diff options
| author | merge-script <fanquake@gmail.com> | 2024-07-15 14:11:14 +0100 |
|---|---|---|
| committer | merge-script <fanquake@gmail.com> | 2024-07-15 14:11:14 +0100 |
| commit | 262260ce1e919613ba60194a5861b0b0a51dfe01 (patch) | |
| tree | 2af56fdb5d632059c8c54ea990ee40e30723e1d4 /src/node/blockstorage.h | |
| parent | 84063a4c4c0a5c8e39de1500b835c3a318eea089 (diff) | |
| parent | bc34bc288824978ef4b98e8802b47cb863c8a8c2 (diff) | |
Merge bitcoin/bitcoin#30197: fuzz: bound some miniscript operations to avoid fuzz timeouts
bc34bc288824978ef4b98e8802b47cb863c8a8c2 fuzz: limit the number of nested wrappers in descriptors (Antoine Poinsot)
8d7340105f5299e9a45e84f1704b8b4545cb85f0 fuzz: limit the number of sub-fragments per fragment for descriptors (Antoine Poinsot)
Pull request description:
Some of the logic in the miniscript module is quadratic. It only becomes an issue for very large uninteresting descriptors (like a `thresh` with 130k sub-fragments or a fragment with more than 60k nested `j:` wrappers).
This PR fixes the two types of fuzz timeouts reported by Marco in https://github.com/bitcoin/bitcoin/issues/28812 by trying to pinpoint the problematic descriptors through a simple analysis of the string, without limiting the size of the string itself. This is the same approach as was adopted for limiting the depth of derivation paths.
ACKs for top commit:
dergoegge:
utACK bc34bc288824978ef4b98e8802b47cb863c8a8c2
stickies-v:
Light ACK bc34bc288824978ef4b98e8802b47cb863c8a8c2
marcofleon:
Code review ACK bc34bc288824978ef4b98e8802b47cb863c8a8c2. The added comments are useful, thanks for those. Tested on the three inputs in https://github.com/bitcoin/bitcoin/issues/28812 that caused the timeouts.
Tree-SHA512: 8811c7b225684c5ecc1eb1256cf39dfa60d4518161e70210086c8a01b38927481ebe747af86aa5f4803187672d43fadabcfdfbf4e3b049738d629a25143f0e77
Diffstat (limited to 'src/node/blockstorage.h')
0 files changed, 0 insertions, 0 deletions