fuzzer_decoder was running into timeouts because it triggered the
gap-filling for broken frames with 5*192000 samples and a blocksize
of 1, causing the write callback to be called 960000 times. Doing
this several times in one file caused a single fuzz run to take
> 60 seconds
This commit limits the minimum blocksize to 16 samples, and the
maximum number of frames emitted to 50
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47193
This commit drops all use of assembler and intrinsics from the libFLAC
decoder. This is because they are only for 32-bit x86, hard to debug,
maintain and fuzz properly, and because the decoder has much greater
security risks than the encoder.
Escape coding has been deprecated since FLAC 1.0.4 (24-Sep-2002), but
it is needed for full spec coverage, (as this is a reference
implementation after all) so this should be reenabled at some point.
For now only enable while fuzzing, so we can get some bugs out first.
The loose mid-side option only fully evaluates stereo decorrelation
once every few frames. However, in case of finding left-side or
right-side to be the best option, subsequent frames were coded
mid-side, which could be worse off. To not complicate code too much
(to make it possible to evaluate only left or right and side frame
for example), evaluation of left-side and right-side is completely
disabled when loose mid-side is enabled.
When an unknown picture type was found, the resulting type wouldn't
occur in the enum, which is undefined behaviour. This commit changes
the picture type to 0 (other) when that happens.
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46964
The mechanism to improve metadata reading added in 0077d3b overrides
a FLAC__STREAM_DECODER_ABORTED with
FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC causing the decoder to
overread a buffer into an uninitialized part. A check is added that
ensures searching for frame sync is only set when the decoder is
still in a valid state
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47525
Adds /arch:avx2 to the avx2-specific source files. This mirrors the
current vcxproj files. While it currently brings no improvements,
it might if CPU-specific optimization is left to the compiler
instead of with hand-optimized code in the future
Also, the exact meaning of options WITH_SSE2 and WITH_AVX is
stated, as the first is compile-time only, and the second also
has runtime detection
Based on some information somewhere on the internet, CMakeLists.txt
sets _FORTIFY_SOURCE=2 when its runtime functions are available and
_FORTIFY_SOURCE=1 when they are not. However, _FORTIFY_SOURCE=1
also requires runtime functions.
libFLAC DLLs were exposing windows_unicode_filename.h functions
because flac and metaflac needed to set flac_internal_set_utf8_
filenames. Files windows_unicode_filename.{c/h} and
win_utf8_io.[c/h] are merged, and all non-utf8 parts are removed.
With this commit, the libFLAC DLL interface is the same as the
libFLAC interface of shared libraries on other platforms
Commit 5df56db introduced four completely rewritten functions with
intrinsics, but it turns out two of them have integers that can
overflow. Because those two functions were barely faster than
what they replaced, fixing these overflows will probably make the
functions slower than what they replaced, so this is reverted.
Credit: Oss-Fuzz
Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47416
This commit lets the following errors trigger an abort:
- FLAC__STREAM_ENCODER_OGG_ERROR
- FLAC__STREAM_ENCODER_VERIFY_DECODER_ERROR
- FLAC__STREAM_ENCODER_VERIFY_MISMATCH_IN_AUDIO_DATA
- FLAC__STREAM_ENCODER_IO_ERROR
- FLAC__STREAM_ENCODER_FRAMING_ERROR
- FLAC__STREAM_ENCODER_MEMORY_ALLOCATION_ERROR
FLAC__STREAM_ENCODER_CLIENT_ERROR does not trigger an abort because
it is used to signal invalid input. FLAC__STREAM_ENCODER_UNINITIALIZED
does not trigger an abort because init fails when invalid parameters
are given
Errors returned by the verifing decoder were ignored, while an error
often invalidates the assumptions the encoder made about the state
of the verifying decoder. If an error was ignored, it could be the
decoder outputs an (invalid) frame with a different number of channels
than the encoder expects. This could cause heap overflows. This
commit adds checks for this occuring.
... FLAC__stream_decoder_get_client_data. Also the function
definition was moved to its 'siblings'. This way, the function
fits better in the API with respect to naming.
The code of fixed_compute_best_predictor was presumable once optimized,
but it appears a much more readable form is now equally fast or even faster,
see https://github.com/xiph/flac/pull/337 for details.
This fixes the 'false positive' oss-fuzz bug filed under
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47264
The fuzzer was timing out because of an enormous input (932kB)
combined with very slow settings. The commit disables certain
slow settings on inputs larger than 2^18 byte.
In 95e2c52 the autotools build worked fine, but CMake missed a few
defines. Activition of the lpc_compute_residual_from_qlp_coefficients
depended on encoder->private_->cpuinfo.use_asm for no reason, so
this dependency is removed
Quite a lot of decoders have trouble streaming or seeking in a
file with frames that only consist of constant subframes because
of the large difference between the largest and smallest subframe.
To remedy this, this commit makes it possible to disable the use
of constant subframes for the last subframe in case all others are
constant with a new API function. This means the minimum bitrate
for a FLAC file encoded with this function used is raised to
1bit/sample (i.e. 48kbit/s for 48kHz material). This commit also
adds tests to the test suite
Add additional fuzzer for the encoder, aiming to reach more coverage
than the current encoder fuzzer. This is done by incorporating
metadata handling and fixing a problem with different settings in
the current fuzzer
Commit 4fbb6d4f2e reverted commit
44036c9a9b and so broke again the build on
uclibc
So put back the sys/auxv.h check as well as a getauxval check in a way
that doesn't break iOS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
New intrinsic routines are added to compute the best fixed
predictor. According to my testing, the new routine is about
3 times as fast as the existing routine. This means an
overall speedup for preset -2 of about 30% and for preset
-0 of about 15% for CDDA
This commit reworks the code decoding a frame, to add silence when
frames are missing and output silence when something other than the
frame header seems corrupted. Tests are added to the test suite for
this functionality. Also, decoded values are checked to be within bps
