Cap vp9 fuzzer frame size to prevent OOM Bug: chromium:1009073 Change-Id: I3583e6751249e42decb1f5d48afe10f0d8bd0a1a Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/156360 Reviewed-by: Ilya Nikolaevskiy <ilnik@webrtc.org> Commit-Queue: Kuang-che Wu <kcwu@google.com> Cr-Commit-Position: refs/heads/master@{#29433}

commit: c466f080dd195e2361f1f6c493c2db552d6855aa [log] [tgz]
author: Kuang-che Wu <kcwu@google.com> Thu Oct 10 12:25:10 2019
committer: Commit Bot <commit-bot@chromium.org> Thu Oct 10 13:29:40 2019
tree: 6e917fc77143bb10de261d6c06fd8c43d53f088f
parent: cd0eedb2483b8a1cb07c953f0c06aeec8ce6f144 [diff]
diff --git a/modules/video_coding/codecs/vp9/vp9_frame_buffer_pool.cc b/modules/video_coding/codecs/vp9/vp9_frame_buffer_pool.cc
index fe9a974..372a813 100644
--- a/modules/video_coding/codecs/vp9/vp9_frame_buffer_pool.cc
+++ b/modules/video_coding/codecs/vp9/vp9_frame_buffer_pool.cc

@@ -108,6 +108,14 @@
                                               vpx_codec_frame_buffer* fb) {
   RTC_DCHECK(user_priv);
   RTC_DCHECK(fb);
+
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+  // Limit size of 8k YUV highdef frame
+  size_t size_limit = 7680 * 4320 * 3 / 2 * 2;
+  if (min_size > size_limit)
+    return -1;
+#endif
+
   Vp9FrameBufferPool* pool = static_cast<Vp9FrameBufferPool*>(user_priv);
 
   rtc::scoped_refptr<Vp9FrameBuffer> buffer = pool->GetFrameBuffer(min_size);
commit	c466f080dd195e2361f1f6c493c2db552d6855aa	[log] [tgz]
author	Kuang-che Wu <kcwu@google.com>	Thu Oct 10 12:25:10 2019
committer	Commit Bot <commit-bot@chromium.org>	Thu Oct 10 13:29:40 2019
tree	6e917fc77143bb10de261d6c06fd8c43d53f088f
parent	cd0eedb2483b8a1cb07c953f0c06aeec8ce6f144 [diff]