Commit ba3a89a1 authored by Mathis Rosenhauer's avatar Mathis Rosenhauer

fuzzing: dump test patterns to files for initial corpus

parent 62f82d00
...@@ -19,7 +19,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { ...@@ -19,7 +19,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
strm.flags |= AEC_DATA_MSB; strm.flags |= AEC_DATA_MSB;
if (Data[1] & 0x40) if (Data[1] & 0x40)
strm.flags |= AEC_DATA_SIGNED; strm.flags |= AEC_DATA_SIGNED;
if (strm.bits_per_sample <= 24 && strm.bits_per_sample > 16) if (strm.bits_per_sample <= 24 &&
strm.bits_per_sample > 16 &&
Data[1] & 0x10)
strm.flags |= AEC_DATA_3BYTE; strm.flags |= AEC_DATA_3BYTE;
strm.next_in = (unsigned char *)(Data + 2); strm.next_in = (unsigned char *)(Data + 2);
strm.avail_in = Size - 2; strm.avail_in = Size - 2;
......
...@@ -202,6 +202,10 @@ int encode_decode_small(struct test_state *state) ...@@ -202,6 +202,10 @@ int encode_decode_small(struct test_state *state)
int encode_decode_large(struct test_state *state) int encode_decode_large(struct test_state *state)
{ {
int status, i; int status, i;
char fbase[1024];
char fname[1024];
FILE *fp;
int bflags;
size_t to; size_t to;
struct aec_stream *strm = state->strm; struct aec_stream *strm = state->strm;
...@@ -215,6 +219,31 @@ int encode_decode_large(struct test_state *state) ...@@ -215,6 +219,31 @@ int encode_decode_large(struct test_state *state)
printf("Init failed.\n"); printf("Init failed.\n");
return 99; return 99;
} }
if (state->dump) {
snprintf(fbase, sizeof(fbase), "BPS%02iID%iBS%02iRSI%04iFLG%04i",
strm->bits_per_sample,
state->id,
strm->block_size,
strm->rsi,
strm->flags);
snprintf(fname, sizeof(fname), "%s.dat", fbase);
if ((fp = fopen(fname, "wb")) == NULL) {
fprintf(stderr, "ERROR: cannot open dump file %s\n", fname);
return 99;
}
fputc(strm->bits_per_sample, fp);
bflags = strm->block_size >> 8;
if (strm->flags | AEC_DATA_MSB)
bflags |= 0x80;
if (strm->flags | AEC_DATA_SIGNED)
bflags |= 0x40;
if (strm->flags | AEC_DATA_3BYTE)
bflags |= 0x10;
bflags |= 0x20; /* encode */
fputc(bflags, fp);
fwrite(strm->next_in, strm->avail_in, 1, fp);
fclose(fp);
}
status = aec_encode(strm, AEC_FLUSH); status = aec_encode(strm, AEC_FLUSH);
if (status != AEC_OK) { if (status != AEC_OK) {
...@@ -224,6 +253,19 @@ int encode_decode_large(struct test_state *state) ...@@ -224,6 +253,19 @@ int encode_decode_large(struct test_state *state)
aec_encode_end(strm); aec_encode_end(strm);
if (state->dump) {
snprintf(fname, sizeof(fname), "%s.rz", fbase);
if ((fp = fopen(fname, "wb")) == NULL) {
fprintf(stderr, "ERROR: cannot open dump file %s\n", fname);
return 99;
}
fputc(strm->bits_per_sample, fp);
bflags &= ~0x20;
fputc(bflags, fp);
fwrite(state->cbuf, strm->total_out, 1, fp);
fclose(fp);
}
strm->avail_in = strm->total_out; strm->avail_in = strm->total_out;
strm->avail_out = state->buf_len; strm->avail_out = state->buf_len;
strm->next_in = state->cbuf; strm->next_in = state->cbuf;
......
...@@ -4,6 +4,7 @@ ...@@ -4,6 +4,7 @@
struct test_state { struct test_state {
int (* codec)(struct test_state *state); int (* codec)(struct test_state *state);
int id;
int id_len; int id_len;
int bytes_per_sample; int bytes_per_sample;
unsigned char *ubuf; unsigned char *ubuf;
...@@ -15,6 +16,7 @@ struct test_state { ...@@ -15,6 +16,7 @@ struct test_state {
long long int xmax; long long int xmax;
long long int xmin; long long int xmin;
void (*out)(unsigned char *dest, unsigned long long int val, int size); void (*out)(unsigned char *dest, unsigned long long int val, int size);
int dump; /* dump buffer to file for fuzzing corpus */
struct aec_stream *strm; struct aec_stream *strm;
}; };
......
...@@ -9,6 +9,7 @@ int check_block_sizes(struct test_state *state, int id, int id_len) ...@@ -9,6 +9,7 @@ int check_block_sizes(struct test_state *state, int id, int id_len)
{ {
int bs, status, rsi, max_rsi; int bs, status, rsi, max_rsi;
state->id = id;
for (bs = 8; bs <= 64; bs *= 2) { for (bs = 8; bs <= 64; bs *= 2) {
state->strm->block_size = bs; state->strm->block_size = bs;
...@@ -282,12 +283,17 @@ int check_byte_orderings(struct test_state *state) ...@@ -282,12 +283,17 @@ int check_byte_orderings(struct test_state *state)
return 0; return 0;
} }
int main (void) int main(int argc, char *argv[])
{ {
int status; int status;
struct aec_stream strm; struct aec_stream strm;
struct test_state state; struct test_state state;
if (argc > 1 && strncmp(argv[1], "-d", 2) == 0)
state.dump = 1;
else
state.dump = 0;
state.buf_len = state.ibuf_len = BUF_SIZE; state.buf_len = state.ibuf_len = BUF_SIZE;
state.cbuf_len = 2 * BUF_SIZE; state.cbuf_len = 2 * BUF_SIZE;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment