diff options
| author | MarcoFalke <[email protected]> | 2020-03-09 23:01:25 -0400 |
|---|---|---|
| committer | MarcoFalke <[email protected]> | 2020-03-09 23:01:31 -0400 |
| commit | 6fb4bbfb0e5f1885bd8c4fea652facfbe3de5299 (patch) | |
| tree | 091ba720be4ade44d3f4bd14204c5cd164af7cea /src/test/fuzz/script_ops.cpp | |
| parent | Merge #18306: test: add logging to wallet_listsinceblock.py (diff) | |
| parent | Make lifetime correctness easier to see (avoid reference lifetime extension) (diff) | |
| download | discoin-6fb4bbfb0e5f1885bd8c4fea652facfbe3de5299.tar.xz discoin-6fb4bbfb0e5f1885bd8c4fea652facfbe3de5299.zip | |
Merge #18176: tests: Add fuzzing harness for CScript and CScriptNum operations
e37f53648e3acc6aea75adafec4de2bdbd8cb293 Make lifetime correctness easier to see (avoid reference lifetime extension) (practicalswift)
e7ddbd98937412b2e8b7a3dfacdcacfcbb1d9148 tests: Add fuzzing harness for CScriptNum operations (practicalswift)
65a52a002475056183ea8ee1a42b78aec7d68583 tests: Add fuzzing harness for CScript operations (practicalswift)
eb7c50ca1f4eafed4bb9a20d3012776545a6a433 tests: Add common Consume* fuzzing functions (practicalswift)
Pull request description:
Add fuzzing harness for `CScript` and `CScriptNum` operations.
Test this PR using:
```
$ make distclean
$ ./autogen.sh
$ CC=clang CXX=clang++ ./configure --enable-fuzz \
--with-sanitizers=address,fuzzer,undefined
$ make
$ src/test/fuzz/script_ops
…
$ src/test/fuzz/scriptnum_ops
…
```
ACKs for top commit:
MarcoFalke:
ACK e37f53648e3acc6aea75adafec4de2bdbd8cb293 🦂
Tree-SHA512: 5165d918ffe3f1e3e85ab0e61d8b05934f682d324cf63ce188da5890899df2b5727aba9ed10c0437260ecff8055250e60c79d81d764bc740a7652d543a7c5fa3
Diffstat (limited to 'src/test/fuzz/script_ops.cpp')
| -rw-r--r-- | src/test/fuzz/script_ops.cpp | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/src/test/fuzz/script_ops.cpp b/src/test/fuzz/script_ops.cpp new file mode 100644 index 000000000..0cd129ba7 --- /dev/null +++ b/src/test/fuzz/script_ops.cpp @@ -0,0 +1,67 @@ +// Copyright (c) 2020 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying +// file COPYING or http://www.opensource.org/licenses/mit-license.php. + +#include <script/script.h> +#include <test/fuzz/FuzzedDataProvider.h> +#include <test/fuzz/fuzz.h> +#include <test/fuzz/util.h> + +#include <cstdint> +#include <string> +#include <vector> + +void test_one_input(const std::vector<uint8_t>& buffer) +{ + FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); + CScript script = ConsumeScript(fuzzed_data_provider); + while (fuzzed_data_provider.remaining_bytes() > 0) { + switch (fuzzed_data_provider.ConsumeIntegralInRange(0, 7)) { + case 0: + script += ConsumeScript(fuzzed_data_provider); + break; + case 1: + script = script + ConsumeScript(fuzzed_data_provider); + break; + case 2: + script << fuzzed_data_provider.ConsumeIntegral<int64_t>(); + break; + case 3: + script << ConsumeOpcodeType(fuzzed_data_provider); + break; + case 4: + script << ConsumeScriptNum(fuzzed_data_provider); + break; + case 5: + script << ConsumeRandomLengthByteVector(fuzzed_data_provider); + break; + case 6: + script.clear(); + break; + case 7: { + (void)script.GetSigOpCount(false); + (void)script.GetSigOpCount(true); + (void)script.GetSigOpCount(script); + (void)script.HasValidOps(); + (void)script.IsPayToScriptHash(); + (void)script.IsPayToWitnessScriptHash(); + (void)script.IsPushOnly(); + (void)script.IsUnspendable(); + { + CScript::const_iterator pc = script.begin(); + opcodetype opcode; + (void)script.GetOp(pc, opcode); + std::vector<uint8_t> data; + (void)script.GetOp(pc, opcode, data); + (void)script.IsPushOnly(pc); + } + { + int version; + std::vector<uint8_t> program; + (void)script.IsWitnessProgram(version, program); + } + break; + } + } + } +} |