From fa3583f856e34b6c6134745da14f5206cf71fa3e Mon Sep 17 00:00:00 2001 From: MarcoFalke Date: Tue, 23 Nov 2021 11:35:15 +0100 Subject: fuzz: Avoid negative NodeId in ConsumeNode --- src/test/fuzz/util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/test/fuzz') diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h index 40aaeac63f..e6edaa7ade 100644 --- a/src/test/fuzz/util.h +++ b/src/test/fuzz/util.h @@ -257,7 +257,7 @@ inline CAddress ConsumeAddress(FuzzedDataProvider& fuzzed_data_provider) noexcep template auto ConsumeNode(FuzzedDataProvider& fuzzed_data_provider, const std::optional& node_id_in = std::nullopt) noexcept { - const NodeId node_id = node_id_in.value_or(fuzzed_data_provider.ConsumeIntegral()); + const NodeId node_id = node_id_in.value_or(fuzzed_data_provider.ConsumeIntegralInRange(0, std::numeric_limits::max())); const ServiceFlags local_services = ConsumeWeakEnum(fuzzed_data_provider, ALL_SERVICE_FLAGS); const SOCKET socket = INVALID_SOCKET; const CAddress address = ConsumeAddress(fuzzed_data_provider); -- cgit v1.2.3 From fae6e31df7c6df04f41fc8401e2a9781a4d75be7 Mon Sep 17 00:00:00 2001 From: MarcoFalke Date: Mon, 22 Nov 2021 16:06:55 +0100 Subject: refactor: Set fSuccessfullyConnected in FillNode Also, pass ConnmanTestMsg& and PeerManager& (needed for later commits). --- src/test/fuzz/process_message.cpp | 4 +--- src/test/fuzz/process_messages.cpp | 5 +---- src/test/fuzz/util.cpp | 7 +++++-- src/test/fuzz/util.h | 4 +++- 4 files changed, 10 insertions(+), 10 deletions(-) (limited to 'src/test/fuzz') diff --git a/src/test/fuzz/process_message.cpp b/src/test/fuzz/process_message.cpp index 94a71859e9..1763cd8af3 100644 --- a/src/test/fuzz/process_message.cpp +++ b/src/test/fuzz/process_message.cpp @@ -79,11 +79,9 @@ void fuzz_target(FuzzBufferType buffer, const std::string& LIMIT_TO_MESSAGE_TYPE } CNode& p2p_node = *ConsumeNodeAsUniquePtr(fuzzed_data_provider).release(); - const bool successfully_connected{fuzzed_data_provider.ConsumeBool()}; - p2p_node.fSuccessfullyConnected = successfully_connected; connman.AddTestNode(p2p_node); g_setup->m_node.peerman->InitializeNode(&p2p_node); - FillNode(fuzzed_data_provider, p2p_node, /*init_version=*/successfully_connected); + FillNode(fuzzed_data_provider, connman, *g_setup->m_node.peerman, p2p_node); const auto mock_time = ConsumeTime(fuzzed_data_provider); SetMockTime(mock_time); diff --git a/src/test/fuzz/process_messages.cpp b/src/test/fuzz/process_messages.cpp index 21a959315e..e1c11e1afd 100644 --- a/src/test/fuzz/process_messages.cpp +++ b/src/test/fuzz/process_messages.cpp @@ -46,11 +46,8 @@ FUZZ_TARGET_INIT(process_messages, initialize_process_messages) peers.push_back(ConsumeNodeAsUniquePtr(fuzzed_data_provider, i).release()); CNode& p2p_node = *peers.back(); - const bool successfully_connected{fuzzed_data_provider.ConsumeBool()}; - p2p_node.fSuccessfullyConnected = successfully_connected; - p2p_node.fPauseSend = false; g_setup->m_node.peerman->InitializeNode(&p2p_node); - FillNode(fuzzed_data_provider, p2p_node, /*init_version=*/successfully_connected); + FillNode(fuzzed_data_provider, connman, *g_setup->m_node.peerman, p2p_node); connman.AddTestNode(p2p_node); } diff --git a/src/test/fuzz/util.cpp b/src/test/fuzz/util.cpp index ae5f7a379e..59a76a425b 100644 --- a/src/test/fuzz/util.cpp +++ b/src/test/fuzz/util.cpp @@ -200,16 +200,19 @@ bool FuzzedSock::IsConnected(std::string& errmsg) const return false; } -void FillNode(FuzzedDataProvider& fuzzed_data_provider, CNode& node, bool init_version) noexcept +void FillNode(FuzzedDataProvider& fuzzed_data_provider, ConnmanTestMsg& connman, PeerManager& peerman, CNode& node) noexcept { + const bool successfully_connected{fuzzed_data_provider.ConsumeBool()}; + node.fSuccessfullyConnected = successfully_connected; const ServiceFlags remote_services = ConsumeWeakEnum(fuzzed_data_provider, ALL_SERVICE_FLAGS); const NetPermissionFlags permission_flags = ConsumeWeakEnum(fuzzed_data_provider, ALL_NET_PERMISSION_FLAGS); const int32_t version = fuzzed_data_provider.ConsumeIntegralInRange(MIN_PEER_PROTO_VERSION, std::numeric_limits::max()); const bool filter_txs = fuzzed_data_provider.ConsumeBool(); + node.fPauseSend = false; node.nServices = remote_services; node.m_permissionFlags = permission_flags; - if (init_version) { + if (successfully_connected) { node.nVersion = version; node.SetCommonVersion(std::min(version, PROTOCOL_VERSION)); } diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h index e6edaa7ade..7937315822 100644 --- a/src/test/fuzz/util.h +++ b/src/test/fuzz/util.h @@ -36,6 +36,8 @@ #include #include +class PeerManager; + template size_t CallOneOf(FuzzedDataProvider& fuzzed_data_provider, Callables... callables) { @@ -275,7 +277,7 @@ auto ConsumeNode(FuzzedDataProvider& fuzzed_data_provider, const std::optional ConsumeNodeAsUniquePtr(FuzzedDataProvider& fdp, const std::optional& node_id_in = std::nullopt) { return ConsumeNode(fdp, node_id_in); } -void FillNode(FuzzedDataProvider& fuzzed_data_provider, CNode& node, bool init_version) noexcept; +void FillNode(FuzzedDataProvider& fuzzed_data_provider, ConnmanTestMsg& connman, PeerManager& peerman, CNode& node) noexcept; class FuzzedFileProvider { -- cgit v1.2.3 From fa19bab90a3ccc2f76c20aa805292d6a9c5d8071 Mon Sep 17 00:00:00 2001 From: MarcoFalke Date: Mon, 22 Nov 2021 17:43:38 +0100 Subject: fuzz: Rework FillNode --- src/test/fuzz/util.cpp | 48 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 41 insertions(+), 7 deletions(-) (limited to 'src/test/fuzz') diff --git a/src/test/fuzz/util.cpp b/src/test/fuzz/util.cpp index 59a76a425b..843b29b911 100644 --- a/src/test/fuzz/util.cpp +++ b/src/test/fuzz/util.cpp @@ -3,6 +3,8 @@ // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include +#include +#include #include #include #include @@ -203,22 +205,54 @@ bool FuzzedSock::IsConnected(std::string& errmsg) const void FillNode(FuzzedDataProvider& fuzzed_data_provider, ConnmanTestMsg& connman, PeerManager& peerman, CNode& node) noexcept { const bool successfully_connected{fuzzed_data_provider.ConsumeBool()}; - node.fSuccessfullyConnected = successfully_connected; const ServiceFlags remote_services = ConsumeWeakEnum(fuzzed_data_provider, ALL_SERVICE_FLAGS); const NetPermissionFlags permission_flags = ConsumeWeakEnum(fuzzed_data_provider, ALL_NET_PERMISSION_FLAGS); const int32_t version = fuzzed_data_provider.ConsumeIntegralInRange(MIN_PEER_PROTO_VERSION, std::numeric_limits::max()); const bool filter_txs = fuzzed_data_provider.ConsumeBool(); + const CNetMsgMaker mm{0}; + + CSerializedNetMsg msg_version{ + mm.Make(NetMsgType::VERSION, + version, // + Using>(remote_services), // + int64_t{}, // dummy time + int64_t{}, // ignored service bits + CService{}, // dummy + int64_t{}, // ignored service bits + CService{}, // ignored + uint64_t{1}, // dummy nonce + std::string{}, // dummy subver + int32_t{}, // dummy starting_height + filter_txs), + }; + + (void)connman.ReceiveMsgFrom(node, msg_version); node.fPauseSend = false; - node.nServices = remote_services; - node.m_permissionFlags = permission_flags; - if (successfully_connected) { - node.nVersion = version; - node.SetCommonVersion(std::min(version, PROTOCOL_VERSION)); + connman.ProcessMessagesOnce(node); + { + LOCK(node.cs_sendProcessing); + peerman.SendMessages(&node); } + if (node.fDisconnect) return; + assert(node.nVersion == version); + assert(node.GetCommonVersion() == std::min(version, PROTOCOL_VERSION)); + assert(node.nServices == remote_services); if (node.m_tx_relay != nullptr) { LOCK(node.m_tx_relay->cs_filter); - node.m_tx_relay->fRelayTxes = filter_txs; + assert(node.m_tx_relay->fRelayTxes == filter_txs); + } + node.m_permissionFlags = permission_flags; + if (successfully_connected) { + CSerializedNetMsg msg_verack{mm.Make(NetMsgType::VERACK)}; + (void)connman.ReceiveMsgFrom(node, msg_verack); + node.fPauseSend = false; + connman.ProcessMessagesOnce(node); + { + LOCK(node.cs_sendProcessing); + peerman.SendMessages(&node); + } + assert(node.fSuccessfullyConnected == true); } } -- cgit v1.2.3