diff options
| author | MarcoFalke <falke.marco@gmail.com> | 2021-04-07 10:39:25 +0200 |
|---|---|---|
| committer | MarcoFalke <falke.marco@gmail.com> | 2021-04-07 10:39:27 +0200 |
| commit | 6154291cf9ab5dbf4951043339fa7eb2cdbb9fac (patch) | |
| tree | bc3a2ba4ca0df1f04b02d68bc1a6d23acd66040e /src | |
| parent | c0160ea52ea849d7a10f9f5c97100b434e62d798 (diff) | |
| parent | 33333755f2edcbe88fcd136f6fef81f94819002e (diff) | |
Merge #21617: fuzz: Fix uninitialized read in i2p test
33333755f2edcbe88fcd136f6fef81f94819002e fuzz: Fix uninitialized read in test (MarcoFalke)
Pull request description:
Can be tested with:
```
./test/fuzz/test_runner.py -l DEBUG --valgrind ../btc_qa_assets/fuzz_seed_corpus/ i2p
```
```
==22582== Conditional jump or move depends on uninitialised value(s)
==22582== at 0x6BB2D8: __sanitizer_cov_trace_const_cmp1 (in /tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz)
==22582== by 0xB305DB: ConnectSocketDirectly(CService const&, Sock const&, int, bool) (netbase.cpp:570)
==22582== by 0x8AAA5D: i2p::sam::Session::Hello() const (i2p.cpp:284)
==22582== by 0x8A6FA0: i2p::sam::Session::CreateIfNotCreatedAlready() (i2p.cpp:352)
==22582== by 0x8A6742: i2p::sam::Session::Listen(i2p::Connection&) (i2p.cpp:134)
==22582== by 0x7A6C42: i2p_fuzz_target(Span<unsigned char const>) (i2p.cpp:37)
ACKs for top commit:
sipa:
utACK 33333755f2edcbe88fcd136f6fef81f94819002e
vasild:
ACK 33333755f2edcbe88fcd136f6fef81f94819002e
Tree-SHA512: 36073582b26b541324b3e55f3fd4a44abf89cb3081f36d361525daf8c27602fbc25f736510ec30df7cb4ca0c4e395e8d8a60f531bf6af358b5a3e65dbabf72c0
Diffstat (limited to 'src')
| -rw-r--r-- | src/test/fuzz/util.cpp | 8 | ||||
| -rw-r--r-- | src/test/fuzz/util.h | 8 |
2 files changed, 11 insertions, 5 deletions
diff --git a/src/test/fuzz/util.cpp b/src/test/fuzz/util.cpp index d786ac1db1..cf5244e314 100644 --- a/src/test/fuzz/util.cpp +++ b/src/test/fuzz/util.cpp @@ -7,6 +7,14 @@ #include <util/rbf.h> #include <version.h> +bool FuzzedSock::Wait(std::chrono::milliseconds timeout, Event requested, Event* occurred ) const +{ + if (!m_fuzzed_data_provider.ConsumeBool()) { + return false; + } + if (occurred) *occurred = 0; + return true; +} void FillNode(FuzzedDataProvider& fuzzed_data_provider, CNode& node, bool init_version) noexcept { diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h index 50d3ac66e5..adcdd71748 100644 --- a/src/test/fuzz/util.h +++ b/src/test/fuzz/util.h @@ -738,12 +738,10 @@ public: return 0; } - bool Wait(std::chrono::milliseconds timeout, Event requested, Event* occurred = nullptr) const override - { - return m_fuzzed_data_provider.ConsumeBool(); - } + bool Wait(std::chrono::milliseconds timeout, Event requested, Event* occurred = nullptr) const override; - bool IsConnected(std::string& errmsg) const override { + bool IsConnected(std::string& errmsg) const override + { if (m_fuzzed_data_provider.ConsumeBool()) { return true; } |