diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-07-07 07:09:41 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-07-07 07:09:41 +0000 |
commit | d9816f49e50b6e73b8c0bc81de460214611c5c76 (patch) | |
tree | 2926d70f58f0bb75ae13de481784960007dcc184 | |
parent | a59a3e10d08a1aa7964f41d2a1da4a0e81d6c341 (diff) | |
parent | c24e1fb8be95bff2d48fc61e0c090e6519a11662 (diff) | |
download | libldac-d9816f49e50b6e73b8c0bc81de460214611c5c76.tar.gz |
Snap for 10453938 from c24e1fb8be95bff2d48fc61e0c090e6519a11662 to mainline-odp-releaseaml_odp_341717000aml_odp_341610000
Change-Id: I4928020e2fde1e18eca2ceabfef9ea8c665ec89d
-rw-r--r-- | Android.bp | 5 | ||||
-rw-r--r-- | fuzzer/Android.bp | 26 | ||||
-rw-r--r-- | fuzzer/libldac_encode_fuzzer.cc | 110 | ||||
-rw-r--r-- | fuzzer/ossfuzz.sh | 27 |
4 files changed, 166 insertions, 2 deletions
@@ -45,9 +45,10 @@ cc_library { min_sdk_version: "Tiramisu", apex_available: [ "//apex_available:platform", - "com.android.bluetooth", + "com.android.btservices", ], visibility: [ + "//external/libldac/fuzzer", "//external/oss-fuzz", "//packages/modules/Bluetooth:__subpackages__", "//packages/modules/vndk/apex", @@ -74,7 +75,7 @@ cc_library { min_sdk_version: "Tiramisu", apex_available: [ "//apex_available:platform", - "com.android.bluetooth", + "com.android.btservices", ], visibility: [ "//packages/modules/Bluetooth:__subpackages__", diff --git a/fuzzer/Android.bp b/fuzzer/Android.bp new file mode 100644 index 0000000..01f586d --- /dev/null +++ b/fuzzer/Android.bp @@ -0,0 +1,26 @@ +// Copyright (C) 2020 The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package { + default_applicable_licenses: ["external_libldac_license"], +} + +cc_fuzz { + name: "libldac-encode_fuzzer", + static_libs: ["libldacBT_enc"], + srcs: ["libldac_encode_fuzzer.cc"], + fuzz_config: { + componentid: 27441 + }, +} diff --git a/fuzzer/libldac_encode_fuzzer.cc b/fuzzer/libldac_encode_fuzzer.cc new file mode 100644 index 0000000..501d177 --- /dev/null +++ b/fuzzer/libldac_encode_fuzzer.cc @@ -0,0 +1,110 @@ +// Copyright 2019 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include <stdint.h> +#include <stddef.h> +#include "ldacBT.h" + +#include <fuzzer/FuzzedDataProvider.h> +#include <vector> + +constexpr LDACBT_SMPL_FMT_T kFormat[] = { + LDACBT_SMPL_FMT_S16, LDACBT_SMPL_FMT_S24, LDACBT_SMPL_FMT_S32, + LDACBT_SMPL_FMT_F32}; +constexpr int32_t kEqmidValue[] = {LDACBT_EQMID_HQ, LDACBT_EQMID_SQ, + LDACBT_EQMID_MQ}; +constexpr int32_t kChannel[] = {LDACBT_CHANNEL_MODE_STEREO, + LDACBT_CHANNEL_MODE_DUAL_CHANNEL, + LDACBT_CHANNEL_MODE_MONO}; +constexpr int32_t kSamplingFrequency[] = {44100, 48000, 2 * 44100, 2 * 48000}; +constexpr int32_t kLdacBtRequiredMtu = 679; +constexpr int32_t kMaxWlValue = 4; +constexpr int32_t kMinChValue = 1; +constexpr int32_t kMaxChValue = 2; +constexpr int32_t kOutputSize = 1024; + +class Codec { +public: + Codec(const uint8_t *data, size_t size) : mFdp(data, size){}; + ~Codec() { deInitEncoder(); } + bool initEncoder(); + void deInitEncoder(); + void encodeFrames(const uint8_t *data, size_t size); + void getSamplingFrequeny(); + void getBitrate(); + void getVersion(); + FuzzedDataProvider mFdp; + +private: + int32_t mChannel; + LDACBT_SMPL_FMT_T mFormat; + HANDLE_LDAC_BT mHandleLdacBt; +}; + +bool Codec::initEncoder() { + mHandleLdacBt = ldacBT_get_handle(); + + mChannel = mFdp.PickValueInArray(kChannel); + mFormat = mFdp.PickValueInArray(kFormat); + int32_t status = ldacBT_init_handle_encode( + mHandleLdacBt, kLdacBtRequiredMtu, mFdp.PickValueInArray(kEqmidValue), + mChannel, mFormat, mFdp.PickValueInArray(kSamplingFrequency)); + if (!status) { + return true; + } + return false; +} + +void Codec::encodeFrames(const uint8_t *data, size_t size) { + int32_t pcmUsed, streamSize, frameNum; + unsigned char pStream[kOutputSize]; + int32_t ch, wl, frameSize; + ch = (mChannel == LDAC_CCI_MONO) ? kMinChValue : kMaxChValue; + wl = mFormat > kMaxWlValue ? kMaxWlValue : mFormat; + frameSize = LDACBT_ENC_LSU * ch * wl; + std::vector<uint8_t> tmpData(frameSize); + uint8_t *readPointer = const_cast<uint8_t *>(data); + while (size > 0) { + if (size < frameSize) { + memcpy(tmpData.data(), data, size); + size = frameSize; + readPointer = tmpData.data(); + } + ldacBT_encode(mHandleLdacBt, readPointer, &pcmUsed, pStream, &streamSize, + &frameNum); + readPointer += frameSize; + size -= frameSize; + } +} + +void Codec::getSamplingFrequeny() { ldacBT_get_sampling_freq(mHandleLdacBt); } + +void Codec::getBitrate() { ldacBT_get_bitrate(mHandleLdacBt); } + +void Codec::getVersion() { ldacBT_get_version(); } + +void Codec::deInitEncoder() { + ldacBT_close_handle(mHandleLdacBt); + ldacBT_free_handle(mHandleLdacBt); +} + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t size) { + Codec codec(buf, size); + /* initEncoder() initializes mHandleLdacBt and is supposed to be called before + encoding begins. Hence initEncoder() is not included in the lambda + construct. */ + if (codec.initEncoder()) { + while (codec.mFdp.remaining_bytes() > 0) { + auto executeFunction = + codec.mFdp.PickValueInArray<const std::function<void()>>({ + [&]() { codec.encodeFrames(buf, size); }, + [&]() { codec.getSamplingFrequeny(); }, + [&]() { codec.getBitrate(); }, + [&]() { codec.getVersion(); }, + }); + executeFunction(); + } + } + return 0; +} diff --git a/fuzzer/ossfuzz.sh b/fuzzer/ossfuzz.sh new file mode 100644 index 0000000..75b4658 --- /dev/null +++ b/fuzzer/ossfuzz.sh @@ -0,0 +1,27 @@ +# Copyright (C) 2022 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +$CC $CFLAGS -Iinc -c fuzzer/libldac_encode_fuzzer.cc -o libldac_encode_fuzzer.o +$CC $CFLAGS -Iinc -c src/ldaclib.c -o src/ldaclib.o +$CC $CFLAGS -Iinc -c src/ldacBT.c -o src/ldacBT.o + +$CXX $CXXFLAGS $LIB_FUZZING_ENGINE \ + libldac_encode_fuzzer.o \ + src/ldaclib.o \ + src/ldacBT.o \ + -o $OUT/libldac_encode_fuzzer + +zip -q $OUT/libldac_encode_fuzzer_seed_corpus.zip $SRC/corpora/* |