Improve AImageDecoder fuzzer

Bug: 169137236 Bug: 169139756 Test: this (fuzzer) Extend the fuzzer to test animations. Also test a lossless webp, left out of Ib227639bf8da75f0e8e31e216bc6d1371e24cb75. Change-Id: I81d35d6fa7d560b33b6a2b5d6c1992cbdd77bc87
author: Leon Scroggins III <scroggo@google.com> 2021-01-13 14:32:59 -0500
committer: Leon Scroggins III <scroggo@google.com> 2021-01-14 11:57:39 -0500
commit: f63c349053b491f46ed8883684329353c6255194 (patch)
tree: 2be45be5dfb2fc350f2434c9713adbac26d5e1c7 /native/graphics
parent: cc60f0d7334dd6557596fe4e1f87f9ef96e87be9 (diff)
2 files changed, 7 insertions, 1 deletions
diff --git a/native/graphics/jni/corpus/webp-color-profile-lossless.webp b/native/graphics/jni/corpus/webp-color-profile-lossless.webp
new file mode 100644
index 000000000000..4fd63d5794ff
--- /dev/null
+++ b/native/graphics/jni/corpus/webp-color-profile-lossless.webp
diff --git a/native/graphics/jni/fuzz_imagedecoder.cpp b/native/graphics/jni/fuzz_imagedecoder.cpp
index f2cd1a8f4eb9..015aca70e4e0 100644
--- a/native/graphics/jni/fuzz_imagedecoder.cpp
+++ b/native/graphics/jni/fuzz_imagedecoder.cpp
@@ -73,6 +73,12 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
         return 0;
     }
 
-    AImageDecoder_decodeImage(decoder.get(), pixels.get(), stride, pixelSize);
+    while (true) {
+        int result = AImageDecoder_decodeImage(decoder.get(), pixels.get(), stride, pixelSize);
+        if (result != ANDROID_IMAGE_DECODER_SUCCESS) break;
+
+        result = AImageDecoder_advanceFrame(decoder.get());
+        if (result != ANDROID_IMAGE_DECODER_SUCCESS) break;
+    }
     return 0;
 }
author	Leon Scroggins III <scroggo@google.com>	2021-01-13 14:32:59 -0500
committer	Leon Scroggins III <scroggo@google.com>	2021-01-14 11:57:39 -0500
commit	f63c349053b491f46ed8883684329353c6255194 (patch)
tree	2be45be5dfb2fc350f2434c9713adbac26d5e1c7 /native/graphics
parent	cc60f0d7334dd6557596fe4e1f87f9ef96e87be9 (diff)