Integration for libvorbis (#1249)

* add libvorbis

* remove maxlen we don't need

* add msan

projects/vorbis/Dockerfile

@@ -0,0 +1,25 @@
+# Copyright 2018 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM gcr.io/oss-fuzz-base/base-builder
+MAINTAINER paul.l.kehrer@mail.com
+RUN apt-get update && apt-get install -y make autoconf automake libtool pkg-config
+RUN git clone https://git.xiph.org/ogg.git
+RUN git clone https://git.xiph.org/vorbis.git
+ADD decode_fuzzer.cc $SRC/
+ADD https://upload.wikimedia.org/wikipedia/commons/f/f9/Beep_example.ogg $SRC/sample.ogg
+WORKDIR vorbis
+COPY build.sh $SRC/

projects/vorbis/build.sh

@@ -0,0 +1,39 @@
+#!/bin/bash -eu
+# Copyright 2018 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+cd $SRC
+
+mkdir decode_corpus
+mv sample.ogg decode_corpus/
+zip -r "$OUT/decode_fuzzer_seed_corpus.zip" decode_corpus/
+
+cd $SRC/ogg
+./autogen.sh
+./configure --prefix="$WORK" --enable-static --disable-shared --disable-crc
+make clean
+make -j$(nproc)
+make install
+
+
+cd $SRC/vorbis
+./autogen.sh
+./configure --prefix="$WORK" --enable-static --disable-shared
+make clean
+make -j$(nproc)
+make install
+
+$CXX $CXXFLAGS $SRC/decode_fuzzer.cc -o $OUT/decode_fuzzer -L"$WORK/lib" -I"$WORK/include" -lFuzzingEngine -lvorbisfile -lvorbis -logg

projects/vorbis/decode_fuzzer.cc

@@ -0,0 +1,48 @@
+#include <stdio.h>
+#include <string.h>
+#include <cstdint>
+#include <vorbis/vorbisfile.h>
+
+struct vorbis_data {
+  const uint8_t *current;
+  const uint8_t *data;
+  size_t size;
+};
+
+size_t read_func(void *ptr, size_t size1, size_t size2, void *datasource) {
+  vorbis_data* vd = (vorbis_data *)(datasource);
+  size_t len = size1 * size2;
+  if (vd->current + len > vd->data + vd->size) {
+      len = vd->data + vd->size - vd->current;
+  }
+  memcpy(ptr, vd->current, len);
+  vd->current += len;
+  return len;
+}
+
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+  ov_callbacks memory_callbacks = {0};
+  memory_callbacks.read_func = read_func;
+  vorbis_data data_st;
+  data_st.size = Size;
+  data_st.current = Data;
+  data_st.data = Data;
+  OggVorbis_File vf;
+  int result = ov_open_callbacks(&data_st, &vf, NULL, 0, memory_callbacks);
+  if (result < 0) {
+    return 0;
+  }
+  int current_section = 0;
+  int eof = 0;
+  char buf[4096];
+  int read_result;
+  while (!eof) {
+    read_result = ov_read(&vf, buf, sizeof(buf), 0, 2, 1, &current_section);
+    if (read_result != OV_HOLE && read_result <= 0) {
+      eof = 1;
+    }
+  }
+  ov_clear(&vf);
+  return 0;
+}

projects/vorbis/project.yaml

@@ -0,0 +1,8 @@
+homepage: "https://xiph.org/vorbis/"
+primary_contact: "daede003@umn.edu"
+auto_ccs:
+  - paul.l.kehrer@gmail.com
+  - agaynor@mozilla.com
+sanitizers:
+  - address
+  - memory