shithub: dav1d

Download patch

ref: f0f73b4cff0bfb2d2fa9bfa0a7656ddadf526ae1
parent: 135286f4796fe5dc26cf37b73a2c3df4cfa85792
author: Henrik Gramner <[email protected]>
date: Thu Dec 10 20:41:59 EST 2020

fuzzer: Test calling dav1d_picture_unref() after dav1d_close()

Covers the use case of keeping a reference to a Dav1dPicture
after closing the decoder.

--- a/tests/libfuzzer/dav1d_fuzzer.c
+++ b/tests/libfuzzer/dav1d_fuzzer.c
@@ -178,12 +178,19 @@
             dav1d_data_unref(&buf);
     }
 
-    do {
-        memset(&pic, 0, sizeof(pic));
-        err = dav1d_get_picture(ctx, &pic);
-        if (err == 0)
-            dav1d_picture_unref(&pic);
-    } while (err != DAV1D_ERR(EAGAIN));
+    memset(&pic, 0, sizeof(pic));
+    if ((err = dav1d_get_picture(ctx, &pic)) == 0) {
+        /* Test calling dav1d_picture_unref() after dav1d_close() */
+        do {
+            Dav1dPicture pic2 = { 0 };
+            if ((err = dav1d_get_picture(ctx, &pic2)) == 0)
+                dav1d_picture_unref(&pic2);
+        } while (err != DAV1D_ERR(EAGAIN));
+
+        dav1d_close(&ctx);
+        dav1d_picture_unref(&pic);
+        return 0;
+    }
 
 cleanup:
     dav1d_flush(ctx);