend003FuzzTest(const uint8_t * data,size_t size)102 bool AvcodecSuspend003FuzzTest(const uint8_t *data, size_t size)
103 {
104     std::vector<pid_t> pid;
105     pid_t pid0 = getpid();
106     pid.push_back(pid0);
107 
108     VDecFuzzSample *vDecSample = new VDecFuzzSample();
109     int32_t ret = vDecSample->CreateVideoDecoder();
110     if (ret != 0) {
111         delete vDecSample;
112         vDecSample = nullptr;
113         return false;
114     }
115     vDecSample->ConfigureVideoDecoder();
116     vDecSample->SetVideoDecoderCallback();
117     vDecSample->Start();
118     vDecSample->InputFuncFUZZ(data, size);
119     MediaAVCodec::AVCodecSuspend::SuspendFreeze(pid);
120     MediaAVCodec::AVCodecSuspend::SuspendActive(pid);
121     MediaAVCodec::AVCodecSuspend::SuspendActiveAll();
122     vDecSample->Flush();
123     vDecSample->Stop();
124     vDecSample->Reset();
125     delete vDecSample;
126     vDecSample = nullptr;
127     return true;
128 }
129 }
130 
131  /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)132  extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
133  {
134      /* Run your code on data */
135      OHOS::AvcodecSuspend001FuzzTest(data, size);
136      OHOS::AvcodecSuspend002FuzzTest(data, size);
137      OHOS::AvcodecSuspend003FuzzTest(data, size);
138      return 0;
139  }
140