mpg123: limit fuzzer runtime (#2832)

* mpg123: limit runtime of decode_fuzzer

To avoid spurious timeout reports, the test shall end after 10000 MPEG frames
or 1 MiB of data, which should both be reasonable numbers. The timeout
report motivating this had 500K with 140k bad frames. The limit of
10000 frames corresponds to a normal radio song as MP3 stream.

* mpg123: limit runtime of read_fuzzer

This applies the same logic as the decode fuzzer: stop decoding after
10000 MPEG frames or 1 MiB of input data. We could debate a bigger
limit on the data size, but we do want compact testcases, right?

projects/mpg123/decode_fuzzer.cc

@@ -36,7 +36,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
   FuzzedDataProvider provider(data, size);
   while ((decode_ret != MPG123_ERR)) {
     if (decode_ret == MPG123_NEED_MORE) {
-      if (provider.remaining_bytes() == 0) {
+      if (provider.remaining_bytes() == 0
+          || mpg123_tellframe(handle) > 10000
+          || mpg123_tell_stream(handle) > 1<<20) {
         break;
       }
       const size_t next_size = provider.ConsumeIntegralInRange<size_t>(

projects/mpg123/read_fuzzer.c

@@ -75,7 +75,8 @@ int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
     do {
       size_t decoded_size;
       read_error = mpg123_read(handle, outmemory, outmemorysize, &decoded_size);
-    } while (read_error == MPG123_OK);
+    } while (read_error == MPG123_OK && mpg123_tellframe(handle) <= 10000
+          && mpg123_tell_stream(handle) <= 1<<20);
   }
 
   mpg123_close(handle);