Fix crash when parsing command line with -noincludeconf=0 #22002
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
|
Tested and verified; shuts down cleanly instead of runtime_error crash that I get running the same test on master. |
Member
|
Fuzzed fa175b7 and verified the test case no longer causes a crash |
added 2 commits
May 21, 2021 10:53
Remove the erroneous trailing newline '\n'. Also, print only the first value to remove needless redundancy in the error message.
maflcko
force-pushed
the
2105-parseCommandlineCrash
branch
from
fa175b7 to
fad0867
Compare
Member
Author
|
Split into two commits to simplify review |
mjdietzx
approved these changes
May 21, 2021
Member
|
utACK fad0867 |
Member
|
@mjdietzx note that you've ACK'd the wrong commit hash here. |
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this pull request
May 24, 2021
…udeconf=0 fad0867 Cleanup -includeconf error message (MarcoFalke) fa9f711 Fix crash when parsing command line with -noincludeconf=0 (MarcoFalke) Pull request description: The error message has several issues: * It may crash instead of cleanly shutting down, when `-noincludeconf=0` is passed * It doesn't quote the value * It includes an erroneous trailing `\n` * It is redundantly mentioning `"-includeconf cannot be used from commandline;"` several times, when once should be more than sufficient Fix all issues by: * Replacing `get_str()` with `write()` to fix the crash and quoting issue * Remove the `\n` and only print the first value to fix the other issues Before: ``` $ ./src/bitcoind -noincludeconf=0 terminate called after throwing an instance of 'std::runtime_error' what(): JSON value is not a string as expected Aborted (core dumped) $ ./src/bitcoind -includeconf='a b' -includeconf=c Error: Error parsing command line arguments: -includeconf cannot be used from commandline; -includeconf=a b -includeconf cannot be used from commandline; -includeconf=c ``` After: ``` $ ./src/bitcoind -noincludeconf=0 Error: Error parsing command line arguments: -includeconf cannot be used from commandline; -includeconf=true $ ./src/bitcoind -includeconf='a b' -includeconf=c Error: Error parsing command line arguments: -includeconf cannot be used from commandline; -includeconf="a b" ``` Hopefully fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34493 Testcase: https://github.com/bitcoin/bitcoin/files/6515429/clusterfuzz-testcase-minimized-system-6328535926046720.log ``` FUZZ=system ./src/test/fuzz/fuzz ./clusterfuzz-testcase-minimized-system-6328535926046720.log ``` See https://github.com/bitcoin/bitcoin/blob/master/doc/fuzzing.md ACKs for top commit: sipa: utACK fad0867 Tree-SHA512: b44af93be6bf71b43669058c1449c4c6999f03b5b01b429851b149b12d77733408cb207e9a3edc6f0bffd6030c4c52165e8e23a1c2718ff5082a6ba254cc94a4
Member
Author
|
Might be good to hear an "Approach ACK" or similar from the settings person @ryanofsky |
ryanofsky
reviewed
May 27, 2021
Contributor
ryanofsky
left a comment
ryanofsky
left a comment
There was a problem hiding this comment.
Might be good to hear an "Approach ACK" or similar from the settings person @ryanofsky
Post-merge code review ACK fad0867. Good fixes. Fuzzer framework has been pretty annoying in some of my PRs recently, but I can't really complain if it's finding bugs in code I probably introduced 😾
maflcko
commented
Jun 3, 2021
| // we do not allow -includeconf from command line | ||
| bool success = true; | ||
| if (auto* includes = util::FindKey(m_settings.command_line_options, "includeconf")) { | ||
| for (const auto& include : util::SettingsSpan(*includes)) { |
Member
Author
There was a problem hiding this comment.
fad0867: This loop can't be removed, because it implicitly checks whether the span is empty
luke-jr
pushed a commit
to bitcoinknots/bitcoin
that referenced
this pull request
Jun 29, 2021
Github-Pull: bitcoin#22002 Rebased-From: fa9f711
luke-jr
pushed a commit
to bitcoinknots/bitcoin
that referenced
this pull request
Jun 29, 2021
Remove the erroneous trailing newline '\n'. Also, print only the first value to remove needless redundancy in the error message. Github-Pull: bitcoin#22002 Rebased-From: fad0867
fanquake
pushed a commit
to fanquake/bitcoin
that referenced
this pull request
Jun 30, 2021
Github-Pull: bitcoin#22002 Rebased-From: fa9f711
fanquake
pushed a commit
to fanquake/bitcoin
that referenced
this pull request
Jun 30, 2021
Remove the erroneous trailing newline '\n'. Also, print only the first value to remove needless redundancy in the error message. Github-Pull: bitcoin#22002 Rebased-From: fad0867
stevenroose
added a commit
to ElementsProject/elements
that referenced
this pull request
Jul 1, 2021
0896d0a util: Properly handle -noincludeconf on command line (MarcoFalke) 5f18d33 Cleanup -includeconf error message (MarcoFalke) 99b8659 Fix crash when parsing command line with -noincludeconf=0 (MarcoFalke) c98902b fuzz: add missing ECCVerifyHandle to base_encode_decode (Andrew Poelstra) Pull request description: Backport of bitcoin/bitcoin#22279 and bitcoin/bitcoin#22002 and bitcoin/bitcoin#22137 ACKs for top commit: jonasnick: utACK 0896d0a Tree-SHA512: 7a9c4a20fc51ac3e66fd0b8d6f28200b9342774fcb003c561e277fab4a68c3ebd2cab4c3081170199a51aabf3956e0f7248fa6c853c8aa971645fb9039adc688
fanquake
added a commit
that referenced
this pull request
Jul 8, 2021
…_decode da81624 util: Properly handle -noincludeconf on command line (MarcoFalke) 513613d Cleanup -includeconf error message (MarcoFalke) 70eac6f Fix crash when parsing command line with -noincludeconf=0 (MarcoFalke) c5357fa fuzz: add missing ECCVerifyHandle to base_encode_decode (Andrew Poelstra) Pull request description: Backports #22279, #22002 and #22137 to fix fuzzing issues in the 0.21 branch: https://github.com/bitcoin/bitcoin/runs/2864012729. ACKs for top commit: achow101: ACK da81624 Tree-SHA512: ab8751387e42e03ff43594ae34be8ed0dba903d7da1aaecb9f19c08366570d8995abe89ba0c9bafe37662940f3e83bef1e9e50f330e86114cd6a773becd1fd21
gwillen
pushed a commit
to ElementsProject/elements
that referenced
this pull request
Jun 1, 2022
Keepng our side of this conflict because there are a couple PRs that affec this block, and we already backported both of them in an Elements PR.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
7 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The error message has several issues:
-noincludeconf=0is passed\n"-includeconf cannot be used from commandline;"several times, when once should be more than sufficientFix all issues by:
get_str()withwrite()to fix the crash and quoting issue\nand only print the first value to fix the other issuesBefore:
After:
Hopefully fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34493
Testcase: https://github.com/bitcoin/bitcoin/files/6515429/clusterfuzz-testcase-minimized-system-6328535926046720.log
See https://github.com/bitcoin/bitcoin/blob/master/doc/fuzzing.md