-
Notifications
You must be signed in to change notification settings - Fork 377
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge #18353: tests: Add fuzzing harnesses for classes CBlockHeader, …
…CFeeRate and various functions 44abf41 tests: Add fuzzing harness for various functions taking std::string as input (practicalswift) d69145a tests: Add fuzzing harness for MultiplicationOverflow(...) (practicalswift) 7726f3b tests: Add fuzzing harness for CFeeRate (practicalswift) 0579a27 tests: Add fuzzing harness for CBlockHeader (practicalswift) cb4eec1 tests: Add fuzzing harness for count_seconds(...) (practicalswift) Pull request description: Add fuzzing harnesses for classes `CBlockHeader`, `CFeeRate` and various functions. To test this PR: ``` $ make distclean $ ./autogen.sh $ CC=clang CXX=clang++ ./configure --enable-fuzz \ --with-sanitizers=address,fuzzer,undefined $ make $ src/test/fuzz/block_header ^c (ctrl-c) $ src/test/fuzz/fee_rate ^c (ctrl-c) $ src/test/fuzz/integer ^c (ctrl-c) $ src/test/fuzz/multiplication_overflow ^c (ctrl-c) $ src/test/fuzz/string ^c (ctrl-c) ``` ACKs for top commit: MarcoFalke: ACK 44abf41 🏉 Tree-SHA512: 2b382a7bc8efdcc6dd8b79f1637f194ecdca3e522c6618ae6c4b0bf6f86d2e79b1bb1c7160522083600616d1ed509b2f577f3a512ea3a7825a0a3794578d9d90
- Loading branch information
Showing
7 changed files
with
289 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
// Copyright (c) 2020 The Bitcoin Core developers | ||
// Distributed under the MIT software license, see the accompanying | ||
// file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||
|
||
#include <optional.h> | ||
#include <primitives/block.h> | ||
#include <test/fuzz/FuzzedDataProvider.h> | ||
#include <test/fuzz/fuzz.h> | ||
#include <test/fuzz/util.h> | ||
#include <uint256.h> | ||
|
||
#include <cassert> | ||
#include <cstdint> | ||
#include <string> | ||
#include <vector> | ||
|
||
void test_one_input(const std::vector<uint8_t>& buffer) | ||
{ | ||
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); | ||
const Optional<CBlockHeader> block_header = ConsumeDeserializable<CBlockHeader>(fuzzed_data_provider); | ||
if (!block_header) { | ||
return; | ||
} | ||
{ | ||
const uint256 hash = block_header->GetHash(); | ||
static const uint256 u256_max(uint256S("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")); | ||
assert(hash != u256_max); | ||
assert(block_header->GetBlockTime() == block_header->nTime); | ||
assert(block_header->IsNull() == (block_header->nBits == 0)); | ||
} | ||
{ | ||
CBlockHeader mut_block_header = *block_header; | ||
mut_block_header.SetNull(); | ||
assert(mut_block_header.IsNull()); | ||
CBlock block{*block_header}; | ||
assert(block.GetBlockHeader().GetHash() == block_header->GetHash()); | ||
(void)block.ToString(); | ||
block.SetNull(); | ||
assert(block.GetBlockHeader().GetHash() == mut_block_header.GetHash()); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
// Copyright (c) 2020 The Bitcoin Core developers | ||
// Distributed under the MIT software license, see the accompanying | ||
// file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||
|
||
#include <amount.h> | ||
#include <policy/feerate.h> | ||
#include <test/fuzz/FuzzedDataProvider.h> | ||
#include <test/fuzz/fuzz.h> | ||
#include <test/fuzz/util.h> | ||
|
||
#include <cstdint> | ||
#include <limits> | ||
#include <string> | ||
#include <vector> | ||
|
||
void test_one_input(const std::vector<uint8_t>& buffer) | ||
{ | ||
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); | ||
const CAmount satoshis_per_k = ConsumeMoney(fuzzed_data_provider); | ||
const CFeeRate fee_rate{satoshis_per_k}; | ||
|
||
(void)fee_rate.GetFeePerK(); | ||
const size_t bytes = fuzzed_data_provider.ConsumeIntegral<size_t>(); | ||
if (!MultiplicationOverflow(static_cast<int64_t>(bytes), satoshis_per_k) && bytes <= static_cast<uint64_t>(std::numeric_limits<int64_t>::max())) { | ||
(void)fee_rate.GetFee(bytes); | ||
} | ||
(void)fee_rate.ToString(); | ||
|
||
const CAmount another_satoshis_per_k = ConsumeMoney(fuzzed_data_provider); | ||
CFeeRate larger_fee_rate{another_satoshis_per_k}; | ||
larger_fee_rate += fee_rate; | ||
if (satoshis_per_k != 0 && another_satoshis_per_k != 0) { | ||
assert(fee_rate < larger_fee_rate); | ||
assert(!(fee_rate > larger_fee_rate)); | ||
assert(!(fee_rate == larger_fee_rate)); | ||
assert(fee_rate <= larger_fee_rate); | ||
assert(!(fee_rate >= larger_fee_rate)); | ||
assert(fee_rate != larger_fee_rate); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
// Copyright (c) 2020 The Bitcoin Core developers | ||
// Distributed under the MIT software license, see the accompanying | ||
// file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||
|
||
#include <test/fuzz/FuzzedDataProvider.h> | ||
#include <test/fuzz/fuzz.h> | ||
#include <test/fuzz/util.h> | ||
|
||
#include <cstdint> | ||
#include <string> | ||
#include <vector> | ||
|
||
namespace { | ||
template <typename T> | ||
void TestMultiplicationOverflow(FuzzedDataProvider& fuzzed_data_provider) | ||
{ | ||
const T i = fuzzed_data_provider.ConsumeIntegral<T>(); | ||
const T j = fuzzed_data_provider.ConsumeIntegral<T>(); | ||
const bool is_multiplication_overflow_custom = MultiplicationOverflow(i, j); | ||
T result_builtin; | ||
const bool is_multiplication_overflow_builtin = __builtin_mul_overflow(i, j, &result_builtin); | ||
assert(is_multiplication_overflow_custom == is_multiplication_overflow_builtin); | ||
if (!is_multiplication_overflow_custom) { | ||
assert(i * j == result_builtin); | ||
} | ||
} | ||
} // namespace | ||
|
||
void test_one_input(const std::vector<uint8_t>& buffer) | ||
{ | ||
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); | ||
TestMultiplicationOverflow<int64_t>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<uint64_t>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<int32_t>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<uint32_t>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<int16_t>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<uint16_t>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<char>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<unsigned char>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<signed char>(fuzzed_data_provider); | ||
TestMultiplicationOverflow<bool>(fuzzed_data_provider); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
// Copyright (c) 2020 The Bitcoin Core developers | ||
// Distributed under the MIT software license, see the accompanying | ||
// file COPYING or http://www.opensource.org/licenses/mit-license.php. | ||
|
||
#include <blockfilter.h> | ||
#include <clientversion.h> | ||
#include <logging.h> | ||
#include <netbase.h> | ||
#include <outputtype.h> | ||
#include <rpc/client.h> | ||
#include <rpc/request.h> | ||
#include <rpc/server.h> | ||
#include <rpc/util.h> | ||
#include <script/descriptor.h> | ||
#include <test/fuzz/FuzzedDataProvider.h> | ||
#include <test/fuzz/fuzz.h> | ||
#include <test/fuzz/util.h> | ||
#include <util/error.h> | ||
#include <util/fees.h> | ||
#include <util/message.h> | ||
#include <util/settings.h> | ||
#include <util/strencodings.h> | ||
#include <util/string.h> | ||
#include <util/system.h> | ||
#include <util/translation.h> | ||
#include <util/url.h> | ||
|
||
#include <cstdint> | ||
#include <string> | ||
#include <vector> | ||
|
||
void test_one_input(const std::vector<uint8_t>& buffer) | ||
{ | ||
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); | ||
const std::string random_string_1 = fuzzed_data_provider.ConsumeRandomLengthString(32); | ||
const std::string random_string_2 = fuzzed_data_provider.ConsumeRandomLengthString(32); | ||
const std::vector<std::string> random_string_vector = ConsumeRandomLengthStringVector(fuzzed_data_provider); | ||
|
||
(void)AmountErrMsg(random_string_1, random_string_2); | ||
(void)AmountHighWarn(random_string_1); | ||
BlockFilterType block_filter_type; | ||
(void)BlockFilterTypeByName(random_string_1, block_filter_type); | ||
(void)Capitalize(random_string_1); | ||
(void)CopyrightHolders(random_string_1); | ||
FeeEstimateMode fee_estimate_mode; | ||
(void)FeeModeFromString(random_string_1, fee_estimate_mode); | ||
(void)FormatParagraph(random_string_1, fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, 1000), fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, 1000)); | ||
(void)FormatSubVersion(random_string_1, fuzzed_data_provider.ConsumeIntegral<int>(), random_string_vector); | ||
(void)GetDescriptorChecksum(random_string_1); | ||
(void)HelpExampleCli(random_string_1, random_string_2); | ||
(void)HelpExampleRpc(random_string_1, random_string_2); | ||
(void)HelpMessageGroup(random_string_1); | ||
(void)HelpMessageOpt(random_string_1, random_string_2); | ||
(void)IsDeprecatedRPCEnabled(random_string_1); | ||
(void)Join(random_string_vector, random_string_1); | ||
(void)JSONRPCError(fuzzed_data_provider.ConsumeIntegral<int>(), random_string_1); | ||
const util::Settings settings; | ||
(void)OnlyHasDefaultSectionSetting(settings, random_string_1, random_string_2); | ||
(void)ParseNetwork(random_string_1); | ||
try { | ||
(void)ParseNonRFCJSONValue(random_string_1); | ||
} catch (const std::runtime_error&) { | ||
} | ||
OutputType output_type; | ||
(void)ParseOutputType(random_string_1, output_type); | ||
(void)ResolveErrMsg(random_string_1, random_string_2); | ||
try { | ||
(void)RPCConvertNamedValues(random_string_1, random_string_vector); | ||
} catch (const std::runtime_error&) { | ||
} | ||
try { | ||
(void)RPCConvertValues(random_string_1, random_string_vector); | ||
} catch (const std::runtime_error&) { | ||
} | ||
(void)SanitizeString(random_string_1); | ||
(void)SanitizeString(random_string_1, fuzzed_data_provider.ConsumeIntegralInRange<int>(0, 3)); | ||
(void)ShellEscape(random_string_1); | ||
int port_out; | ||
std::string host_out; | ||
SplitHostPort(random_string_1, port_out, host_out); | ||
(void)TimingResistantEqual(random_string_1, random_string_2); | ||
(void)ToLower(random_string_1); | ||
(void)ToUpper(random_string_1); | ||
(void)TrimString(random_string_1); | ||
(void)TrimString(random_string_1, random_string_2); | ||
(void)urlDecode(random_string_1); | ||
(void)ValidAsCString(random_string_1); | ||
(void)_(random_string_1.c_str()); | ||
} |
Oops, something went wrong.