commit 760e8921c22c0185bc68f8a9884f0e8ddb7a25a4
author Jean-Michel Trivi <jmtrivi@google.com> Fri Jul 10 17:33:20 2020 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Jul 10 17:33:20 2020 +0000
tree 4e4a7edfae1f6aa2e8eb867b841d57b553069f8b
parent e76ca4d9acee82700e1eecf84928f0faa4b56564
parent c1a75279a113d9cab3b2639ab9bd4070351655c5

Merge "Improve code coverage for aac_dec_fuzzer"

fuzzer/aac_dec_fuzzer.cpp

diff --git a/fuzzer/aac_dec_fuzzer.cpp b/fuzzer/aac_dec_fuzzer.cpp
index 686c42f..b5545fc 100644
--- a/fuzzer/aac_dec_fuzzer.cpp
+++ b/fuzzer/aac_dec_fuzzer.cpp
@@ -19,10 +19,58 @@
  */
 
 #include <stdint.h>
+#include <string.h>
+#include <algorithm>
 #include "aacdecoder_lib.h"
 
 constexpr uint8_t kNumberOfLayers = 1;
 constexpr uint8_t kMaxChannelCount = 8;
+constexpr uint32_t kMaxConfigurationSize = 1024;
+constexpr uint32_t kMaxOutBufferSize = 2048 * kMaxChannelCount;
+
+// Value indicating the start of AAC Header Segment
+constexpr const char *kAacSegStartSeq = "AAC_STRT";
+constexpr uint8_t kAacSegStartSeqLen = sizeof(kAacSegStartSeq);
+// Value indicating the end of AAC Header Segment
+constexpr const char *kAacSegEndSeq = "AAC_ENDS";
+constexpr uint8_t kAacSegEndSeqLen = sizeof(kAacSegEndSeq);
+
+// Number of bytes used to signal the length of the header
+constexpr uint8_t kHeaderLengthBytes = 2;
+// Minimum size of an AAC header is 2
+// Minimum data required is
+// strlen(AAC_STRT) + strlen(AAC_ENDS) + kHeaderLengthBytes + 2;
+constexpr UINT kMinDataSize = kAacSegStartSeqLen + kAacSegEndSeqLen + kHeaderLengthBytes + 2;
+
+UINT getHeaderSize(UCHAR *data, UINT size) {
+  if (size < kMinDataSize) {
+    return 0;
+  }
+
+  int32_t result = memcmp(data, kAacSegStartSeq, kAacSegStartSeqLen);
+  if (result) {
+    return 0;
+  }
+  data += kAacSegStartSeqLen;
+  size -= kAacSegStartSeqLen;
+
+  uint32_t headerLengthInBytes = (data[0] << 8 | data[1]) & 0xFFFF;
+  data += kHeaderLengthBytes;
+  size -= kHeaderLengthBytes;
+
+  if (headerLengthInBytes + kAacSegEndSeqLen > size) {
+    return 0;
+  }
+
+  data += headerLengthInBytes;
+  size -= headerLengthInBytes;
+  result = memcmp(data, kAacSegEndSeq, kAacSegEndSeqLen);
+  if (result) {
+    return 0;
+  }
+
+  return std::min(headerLengthInBytes, kMaxConfigurationSize);
+}
 
 class Codec {
  public:
@@ -51,6 +99,14 @@
 }
 
 void Codec::decodeFrames(UCHAR *data, UINT size) {
+  UINT headerSize = getHeaderSize(data, size);
+  if (headerSize != 0) {
+    data += kAacSegStartSeqLen + kHeaderLengthBytes;
+    size -= kAacSegStartSeqLen + kHeaderLengthBytes;
+    aacDecoder_ConfigRaw(mAacDecoderHandle, &data, &headerSize);
+    data += headerSize + kAacSegEndSeqLen;
+    size -= headerSize + kAacSegEndSeqLen;
+  }
   while (size > 0) {
     UINT inputSize = size;
     UINT valid = size;
@@ -59,11 +115,11 @@
       ++data;
       --size;
     } else {
-      INT_PCM outputBuf[2048 * kMaxChannelCount];
-      aacDecoder_DecodeFrame(mAacDecoderHandle, outputBuf, 2048 * kMaxChannelCount, 0);
-      if (valid >= inputSize) {
-        return;
-      }
+      INT_PCM outputBuf[kMaxOutBufferSize];
+      do {
+        mErrorCode =
+            aacDecoder_DecodeFrame(mAacDecoderHandle, outputBuf, sizeof(outputBuf), 0);
+      } while (mErrorCode == AAC_DEC_OK);
       UINT offset = inputSize - valid;
       data += offset;
       size = valid;