Add seeds #13

pull practicalswift wants to merge 1 commits into bitcoin-core:master from practicalswift:seeds-2020-05-15 changing 2032 files +773 −0

practicalswift commented at 8:54 AM on May 15, 2020: contributor

Add seeds.
Add seeds b441fd5d69
in fuzz_seed_corpus/key_io/3c08fa339e6f5716dc96c98c24b7e4eb1fe24533:1 in b441fd5d69
```
   0 | @@ -0,0 +1 @@
   1 | +an83characterlongahmnureapartthatcontainsthenumber2and}heexcludedcharactersbio1tt5tgs
```
maflcko commented at 9:58 AM on May 15, 2020:

How did you add this seed? Manually or did the fuzzer add this?

practicalswift commented at 3:03 PM on May 15, 2020:

I blame the fuzzer :)

Do you think there is a chance that https://github.com/bitcoin/bitcoin/pull/18634 will be merged? That would allow me to submit QA seeds more easily.
maflcko commented at 3:06 PM on May 15, 2020:

I blame the fuzzer :)

How is this possible?

The string is from

src/test/bech32_tests.cpp: "an83characterlonghumanreadablepartthatcontainsthenumber1andtheexcludedcharactersbio1tt5tgs",

the unit tests are neither compiled nor linked into the fuzz binary.

How did the fuzzer get access to that source code?
maflcko commented at 3:07 PM on May 15, 2020:

Oh, you are saying the provider that does the fuzzing for you did this?

practicalswift commented at 3:36 PM on May 15, 2020:

Oh, now I think I know the source: I have a huge corpus of inputs which contains things such as string literals, constants, etc from our source code. I use them as additional inputs when fuzzing. It seems like such a case have been picked up and mutated in a way that generated interesting coverage.

So it is a combination of manual and fuzzing work.

Oh, you are saying the provider that does the fuzzing for you did this?

Nope, not this case :)

maflcko commented at 3:58 PM on May 15, 2020:

I have a huge corpus of inputs which contains things such as string literals

Thanks for clarifying. It would be highly concerning if a fuzz engine went out to read arbitrary files on the system.

maflcko commented at 3:59 PM on May 15, 2020:

Can you explain how https://github.com/bitcoin/bitcoin/pull/18634 is going to simply you workflow? Is this provider the primary source of the seeds you are generating?

practicalswift commented at 4:25 PM on May 15, 2020:

No, the primary source of the seeds I'm generating is my own fuzzing farm: that is where I have most of my fuzzing capacity.

Fuzzbuzz would simply be a nice addition that would allow us to get an initial set of seeds for newly added fuzzers much quicker than today:

Currently there is quite a lag between when a new fuzzer is added to master and when I submit a matching seed corpus to this repo.

If the submitted configuration file is added to the repo then my fuzzbuzz account would immediately and automatically start generating coverage increasing inputs for any new fuzzing target added to master.

I would then submit those inputs for new targets to this repo quickly using a scripted procedure.

My end goal is to make it so that if a fuzzing harness is added in master then a matching set of inputs should be submitted here automatically quite quickly :)

(I'm describing my own use case here, but just like the Cirrus CI opt-in integration file simplifies life for people interested in cloud testing under *BSD the Fuzzbuzz opt-in integration file would simplify life for people interested in cloud testing using libFuzzer :))
maflcko merged this on May 15, 2020
maflcko closed this on May 15, 2020

Contributors

practicalswift

maflcko

Linked (view graph)

#180 Add Murch’s fuzz seeds April 2024