diff options
author | Janne Grunau <janne-vlc@jannau.net> | 2018-11-14 12:27:43 +0300 |
---|---|---|
committer | Ronald S. Bultje <rsbultje@gmail.com> | 2018-11-14 18:17:12 +0300 |
commit | a79cebf2e69264adc07738df0052ccf9c6255492 (patch) | |
tree | c8af31a2e03317a339b4e7a45d44cb24541f8220 | |
parent | c59f19405362091741f441ff1a98810955a56a3f (diff) |
dav1d_fuzzer: skip empty frames to avoid assertions after 026069693ef
-rw-r--r-- | tests/libfuzzer/dav1d_fuzzer.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/tests/libfuzzer/dav1d_fuzzer.c b/tests/libfuzzer/dav1d_fuzzer.c index 4a7ecb1..08de3d9 100644 --- a/tests/libfuzzer/dav1d_fuzzer.c +++ b/tests/libfuzzer/dav1d_fuzzer.c @@ -90,6 +90,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) if (frame_size > size || ptr > data + size - frame_size) break; + if (!frame_size) continue; + // copy frame data to a new buffer to catch reads past the end of input p = dav1d_data_create(&buf, frame_size); if (!p) goto cleanup; @@ -110,7 +112,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) } } while (buf.sz > 0); - if (buf.sz > 0 || frame_size == 0) + if (buf.sz > 0) dav1d_data_unref(&buf); } |