diff options
author | MarcoFalke <falke.marco@gmail.com> | 2020-03-17 13:07:36 -0400 |
---|---|---|
committer | MarcoFalke <falke.marco@gmail.com> | 2020-03-17 13:07:42 -0400 |
commit | d2d0a04a661fde731a212b0489fe211566ff5ca8 (patch) | |
tree | 5cb19d3b260011371d56d16b6b818debfcb0fd03 /src | |
parent | 1d64dfe4fa050a81e4f9b665f2fad2180401cc6e (diff) | |
parent | 44abf417eb1cd8598084eee1a429ca57c7d0579a (diff) |
Merge #18353: tests: Add fuzzing harnesses for classes CBlockHeader, CFeeRate and various functions
44abf417eb1cd8598084eee1a429ca57c7d0579a tests: Add fuzzing harness for various functions taking std::string as input (practicalswift)
d69145acb76ff12b7c5c1e55ce89e14bc6453904 tests: Add fuzzing harness for MultiplicationOverflow(...) (practicalswift)
7726f3bc4671fbc23e5bc31d0eb9fe381e2f07ef tests: Add fuzzing harness for CFeeRate (practicalswift)
0579a276307d22ae62ecbcaa704e8477274e784d tests: Add fuzzing harness for CBlockHeader (practicalswift)
cb4eec13c03089617a94169b4e30381d87788b56 tests: Add fuzzing harness for count_seconds(...) (practicalswift)
Pull request description:
Add fuzzing harnesses for classes `CBlockHeader`, `CFeeRate` and various functions.
To test this PR:
```
$ make distclean
$ ./autogen.sh
$ CC=clang CXX=clang++ ./configure --enable-fuzz \
--with-sanitizers=address,fuzzer,undefined
$ make
$ src/test/fuzz/block_header
^c (ctrl-c)
$ src/test/fuzz/fee_rate
^c (ctrl-c)
$ src/test/fuzz/integer
^c (ctrl-c)
$ src/test/fuzz/multiplication_overflow
^c (ctrl-c)
$ src/test/fuzz/string
^c (ctrl-c)
```
ACKs for top commit:
MarcoFalke:
ACK 44abf417eb1cd8598084eee1a429ca57c7d0579a 🏉
Tree-SHA512: 2b382a7bc8efdcc6dd8b79f1637f194ecdca3e522c6618ae6c4b0bf6f86d2e79b1bb1c7160522083600616d1ed509b2f577f3a512ea3a7825a0a3794578d9d90
Diffstat (limited to 'src')
-rw-r--r-- | src/Makefile.test.include | 40 | ||||
-rw-r--r-- | src/test/fuzz/block_header.cpp | 41 | ||||
-rw-r--r-- | src/test/fuzz/fee_rate.cpp | 40 | ||||
-rw-r--r-- | src/test/fuzz/integer.cpp | 4 | ||||
-rw-r--r-- | src/test/fuzz/multiplication_overflow.cpp | 42 | ||||
-rw-r--r-- | src/test/fuzz/string.cpp | 89 | ||||
-rw-r--r-- | src/test/fuzz/util.h | 39 |
7 files changed, 289 insertions, 6 deletions
diff --git a/src/Makefile.test.include b/src/Makefile.test.include index 161c925a53..9697a157fb 100644 --- a/src/Makefile.test.include +++ b/src/Makefile.test.include @@ -14,6 +14,7 @@ FUZZ_TARGETS = \ test/fuzz/block_deserialize \ test/fuzz/block_file_info_deserialize \ test/fuzz/block_filter_deserialize \ + test/fuzz/block_header \ test/fuzz/block_header_and_short_txids_deserialize \ test/fuzz/blockheader_deserialize \ test/fuzz/blocklocator_deserialize \ @@ -28,6 +29,7 @@ FUZZ_TARGETS = \ test/fuzz/descriptor_parse \ test/fuzz/diskblockindex_deserialize \ test/fuzz/eval_script \ + test/fuzz/fee_rate \ test/fuzz/fee_rate_deserialize \ test/fuzz/flat_file_pos_deserialize \ test/fuzz/float \ @@ -40,6 +42,7 @@ FUZZ_TARGETS = \ test/fuzz/locale \ test/fuzz/merkle_block_deserialize \ test/fuzz/messageheader_deserialize \ + test/fuzz/multiplication_overflow \ test/fuzz/netaddr_deserialize \ test/fuzz/netaddress \ test/fuzz/out_point_deserialize \ @@ -90,6 +93,7 @@ FUZZ_TARGETS = \ test/fuzz/service_deserialize \ test/fuzz/snapshotmetadata_deserialize \ test/fuzz/spanparsing \ + test/fuzz/string \ test/fuzz/strprintf \ test/fuzz/sub_net_deserialize \ test/fuzz/transaction \ @@ -343,6 +347,12 @@ test_fuzz_block_filter_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) test_fuzz_block_filter_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) test_fuzz_block_filter_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp +test_fuzz_block_header_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) +test_fuzz_block_header_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) +test_fuzz_block_header_LDADD = $(FUZZ_SUITE_LD_COMMON) +test_fuzz_block_header_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) +test_fuzz_block_header_SOURCES = $(FUZZ_SUITE) test/fuzz/block_header.cpp + test_fuzz_block_header_and_short_txids_deserialize_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DBLOCK_HEADER_AND_SHORT_TXIDS_DESERIALIZE=1 test_fuzz_block_header_and_short_txids_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_fuzz_block_header_and_short_txids_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) @@ -427,6 +437,12 @@ test_fuzz_eval_script_LDADD = $(FUZZ_SUITE_LD_COMMON) test_fuzz_eval_script_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) test_fuzz_eval_script_SOURCES = $(FUZZ_SUITE) test/fuzz/eval_script.cpp +test_fuzz_fee_rate_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) +test_fuzz_fee_rate_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) +test_fuzz_fee_rate_LDADD = $(FUZZ_SUITE_LD_COMMON) +test_fuzz_fee_rate_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) +test_fuzz_fee_rate_SOURCES = $(FUZZ_SUITE) test/fuzz/fee_rate.cpp + test_fuzz_fee_rate_deserialize_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DFEE_RATE_DESERIALIZE=1 test_fuzz_fee_rate_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_fuzz_fee_rate_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) @@ -499,6 +515,12 @@ test_fuzz_messageheader_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) test_fuzz_messageheader_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) test_fuzz_messageheader_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp +test_fuzz_multiplication_overflow_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) +test_fuzz_multiplication_overflow_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) +test_fuzz_multiplication_overflow_LDADD = $(FUZZ_SUITE_LD_COMMON) +test_fuzz_multiplication_overflow_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) +test_fuzz_multiplication_overflow_SOURCES = $(FUZZ_SUITE) test/fuzz/multiplication_overflow.cpp + test_fuzz_netaddr_deserialize_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DNETADDR_DESERIALIZE=1 test_fuzz_netaddr_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_fuzz_netaddr_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) @@ -787,12 +809,24 @@ test_fuzz_service_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) test_fuzz_service_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) test_fuzz_service_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp +test_fuzz_snapshotmetadata_deserialize_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DSNAPSHOTMETADATA_DESERIALIZE=1 +test_fuzz_snapshotmetadata_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) +test_fuzz_snapshotmetadata_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) +test_fuzz_snapshotmetadata_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) +test_fuzz_snapshotmetadata_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp + test_fuzz_spanparsing_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) test_fuzz_spanparsing_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_fuzz_spanparsing_LDADD = $(FUZZ_SUITE_LD_COMMON) test_fuzz_spanparsing_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) test_fuzz_spanparsing_SOURCES = $(FUZZ_SUITE) test/fuzz/spanparsing.cpp +test_fuzz_string_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) +test_fuzz_string_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) +test_fuzz_string_LDADD = $(FUZZ_SUITE_LD_COMMON) +test_fuzz_string_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) +test_fuzz_string_SOURCES = $(FUZZ_SUITE) test/fuzz/string.cpp + test_fuzz_strprintf_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) test_fuzz_strprintf_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_fuzz_strprintf_LDADD = $(FUZZ_SUITE_LD_COMMON) @@ -805,12 +839,6 @@ test_fuzz_sub_net_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) test_fuzz_sub_net_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) test_fuzz_sub_net_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp -test_fuzz_snapshotmetadata_deserialize_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DSNAPSHOTMETADATA_DESERIALIZE=1 -test_fuzz_snapshotmetadata_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) -test_fuzz_snapshotmetadata_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) -test_fuzz_snapshotmetadata_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) -test_fuzz_snapshotmetadata_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp - test_fuzz_transaction_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) test_fuzz_transaction_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_fuzz_transaction_LDADD = $(FUZZ_SUITE_LD_COMMON) diff --git a/src/test/fuzz/block_header.cpp b/src/test/fuzz/block_header.cpp new file mode 100644 index 0000000000..92dcccc0e1 --- /dev/null +++ b/src/test/fuzz/block_header.cpp @@ -0,0 +1,41 @@ +// Copyright (c) 2020 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying +// file COPYING or http://www.opensource.org/licenses/mit-license.php. + +#include <optional.h> +#include <primitives/block.h> +#include <test/fuzz/FuzzedDataProvider.h> +#include <test/fuzz/fuzz.h> +#include <test/fuzz/util.h> +#include <uint256.h> + +#include <cassert> +#include <cstdint> +#include <string> +#include <vector> + +void test_one_input(const std::vector<uint8_t>& buffer) +{ + FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); + const Optional<CBlockHeader> block_header = ConsumeDeserializable<CBlockHeader>(fuzzed_data_provider); + if (!block_header) { + return; + } + { + const uint256 hash = block_header->GetHash(); + static const uint256 u256_max(uint256S("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff")); + assert(hash != u256_max); + assert(block_header->GetBlockTime() == block_header->nTime); + assert(block_header->IsNull() == (block_header->nBits == 0)); + } + { + CBlockHeader mut_block_header = *block_header; + mut_block_header.SetNull(); + assert(mut_block_header.IsNull()); + CBlock block{*block_header}; + assert(block.GetBlockHeader().GetHash() == block_header->GetHash()); + (void)block.ToString(); + block.SetNull(); + assert(block.GetBlockHeader().GetHash() == mut_block_header.GetHash()); + } +} diff --git a/src/test/fuzz/fee_rate.cpp b/src/test/fuzz/fee_rate.cpp new file mode 100644 index 0000000000..f3d44d9f93 --- /dev/null +++ b/src/test/fuzz/fee_rate.cpp @@ -0,0 +1,40 @@ +// Copyright (c) 2020 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying +// file COPYING or http://www.opensource.org/licenses/mit-license.php. + +#include <amount.h> +#include <policy/feerate.h> +#include <test/fuzz/FuzzedDataProvider.h> +#include <test/fuzz/fuzz.h> +#include <test/fuzz/util.h> + +#include <cstdint> +#include <limits> +#include <string> +#include <vector> + +void test_one_input(const std::vector<uint8_t>& buffer) +{ + FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); + const CAmount satoshis_per_k = ConsumeMoney(fuzzed_data_provider); + const CFeeRate fee_rate{satoshis_per_k}; + + (void)fee_rate.GetFeePerK(); + const size_t bytes = fuzzed_data_provider.ConsumeIntegral<size_t>(); + if (!MultiplicationOverflow(static_cast<int64_t>(bytes), satoshis_per_k) && bytes <= static_cast<uint64_t>(std::numeric_limits<int64_t>::max())) { + (void)fee_rate.GetFee(bytes); + } + (void)fee_rate.ToString(); + + const CAmount another_satoshis_per_k = ConsumeMoney(fuzzed_data_provider); + CFeeRate larger_fee_rate{another_satoshis_per_k}; + larger_fee_rate += fee_rate; + if (satoshis_per_k != 0 && another_satoshis_per_k != 0) { + assert(fee_rate < larger_fee_rate); + assert(!(fee_rate > larger_fee_rate)); + assert(!(fee_rate == larger_fee_rate)); + assert(fee_rate <= larger_fee_rate); + assert(!(fee_rate >= larger_fee_rate)); + assert(fee_rate != larger_fee_rate); + } +} diff --git a/src/test/fuzz/integer.cpp b/src/test/fuzz/integer.cpp index 980042e811..24459c21be 100644 --- a/src/test/fuzz/integer.cpp +++ b/src/test/fuzz/integer.cpp @@ -23,6 +23,7 @@ #include <streams.h> #include <test/fuzz/FuzzedDataProvider.h> #include <test/fuzz/fuzz.h> +#include <time.h> #include <uint256.h> #include <util/moneystr.h> #include <util/strencodings.h> @@ -31,6 +32,7 @@ #include <version.h> #include <cassert> +#include <chrono> #include <limits> #include <vector> @@ -124,6 +126,8 @@ void test_one_input(const std::vector<uint8_t>& buffer) assert(parsed_money == i64); } } + const std::chrono::seconds seconds{i64}; + assert(count_seconds(seconds) == i64); const arith_uint256 au256 = UintToArith256(u256); assert(ArithToUint256(au256) == u256); diff --git a/src/test/fuzz/multiplication_overflow.cpp b/src/test/fuzz/multiplication_overflow.cpp new file mode 100644 index 0000000000..923db8058b --- /dev/null +++ b/src/test/fuzz/multiplication_overflow.cpp @@ -0,0 +1,42 @@ +// Copyright (c) 2020 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying +// file COPYING or http://www.opensource.org/licenses/mit-license.php. + +#include <test/fuzz/FuzzedDataProvider.h> +#include <test/fuzz/fuzz.h> +#include <test/fuzz/util.h> + +#include <cstdint> +#include <string> +#include <vector> + +namespace { +template <typename T> +void TestMultiplicationOverflow(FuzzedDataProvider& fuzzed_data_provider) +{ + const T i = fuzzed_data_provider.ConsumeIntegral<T>(); + const T j = fuzzed_data_provider.ConsumeIntegral<T>(); + const bool is_multiplication_overflow_custom = MultiplicationOverflow(i, j); + T result_builtin; + const bool is_multiplication_overflow_builtin = __builtin_mul_overflow(i, j, &result_builtin); + assert(is_multiplication_overflow_custom == is_multiplication_overflow_builtin); + if (!is_multiplication_overflow_custom) { + assert(i * j == result_builtin); + } +} +} // namespace + +void test_one_input(const std::vector<uint8_t>& buffer) +{ + FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); + TestMultiplicationOverflow<int64_t>(fuzzed_data_provider); + TestMultiplicationOverflow<uint64_t>(fuzzed_data_provider); + TestMultiplicationOverflow<int32_t>(fuzzed_data_provider); + TestMultiplicationOverflow<uint32_t>(fuzzed_data_provider); + TestMultiplicationOverflow<int16_t>(fuzzed_data_provider); + TestMultiplicationOverflow<uint16_t>(fuzzed_data_provider); + TestMultiplicationOverflow<char>(fuzzed_data_provider); + TestMultiplicationOverflow<unsigned char>(fuzzed_data_provider); + TestMultiplicationOverflow<signed char>(fuzzed_data_provider); + TestMultiplicationOverflow<bool>(fuzzed_data_provider); +} diff --git a/src/test/fuzz/string.cpp b/src/test/fuzz/string.cpp new file mode 100644 index 0000000000..bb583885ba --- /dev/null +++ b/src/test/fuzz/string.cpp @@ -0,0 +1,89 @@ +// Copyright (c) 2020 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying +// file COPYING or http://www.opensource.org/licenses/mit-license.php. + +#include <blockfilter.h> +#include <clientversion.h> +#include <logging.h> +#include <netbase.h> +#include <outputtype.h> +#include <rpc/client.h> +#include <rpc/request.h> +#include <rpc/server.h> +#include <rpc/util.h> +#include <script/descriptor.h> +#include <test/fuzz/FuzzedDataProvider.h> +#include <test/fuzz/fuzz.h> +#include <test/fuzz/util.h> +#include <util/error.h> +#include <util/fees.h> +#include <util/message.h> +#include <util/settings.h> +#include <util/strencodings.h> +#include <util/string.h> +#include <util/system.h> +#include <util/translation.h> +#include <util/url.h> + +#include <cstdint> +#include <string> +#include <vector> + +void test_one_input(const std::vector<uint8_t>& buffer) +{ + FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); + const std::string random_string_1 = fuzzed_data_provider.ConsumeRandomLengthString(32); + const std::string random_string_2 = fuzzed_data_provider.ConsumeRandomLengthString(32); + const std::vector<std::string> random_string_vector = ConsumeRandomLengthStringVector(fuzzed_data_provider); + + (void)AmountErrMsg(random_string_1, random_string_2); + (void)AmountHighWarn(random_string_1); + BlockFilterType block_filter_type; + (void)BlockFilterTypeByName(random_string_1, block_filter_type); + (void)Capitalize(random_string_1); + (void)CopyrightHolders(random_string_1); + FeeEstimateMode fee_estimate_mode; + (void)FeeModeFromString(random_string_1, fee_estimate_mode); + (void)FormatParagraph(random_string_1, fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, 1000), fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, 1000)); + (void)FormatSubVersion(random_string_1, fuzzed_data_provider.ConsumeIntegral<int>(), random_string_vector); + (void)GetDescriptorChecksum(random_string_1); + (void)HelpExampleCli(random_string_1, random_string_2); + (void)HelpExampleRpc(random_string_1, random_string_2); + (void)HelpMessageGroup(random_string_1); + (void)HelpMessageOpt(random_string_1, random_string_2); + (void)IsDeprecatedRPCEnabled(random_string_1); + (void)Join(random_string_vector, random_string_1); + (void)JSONRPCError(fuzzed_data_provider.ConsumeIntegral<int>(), random_string_1); + const util::Settings settings; + (void)OnlyHasDefaultSectionSetting(settings, random_string_1, random_string_2); + (void)ParseNetwork(random_string_1); + try { + (void)ParseNonRFCJSONValue(random_string_1); + } catch (const std::runtime_error&) { + } + OutputType output_type; + (void)ParseOutputType(random_string_1, output_type); + (void)ResolveErrMsg(random_string_1, random_string_2); + try { + (void)RPCConvertNamedValues(random_string_1, random_string_vector); + } catch (const std::runtime_error&) { + } + try { + (void)RPCConvertValues(random_string_1, random_string_vector); + } catch (const std::runtime_error&) { + } + (void)SanitizeString(random_string_1); + (void)SanitizeString(random_string_1, fuzzed_data_provider.ConsumeIntegralInRange<int>(0, 3)); + (void)ShellEscape(random_string_1); + int port_out; + std::string host_out; + SplitHostPort(random_string_1, port_out, host_out); + (void)TimingResistantEqual(random_string_1, random_string_2); + (void)ToLower(random_string_1); + (void)ToUpper(random_string_1); + (void)TrimString(random_string_1); + (void)TrimString(random_string_1, random_string_2); + (void)urlDecode(random_string_1); + (void)ValidAsCString(random_string_1); + (void)_(random_string_1.c_str()); +} diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h index 2f4aa9ad2b..47f8d3fb27 100644 --- a/src/test/fuzz/util.h +++ b/src/test/fuzz/util.h @@ -5,6 +5,7 @@ #ifndef BITCOIN_TEST_FUZZ_UTIL_H #define BITCOIN_TEST_FUZZ_UTIL_H +#include <amount.h> #include <attributes.h> #include <optional.h> #include <script/script.h> @@ -24,6 +25,16 @@ NODISCARD inline std::vector<uint8_t> ConsumeRandomLengthByteVector(FuzzedDataPr return {s.begin(), s.end()}; } +NODISCARD inline std::vector<std::string> ConsumeRandomLengthStringVector(FuzzedDataProvider& fuzzed_data_provider, size_t max_vector_size = 16, size_t max_string_length = 16) noexcept +{ + const size_t n_elements = fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, max_vector_size); + std::vector<std::string> r; + for (size_t i = 0; i < n_elements; ++i) { + r.push_back(fuzzed_data_provider.ConsumeRandomLengthString(max_string_length)); + } + return r; +} + template <typename T> NODISCARD inline Optional<T> ConsumeDeserializable(FuzzedDataProvider& fuzzed_data_provider, size_t max_length = 4096) noexcept { @@ -43,6 +54,11 @@ NODISCARD inline opcodetype ConsumeOpcodeType(FuzzedDataProvider& fuzzed_data_pr return static_cast<opcodetype>(fuzzed_data_provider.ConsumeIntegralInRange<uint32_t>(0, MAX_OPCODE)); } +NODISCARD inline CAmount ConsumeMoney(FuzzedDataProvider& fuzzed_data_provider) noexcept +{ + return fuzzed_data_provider.ConsumeIntegralInRange<CAmount>(0, MAX_MONEY); +} + NODISCARD inline CScript ConsumeScript(FuzzedDataProvider& fuzzed_data_provider) noexcept { const std::vector<uint8_t> b = ConsumeRandomLengthByteVector(fuzzed_data_provider); @@ -54,4 +70,27 @@ NODISCARD inline CScriptNum ConsumeScriptNum(FuzzedDataProvider& fuzzed_data_pro return CScriptNum{fuzzed_data_provider.ConsumeIntegral<int64_t>()}; } +template <typename T> +bool MultiplicationOverflow(T i, T j) +{ + static_assert(std::is_integral<T>::value, "Integral required."); + if (std::numeric_limits<T>::is_signed) { + if (i > 0) { + if (j > 0) { + return i > (std::numeric_limits<T>::max() / j); + } else { + return j < (std::numeric_limits<T>::min() / i); + } + } else { + if (j > 0) { + return i < (std::numeric_limits<T>::min() / j); + } else { + return i != 0 && (j < (std::numeric_limits<T>::max() / i)); + } + } + } else { + return j != 0 && i > std::numeric_limits<T>::max() / j; + } +} + #endif // BITCOIN_TEST_FUZZ_UTIL_H |