1 // Copyright 2019 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <stdint.h>
6
7 #include "cast/streaming/sender_report_parser.h"
8 #include "platform/api/time.h"
9
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)10 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
11 using openscreen::cast::RtcpSenderReport;
12 using openscreen::cast::RtcpSession;
13 using openscreen::cast::SenderReportParser;
14 using openscreen::cast::Ssrc;
15
16 constexpr Ssrc kSenderSsrcInSeedCorpus = 1;
17 constexpr Ssrc kReceiverSsrcInSeedCorpus = 2;
18
19 // Allocate the RtcpSession and SenderReportParser statically (i.e., one-time
20 // init) to improve the fuzzer's execution rate. This is because RtcpSession
21 // also contains a NtpTimeConverter, which samples the system clock at
22 // construction time. There is no reason to re-construct these objects for
23 // each fuzzer test input.
24 #pragma clang diagnostic push
25 #pragma clang diagnostic ignored "-Wexit-time-destructors"
26 static RtcpSession session(kSenderSsrcInSeedCorpus, kReceiverSsrcInSeedCorpus,
27 openscreen::Clock::now());
28 static SenderReportParser parser(&session);
29 #pragma clang diagnostic pop
30
31 parser.Parse(absl::Span<const uint8_t>(data, size));
32
33 return 0;
34 }
35
36 #if defined(NEEDS_MAIN_TO_CALL_FUZZER_DRIVER)
37
38 // Forward declarations of Clang's built-in libFuzzer driver.
39 namespace fuzzer {
40 using TestOneInputCallback = int (*)(const uint8_t* data, size_t size);
41 int FuzzerDriver(int* argc, char*** argv, TestOneInputCallback callback);
42 } // namespace fuzzer
43
main(int argc,char * argv[])44 int main(int argc, char* argv[]) {
45 return fuzzer::FuzzerDriver(&argc, &argv, LLVMFuzzerTestOneInput);
46 }
47
48 #endif // defined(NEEDS_MAIN_TO_CALL_FUZZER_DRIVER)
49