2017-10-31 06:43:07 +00:00
|
|
|
/*
|
|
|
|
* Copyright 2016 Google Inc.
|
|
|
|
* author: Edward Hervey <bilboed@bilboed.com>
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
#include "config.h"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include <locale.h>
|
|
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <glib.h>
|
|
|
|
#include <gst/gst.h>
|
|
|
|
|
2017-12-06 07:41:59 +00:00
|
|
|
#ifndef LOCAL_FUZZ_BUILD
|
2017-10-31 07:03:48 +00:00
|
|
|
GST_PLUGIN_STATIC_DECLARE (coreelements);
|
|
|
|
GST_PLUGIN_STATIC_DECLARE (typefindfunctions);
|
|
|
|
GST_PLUGIN_STATIC_DECLARE (app);
|
2017-12-06 07:41:59 +00:00
|
|
|
#endif
|
2017-10-31 06:43:07 +00:00
|
|
|
|
|
|
|
/* push-based typefind fuzzing target
|
|
|
|
*
|
|
|
|
* This application can be compiled with libFuzzer to simulate
|
|
|
|
* a push-based typefind execution.
|
|
|
|
*
|
|
|
|
* To reproduce the failing behaviour, use:
|
|
|
|
* $ gst-launch-1.0 pushfile:///.. ! typefind ! fakesink
|
|
|
|
*
|
|
|
|
* The goal is to cover typefind code and implementation.
|
|
|
|
*
|
|
|
|
**/
|
2017-11-01 08:45:36 +00:00
|
|
|
static void
|
|
|
|
custom_logger (const gchar *log_domain,
|
|
|
|
GLogLevelFlags log_level,
|
|
|
|
const gchar *message,
|
|
|
|
gpointer unused_data)
|
|
|
|
{
|
|
|
|
if (log_level & G_LOG_LEVEL_CRITICAL) {
|
|
|
|
g_printerr ("CRITICAL ERROR : %s\n", message);
|
2017-11-01 08:55:46 +00:00
|
|
|
abort();
|
2017-11-01 08:45:36 +00:00
|
|
|
} else if (log_level & G_LOG_LEVEL_WARNING) {
|
|
|
|
g_printerr ("WARNING : %s\n", message);
|
|
|
|
}
|
|
|
|
}
|
2017-10-31 06:43:07 +00:00
|
|
|
|
2017-10-31 07:03:48 +00:00
|
|
|
int
|
|
|
|
LLVMFuzzerTestOneInput (const guint8 * data, size_t size)
|
2017-10-31 06:43:07 +00:00
|
|
|
{
|
|
|
|
GError *err = NULL;
|
2017-11-01 13:10:05 +00:00
|
|
|
static gboolean initialized = FALSE;
|
2017-10-31 06:43:07 +00:00
|
|
|
GstElement *pipeline, *source, *typefind, *fakesink;
|
|
|
|
GstBuffer *buf;
|
|
|
|
GstFlowReturn flowret;
|
2017-10-31 07:03:48 +00:00
|
|
|
GstState state;
|
2017-10-31 06:43:07 +00:00
|
|
|
|
|
|
|
if (!initialized) {
|
2017-11-01 07:50:25 +00:00
|
|
|
/* We want critical warnings to assert so we can fix them */
|
|
|
|
g_log_set_always_fatal(G_LOG_LEVEL_CRITICAL);
|
2017-11-01 08:45:36 +00:00
|
|
|
g_log_set_default_handler (custom_logger, NULL);
|
2017-10-31 06:43:07 +00:00
|
|
|
|
|
|
|
/* Only initialize and register plugins once */
|
|
|
|
gst_init (NULL, NULL);
|
2017-10-31 07:03:48 +00:00
|
|
|
|
2017-12-06 07:41:59 +00:00
|
|
|
#ifndef LOCAL_FUZZ_BUILD
|
2017-10-31 07:03:48 +00:00
|
|
|
GST_PLUGIN_STATIC_REGISTER (coreelements);
|
|
|
|
GST_PLUGIN_STATIC_REGISTER (typefindfunctions);
|
|
|
|
GST_PLUGIN_STATIC_REGISTER (app);
|
2017-12-06 07:41:59 +00:00
|
|
|
#endif
|
2017-11-01 13:10:05 +00:00
|
|
|
|
|
|
|
initialized = TRUE;
|
2017-10-31 06:43:07 +00:00
|
|
|
}
|
2017-10-31 07:03:48 +00:00
|
|
|
|
2017-10-31 06:43:07 +00:00
|
|
|
/* Create the pipeline */
|
2017-10-31 07:12:43 +00:00
|
|
|
pipeline = gst_pipeline_new ("pipeline");
|
2017-10-31 06:43:07 +00:00
|
|
|
source = gst_element_factory_make ("appsrc", "source");
|
|
|
|
typefind = gst_element_factory_make ("typefind", "typefind");
|
|
|
|
fakesink = gst_element_factory_make ("fakesink", "fakesink");
|
|
|
|
|
|
|
|
gst_bin_add_many (GST_BIN (pipeline), source, typefind, fakesink, NULL);
|
|
|
|
gst_element_link_many (source, typefind, fakesink, NULL);
|
|
|
|
|
|
|
|
/* Set pipeline to READY so we can provide data to appsrc */
|
|
|
|
gst_element_set_state (GST_ELEMENT (pipeline), GST_STATE_READY);
|
|
|
|
buf = gst_buffer_new_wrapped_full (0, (gpointer) data, size,
|
2017-10-31 07:03:48 +00:00
|
|
|
0, size, NULL, NULL);
|
2017-10-31 06:43:07 +00:00
|
|
|
g_object_set (G_OBJECT (source), "size", size, NULL);
|
2017-10-31 07:03:48 +00:00
|
|
|
g_signal_emit_by_name (G_OBJECT (source), "push-buffer", buf, &flowret);
|
2017-10-31 06:43:07 +00:00
|
|
|
gst_buffer_unref (buf);
|
2017-10-31 07:03:48 +00:00
|
|
|
|
2017-10-31 06:43:07 +00:00
|
|
|
/* Set pipeline to PAUSED and wait (typefind will either fail or succeed) */
|
|
|
|
gst_element_set_state (GST_ELEMENT (pipeline), GST_STATE_PAUSED);
|
|
|
|
|
|
|
|
/* wait until state change either completes or fails */
|
2017-10-31 07:03:48 +00:00
|
|
|
gst_element_get_state (GST_ELEMENT (pipeline), &state, NULL, -1);
|
2017-10-31 06:43:07 +00:00
|
|
|
|
|
|
|
/* Go back to NULL */
|
|
|
|
gst_element_set_state (GST_ELEMENT (pipeline), GST_STATE_NULL);
|
|
|
|
|
|
|
|
/* And release the pipeline */
|
|
|
|
gst_object_unref (pipeline);
|
2017-10-31 07:03:48 +00:00
|
|
|
|
2017-10-31 06:43:07 +00:00
|
|
|
return 0;
|
2017-10-31 07:03:48 +00:00
|
|
|
}
|