fuzz: fix checks on number of required sigs and keys in multisig scripts #23091

pull mjdietzx wants to merge 1 commits into bitcoin:master from mjdietzx:fuzz_extract_destinations_bug_fix changing 1 files +2 −2
  1. mjdietzx commented at 12:06 AM on September 25, 2021: contributor

    Fuzz test coverage was added around the ExtractDestination(s) functions in a29f522ba4aa71582b54025c5682b4c1687ae9f3. This commit contained an incorrect assertion that the number of required signatures in a multisig script was equal to the number of addresses. This is incorrect, as for an m-of-n multisig, m <= n.

    a29f522ba4aa71582b54025c5682b4c1687ae9f3 also had an incorrect assertion on the maximum number of public keys per multisig. It checked that the number of keys was less than or equal to 16. This is incorrect, as it should be <= 20 (see MAX_PUBKEYS_PER_MULTISIG).

    Both of these incorrect assertions are fixed in this commit accordingly.

    Note: this is sort of moot because this behavior is deprecated and these fuzz tests are slated for removal in v23 when the deprecation period for -deprecatedrpc=addresses ends. However, for correctness and just in case, it's fixed here.

    Noticed here: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39152 Moot because this PR #22650 gets rid of all this code anyways

    <!-- *** Please remove the following help text before submitting: *** Pull requests without a rationale and clear improvement may be closed immediately. GUI-related pull requests should be opened against https://github.com/bitcoin-core/gui first. See CONTRIBUTING.md -->

    <!-- Please provide clear motivation for your patch and explain how it improves Bitcoin Core user experience or Bitcoin Core developer experience significantly: * Any test improvements or new tests that improve coverage are always welcome. * All other changes should have accompanying unit tests (see `src/test/`) or functional tests (see `test/`). Contributors should note which tests cover modified code. If no tests exist for a region of modified code, new tests should accompany the change. * Bug fixes are most welcome when they come with steps to reproduce or an explanation of the potential issue as well as reasoning for the way the bug was fixed. * Features are welcome, but might be rejected due to design or scope issues. If a feature is based on a lot of dependencies, contributors should first consider building the system outside of Bitcoin Core, if possible. * Refactoring changes are only accepted if they are required for a feature or bug fix or otherwise improve developer experience significantly. For example, most "code style" refactoring changes require a thorough explanation why they are useful, what downsides they have and why they *significantly* improve developer experience or avoid serious programming bugs. Note that code style is often a subjective matter. Unless they are explicitly mentioned to be preferred in the [developer notes](/doc/developer-notes.md), stylistic code changes are usually rejected. -->

    <!-- Bitcoin Core has a thorough review process and even the most trivial change needs to pass a lot of eyes and requires non-zero or even substantial time effort to review. There is a huge lack of active reviewers on the project, so patches often sit for a long time. -->

  2. fanquake added the label Tests on Sep 25, 2021
  3. darosior commented at 7:17 AM on September 25, 2021: member

    The line just above asserts:

    assert(required_ret >= 1 && required_ret <= 16);

    This is wrong, too. You could have up to 20 keys in a CHECKMULTISIG. Could you correct it too while you're at it?

  4. fuzz: fix checks on number of required sigs and keys in multisig scripts
    Fuzz test coverage was added around the ExtractDestination(s) functions in
a29f522ba4aa71582b54025c5682b4c1687ae9f3. This commit contained an incorrect
assertion that the number of required signatures in a multisig script was equal
to the number of addresses. This is incorrect, as for an m-of-n multisig, m <= n.

a29f522ba4aa71582b54025c5682b4c1687ae9f3 also had an incorrect assertion on
the maximum number of public keys per multisig. It checked that the number of
keys was less than or equal to 16. This is incorrect, as it should be <= 20
(see MAX_PUBKEYS_PER_MULTISIG).

Both of these incorrect assertions are fixed in this commit accordingly.

Note: this is sort of moot because this behavior is deprecated and these
fuzz tests are slated for removal in v23 when the deprecation period for
-deprecatedrpc=addresses ends. However, for correctness and just in case,
it's fixed here.
    09d29b52c8
  5. mjdietzx force-pushed on Sep 25, 2021
  6. mjdietzx renamed this:
    fuzz: fix assertion on the number of required sigs in a bare multisig script
    fuzz: fix checks on number of required sigs and keys in multisig scripts
    on Sep 25, 2021
  7. mjdietzx commented at 2:18 PM on September 25, 2021: contributor

    You could have up to 20 keys in a CHECKMULTISIG. Could you correct it too while you're at it?

    Nice catch @darosior, I fixed as suggested in this commit

  8. DrahtBot commented at 2:56 PM on September 25, 2021: member

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--174a7506f384e20aa4161008e828411d-->

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #22650 (Remove -deprecatedrpc=addresses flag and corresponding code/logic by mjdietzx)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  9. darosior commented at 10:22 AM on September 26, 2021: member

    utACK 09d29b52c836a409b19c38be7f8f34b1bac95c91

  10. DrahtBot commented at 10:12 PM on September 28, 2021: member

    <!--cf906140f33d8803c4a75a2196329ecb-->

    🐙 This pull request conflicts with the target branch and needs rebase.

    <sub>Want to unsubscribe from rebase notifications on this pull request? Just convert this pull request to a "draft".</sub>

  11. DrahtBot added the label Needs rebase on Sep 28, 2021
  12. mjdietzx commented at 10:35 PM on September 28, 2021: contributor

    PR #22650 got merged before this, which deleted all of the code this would have corrected, therefore this PR is unnecessary and I'm closing it

  13. mjdietzx closed this on Sep 28, 2021
  14. mjdietzx deleted the branch on Sep 28, 2021
  15. DrahtBot locked this on Oct 30, 2022
Contributors
mjdietzxdarosiorDrahtBot
Labels
TestsNeeds rebase
Linked (view graph)
#22650 Remove -deprecatedrpc=addresses flag and corresponding code/logic
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me