Differential D4588 Diff 14516 src/test/test_bitcoin_fuzzy.cpp

Changeset View

Standalone View

src/test/test_bitcoin_fuzzy.cpp

Show First 20 Lines • Show All 46 Lines • ▼ Show 20 Lines	enum TEST_ID {
CBLOOMFILTER_DESERIALIZE,		CBLOOMFILTER_DESERIALIZE,
CDISKBLOCKINDEX_DESERIALIZE,		CDISKBLOCKINDEX_DESERIALIZE,
CTXOUTCOMPRESSOR_DESERIALIZE,		CTXOUTCOMPRESSOR_DESERIALIZE,
BLOCKTRANSACTIONS_DESERIALIZE,		BLOCKTRANSACTIONS_DESERIALIZE,
BLOCKTRANSACTIONSREQUEST_DESERIALIZE,		BLOCKTRANSACTIONSREQUEST_DESERIALIZE,
TEST_ID_END		TEST_ID_END
};		};

static bool read_stdin(std::vector<char> &data) {		static bool read_stdin(std::vector<uint8_t> &data) {
char buffer[1024];		uint8_t buffer[1024];
ssize_t length = 0;		ssize_t length = 0;
while ((length = read(STDIN_FILENO, buffer, 1024)) > 0) {		while ((length = read(STDIN_FILENO, buffer, 1024)) > 0) {
data.insert(data.end(), buffer, buffer + length);		data.insert(data.end(), buffer, buffer + length);

if (data.size() > (1 << 20)) return false;		if (data.size() > (1 << 20)) return false;
}		}
return length == 0;		return length == 0;
}		}

int do_fuzz() {		static int test_one_input(std::vector<uint8_t> buffer) {
std::vector<char> buffer;
if (!read_stdin(buffer)) return 0;

if (buffer.size() < sizeof(uint32_t)) return 0;		if (buffer.size() < sizeof(uint32_t)) return 0;

uint32_t test_id = 0xffffffff;		uint32_t test_id = 0xffffffff;
memcpy(&test_id, buffer.data(), sizeof(uint32_t));		memcpy(&test_id, buffer.data(), sizeof(uint32_t));
buffer.erase(buffer.begin(), buffer.begin() + sizeof(uint32_t));		buffer.erase(buffer.begin(), buffer.begin() + sizeof(uint32_t));

if (test_id >= TEST_ID_END) return 0;		if (test_id >= TEST_ID_END) return 0;

▲ Show 20 Lines • Show All 198 Lines • ▼ Show 20 Lines	switch (test_id) {
break;		break;
}		}
default:		default:
return 0;		return 0;
}		}
return 0;		return 0;
}		}

		static std::unique_ptr<ECCVerifyHandle> globalVerifyHandle;
		void initialize() {
		globalVerifyHandle =
		std::unique_ptr<ECCVerifyHandle>(new ECCVerifyHandle());
		}

		// This function is used by libFuzzer
		extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
		test_one_input(std::vector<uint8_t>(data, data + size));
		return 0;
		}

		// This function is used by libFuzzer
		extern "C" int LLVMFuzzerInitialize(int argc, char **argv) {
		initialize();
		return 0;
		}

		// Disabled under WIN32 due to clash with Cygwin's WinMain.
		#ifndef WIN32
		// Declare main(...) "weak" to allow for libFuzzer linking. libFuzzer provides
		// the main(...) function.
		__attribute__((weak))
		#endif
int main(int argc, char **argv) {		int main(int argc, char **argv) {
ECCVerifyHandle globalVerifyHandle;		initialize();
#ifdef __AFL_INIT		#ifdef __AFL_INIT
// Enable AFL deferred forkserver mode. Requires compilation using		// Enable AFL deferred forkserver mode. Requires compilation using
// afl-clang-fast++. See fuzzing.md for details.		// afl-clang-fast++. See fuzzing.md for details.
__AFL_INIT();		__AFL_INIT();
#endif		#endif

#ifdef __AFL_LOOP		#ifdef __AFL_LOOP
// Enable AFL persistent mode. Requires compilation using afl-clang-fast++.		// Enable AFL persistent mode. Requires compilation using afl-clang-fast++.
// See fuzzing.md for details.		// See fuzzing.md for details.
		int ret = 0;
while (__AFL_LOOP(1000)) {		while (__AFL_LOOP(1000)) {
do_fuzz();		std::vector<uint8_t> buffer;
		if (!read_stdin(buffer)) {
		continue;
}		}
return 0;		ret = test_one_input(buffer);
		}
		return ret;
#else		#else
return do_fuzz();		std::vector<uint8_t> buffer;
		if (!read_stdin(buffer)) {
		return 0;
		}
		return test_one_input(buffer);
#endif		#endif
}		}