mirrors/rust-lightning
1
0
Fork 0
mirror of https://github.com/lightningdevkit/rust-lightning.git synced 2025-01-19 05:43:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

Expand full_stack_target from uselessly-large to laughably-large

Browse Source
This commit is contained in:
Matt Corallo 2018-03-27 11:34:22 -04:00
parent 187ca8c0c8
commit 8938cd7d78
6 changed files with 183 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
fuzz/Cargo.toml
View File

@ -15,6 +15,7 @@ honggfuzz_fuzz = ["honggfuzz"]
lightning = { path = "..", features = ["fuzztarget"] }
bitcoin = { git = "https://github.com/rust-bitcoin/rust-bitcoin", features = ["fuzztarget"] }
secp256k1 = { version = "0.9", features = ["fuzztarget"] }
rust-crypto = "0.2"
honggfuzz = { version = "0.5", optional = true }
afl = { version = "0.3", optional = true }

3
fuzz/fuzz_targets/channel_target.rs
View File

@ -12,6 +12,7 @@ use lightning::ln::channelmanager::PendingForwardHTLCInfo;
use lightning::ln::msgs;
use lightning::ln::msgs::MsgDecodable;
use lightning::chain::chaininterface::{FeeEstimator, ConfirmationTarget};
use lightning::util::reset_rng_state;
use secp256k1::key::PublicKey;
use secp256k1::Secp256k1;
@ -89,6 +90,8 @@ impl<'a> FeeEstimator for FuzzEstimator<'a> {
#[inline]
pub fn do_test(data: &[u8]) {
reset_rng_state();
let input = InputData {
data,
read_pos: AtomicUsize::new(0),

165
fuzz/fuzz_targets/full_stack_target.rs
View File

@ -1,20 +1,31 @@
extern crate bitcoin;
extern crate crypto;
extern crate lightning;
extern crate secp256k1;
use bitcoin::blockdata::transaction::Transaction;
use bitcoin::blockdata::block::BlockHeader;
use bitcoin::blockdata::transaction::{Transaction, TxOut};
use bitcoin::blockdata::script::Script;
use bitcoin::network::constants::Network;
use bitcoin::network::serialize::{serialize, BitcoinHash};
use bitcoin::util::hash::Sha256dHash;
use bitcoin::util::uint::Uint256;
use lightning::chain::chaininterface::{BroadcasterInterface,ConfirmationTarget,FeeEstimator,ChainWatchInterfaceUtil};
use crypto::sha2::Sha256;
use crypto::digest::Digest;
use lightning::chain::chaininterface::{BroadcasterInterface,ConfirmationTarget,ChainListener,FeeEstimator,ChainWatchInterfaceUtil};
use lightning::ln::{channelmonitor,msgs};
use lightning::ln::channelmanager::ChannelManager;
use lightning::ln::peer_handler::{MessageHandler,PeerManager,SocketDescriptor};
use lightning::ln::router::Router;
use lightning::util::events::{EventsProvider,Event};
use lightning::util::reset_rng_state;
use secp256k1::key::{PublicKey,SecretKey};
use secp256k1::Secp256k1;
use std::collections::HashMap;
use std::sync::Arc;
use std::sync::atomic::{AtomicUsize,Ordering};
@ -24,6 +35,13 @@ pub fn slice_to_be16(v: &[u8]) -> u16 {
((v[1] as u16) << 8*0)
}
#[inline]
pub fn slice_to_be24(v: &[u8]) -> u32 {
((v[0] as u32) << 8*2) |
((v[1] as u32) << 8*1) |
((v[2] as u32) << 8*0)
}
#[inline]
pub fn slice_to_be32(v: &[u8]) -> u32 {
((v[0] as u32) << 8*3) |
@ -32,6 +50,20 @@ pub fn slice_to_be32(v: &[u8]) -> u32 {
((v[3] as u32) << 8*0)
}
#[inline]
pub fn be64_to_array(u: u64) -> [u8; 8] {
let mut v = [0; 8];
v[0] = ((u >> 8*7) & 0xff) as u8;
v[1] = ((u >> 8*6) & 0xff) as u8;
v[2] = ((u >> 8*5) & 0xff) as u8;
v[3] = ((u >> 8*4) & 0xff) as u8;
v[4] = ((u >> 8*3) & 0xff) as u8;
v[5] = ((u >> 8*2) & 0xff) as u8;
v[6] = ((u >> 8*1) & 0xff) as u8;
v[7] = ((u >> 8*0) & 0xff) as u8;
v
}
struct InputData {
data: Vec<u8>,
read_pos: AtomicUsize,
@ -44,13 +76,6 @@ impl InputData {
}
Some(&self.data[old_pos..old_pos + len])
}
fn get_slice_nonadvancing(&self, len: usize) -> Option<&[u8]> {
let old_pos = self.read_pos.load(Ordering::Acquire);
if self.data.len() < old_pos + len {
return None;
}
Some(&self.data[old_pos..old_pos + len])
}
}
struct FuzzEstimator {
@ -92,6 +117,8 @@ impl SocketDescriptor for Peer {
#[inline]
pub fn do_test(data: &[u8]) {
reset_rng_state();
let input = Arc::new(InputData {
data: data.to_vec(),
read_pos: AtomicUsize::new(0),
@ -137,6 +164,12 @@ pub fn do_test(data: &[u8]) {
}, our_network_key);
let mut peers = [false; 256];
let mut should_forward = false;
let mut payments_received = Vec::new();
let mut payments_sent = 0;
let mut pending_funding_generation: Vec<(Uint256, u64, Script)> = Vec::new();
let mut pending_funding_signatures = HashMap::new();
let mut pending_funding_relay = Vec::new();
loop {
match get_slice!(1)[0] {
@ -178,8 +211,122 @@ pub fn do_test(data: &[u8]) {
Err(_) => { peers[peer_id as usize] = false; }
}
},
4 => {
let value = slice_to_be24(get_slice!(3)) as u64;
let route = match router.get_route(&get_pubkey!(), &Vec::new(), value, 42) {
Ok(route) => route,
Err(_) => return,
};
let mut payment_hash = [0; 32];
payment_hash[0..8].copy_from_slice(&be64_to_array(payments_sent));
let mut sha = Sha256::new();
sha.input(&payment_hash);
sha.result(&mut payment_hash);
for i in 1..32 { payment_hash[i] = 0; }
payments_sent += 1;
match channelmanager.send_payment(route, payment_hash) {
Ok(_) => {},
Err(_) => return,
}
},
5 => {
let peer_id = get_slice!(1)[0];
if !peers[peer_id as usize] { return; }
let their_key = get_pubkey!();
let chan_value = slice_to_be24(get_slice!(3)) as u64;
if channelmanager.create_channel(their_key, chan_value, 0).is_err() { return; }
},
6 => {
let mut channels = channelmanager.list_channels();
let channel_id = get_slice!(1)[0] as usize;
if channel_id >= channels.len() { return; }
channels.sort_by(|a, b| { a.channel_id.cmp(&b.channel_id) });
if channelmanager.close_channel(&channels[channel_id].channel_id).is_err() { return; }
},
7 => {
if should_forward {
channelmanager.process_pending_htlc_forward();
handler.process_events();
should_forward = false;
}
},
8 => {
for payment in payments_received.drain(..) {
let mut payment_preimage = None;
for i in 0..payments_sent {
let mut payment_hash = [0; 32];
payment_hash[0..8].copy_from_slice(&be64_to_array(i));
let mut sha = Sha256::new();
sha.input(&payment_hash);
sha.result(&mut payment_hash);
for i in 1..32 { payment_hash[i] = 0; }
if payment_hash == payment {
payment_hash = [0; 32];
payment_hash[0..8].copy_from_slice(&be64_to_array(i));
payment_preimage = Some(payment_hash);
break;
}
}
channelmanager.claim_funds(payment_preimage.unwrap());
}
},
9 => {
for payment in payments_received.drain(..) {
channelmanager.fail_htlc_backwards(&payment);
}
},
10 => {
for funding_generation in pending_funding_generation.drain(..) {
let mut tx = Transaction { version: 0, lock_time: 0, input: Vec::new(), output: vec![TxOut {
value: funding_generation.1, script_pubkey: funding_generation.2,
}] };
let funding_output = (Sha256dHash::from_data(&serialize(&tx).unwrap()[..]), 0);
channelmanager.funding_transaction_generated(&funding_generation.0, funding_output.clone());
pending_funding_signatures.insert(funding_output, tx);
}
},
11 => {
if !pending_funding_relay.is_empty() {
let mut txn = Vec::with_capacity(pending_funding_relay.len());
let mut txn_idxs = Vec::with_capacity(pending_funding_relay.len());
for (idx, tx) in pending_funding_relay.iter().enumerate() {
txn.push(tx);
txn_idxs.push(idx as u32 + 1);
}
let mut header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 };
channelmanager.block_connected(&header, 1, &txn[..], &txn_idxs[..]);
txn.clear();
txn_idxs.clear();
for i in 2..100 {
header = BlockHeader { version: 0x20000000, prev_blockhash: header.bitcoin_hash(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 };
channelmanager.block_connected(&header, i, &txn[..], &txn_idxs[..]);
}
}
pending_funding_relay.clear();
},
_ => return,
}
for event in handler.get_and_clear_pending_events() {
match event {
Event::FundingGenerationReady { temporary_channel_id, channel_value_satoshis, output_script, .. } => {
pending_funding_generation.push((temporary_channel_id, channel_value_satoshis, output_script));
},
Event::FundingBroadcastSafe { funding_txo, .. } => {
pending_funding_relay.push(pending_funding_signatures.remove(&funding_txo).unwrap());
},
Event::PaymentReceived { payment_hash, .. } => {
payments_received.push(payment_hash);
},
Event::PaymentSent {..} => {},
Event::PaymentFailed {..} => {},
Event::PendingHTLCsForwardable {..} => {
should_forward = true;
},
_ => panic!("Unknown event"),
}
}
}
}

3
fuzz/fuzz_targets/peer_crypt_target.rs
View File

@ -2,6 +2,7 @@ extern crate lightning;
extern crate secp256k1;
use lightning::ln::peer_channel_encryptor::PeerChannelEncryptor;
use lightning::util::reset_rng_state;
use secp256k1::key::{PublicKey,SecretKey};
use secp256k1::Secp256k1;
@ -14,6 +15,8 @@ fn slice_to_be16(v: &[u8]) -> u16 {
#[inline]
pub fn do_test(data: &[u8]) {
reset_rng_state();
let mut read_pos = 0;
macro_rules! get_slice {
($len: expr) => {

3
src/util/mod.rs
View File

@ -7,5 +7,8 @@ pub(crate) mod internal_traits;
pub(crate) mod rng;
pub(crate) mod sha2;
#[cfg(feature = "fuzztarget")]
pub use self::rng::reset_rng_state;
#[cfg(test)]
pub(crate) mod test_utils;

21
src/util/rng.rs
View File

@ -24,19 +24,32 @@ pub use self::real_rng::*;
#[cfg(feature = "fuzztarget")]
mod fuzzy_rng {
use bitcoin::util::uint::Uint256;
use util::byte_utils;
static mut RNG_ITER: u64 = 0;
pub fn fill_bytes(data: &mut [u8]) {
for i in 0..data.len() {
data[i] = 0x42;
let rng = unsafe { RNG_ITER += 1; RNG_ITER -1 };
for i in 0..data.len() / 8 {
data[i*8..(i+1)*8].copy_from_slice(&byte_utils::be64_to_array(rng));
}
let rem = data.len() % 8;
let off = data.len() - rem;
data[off..].copy_from_slice(&byte_utils::be64_to_array(rng)[0..rem]);
}
pub fn rand_uint256() -> Uint256 {
Uint256([0xdeadbeef, 0x1badcafe, 0xbadbeef, 0xdeadcafe])
let rng = unsafe { RNG_ITER += 1; RNG_ITER - 1 };
Uint256([rng, rng, rng, rng])
}
pub fn rand_f32() -> f32 {
0.42
let rng = unsafe { RNG_ITER += 1; RNG_ITER - 1 };
f64::from_bits(rng) as f32
}
pub fn reset_rng_state() {
unsafe { RNG_ITER = 0; }
}
}
#[cfg(feature = "fuzztarget")]