diff options
| author | MarcoFalke <falke.marco@gmail.com> | 2021-07-04 16:38:51 +0200 |
|---|---|---|
| committer | MarcoFalke <falke.marco@gmail.com> | 2021-07-04 21:28:35 +0200 |
| commit | fab99865c0e62468a1b55d7e467398cc2343121b (patch) | |
| tree | 6e598c5e9b8c18109a50ba927360ede4beba7da9 /src/test/fuzz | |
| parent | fa40c0964b751683774b79da4b72d330a9ff87e2 (diff) | |
fuzz: Improve ConsumeTxDestination
* Assert when a type is missing
* Add missing WitnessV1Taproot
* Limit WitnessUnknown to version [2, 16], to avoid abiguity
* Limit WitnessUnknown to size [2, 40], to avoid invalid sizes
Diffstat (limited to 'src/test/fuzz')
| -rw-r--r-- | src/test/fuzz/util.cpp | 16 | ||||
| -rw-r--r-- | src/test/fuzz/util.h | 3 |
2 files changed, 14 insertions, 5 deletions
diff --git a/src/test/fuzz/util.cpp b/src/test/fuzz/util.cpp index a71b7e32fd..ece3214ed5 100644 --- a/src/test/fuzz/util.cpp +++ b/src/test/fuzz/util.cpp @@ -2,6 +2,7 @@ // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. +#include <pubkey.h> #include <test/fuzz/util.h> #include <test/util/script.h> #include <util/rbf.h> @@ -308,7 +309,7 @@ uint32_t ConsumeSequence(FuzzedDataProvider& fuzzed_data_provider) noexcept CTxDestination ConsumeTxDestination(FuzzedDataProvider& fuzzed_data_provider) noexcept { CTxDestination tx_destination; - CallOneOf( + const size_t call_size{CallOneOf( fuzzed_data_provider, [&] { tx_destination = CNoDestination{}; @@ -326,12 +327,19 @@ CTxDestination ConsumeTxDestination(FuzzedDataProvider& fuzzed_data_provider) no tx_destination = WitnessV0KeyHash{ConsumeUInt160(fuzzed_data_provider)}; }, [&] { + tx_destination = WitnessV1Taproot{XOnlyPubKey{ConsumeUInt256(fuzzed_data_provider)}}; + }, + [&] { WitnessUnknown witness_unknown{}; - witness_unknown.version = fuzzed_data_provider.ConsumeIntegral<uint32_t>(); - const std::vector<uint8_t> witness_unknown_program_1 = fuzzed_data_provider.ConsumeBytes<uint8_t>(40); + witness_unknown.version = fuzzed_data_provider.ConsumeIntegralInRange(2, 16); + std::vector<uint8_t> witness_unknown_program_1{fuzzed_data_provider.ConsumeBytes<uint8_t>(40)}; + if (witness_unknown_program_1.size() < 2) { + witness_unknown_program_1 = {0, 0}; + } witness_unknown.length = witness_unknown_program_1.size(); std::copy(witness_unknown_program_1.begin(), witness_unknown_program_1.end(), witness_unknown.program); tx_destination = witness_unknown; - }); + })}; + Assert(call_size == std::variant_size_v<CTxDestination>); return tx_destination; } diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h index 60dc9050fe..9f09395a9a 100644 --- a/src/test/fuzz/util.h +++ b/src/test/fuzz/util.h @@ -37,7 +37,7 @@ #include <vector> template <typename... Callables> -void CallOneOf(FuzzedDataProvider& fuzzed_data_provider, Callables... callables) +size_t CallOneOf(FuzzedDataProvider& fuzzed_data_provider, Callables... callables) { constexpr size_t call_size{sizeof...(callables)}; static_assert(call_size >= 1); @@ -45,6 +45,7 @@ void CallOneOf(FuzzedDataProvider& fuzzed_data_provider, Callables... callables) size_t i{0}; ((i++ == call_index ? callables() : void()), ...); + return call_size; } template <typename Collection> |