mirrors/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2024-11-19 18:09:47 +01:00
Code Issues Projects Releases Wiki Activity

Merge bitcoin/bitcoin#29079: fuzz: Limit p2p fuzz targets to MAX_PROTOCOL_MESSAGE_LENGTH

Browse Source 
fa769d3e41 fuzz: Limit p2p fuzz targets to MAX_PROTOCOL_MESSAGE_LENGTH (MarcoFalke)

Pull request description:

  Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65039

ACKs for top commit:
  dergoegge:
    utACK fa769d3e41
  brunoerg:
    crACK fa769d3e41

Tree-SHA512: 46f70d1acf4e2f95055c70162909010c6322f8504a810906e1ab4db470dc2525f9a494b8427b254279bc68b1c8b87338c943787fd5249df7113556740701a51a
This commit is contained in:
fanquake 2023-12-18 12:48:52 +00:00
commit 4b94578fd8
No known key found for this signature in database
GPG Key ID: 2EEB9F5CC09526C1
2 changed files with 3 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/test/fuzz/process_message.cpp
View File

@ -1,4 +1,4 @@
// Copyright (c) 2020-2022 The Bitcoin Core developers
// Copyright (c) 2020-present The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
@ -8,9 +8,6 @@
#include <primitives/transaction.h>
#include <protocol.h>
#include <script/script.h>
#include <serialize.h>
#include <span.h>
#include <streams.h>
#include <sync.h>
#include <test/fuzz/FuzzedDataProvider.h>
#include <test/fuzz/fuzz.h>
@ -20,13 +17,10 @@
#include <test/util/net.h>
#include <test/util/setup_common.h>
#include <test/util/validation.h>
#include <util/chaintype.h>
#include <util/check.h>
#include <util/time.h>
#include <validation.h>
#include <validationinterface.h>
#include <atomic>
#include <cstdlib>
#include <iostream>
#include <memory>
@ -81,8 +75,7 @@ FUZZ_TARGET(process_message, .init = initialize_process_message)
CSerializedNetMsg net_msg;
net_msg.m_type = random_message_type;
// fuzzed_data_provider is fully consumed after this call, don't use it
net_msg.data = fuzzed_data_provider.ConsumeRemainingBytes<unsigned char>();
net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider, MAX_PROTOCOL_MESSAGE_LENGTH);
connman.FlushSendBuffer(p2p_node);
(void)connman.ReceiveMsgFrom(p2p_node, std::move(net_msg));

3
src/test/fuzz/process_messages.cpp
View File

@ -16,7 +16,6 @@
#include <test/util/net.h>
#include <test/util/setup_common.h>
#include <test/util/validation.h>
#include <util/chaintype.h>
#include <util/time.h>
#include <validationinterface.h>
@ -72,7 +71,7 @@ FUZZ_TARGET(process_messages, .init = initialize_process_messages)
CSerializedNetMsg net_msg;
net_msg.m_type = random_message_type;
net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider);
net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider, MAX_PROTOCOL_MESSAGE_LENGTH);
CNode& random_node = *PickValue(fuzzed_data_provider, peers);