diff options
author | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-06-24 12:38:41 +0100 |
---|---|---|
committer | moneromooo-monero <moneromooo-monero@users.noreply.github.com> | 2017-06-24 16:46:18 +0100 |
commit | 841231e5bd0d90e8a57d6fd997701a70ef520730 (patch) | |
tree | 0fc42786a1302b126187bc12b935f6f4accca10c /tests/fuzz/transaction.cpp | |
parent | Merge pull request #2087 (diff) | |
download | monero-841231e5bd0d90e8a57d6fd997701a70ef520730.tar.xz |
Add fuzz testing using american fuzzy lop
Existing tests: block, transaction, signature, cold outputs,
cold transaction.
Data for these is in tests/data/fuzz.
A convenience shell script is in contrib/fuzz_testing/fuzz.sh, eg:
contrib/fuzz_testing/fuzz.sh signature
The fuzzer will run indefinitely, ^C to stop.
Fuzzing is currently supported for GCC only. I can't get CLANG
to build Monero here as it dies on some system headers, so if
someone wants to make it work on both, that'd be great.
In particular, the __AFL_LOOP construct should be made to work
so that a given run can fuzz multiple inputs, as the C++ load
time is substantial.
Diffstat (limited to 'tests/fuzz/transaction.cpp')
-rw-r--r-- | tests/fuzz/transaction.cpp | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/tests/fuzz/transaction.cpp b/tests/fuzz/transaction.cpp new file mode 100644 index 000000000..21cd01bef --- /dev/null +++ b/tests/fuzz/transaction.cpp @@ -0,0 +1,67 @@ +// Copyright (c) 2017, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include "include_base_utils.h" +#include "common/command_line.h" +#include "file_io_utils.h" +#include "cryptonote_protocol/blobdatatype.h" +#include "cryptonote_basic/cryptonote_basic.h" +#include "cryptonote_basic/cryptonote_format_utils.h" +#include "fuzzer.h" + +class TransactionFuzzer: public Fuzzer +{ +public: + virtual int run(const std::string &filename); + +private: +}; + +int TransactionFuzzer::run(const std::string &filename) +{ + std::string s; + + if (!epee::file_io_utils::load_file_to_string(filename, s)) + { + std::cout << "Error: failed to load file " << filename << std::endl; + return 1; + } + cryptonote::transaction tx = AUTO_VAL_INIT(tx); + if(!parse_and_validate_tx_from_blob(s, tx)) + { + std::cout << "Error: failed to parse transaction from file " << filename << std::endl; + return 1; + } + return 0; +} + +int main(int argc, const char **argv) +{ + TransactionFuzzer fuzzer; + return run_fuzzer(argc, argv, fuzzer); +} |