aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarcoFalke <falke.marco@gmail.com>2021-05-19 21:24:26 +0200
committerMarcoFalke <falke.marco@gmail.com>2021-05-19 21:24:32 +0200
commit7d19c85f4a27008cada169b7066f265a07f1ea77 (patch)
tree7d39c17dbc4810b15c24b7658b9b929b1d5a793c
parentff438a1966e952e548574552f2ed4c17a7432bb0 (diff)
parentfae4ee545a652cc2934773b0e1fdb9004b0c5ba6 (diff)
Merge bitcoin/bitcoin#21970: fuzz: Add missing CheckTransaction before CheckTxInputs
fae4ee545a652cc2934773b0e1fdb9004b0c5ba6 fuzz: Add missing CheckTransaction before CheckTxInputs (MarcoFalke) faacb7eadb04a8af666e7bb59bcd79915fe3a80a fuzz: Sanity check result of CheckTransaction (MarcoFalke) Pull request description: This bug was introduced by myself in commit eeee8f5be1d4ccfb7e237248be5c6bef45b0fbb8 (https://github.com/bitcoin/bitcoin/pull/21553) Reproducer: https://github.com/bitcoin/bitcoin/files/6492249/clusterfuzz-testcase-minimized-coins_view-6109460079706112.log Hopefully fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34301 ACKs for top commit: practicalswift: cr ACK fae4ee545a652cc2934773b0e1fdb9004b0c5ba6: patch looks correct :) Tree-SHA512: 9ece7a5c4bfa60f5e5ffeba3f0ee52a07944c9bd6102588dd7ff7405695e6b32449945b7c41bd25baf38814df5a2436521e655ceff87223ad03c69ed39053023
-rw-r--r--src/test/fuzz/coins_view.cpp6
-rw-r--r--src/test/fuzz/transaction.cpp7
2 files changed, 11 insertions, 2 deletions
diff --git a/src/test/fuzz/coins_view.cpp b/src/test/fuzz/coins_view.cpp
index 21dc80cc8d..878b5a27da 100644
--- a/src/test/fuzz/coins_view.cpp
+++ b/src/test/fuzz/coins_view.cpp
@@ -6,6 +6,7 @@
#include <chainparams.h>
#include <chainparamsbase.h>
#include <coins.h>
+#include <consensus/tx_check.h>
#include <consensus/tx_verify.h>
#include <consensus/validation.h>
#include <key.h>
@@ -230,6 +231,11 @@ FUZZ_TARGET_INIT(coins_view, initialize_coins_view)
// consensus/tx_verify.cpp:171: bool Consensus::CheckTxInputs(const CTransaction &, TxValidationState &, const CCoinsViewCache &, int, CAmount &): Assertion `!coin.IsSpent()' failed.
return;
}
+ TxValidationState dummy;
+ if (!CheckTransaction(transaction, dummy)) {
+ // It is not allowed to call CheckTxInputs if CheckTransaction failed
+ return;
+ }
(void)Consensus::CheckTxInputs(transaction, state, coins_view_cache, fuzzed_data_provider.ConsumeIntegralInRange<int>(0, std::numeric_limits<int>::max()), tx_fee_out);
assert(MoneyRange(tx_fee_out));
},
diff --git a/src/test/fuzz/transaction.cpp b/src/test/fuzz/transaction.cpp
index 17e4405a13..797b9cea3e 100644
--- a/src/test/fuzz/transaction.cpp
+++ b/src/test/fuzz/transaction.cpp
@@ -61,8 +61,11 @@ FUZZ_TARGET_INIT(transaction, initialize_transaction)
return;
}
- TxValidationState state_with_dupe_check;
- (void)CheckTransaction(tx, state_with_dupe_check);
+ {
+ TxValidationState state_with_dupe_check;
+ const bool res{CheckTransaction(tx, state_with_dupe_check)};
+ Assert(res == state_with_dupe_check.IsValid());
+ }
const CFeeRate dust_relay_fee{DUST_RELAY_TX_FEE};
std::string reason;