Commit Graph

4 Commits

Author SHA1 Message Date
Jean-Michel Trivi f451278f0e Fix fuzzer's use of aacDecoder_DecodeFrame
The aacDecoder_DecodeFrame function takes a size in numbers of
samples (INT_PCM), not a number of bytes. Using a number of
bytes caused the FDK to believe the array was larger than it
really was. Therefore on invalid frames, it would try to
clear a size larger than was really available, causing an OOB
crash.

Bug: 161014225
Test: check clusterfuzz results for case 6217304556437504
Change-Id: I9278898a17c1c961c568e841c6037d0c14bcc8b4
2020-10-05 16:27:56 -07:00
S Vasudev Prasad c1a75279a1 Improve code coverage for aac_dec_fuzzer
Test: ./aac_dec_fuzzer
Bug: 158206619

Change-Id: I42d57ec832dbd273f66ce149ce81bfcb1c514add
2020-06-19 10:57:18 +05:30
Ayushi Khopkar 64e4f25b29 Added fuzz_config field in aac_dec_fuzzer
Test: ./aac_dec_fuzzer
Bug: 156871294

Change-Id: Idfc93a6f6c71a78c2b7759443161d8e75dfc4670
2020-05-19 11:59:34 +05:30
Anuj Joshi d41cddf9e9 Added aac_dec_fuzzer
Test: ./aac_dec_fuzzer
Bug: 151595970

Change-Id: Iad37ae766288e9490520d858a6de0dd755e70681
2020-03-27 11:11:27 +05:30