tools/target_bsf_fuzzer: Call av_bsf_flush() in a fuzzer choosen pattern

This should increase coverage.

Based on a commit by Michael Niedermayer

Signed-off-by: James Almer <jamrial@gmail.com>

1 files changed, 6 insertions, 0 deletions

diff --git a/tools/target_bsf_fuzzer.c b/tools/target_bsf_fuzzer.c
index 5d9f90075d..da8d62dd0b 100644
--- a/tools/target_bsf_fuzzer.c
+++ b/tools/target_bsf_fuzzer.c
@@ -43,6 +43,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
     AVBSFContext *bsf = NULL;
     AVPacket in, out;
     uint64_t keyframes = 0;
+    uint64_t flushpattern = -1;
     int res;
 
     if (!f) {
@@ -86,6 +87,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         bsf->par_in->channels                   = (unsigned)bytestream2_get_le32(&gbc) % FF_SANE_NB_CHANNELS;
         bsf->par_in->block_align                = bytestream2_get_le32(&gbc);
         keyframes                               = bytestream2_get_le64(&gbc);
+        flushpattern                            = bytestream2_get_le64(&gbc);
 
         if (extradata_size < size) {
             bsf->par_in->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE);
@@ -128,6 +130,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         data += sizeof(fuzz_tag);
         last = data;
 
+        if (!(flushpattern & 7))
+            av_bsf_flush(bsf);
+        flushpattern = (flushpattern >> 3) + (flushpattern << 61);
+
         while (in.size) {
             res = av_bsf_send_packet(bsf, &in);
             if (res < 0 && res != AVERROR(EAGAIN))