Line data Source code
1 : // Copyright (c) 2020-2022 The Bitcoin Core developers 2 : // Distributed under the MIT software license, see the accompanying 3 : // file COPYING or http://www.opensource.org/licenses/mit-license.php. 4 : 5 : #include <consensus/consensus.h> 6 : #include <net.h> 7 : #include <net_processing.h> 8 : #include <primitives/transaction.h> 9 : #include <protocol.h> 10 : #include <script/script.h> 11 : #include <serialize.h> 12 : #include <span.h> 13 : #include <streams.h> 14 : #include <sync.h> 15 : #include <test/fuzz/FuzzedDataProvider.h> 16 : #include <test/fuzz/fuzz.h> 17 2 : #include <test/fuzz/util.h> 18 2 : #include <test/fuzz/util/net.h> 19 : #include <test/util/mining.h> 20 : #include <test/util/net.h> 21 : #include <test/util/setup_common.h> 22 : #include <test/util/validation.h> 23 : #include <util/chaintype.h> 24 : #include <util/check.h> 25 : #include <util/time.h> 26 : #include <validation.h> 27 : #include <validationinterface.h> 28 : #include <version.h> 29 : 30 : 31 : #include <atomic> 32 : #include <cstdlib> 33 : #include <iostream> 34 : #include <memory> 35 : #include <string> 36 : #include <string_view> 37 : #include <vector> 38 : 39 : namespace { 40 : const TestingSetup* g_setup; 41 : std::string_view LIMIT_TO_MESSAGE_TYPE{}; 42 : } // namespace 43 : 44 0 : void initialize_process_message() 45 : { 46 0 : if (const auto val{std::getenv("LIMIT_TO_MESSAGE_TYPE")}) { 47 0 : LIMIT_TO_MESSAGE_TYPE = val; 48 0 : Assert(std::count(getAllNetMessageTypes().begin(), getAllNetMessageTypes().end(), LIMIT_TO_MESSAGE_TYPE)); // Unknown message type passed 49 0 : } 50 : 51 0 : static const auto testing_setup = MakeNoLogFileContext<const TestingSetup>( 52 : /*chain_type=*/ChainType::REGTEST, 53 0 : /*extra_args=*/{"-txreconciliation"}); 54 0 : g_setup = testing_setup.get(); 55 0 : for (int i = 0; i < 2 * COINBASE_MATURITY; i++) { 56 0 : MineBlock(g_setup->m_node, CScript() << OP_TRUE); 57 0 : } 58 0 : SyncWithValidationInterfaceQueue(); 59 0 : } 60 : 61 4 : FUZZ_TARGET(process_message, .init = initialize_process_message) 62 : { 63 0 : FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size()); 64 : 65 0 : ConnmanTestMsg& connman = *static_cast<ConnmanTestMsg*>(g_setup->m_node.connman.get()); 66 0 : auto& chainman = static_cast<TestChainstateManager&>(*g_setup->m_node.chainman); 67 0 : SetMockTime(1610000000); // any time to successfully reset ibd 68 0 : chainman.ResetIbd(); 69 : 70 0 : LOCK(NetEventsInterface::g_msgproc_mutex); 71 : 72 0 : const std::string random_message_type{fuzzed_data_provider.ConsumeBytesAsString(CMessageHeader::COMMAND_SIZE).c_str()}; 73 0 : if (!LIMIT_TO_MESSAGE_TYPE.empty() && random_message_type != LIMIT_TO_MESSAGE_TYPE) { 74 2 : return; 75 : } 76 0 : CNode& p2p_node = *ConsumeNodeAsUniquePtr(fuzzed_data_provider).release(); 77 : 78 0 : connman.AddTestNode(p2p_node); 79 0 : FillNode(fuzzed_data_provider, connman, p2p_node); 80 : 81 0 : const auto mock_time = ConsumeTime(fuzzed_data_provider); 82 0 : SetMockTime(mock_time); 83 2 : 84 : // fuzzed_data_provider is fully consumed after this call, don't use it 85 0 : CDataStream random_bytes_data_stream{fuzzed_data_provider.ConsumeRemainingBytes<unsigned char>(), SER_NETWORK, PROTOCOL_VERSION}; 86 : try { 87 0 : g_setup->m_node.peerman->ProcessMessage(p2p_node, random_message_type, random_bytes_data_stream, 88 0 : GetTime<std::chrono::microseconds>(), std::atomic<bool>{false}); 89 0 : } catch (const std::ios_base::failure&) { 90 0 : } 91 0 : g_setup->m_node.peerman->SendMessages(&p2p_node); 92 0 : SyncWithValidationInterfaceQueue(); 93 0 : g_setup->m_node.connman->StopNodes(); 94 0 : }