Differential D9002

tests: Avoid fuzzer-specific nullptr dereference in libevent when handling PROXY requests
ClosedPublic
Actions

Authored by Fabien on Jan 21 2021, 10:34.

Details

Reviewers

PiRK

Group Reviewers

Restricted Project

Commits

rABCdafd2b7224b5: tests: Avoid fuzzer-specific nullptr dereference in libevent when handling…

Summary

The dereference (req->evcon->http_server) takes place in
evhttp_parse_request_line and is a consequence of our hacky but
necessary use of the internal function evhttp_parse_firstline_ in the
http_request fuzzing harness.

The suggested workaround is not aesthetically pleasing, but it
successfully avoids the troublesome code path.

" http:// HTTP/1.1\n" was a crashing input prior to this workaround.

Backport of core PR19140.

Depends on D9001.

Test Plan

ninja bitcoin-fuzzers
echo " http:// HTTP/1.1" > input
./src/test/fuzz/http_request input

Diff Detail

Repository

rABC Bitcoin ABC

Branch

PR19140

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 14895
Build 29742: Build Diff	lint-circular-dependencies · build-without-wallet · build-fuzzer · build-diff · build-debug · build-clang-tidy · build-clang
Build 29741: arc lint + arc unit