xref: /aosp_15_r20/external/webp/tests/fuzzer/enc_dec_fuzzer.cc (revision b2055c353e87c8814eb2b6b1b11112a1562253bd) 
1 // Copyright 2018 Google Inc.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //      http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15 ////////////////////////////////////////////////////////////////////////////////
16 
17 #include <stdio.h>
18 #include <stdlib.h>
19 
20 #include "./fuzz_utils.h"
21 #include "src/webp/decode.h"
22 #include "src/webp/encode.h"
23 
24 namespace {
25 
26 const VP8CPUInfo default_VP8GetCPUInfo = VP8GetCPUInfo;
27 
28 }  // namespace
29 
LLVMFuzzerTestOneInput(const uint8_t * const data,size_t size)30 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* const data, size_t size) {
31   uint32_t bit_pos = 0;
32 
33   ExtractAndDisableOptimizations(default_VP8GetCPUInfo, data, size, &bit_pos);
34 
35   // Init the source picture.
36   WebPPicture pic;
37   if (!WebPPictureInit(&pic)) {
38     fprintf(stderr, "WebPPictureInit failed.\n");
39     abort();
40   }
41   pic.use_argb = Extract(1, data, size, &bit_pos);
42 
43   // Read the source picture.
44   if (!ExtractSourcePicture(&pic, data, size, &bit_pos)) {
45     const WebPEncodingError error_code = pic.error_code;
46     WebPPictureFree(&pic);
47     if (error_code == VP8_ENC_ERROR_OUT_OF_MEMORY) return 0;
48     fprintf(stderr, "Can't read input image. Error code: %d\n", error_code);
49     abort();
50   }
51 
52   // Crop and scale.
53   if (!ExtractAndCropOrScale(&pic, data, size, &bit_pos)) {
54     const WebPEncodingError error_code = pic.error_code;
55     WebPPictureFree(&pic);
56     if (error_code == VP8_ENC_ERROR_OUT_OF_MEMORY) return 0;
57     fprintf(stderr, "ExtractAndCropOrScale failed. Error code: %d\n",
58             error_code);
59     abort();
60   }
61 
62   // Extract a configuration from the packed bits.
63   WebPConfig config;
64   if (!ExtractWebPConfig(&config, data, size, &bit_pos)) {
65     fprintf(stderr, "ExtractWebPConfig failed.\n");
66     abort();
67   }
68   // Skip slow settings on big images, it's likely to timeout.
69   if (pic.width * pic.height > 32 * 32) {
70     if (config.lossless) {
71       if (config.quality > 99.0f && config.method >= 5) {
72         config.quality = 99.0f;
73         config.method = 5;
74       }
75     } else {
76       if (config.quality > 99.0f && config.method == 6) {
77         config.quality = 99.0f;
78       }
79     }
80     if (config.alpha_quality == 100 && config.method == 6) {
81       config.alpha_quality = 99;
82     }
83   }
84 
85   // Encode.
86   WebPMemoryWriter memory_writer;
87   WebPMemoryWriterInit(&memory_writer);
88   pic.writer = WebPMemoryWrite;
89   pic.custom_ptr = &memory_writer;
90   if (!WebPEncode(&config, &pic)) {
91     const WebPEncodingError error_code = pic.error_code;
92     WebPMemoryWriterClear(&memory_writer);
93     WebPPictureFree(&pic);
94     if (error_code == VP8_ENC_ERROR_OUT_OF_MEMORY ||
95         error_code == VP8_ENC_ERROR_BAD_WRITE) {
96       return 0;
97     }
98     fprintf(stderr, "WebPEncode failed. Error code: %d\n", error_code);
99     abort();
100   }
101 
102   // Try decoding the result.
103   const uint8_t* const out_data = memory_writer.mem;
104   const size_t out_size = memory_writer.size;
105   WebPDecoderConfig dec_config;
106   if (!WebPInitDecoderConfig(&dec_config)) {
107     fprintf(stderr, "WebPInitDecoderConfig failed.\n");
108     WebPMemoryWriterClear(&memory_writer);
109     WebPPictureFree(&pic);
110     abort();
111   }
112 
113   dec_config.output.colorspace = MODE_BGRA;
114   const VP8StatusCode status = WebPDecode(out_data, out_size, &dec_config);
115   if ((status != VP8_STATUS_OK && status != VP8_STATUS_OUT_OF_MEMORY &&
116        status != VP8_STATUS_USER_ABORT) ||
117       (status == VP8_STATUS_OK && (dec_config.output.width != pic.width ||
118                                    dec_config.output.height != pic.height))) {
119     fprintf(stderr, "WebPDecode failed. status: %d.\n", status);
120     WebPFreeDecBuffer(&dec_config.output);
121     WebPMemoryWriterClear(&memory_writer);
122     WebPPictureFree(&pic);
123     abort();
124   }
125 
126   if (status == VP8_STATUS_OK) {
127     const uint8_t* const rgba = dec_config.output.u.RGBA.rgba;
128     const int w = dec_config.output.width;
129     const int h = dec_config.output.height;
130 
131     // Compare the results if exact encoding.
132     if (pic.use_argb && config.lossless && config.near_lossless == 100) {
133       const uint32_t* src1 = (const uint32_t*)rgba;
134       const uint32_t* src2 = pic.argb;
135       for (int y = 0; y < h; ++y, src1 += w, src2 += pic.argb_stride) {
136         for (int x = 0; x < w; ++x) {
137           uint32_t v1 = src1[x], v2 = src2[x];
138           if (!config.exact) {
139             if ((v1 & 0xff000000u) == 0 || (v2 & 0xff000000u) == 0) {
140               // Only keep alpha for comparison of fully transparent area.
141               v1 &= 0xff000000u;
142               v2 &= 0xff000000u;
143             }
144           }
145           if (v1 != v2) {
146             fprintf(stderr, "Lossless compression failed pixel-exactness.\n");
147             WebPFreeDecBuffer(&dec_config.output);
148             WebPMemoryWriterClear(&memory_writer);
149             WebPPictureFree(&pic);
150             abort();
151           }
152         }
153       }
154     }
155   }
156 
157   WebPFreeDecBuffer(&dec_config.output);
158   WebPMemoryWriterClear(&memory_writer);
159   WebPPictureFree(&pic);
160   return 0;
161 }
162