diff options
author | fanquake <fanquake@gmail.com> | 2023-11-30 15:03:42 +0000 |
---|---|---|
committer | fanquake <fanquake@gmail.com> | 2023-11-30 15:03:53 +0000 |
commit | 05d3f8e822280b262b6b384e3a62305853a80883 (patch) | |
tree | fd8aeb954d7389921b2361aa0c1e6e9791bed54e /src | |
parent | d80318d21110419f897a359b49e8f07e5a099f53 (diff) | |
parent | e67634ef19db310511a22f461bb1af7edb3d862b (diff) | |
download | bitcoin-05d3f8e822280b262b6b384e3a62305853a80883.tar.xz |
Merge bitcoin/bitcoin#28951: fuzz: BIP324: damage ciphertext/aad in full byte range
e67634ef19db310511a22f461bb1af7edb3d862b fuzz: BIP324: damage ciphertext/aad in full byte range (Sebastian Falbesoner)
Pull request description:
This PR is a tiny improvement for the `bip324_cipher_roundtrip` fuzz target: currently the damaging of input data for decryption (either ciphertext or aad) only ever happens in the lower nibble within the byte at the damage position, as the bit position for the `damage_val` byte was calculated with `damage_bit & 3` (corresponding to `% 4`) rather than `damage_bit & 7` (corresponding to the expected `% 8`).
Noticed while reviewing #28263 which uses similar constructs.
ACKs for top commit:
stratospher:
ACK e67634ef.
dergoegge:
utACK e67634ef19db310511a22f461bb1af7edb3d862b
Tree-SHA512: 1bab4df28708e079874feee939beef45eff235215375c339decc696f4c9aef04e4b417322b045491c8aec6e88ec8ec2db564e27ef1b0be352b6ff4ed38bad49a
Diffstat (limited to 'src')
-rw-r--r-- | src/test/fuzz/bip324.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/test/fuzz/bip324.cpp b/src/test/fuzz/bip324.cpp index e5ed9bfd52..37c41f3895 100644 --- a/src/test/fuzz/bip324.cpp +++ b/src/test/fuzz/bip324.cpp @@ -98,7 +98,7 @@ FUZZ_TARGET(bip324_cipher_roundtrip, .init=Initialize) unsigned damage_bit = provider.ConsumeIntegralInRange<unsigned>(0, (ciphertext.size() + aad.size()) * 8U - 1U); unsigned damage_pos = damage_bit >> 3; - std::byte damage_val{(uint8_t)(1U << (damage_bit & 3))}; + std::byte damage_val{(uint8_t)(1U << (damage_bit & 7))}; if (damage_pos >= ciphertext.size()) { aad[damage_pos - ciphertext.size()] ^= damage_val; } else { |