diff options
author | Yannis Guyon <yguyon@google.com> | 2023-05-16 13:20:14 +0200 |
---|---|---|
committer | Yannis Guyon <yguyon@google.com> | 2023-05-16 13:20:14 +0200 |
commit | 2d547e24dcf29c085dc55c769aa76428335ff5c6 (patch) | |
tree | 087a94fbca4931787d46dcdb6bcb4fa0107a18ac | |
parent | ed274371604e3321fbe9dcf9dc31dc262f8f34b1 (diff) | |
download | libwebp-2d547e24dcf29c085dc55c769aa76428335ff5c6.tar.gz |
Compare kFuzzPxLimit to max_num_operations
To avoid timeouts caused by extreme rescaling such as
1x14339 -> 51712x1
Change-Id: I291d8e3b24155c190256411a506b7312abde8c45
-rw-r--r-- | tests/fuzzer/advanced_api_fuzzer.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/tests/fuzzer/advanced_api_fuzzer.c b/tests/fuzzer/advanced_api_fuzzer.c index 1378d0bc..c8fb176e 100644 --- a/tests/fuzzer/advanced_api_fuzzer.c +++ b/tests/fuzzer/advanced_api_fuzzer.c @@ -88,10 +88,13 @@ int LLVMFuzzerTestOneInput(const uint8_t* const data, size_t size) { fuzz_px_limit /= 2; } // A big output canvas can lead to out-of-memory and timeout issues, - // but a big internal working buffer can too. - if ((uint64_t)scaled_width * scaled_height > fuzz_px_limit || - (uint64_t)config.input.width * config.input.height > - fuzz_px_limit) { + // but a big internal working buffer can too. Also, rescaling from a + // very wide input image to a very tall canvas can be as slow as + // decoding a huge number of pixels. Avoid timeouts due to these. + const uint64_t max_num_operations = + (uint64_t)Max(scaled_width, config.input.width) * + Max(scaled_height, config.input.height); + if (max_num_operations > fuzz_px_limit) { break; } } |