xref: /aosp_15_r20/external/flac/fuzzer/flac_dec_fuzzer.cpp (revision 600f14f40d737144c998e2ec7a483122d3776fbc) 
1 /******************************************************************************
2  *
3  * Copyright (C) 2020 The Android Open Source Project
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at:
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  *****************************************************************************
18  * Originally developed and contributed by Ittiam Systems Pvt. Ltd, Bangalore
19  */
20 
21 #include <fuzzer/FuzzedDataProvider.h>
22 #include <stdlib.h>
23 #include <utils/String8.h>
24 #include "FLAC/stream_decoder.h"
25 
26 constexpr FLAC__MetadataType kMetadataTypes[8] = {
27   FLAC__METADATA_TYPE_PICTURE,
28   FLAC__METADATA_TYPE_STREAMINFO,
29   FLAC__METADATA_TYPE_PADDING,
30   FLAC__METADATA_TYPE_APPLICATION,
31   FLAC__METADATA_TYPE_SEEKTABLE,
32   FLAC__METADATA_TYPE_VORBIS_COMMENT,
33   FLAC__METADATA_TYPE_CUESHEET,
34   FLAC__METADATA_TYPE_UNDEFINED,
35 };
36 
37 const char *kMetadataIDs[3] = {
38   "aiff",
39   "riff",
40   "w64",
41 };
42 
43 // First four bytes are always "fLaC" in ASCII format.
44 #define FIRST_ENCODED_BYTE_OFFSET 4
45 
46 class Codec {
47  public:
Codec(const uint8_t * data,size_t size)48   Codec(const uint8_t* data, size_t size) : mFdp(data, size) {
49     mBuffer = data;
50     mBufferLen = size;
51   };
~Codec()52   ~Codec() { deInitDecoder(); }
53   bool initDecoder();
54   void decodeFrames();
55   void deInitDecoder();
56 
57  private:
58   FLAC__StreamDecoder *mDecoder = nullptr;
59   const uint8_t *mBuffer = nullptr;
60   size_t mBufferLen = 0;
61   size_t mBufferPos = 0;
62   FLAC__StreamDecoderReadStatus readCallback(FLAC__byte buffer[], size_t *bytes);
63   FLAC__StreamDecoderWriteStatus writeCallback(const FLAC__Frame *frame,
64                                                const FLAC__int32 *const buffer[]);
65   void errorCallback(FLAC__StreamDecoderErrorStatus status);
66   void metadataCallback(const FLAC__StreamMetadata *metadata);
67   FuzzedDataProvider mFdp;
68 };
69 
initDecoder()70 bool Codec::initDecoder() {
71   mDecoder = FLAC__stream_decoder_new();
72   if (!mDecoder) {
73     return false;
74   }
75   FLAC__stream_decoder_set_metadata_ignore_all(mDecoder);
76   FLAC__stream_decoder_set_md5_checking(mDecoder, true);
77   // read_callback, write_callback, error_callback and metadata_callback cannot be nullptrs
78 
79   static auto read_callback = [](const FLAC__StreamDecoder *, FLAC__byte buffer[], size_t *bytes,
80                                  void *client_data) -> FLAC__StreamDecoderReadStatus {
81     Codec *client = reinterpret_cast<Codec *>(client_data);
82     return client->readCallback(buffer, bytes);
83   };
84   static auto write_callback = [](const FLAC__StreamDecoder *, const FLAC__Frame *frame,
85                                   const FLAC__int32 *const buffer[],
86                                   void *client_data) -> FLAC__StreamDecoderWriteStatus {
87     Codec *client = reinterpret_cast<Codec *>(client_data);
88     return client->writeCallback(frame, buffer);
89   };
90   static auto error_callback = [](const FLAC__StreamDecoder *,
91                                   FLAC__StreamDecoderErrorStatus status, void *client_data) {
92     Codec *client = reinterpret_cast<Codec *>(client_data);
93     client->errorCallback(status);
94   };
95 
96   if (mFdp.ConsumeBool()) {
97     FLAC__stream_decoder_set_metadata_ignore(mDecoder, mFdp.PickValueInArray(kMetadataTypes));
98   }
99   if (mFdp.ConsumeBool()) {
100     FLAC__stream_decoder_skip_single_frame(mDecoder);
101   }
102 
103   if (mFdp.ConsumeBool()) {
104     FLAC__MetadataType metadataType = mFdp.PickValueInArray(kMetadataTypes);
105     FLAC__stream_decoder_set_metadata_respond(mDecoder, metadataType);
106   }
107   else {
108     FLAC__byte* metadataIgnoreID = (FLAC__byte*)mFdp.PickValueInArray(kMetadataIDs);
109     FLAC__byte* metadataRespondID = (FLAC__byte*)mFdp.PickValueInArray(kMetadataIDs);
110     FLAC__stream_decoder_set_metadata_ignore_application(mDecoder, metadataIgnoreID);
111     FLAC__stream_decoder_set_metadata_respond_application(mDecoder, metadataRespondID);
112   }
113 
114   static auto metadata_callback = [](const FLAC__StreamDecoder *,
115                                      const FLAC__StreamMetadata *metadata, void *client_data) {
116     Codec *client = reinterpret_cast<Codec *>(client_data);
117     client->metadataCallback(metadata);
118   };
119   void *client_data = reinterpret_cast<void *>(this);
120   FLAC__StreamDecoderInitStatus initStatus = FLAC__stream_decoder_init_stream(
121       mDecoder, read_callback, nullptr, nullptr, nullptr, nullptr, write_callback,
122       metadata_callback, error_callback, client_data);
123   if (initStatus != FLAC__STREAM_DECODER_INIT_STATUS_OK) {
124     return false;
125   }
126   if (mFdp.ConsumeBool()) {
127     FLAC__stream_decoder_set_metadata_respond_all(mDecoder);
128   }
129   if (mFdp.ConsumeBool()) {
130     FLAC__stream_decoder_seek_absolute(mDecoder, (FLAC__uint64)mFdp.ConsumeIntegral<uint64_t>());
131   }
132   return true;
133 }
134 
readCallback(FLAC__byte buffer[],size_t * bytes)135 FLAC__StreamDecoderReadStatus Codec::readCallback(FLAC__byte buffer[], size_t *bytes) {
136   if (!mBuffer || mBufferLen == 0) {
137     *bytes = 0;
138     return FLAC__STREAM_DECODER_READ_STATUS_ABORT;
139   }
140   size_t bytesRequested = *bytes;
141   if (bytesRequested > mBufferLen - mBufferPos) {
142     bytesRequested = mBufferLen - mBufferPos;
143   }
144   memcpy(buffer, mBuffer + mBufferPos, bytesRequested);
145   mBufferPos += bytesRequested;
146   *bytes = bytesRequested;
147   return (bytesRequested == 0 ? FLAC__STREAM_DECODER_READ_STATUS_END_OF_STREAM
148                               : FLAC__STREAM_DECODER_READ_STATUS_CONTINUE);
149 }
150 
writeCallback(const FLAC__Frame * frame,const FLAC__int32 * const buffer[])151 FLAC__StreamDecoderWriteStatus Codec::writeCallback(const FLAC__Frame *frame,
152                                                     const FLAC__int32 *const buffer[]) {
153   (void)frame;
154   (void)buffer;
155   return FLAC__STREAM_DECODER_WRITE_STATUS_CONTINUE;
156 }
157 
errorCallback(FLAC__StreamDecoderErrorStatus status)158 void Codec::errorCallback(FLAC__StreamDecoderErrorStatus status) {
159   (void)status;
160   return;
161 }
162 
metadataCallback(const FLAC__StreamMetadata * metadata)163 void Codec::metadataCallback(const FLAC__StreamMetadata *metadata) {
164   (void)metadata;
165   return;
166 }
167 
decodeFrames()168 void Codec::decodeFrames() {
169   if (mFdp.ConsumeBool()) {
170     if (!FLAC__stream_decoder_process_until_end_of_metadata(mDecoder)) {
171       return;
172     }
173     while(mBufferPos <= mBufferLen) {
174       FLAC__stream_decoder_process_single(mDecoder);
175       if (FLAC__STREAM_DECODER_END_OF_STREAM == FLAC__stream_decoder_get_state(mDecoder)) {
176         return;
177       }
178     }
179   } else {
180     FLAC__stream_decoder_process_until_end_of_stream(mDecoder);
181   }
182   FLAC__stream_decoder_finish(mDecoder);
183 }
184 
deInitDecoder()185 void Codec::deInitDecoder() {
186   if (mDecoder != nullptr) {
187     FLAC__stream_decoder_delete(mDecoder);
188   }
189 }
190 
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)191 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
192   if (size == 0) {
193     return 0;
194   }
195   auto codec = std::make_unique<Codec>(data, size);
196   if (codec->initDecoder()) {
197     codec->decodeFrames();
198   }
199   return 0;
200 }
201