Merge #10409: [tests] Add fuzz testing for BlockTransactions and BlockTransactionsRequest

fd3a2f3 [tests] Add fuzz testing for BlockTransactions and BlockTransactionsRequest (practicalswift)

Pull request description:

  The `BlockTransactions` deserialization code is reachable with tainted data via `ProcessMessage(…, "BLOCKTXN", vRecv [tainted], …)`.

  The same thing applies to `BlockTransactionsRequest` which is reachable via `"GETBLOCKTXN"`.

Tree-SHA512: 64560ea344bc6145b940472f99866b808725745b060dedfb315be400bd94e55399f50b982149645bd7af7ed9935fd28751d7daf0d3f94a8e2ed3bc52e3325ffb

1 files changed, 23 insertions, 0 deletions

diff --git a/src/test/test_bitcoin_fuzzy.cpp b/src/test/test_bitcoin_fuzzy.cpp
index 581ad2ffa0..6694c5caa8 100644
--- a/src/test/test_bitcoin_fuzzy.cpp
+++ b/src/test/test_bitcoin_fuzzy.cpp
@@ -19,6 +19,7 @@
 #include "undo.h"
 #include "version.h"
 #include "pubkey.h"
+#include "blockencodings.h"
 
 #include <stdint.h>
 #include <unistd.h>
@@ -45,6 +46,8 @@ enum TEST_ID {
     CBLOOMFILTER_DESERIALIZE,
     CDISKBLOCKINDEX_DESERIALIZE,
     CTXOUTCOMPRESSOR_DESERIALIZE,
+    BLOCKTRANSACTIONS_DESERIALIZE,
+    BLOCKTRANSACTIONSREQUEST_DESERIALIZE,
     TEST_ID_END
 };
 
@@ -245,6 +248,26 @@ int test_one_input(std::vector<uint8_t> buffer) {
 
             break;
         }
+        case BLOCKTRANSACTIONS_DESERIALIZE:
+        {
+            try
+            {
+                BlockTransactions bt;
+                ds >> bt;
+            } catch (const std::ios_base::failure& e) {return 0;}
+
+            break;
+        }
+        case BLOCKTRANSACTIONSREQUEST_DESERIALIZE:
+        {
+            try
+            {
+                BlockTransactionsRequest btr;
+                ds >> btr;
+            } catch (const std::ios_base::failure& e) {return 0;}
+
+            break;
+        }
         default:
             return 0;
     }