Merge #17093: tests: Add fuzzing harness for various CTx{In,Out} related functions

d5766f223f627bf2eb731ce8552dfafa2b824378 tests: Add corpora suppression (FUZZERS_MISSING_CORPORA) for fuzzers missing in https://github.com/bitcoin-core/qa-assets/tree/master/fuzz_seed_corpus (practicalswift)
e75ecb91c730115290e1201371492c2cd334e9b4 tests: Add fuzzing harness for various CTxOut related functions (practicalswift)
ce935292c041162e160d95fc6afeda3dceded2cf tests: Add fuzzing harness for various CTxIn related functions (practicalswift)

Pull request description:

  Add fuzzing harness for various `CTx{In,Out}` related functions.

  **Testing this PR**

  Run:

  ```
  $ CC=clang CXX=clang++ ./configure --enable-fuzz --with-sanitizers=address,fuzzer,undefined
  $ make
  $ src/test/fuzz/tx_in
  …
  $ src/test/fuzz/tx_out
  …
  # And to to quickly verify that the relevant code regions are triggered, that the
  # fuzzing throughput seems reasonable, etc.
  $ contrib/devtools/test_fuzzing_harnesses.sh '^tx_'
  ```

  `test_fuzzing_harnesses.sh` can be found in PR #17000.

Top commit has no ACKs.

Tree-SHA512: f1374307a2581ebc3968d012ea2438061bbb84ece068e584fae9750669a6cd003723dde14db88e77c9579281ecd4eaa2a7ff0614f253d8c075e6dd16dd2e68d5
This commit is contained in:
MarcoFalke 2019-12-09 15:11:59 -05:00 committed by pasta
parent f12ca55d84
commit 853592e0f5
4 changed files with 84 additions and 0 deletions

View File

@ -42,7 +42,9 @@ FUZZ_TARGETS = \
test/fuzz/service_deserialize \
test/fuzz/sub_net_deserialize \
test/fuzz/transaction \
test/fuzz/tx_in \
test/fuzz/tx_in_deserialize \
test/fuzz/tx_out \
test/fuzz/txoutcompressor_deserialize \
test/fuzz/txundo_deserialize
@ -466,6 +468,18 @@ test_fuzz_tx_in_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
test_fuzz_tx_in_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) $(LDFLAGS_WRAP_EXCEPTIONS)
test_fuzz_tx_in_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON)
test_fuzz_tx_in_SOURCES = $(FUZZ_SUITE) test/fuzz/tx_in.cpp
test_fuzz_tx_in_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
test_fuzz_tx_in_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
test_fuzz_tx_in_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
test_fuzz_tx_in_LDADD = $(FUZZ_SUITE_LD_COMMON)
test_fuzz_tx_out_SOURCES = $(FUZZ_SUITE) test/fuzz/tx_out.cpp
test_fuzz_tx_out_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
test_fuzz_tx_out_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
test_fuzz_tx_out_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
test_fuzz_tx_out_LDADD = $(FUZZ_SUITE_LD_COMMON)
endif # ENABLE_FUZZ
nodist_test_test_dash_SOURCES = $(GENERATED_TEST_FILES)

33
src/test/fuzz/tx_in.cpp Normal file
View File

@ -0,0 +1,33 @@
// Copyright (c) 2019 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include <consensus/validation.h>
#include <core_memusage.h>
#include <policy/policy.h>
#include <primitives/transaction.h>
#include <streams.h>
#include <test/fuzz/fuzz.h>
#include <version.h>
#include <cassert>
void test_one_input(const std::vector<uint8_t>& buffer)
{
CDataStream ds(buffer, SER_NETWORK, INIT_PROTO_VERSION);
CTxIn tx_in;
try {
int version;
ds >> version;
ds.SetVersion(version);
ds >> tx_in;
} catch (const std::ios_base::failure&) {
return;
}
(void)GetTransactionInputWeight(tx_in);
(void)GetVirtualTransactionInputSize(tx_in);
(void)RecursiveDynamicUsage(tx_in);
(void)tx_in.ToString();
}

35
src/test/fuzz/tx_out.cpp Normal file
View File

@ -0,0 +1,35 @@
// Copyright (c) 2019 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include <consensus/validation.h>
#include <core_memusage.h>
#include <policy/policy.h>
#include <primitives/transaction.h>
#include <streams.h>
#include <test/fuzz/fuzz.h>
#include <version.h>
void test_one_input(const std::vector<uint8_t>& buffer)
{
CDataStream ds(buffer, SER_NETWORK, INIT_PROTO_VERSION);
CTxOut tx_out;
try {
int version;
ds >> version;
ds.SetVersion(version);
ds >> tx_out;
} catch (const std::ios_base::failure&) {
return;
}
const CFeeRate dust_relay_fee{DUST_RELAY_TX_FEE};
(void)GetDustThreshold(tx_out, dust_relay_fee);
(void)IsDust(tx_out, dust_relay_fee);
(void)RecursiveDynamicUsage(tx_out);
(void)tx_out.ToString();
(void)tx_out.IsNull();
tx_out.SetNull();
assert(tx_out.IsNull());
}

View File

@ -32,6 +32,8 @@ FUZZERS_MISSING_CORPORA = [
"script_deserialize",
"sub_net_deserialize",
"tx_in_deserialize",
"tx_in",
"tx_out",
]
def main():