Fix scaling limit in advanced_api_fuzzer.c

config.options.scaled_width or config.options.scaled_height being 0
means a ratio-conservative scaling so 7361842 was not enough.

Change-Id: Ib75241eb683cf824bc46222c5c07535b6c6d7313

1 files changed, 11 insertions, 5 deletions

diff --git a/tests/fuzzer/advanced_api_fuzzer.c b/tests/fuzzer/advanced_api_fuzzer.c
index ab183b1c..291d0c03 100644
--- a/tests/fuzzer/advanced_api_fuzzer.c
+++ b/tests/fuzzer/advanced_api_fuzzer.c
@@ -14,9 +14,11 @@
 //
 ////////////////////////////////////////////////////////////////////////////////
 
+#include <stdint.h>
 #include <string.h>
 
 #include "./fuzz_utils.h"
+#include "src/utils/rescaler_utils.h"
 #include "src/webp/decode.h"
 
 int LLVMFuzzerTestOneInput(const uint8_t* const data, size_t size) {
@@ -73,11 +75,15 @@ int LLVMFuzzerTestOneInput(const uint8_t* const data, size_t size) {
       memcpy(&config.options, data + data_offset, sizeof(config.options));
 
       // Skip easily avoidable out-of-memory fuzzing errors.
-      if (config.options.use_scaling && config.options.scaled_width > 0 &&
-          config.options.scaled_height > 0 &&
-          (size_t)config.options.scaled_width * config.options.scaled_height >
-              kFuzzPxLimit) {
-        break;
+      if (config.options.use_scaling) {
+        int scaled_width = config.options.scaled_width;
+        int scaled_height = config.options.scaled_height;
+        if (WebPRescalerGetScaledDimensions(config.input.width,
+                                            config.input.height, &scaled_width,
+                                            &scaled_height) &&
+            (uint64_t)scaled_width * scaled_height > kFuzzPxLimit) {
+          break;
+        }
       }
     }
     if (size % 3) {