diff options
| author | practicalswift <practicalswift@users.noreply.github.com> | 2020-03-22 14:16:40 +0000 |
|---|---|---|
| committer | practicalswift <practicalswift@users.noreply.github.com> | 2020-04-04 17:23:50 +0000 |
| commit | acf269e1463c84d51f2eef695089cbf9d03b547f (patch) | |
| tree | 71f0ff27e60867bfbd37d4c476975f4fc75a3cb9 /src | |
| parent | 244e88e6b580f94434d16b2cea2e5690db24f0d4 (diff) | |
tests: Add proof-of-work fuzzing harness
Diffstat (limited to 'src')
| -rw-r--r-- | src/Makefile.test.include | 7 | ||||
| -rw-r--r-- | src/test/fuzz/pow.cpp | 81 | ||||
| -rw-r--r-- | src/test/fuzz/util.h | 6 |
3 files changed, 94 insertions, 0 deletions
diff --git a/src/Makefile.test.include b/src/Makefile.test.include index 45077ccbd9..2978e5a2ec 100644 --- a/src/Makefile.test.include +++ b/src/Makefile.test.include @@ -57,6 +57,7 @@ FUZZ_TARGETS = \ test/fuzz/parse_univalue \ test/fuzz/partial_merkle_tree_deserialize \ test/fuzz/partially_signed_transaction_deserialize \ + test/fuzz/pow \ test/fuzz/prefilled_transaction_deserialize \ test/fuzz/process_message \ test/fuzz/process_message_addr \ @@ -610,6 +611,12 @@ test_fuzz_partially_signed_transaction_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMO test_fuzz_partially_signed_transaction_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) test_fuzz_partially_signed_transaction_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp +test_fuzz_pow_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) +test_fuzz_pow_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) +test_fuzz_pow_LDADD = $(FUZZ_SUITE_LD_COMMON) +test_fuzz_pow_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) +test_fuzz_pow_SOURCES = $(FUZZ_SUITE) test/fuzz/pow.cpp + test_fuzz_prefilled_transaction_deserialize_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DPREFILLED_TRANSACTION_DESERIALIZE=1 test_fuzz_prefilled_transaction_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS) test_fuzz_prefilled_transaction_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON) diff --git a/src/test/fuzz/pow.cpp b/src/test/fuzz/pow.cpp new file mode 100644 index 0000000000..0343d33401 --- /dev/null +++ b/src/test/fuzz/pow.cpp @@ -0,0 +1,81 @@ +// Copyright (c) 2020 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying +// file COPYING or http://www.opensource.org/licenses/mit-license.php. + +#include <chain.h> +#include <chainparams.h> +#include <optional.h> +#include <pow.h> +#include <primitives/block.h> +#include <test/fuzz/FuzzedDataProvider.h> +#include <test/fuzz/fuzz.h> +#include <test/fuzz/util.h> + +#include <cstdint> +#include <string> +#include <vector> + +void initialize() +{ + SelectParams(CBaseChainParams::MAIN); +} + +void test_one_input(const std::vector<uint8_t>& buffer) +{ + FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); + const Consensus::Params& consensus_params = Params().GetConsensus(); + std::vector<CBlockIndex> blocks; + const uint32_t fixed_time = fuzzed_data_provider.ConsumeIntegral<uint32_t>(); + const uint32_t fixed_bits = fuzzed_data_provider.ConsumeIntegral<uint32_t>(); + while (fuzzed_data_provider.remaining_bytes() > 0) { + const Optional<CBlockHeader> block_header = ConsumeDeserializable<CBlockHeader>(fuzzed_data_provider); + if (!block_header) { + continue; + } + CBlockIndex current_block{*block_header}; + { + CBlockIndex* previous_block = !blocks.empty() ? &blocks[fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, blocks.size() - 1)] : nullptr; + const int current_height = (previous_block != nullptr && previous_block->nHeight != std::numeric_limits<int>::max()) ? previous_block->nHeight + 1 : 0; + if (fuzzed_data_provider.ConsumeBool()) { + current_block.pprev = previous_block; + } + if (fuzzed_data_provider.ConsumeBool()) { + current_block.nHeight = current_height; + } + if (fuzzed_data_provider.ConsumeBool()) { + current_block.nTime = fixed_time + current_height * consensus_params.nPowTargetSpacing; + } + if (fuzzed_data_provider.ConsumeBool()) { + current_block.nBits = fixed_bits; + } + if (fuzzed_data_provider.ConsumeBool()) { + current_block.nChainWork = previous_block != nullptr ? previous_block->nChainWork + GetBlockProof(*previous_block) : arith_uint256{0}; + } else { + current_block.nChainWork = ConsumeArithUInt256(fuzzed_data_provider); + } + blocks.push_back(current_block); + } + { + (void)GetBlockProof(current_block); + (void)CalculateNextWorkRequired(¤t_block, fuzzed_data_provider.ConsumeIntegralInRange<int64_t>(0, std::numeric_limits<int64_t>::max()), consensus_params); + if (current_block.nHeight != std::numeric_limits<int>::max() && current_block.nHeight - (consensus_params.DifficultyAdjustmentInterval() - 1) >= 0) { + (void)GetNextWorkRequired(¤t_block, &(*block_header), consensus_params); + } + } + { + const CBlockIndex* to = &blocks[fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, blocks.size() - 1)]; + const CBlockIndex* from = &blocks[fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, blocks.size() - 1)]; + const CBlockIndex* tip = &blocks[fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, blocks.size() - 1)]; + try { + (void)GetBlockProofEquivalentTime(*to, *from, *tip, consensus_params); + } catch (const uint_error&) { + } + } + { + const Optional<uint256> hash = ConsumeDeserializable<uint256>(fuzzed_data_provider); + if (hash) { + (void)CheckProofOfWork(*hash, fuzzed_data_provider.ConsumeIntegral<unsigned int>(), consensus_params); + } + } + } +} diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h index 10be2ebaf7..6b22601d29 100644 --- a/src/test/fuzz/util.h +++ b/src/test/fuzz/util.h @@ -6,6 +6,7 @@ #define BITCOIN_TEST_FUZZ_UTIL_H #include <amount.h> +#include <arith_uint256.h> #include <attributes.h> #include <optional.h> #include <script/script.h> @@ -80,6 +81,11 @@ NODISCARD inline uint256 ConsumeUInt256(FuzzedDataProvider& fuzzed_data_provider return uint256{v256}; } +NODISCARD inline arith_uint256 ConsumeArithUInt256(FuzzedDataProvider& fuzzed_data_provider) noexcept +{ + return UintToArith256(ConsumeUInt256(fuzzed_data_provider)); +} + template <typename T> bool MultiplicationOverflow(T i, T j) { |