1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
#include <arith_uint256.h>
#include <chain.h>
#include <chainparams.h>
#include <headerssync.h>
#include <test/fuzz/fuzz.h>
#include <test/fuzz/util.h>
#include <test/util/setup_common.h>
#include <uint256.h>
#include <util/chaintype.h>
#include <util/time.h>
#include <validation.h>
#include <iterator>
#include <vector>
static void initialize_headers_sync_state_fuzz()
{
static const auto testing_setup = MakeNoLogFileContext<>(
/*chain_type=*/ChainType::MAIN);
}
void MakeHeadersContinuous(
const CBlockHeader& genesis_header,
const std::vector<CBlockHeader>& all_headers,
std::vector<CBlockHeader>& new_headers)
{
Assume(!new_headers.empty());
const CBlockHeader* prev_header{
all_headers.empty() ? &genesis_header : &all_headers.back()};
for (auto& header : new_headers) {
header.hashPrevBlock = prev_header->GetHash();
prev_header = &header;
}
}
class FuzzedHeadersSyncState : public HeadersSyncState
{
public:
FuzzedHeadersSyncState(const unsigned commit_offset, const CBlockIndex* chain_start, const arith_uint256& minimum_required_work)
: HeadersSyncState(/*id=*/0, Params().GetConsensus(), chain_start, minimum_required_work)
{
const_cast<unsigned&>(m_commit_offset) = commit_offset;
}
};
FUZZ_TARGET(headers_sync_state, .init = initialize_headers_sync_state_fuzz)
{
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
auto mock_time{ConsumeTime(fuzzed_data_provider)};
CBlockHeader genesis_header{Params().GenesisBlock()};
CBlockIndex start_index(genesis_header);
if (mock_time < start_index.GetMedianTimePast()) return;
SetMockTime(mock_time);
const uint256 genesis_hash = genesis_header.GetHash();
start_index.phashBlock = &genesis_hash;
arith_uint256 min_work{UintToArith256(ConsumeUInt256(fuzzed_data_provider))};
FuzzedHeadersSyncState headers_sync(
/*commit_offset=*/fuzzed_data_provider.ConsumeIntegralInRange<unsigned>(1, 1024),
/*chain_start=*/&start_index,
/*minimum_required_work=*/min_work);
// Store headers for potential redownload phase.
std::vector<CBlockHeader> all_headers;
std::vector<CBlockHeader>::const_iterator redownloaded_it;
bool presync{true};
bool requested_more{true};
while (requested_more) {
std::vector<CBlockHeader> headers;
// Consume headers from fuzzer or maybe replay headers if we got to the
// redownload phase.
if (presync || fuzzed_data_provider.ConsumeBool()) {
auto deser_headers = ConsumeDeserializable<std::vector<CBlockHeader>>(fuzzed_data_provider);
if (!deser_headers || deser_headers->empty()) return;
if (fuzzed_data_provider.ConsumeBool()) {
MakeHeadersContinuous(genesis_header, all_headers, *deser_headers);
}
headers.swap(*deser_headers);
} else if (auto num_headers_left{std::distance(redownloaded_it, all_headers.cend())}; num_headers_left > 0) {
// Consume some headers from the redownload buffer (At least one
// header is consumed).
auto begin_it{redownloaded_it};
std::advance(redownloaded_it, fuzzed_data_provider.ConsumeIntegralInRange<int>(1, num_headers_left));
headers.insert(headers.cend(), begin_it, redownloaded_it);
}
if (headers.empty()) return;
auto result = headers_sync.ProcessNextHeaders(headers, fuzzed_data_provider.ConsumeBool());
requested_more = result.request_more;
if (result.request_more) {
if (presync) {
all_headers.insert(all_headers.cend(), headers.cbegin(), headers.cend());
if (headers_sync.GetState() == HeadersSyncState::State::REDOWNLOAD) {
presync = false;
redownloaded_it = all_headers.cbegin();
// If we get to redownloading, the presynced headers need
// to have the min amount of work on them.
assert(CalculateHeadersWork(all_headers) >= min_work);
}
}
(void)headers_sync.NextHeadersRequestLocator();
}
}
}
|