test: Add fuzzing harnesses for various classes/functions in primitives/ #18744

pull practicalswift wants to merge 2 commits into bitcoin:master from practicalswift:fuzzers-2020-04-22 changing 3 files +45 −0

practicalswift commented at 8:22 PM on April 22, 2020: contributor

Add fuzzing harnesses for various classes/functions in primitives/.

See doc/fuzzing.md for information on how to fuzz Bitcoin Core. Don't forget to contribute any coverage increasing inputs you find to the Bitcoin Core fuzzing corpus repo.

Happy fuzzing :)
tests: Add fuzzing harness for functions in primitives/block.h d5a31b7cb4
DrahtBot added the label Tests on Apr 22, 2020

in src/test/fuzz/transaction.cpp:119 in 92d8fa6d14 outdated

 112 | @@ -111,4 +113,24 @@ void test_one_input(const std::vector<uint8_t>& buffer)
 113 |          static const uint256 u256_max(uint256S("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"));
 114 |          TxToUniv(tx, u256_max, u);
 115 |      }
 116 | +
 117 | +    {
 118 | +        FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
 119 | +        const CScript script = ConsumeScript(fuzzed_data_provider);

MarcoFalke commented at 11:50 AM on April 23, 2020:

This code will never be executed when the buffer does not start with a valid transaction

practicalswift commented at 9:29 AM on April 24, 2020:

Oh, good catch! Thanks a lot for noticing! I missed the return:s above (L37/42/45/61). Now fixed. Please re-review updated version :)

practicalswift force-pushed on Apr 24, 2020
tests: Add fuzzing harness for functions in primitives/transaction.h fd8e99da57
in src/test/fuzz/transaction.cpp:51 in b97f3d036d outdated
```
  46 | +        if (mutable_tx_1 && mutable_tx_2) {
  47 | +            const CTransaction tx_1{*mutable_tx_1};
  48 | +            const CTransaction tx_2{*mutable_tx_2};
  49 | +            assert((tx_1 == tx_2) != (tx_1 != tx_2));
  50 | +        }
  51 | +    }
```
MarcoFalke commented at 11:32 AM on April 24, 2020:

It still seems odd. How do you know that the fuzzer won't favor inputs that start with a valid transaction and is more likely to discard inputs that do not?

practicalswift commented at 12:17 PM on April 24, 2020:

I see your point: yes, it could confuse fuzzers. To rule out that possibility I've now moved this to a new fuzzing harness file :)
practicalswift force-pushed on Apr 24, 2020
practicalswift renamed this:
~~tests: Add fuzzing harnesses for various classes/functions in primitives/~~
test: Add fuzzing harnesses for various classes/functions in primitives/
on Apr 24, 2020
DrahtBot commented at 12:40 PM on April 24, 2020: member


The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.



Conflicts

Reviewers, this pull request conflicts with the following ones:
- #18736 (test: Add fuzzing harnesses for various classes/functions in util/ by practicalswift)
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.
MarcoFalke merged this on Apr 25, 2020
MarcoFalke closed this on Apr 25, 2020
sidhujag referenced this in commit 9031fe99b3 on Apr 25, 2020
deadalnix referenced this in commit 963a1a09a0 on Jan 22, 2021
practicalswift deleted the branch on Apr 10, 2021
PastaPastaPasta referenced this in commit a515380cdd on Jul 17, 2022
kittywhiskers referenced this in commit 1c1b7e2f9f on Aug 11, 2022
DrahtBot locked this on Aug 16, 2022

Contributors

Labels

test: Add fuzzing harnesses for various classes/functions in primitives/ #18744

Conflicts