diff options
| author | MarcoFalke <*~=`'#}+{/-|&$^_@721217.xyz> | 2023-12-14 12:40:17 +0100 |
|---|---|---|
| committer | MarcoFalke <*~=`'#}+{/-|&$^_@721217.xyz> | 2023-12-14 12:39:02 +0100 |
| commit | fa769d3e41daec696452b8a0a8753ba511b0a4b5 (patch) | |
| tree | 4e0ebfca8d98aa673403d8e3725366ff1dfc1b43 | |
| parent | 9f0f83d6509a214b827f5110c0f857b494ae854c (diff) | |
fuzz: Limit p2p fuzz targets to MAX_PROTOCOL_MESSAGE_LENGTH
| -rw-r--r-- | src/test/fuzz/process_message.cpp | 11 | ||||
| -rw-r--r-- | src/test/fuzz/process_messages.cpp | 3 |
2 files changed, 3 insertions, 11 deletions
diff --git a/src/test/fuzz/process_message.cpp b/src/test/fuzz/process_message.cpp index acb03ac5fc..56b391ed5c 100644 --- a/src/test/fuzz/process_message.cpp +++ b/src/test/fuzz/process_message.cpp @@ -1,4 +1,4 @@ -// Copyright (c) 2020-2022 The Bitcoin Core developers +// Copyright (c) 2020-present The Bitcoin Core developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. @@ -8,9 +8,6 @@ #include <primitives/transaction.h> #include <protocol.h> #include <script/script.h> -#include <serialize.h> -#include <span.h> -#include <streams.h> #include <sync.h> #include <test/fuzz/FuzzedDataProvider.h> #include <test/fuzz/fuzz.h> @@ -20,13 +17,10 @@ #include <test/util/net.h> #include <test/util/setup_common.h> #include <test/util/validation.h> -#include <util/chaintype.h> #include <util/check.h> #include <util/time.h> -#include <validation.h> #include <validationinterface.h> -#include <atomic> #include <cstdlib> #include <iostream> #include <memory> @@ -81,8 +75,7 @@ FUZZ_TARGET(process_message, .init = initialize_process_message) CSerializedNetMsg net_msg; net_msg.m_type = random_message_type; - // fuzzed_data_provider is fully consumed after this call, don't use it - net_msg.data = fuzzed_data_provider.ConsumeRemainingBytes<unsigned char>(); + net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider, MAX_PROTOCOL_MESSAGE_LENGTH); connman.FlushSendBuffer(p2p_node); (void)connman.ReceiveMsgFrom(p2p_node, std::move(net_msg)); diff --git a/src/test/fuzz/process_messages.cpp b/src/test/fuzz/process_messages.cpp index 3f722f60ee..6b264907b5 100644 --- a/src/test/fuzz/process_messages.cpp +++ b/src/test/fuzz/process_messages.cpp @@ -16,7 +16,6 @@ #include <test/util/net.h> #include <test/util/setup_common.h> #include <test/util/validation.h> -#include <util/chaintype.h> #include <util/time.h> #include <validationinterface.h> @@ -72,7 +71,7 @@ FUZZ_TARGET(process_messages, .init = initialize_process_messages) CSerializedNetMsg net_msg; net_msg.m_type = random_message_type; - net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider); + net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider, MAX_PROTOCOL_MESSAGE_LENGTH); CNode& random_node = *PickValue(fuzzed_data_provider, peers); |