diff options
| author | fanquake <fanquake@gmail.com> | 2022-02-10 07:14:11 +0000 |
|---|---|---|
| committer | fanquake <fanquake@gmail.com> | 2022-02-10 07:14:24 +0000 |
| commit | 3dc0bb95520edcfe1a074cd2745bc1705bec0699 (patch) | |
| tree | 5358e043c72854377d0ba235a71eb3131dc429cc | |
| parent | 8c0f02c69d50761c3a6d4dfb5d7cba43a00a55ae (diff) | |
| parent | fa2f7d005932bff9b7d27744ae517b9e7910df8d (diff) | |
| download | bitcoin-3dc0bb95520edcfe1a074cd2745bc1705bec0699.tar.xz | |
Merge bitcoin/bitcoin#24298: fuzz: Avoid unsigned integer overflow in FormatParagraph
fa2f7d005932bff9b7d27744ae517b9e7910df8d fuzz: Avoid unsigned integer overflow in FormatParagraph (MarcoFalke)
Pull request description:
`FormatParagraph` is only ever called with compile time constant arguments, so I don't see the need for fuzzing it.
Though, keep it for now, but avoid the unsigned integer overflow with this patch.
ACKs for top commit:
laanwj:
Code review ACK fa2f7d005932bff9b7d27744ae517b9e7910df8d
Tree-SHA512: 01fc64a9ef73c183921ca1b0cd8db9514c0a242e3acf215a3393f383ae129e01625ebb16eaf9cb86370eda62d0145c3dcf8f62e40edf5958abc1f777c5687280
| -rw-r--r-- | src/test/fuzz/string.cpp | 3 | ||||
| -rw-r--r-- | src/util/strencodings.cpp | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/src/test/fuzz/string.cpp b/src/test/fuzz/string.cpp index 8f071b71fe..ca57af25c4 100644 --- a/src/test/fuzz/string.cpp +++ b/src/test/fuzz/string.cpp @@ -145,7 +145,8 @@ FUZZ_TARGET(string) (void)CopyrightHolders(random_string_1); FeeEstimateMode fee_estimate_mode; (void)FeeModeFromString(random_string_1, fee_estimate_mode); - (void)FormatParagraph(random_string_1, fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, 1000), fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, 1000)); + const auto width{fuzzed_data_provider.ConsumeIntegralInRange<size_t>(1, 1000)}; + (void)FormatParagraph(random_string_1, width, fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, width)); (void)FormatSubVersion(random_string_1, fuzzed_data_provider.ConsumeIntegral<int>(), random_string_vector); (void)GetDescriptorChecksum(random_string_1); (void)HelpExampleCli(random_string_1, random_string_2); diff --git a/src/util/strencodings.cpp b/src/util/strencodings.cpp index a386f2b7b3..e0f0d63ff6 100644 --- a/src/util/strencodings.cpp +++ b/src/util/strencodings.cpp @@ -328,6 +328,7 @@ bool ParseUInt64(const std::string& str, uint64_t* out) std::string FormatParagraph(const std::string& in, size_t width, size_t indent) { + assert(width >= indent); std::stringstream out; size_t ptr = 0; size_t indented = 0; |