fuzz: BIP324: damage ciphertext/aad in full byte range #28951

pull theStack wants to merge 1 commits into bitcoin:master from theStack:202311-fuzz-bip324-damage_in_full_byte_range changing 1 files +1 −1
  1. theStack commented at 1:37 am on November 28, 2023: contributor

    This PR is a tiny improvement for the bip324_cipher_roundtrip fuzz target: currently the damaging of input data for decryption (either ciphertext or aad) only ever happens in the lower nibble within the byte at the damage position, as the bit position for the damage_val byte was calculated with damage_bit & 3 (corresponding to % 4) rather than damage_bit & 7 (corresponding to the expected % 8).

    Noticed while reviewing #28263 which uses similar constructs.

  2. fuzz: BIP324: damage ciphertext/aad in full byte range 
    Currently the damaging of input data for decryption (either ciphertext
or aad) only ever happens in the lower nibble within the byte at the
damage position, as the bit position for the `damage_val` byte was
calculated with `damage_bit & 3` (corresponding to `% 4`) rather than
`damage_bit & 7` (corresponding to the expected `% 8`).
    e67634ef19
  3. DrahtBot commented at 1:37 am on November 28, 2023: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Code Coverage

    For detailed information about the code coverage, see the test coverage report.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK stratospher, dergoegge

    If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

  4. DrahtBot added the label Tests on Nov 28, 2023
  5. stratospher commented at 7:47 am on November 28, 2023: contributor
    ACK e67634ef.
  6. fanquake requested review from dergoegge on Nov 28, 2023
  7. in src/test/fuzz/bip324.cpp:101 in e67634ef19 
     97@@ -98,7 +98,7 @@ FUZZ_TARGET(bip324_cipher_roundtrip, .init=Initialize)
 98             unsigned damage_bit = provider.ConsumeIntegralInRange<unsigned>(0,
 99                 (ciphertext.size() + aad.size()) * 8U - 1U);
100             unsigned damage_pos = damage_bit >> 3;
101-            std::byte damage_val{(uint8_t)(1U << (damage_bit & 3))};
102+            std::byte damage_val{(uint8_t)(1U << (damage_bit & 7))};
    dergoegge commented at 11:24 am on November 28, 2023:

    nit: Maybe just use % instead? That reads a bit easier and probably would have avoided this in the first place.

    0            std::byte damage_val{(uint8_t)(1U << (damage_bit % 8))};
    theStack commented at 4:05 pm on November 28, 2023:

    Good point, I agree. In a similar sense, the damage position should probably be calculated as damage_bit / 8 instead of a right-shift by 3. I assume the original motivation for using “bit-fiddling” instead was performance (worries that the modulus operation is significantly slower), but it seems both variants emit the same code on recent compilers, even without optimization turned on: https://godbolt.org/z/EjY59a36s

    Will leave the PR as it is now, as it has already two ACKs, but will consider working on a follow-up PR that replaces more constructs like this (i.e. division and bitwise AND with a powers-of-two constant) in our code-base.

  8. dergoegge approved
  9. dergoegge commented at 11:34 am on November 28, 2023: member
    utACK e67634ef19db310511a22f461bb1af7edb3d862b
  10. fanquake merged this on Nov 30, 2023
  11. fanquake closed this on Nov 30, 2023
  12. theStack deleted the branch on Nov 30, 2023


theStack DrahtBot stratospher dergoegge

Labels
Tests

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-07-01 19:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me