Skip to content

tests: add CScriptNum::serialize to integer fuzz harness #18491

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
pierreN wants to merge 1 commit into from
Closed

tests: add CScriptNum::serialize to integer fuzz harness #18491

pierreN wants to merge 1 commit into from

Conversation

@pierreN
Copy link
Contributor

@pierreN pierreN commented Apr 1, 2020
edited
Loading

Add a fuzzing harness for CScriptNum::serialize, core_write.cpp:ValueFromAmount and util/moneystr.cpp:FormatMoney.

Those functions manually compute absolute values of int64_t numbers which can lead to undefined behavior, see : #18413 #18046

You can trigger this new harness with the following input :

$ echo -n "-9223372036854775808" > crash-abs-value
$ ./src/test/fuzz/abs_ub crash-abs-value

Note that BitcoinUnits::format also does the same (but requires QT headers to compile so I'm not sure we can add it to the fuzzer).

@pierreN pierreN mentioned this pull request Apr 1, 2020
Merged
@fanquake fanquake added the Tests label Apr 1, 2020
@practicalswift
Copy link
Contributor

practicalswift commented Apr 1, 2020

@pierreN Thanks for contributing to the fuzzers.

ValueFromAmount is already fuzzed in src/test/fuzz/integer.cpp.

FormatMoney is already fuzzed in src/test/fuzz/integer.cpp.

That leaves CScriptNum::serialize(…) which isn't fuzzed directly today AFAICT.

Instead of adding a new fuzzing file just for CScriptNum::serialize(…) I suggest adding the line CScriptNum::serialize(i64) to the existing src/test/fuzz/integer.cpp. WDYT? :)

@pierreN pierreN changed the title tests: add fuzing harness for custom abs value functions tests: add CScriptNum::serialize to integer fuzz harness Apr 1, 2020
@pierreN
Copy link
Contributor Author

pierreN commented Apr 1, 2020

Ow, my bad. Thanks, I updated the PR accordingly.

@practicalswift
Copy link
Contributor

practicalswift commented Apr 1, 2020

ACK 7a21407

@pierreN
Copy link
Contributor Author

pierreN commented Apr 2, 2020

Thanks. Note that tests fail since #18413 is not merged AFAIK.

@maflcko
Copy link
Member

maflcko commented Apr 2, 2020

Thanks. Note that tests fail since #18413 is not merged AFAIK.

Could add the tests to that pull and close this one?

@pierreN pierreN closed this Apr 2, 2020
@pierreN
Copy link
Contributor Author

pierreN commented Apr 2, 2020

Yes good idea, I just added the test to the original PR : c6819c4

@bitcoin bitcoin locked as resolved and limited conversation to collaborators Feb 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

Tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pierreN @practicalswift @maflcko @fanquake