diff options
59 files changed, 856 insertions, 723 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7d506d817..aaad0c3a6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,9 +20,9 @@ jobs: - uses: actions/checkout@v1 with: submodules: recursive - - uses: numworks/setup-msys2@v1 - - name: update pacman - run: msys2do pacman -Syu --noconfirm + - uses: eine/setup-msys2@v0 + with: + update: true - name: install monero dependencies run: msys2do pacman -S --noconfirm mingw-w64-x86_64-toolchain make mingw-w64-x86_64-cmake mingw-w64-x86_64-boost mingw-w64-x86_64-openssl mingw-w64-x86_64-zeromq mingw-w64-x86_64-libsodium mingw-w64-x86_64-hidapi mingw-w64-x86_64-protobuf-c mingw-w64-x86_64-libusb git - name: build diff --git a/CMakeLists.txt b/CMakeLists.txt index d9ec866e4..45a6aa1b5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -262,6 +262,12 @@ else() endif() option(BUILD_DEBUG_UTILITIES "Build debug utilities." DEFAULT_BUILD_DEBUG_UTILITIES) +if(OSSFUZZ) + message(STATUS "Using OSS-Fuzz fuzzing system") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DOSSFUZZ") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DOSSFUZZ") +endif() + # Check whether we're on a 32-bit or 64-bit system if(CMAKE_SIZEOF_VOID_P EQUAL "8") set(DEFAULT_BUILD_64 ON) @@ -646,7 +652,8 @@ else() endif() # linker - if (NOT (WIN32 AND (CMAKE_C_COMPILER_ID STREQUAL "GNU" AND CMAKE_C_COMPILER_VERSION VERSION_LESS 9.1))) + if (NOT SANITIZE AND NOT OSSFUZZ AND NOT (WIN32 AND (CMAKE_C_COMPILER_ID STREQUAL "GNU" AND CMAKE_C_COMPILER_VERSION VERSION_LESS 9.1))) + # PIE executables randomly crash at startup with ASAN # Windows binaries die on startup with PIE when compiled with GCC <9.x add_linker_flag_if_supported(-pie LD_SECURITY_FLAGS) endif() @@ -768,7 +775,8 @@ else() endif(ARM) - if(ANDROID AND NOT BUILD_GUI_DEPS STREQUAL "ON" OR IOS) + # random crash on startup when asan is on if pie is enabled + if(NOT SANITIZE AND ANDROID AND NOT BUILD_GUI_DEPS STREQUAL "ON" OR IOS) #From Android 5: "only position independent executables (PIE) are supported" message(STATUS "Enabling PIE executable") set(PIC_FLAG "") @@ -90,7 +90,7 @@ As with many development projects, the repository on Github is considered to be Monero is a 100% community-sponsored endeavor. If you want to join our efforts, the easiest thing you can do is support the project financially. Both Monero and Bitcoin donations can be made to **donate.getmonero.org** if using a client that supports the [OpenAlias](https://openalias.org) standard. Alternatively you can send XMR to the Monero donation address via the `donate` command (type `help` in the command-line wallet for details). -The Monero donation address is: `44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A` (viewkey: `f359631075708155cc3d92a32b75a7d02a5dcf27756707b47a2b31b21c389501`) +The Monero donation address is: `888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H` (viewkey: `f359631075708155cc3d92a32b75a7d02a5dcf27756707b47a2b31b21c389501`) The Bitcoin donation address is: `1KTexdemPdxSBcG55heUuTjDRYqbC5ZL8H` @@ -132,7 +132,7 @@ Dates are provided in the format YYYY-MM-DD. | 1686275 | 2018-10-19 | v9 | v0.13.0.0 | v0.13.0.4 | bulletproofs required | 1788000 | 2019-03-09 | v10 | v0.14.0.0 | v0.14.1.2 | New PoW based on Cryptonight-R, new block weight algorithm, slightly more efficient RingCT format | 1788720 | 2019-03-10 | v11 | v0.14.0.0 | v0.14.1.2 | forbid old RingCT transaction format -| 1978433 | 2019-11-30* | v12 | v0.15.0.0 | v0.15.0.0 | New PoW based on RandomX, only allow >= 2 outputs, change to the block median used to calculate penalty, v1 coinbases are forbidden, rct sigs in coinbase forbidden, 10 block lock time for incoming outputs +| 1978433 | 2019-11-30* | v12 | v0.15.0.0 | v0.16.0.0 | New PoW based on RandomX, only allow >= 2 outputs, change to the block median used to calculate penalty, v1 coinbases are forbidden, rct sigs in coinbase forbidden, 10 block lock time for incoming outputs | XXXXXXX | XXX-XX-XX | XXX | vX.XX.X.X | vX.XX.X.X | XXX | X's indicate that these details have not been determined as of commit date. @@ -219,7 +219,7 @@ invokes cmake commands as needed. ```bash cd monero - git checkout release-v0.15 + git checkout release-v0.16 make ``` @@ -292,7 +292,7 @@ Tested on a Raspberry Pi Zero with a clean install of minimal Raspbian Stretch ( ```bash git clone https://github.com/monero-project/monero.git cd monero - git checkout tags/v0.15.0.0 + git checkout tags/v0.16.0.0 ``` * Build: @@ -409,10 +409,10 @@ application. cd monero ``` -* If you would like a specific [version/tag](https://github.com/monero-project/monero/tags), do a git checkout for that version. eg. 'v0.15.0.0'. If you don't care about the version and just want binaries from master, skip this step: +* If you would like a specific [version/tag](https://github.com/monero-project/monero/tags), do a git checkout for that version. eg. 'v0.16.0.0'. If you don't care about the version and just want binaries from master, skip this step: ```bash - git checkout v0.15.0.0 + git checkout v0.16.0.0 ``` * If you are on a 64-bit system, run: diff --git a/contrib/epee/include/console_handler.h b/contrib/epee/include/console_handler.h index a7788aeb8..08d9b8802 100644 --- a/contrib/epee/include/console_handler.h +++ b/contrib/epee/include/console_handler.h @@ -465,7 +465,7 @@ eof: bool run_default_console_handler_no_srv_param(t_server* ptsrv, t_handler handlr, std::function<std::string(void)> prompt, const std::string& usage = "") { async_console_handler console_handler; - return console_handler.run(ptsrv, boost::bind<bool>(no_srv_param_adapter<t_server, t_handler>, _1, _2, handlr), prompt, usage); + return console_handler.run(ptsrv, std::bind<bool>(no_srv_param_adapter<t_server, t_handler>, std::placeholders::_1, std::placeholders::_2, handlr), prompt, usage); } template<class t_server, class t_handler> @@ -634,7 +634,7 @@ eof: bool run_handling(std::function<std::string(void)> prompt, const std::string& usage_string, std::function<void(void)> exit_handler = NULL) { - return m_console_handler.run(boost::bind(&console_handlers_binder::process_command_str, this, _1), prompt, usage_string, exit_handler); + return m_console_handler.run(std::bind(&console_handlers_binder::process_command_str, this, std::placeholders::_1), prompt, usage_string, exit_handler); } void print_prompt() diff --git a/contrib/epee/include/md5_l.inl b/contrib/epee/include/md5_l.inl index 8e339e006..cb2bd54f9 100644 --- a/contrib/epee/include/md5_l.inl +++ b/contrib/epee/include/md5_l.inl @@ -277,7 +277,7 @@ namespace md5 /* Zeroize sensitive information. */ - MD5_memset ((POINTER)context, 0, sizeof (*context)); + memwipe ((POINTER)context, sizeof (*context)); } /* MD5 basic transformation. Transforms state based on block. @@ -369,7 +369,7 @@ namespace md5 /* Zeroize sensitive information. */ - MD5_memset ((POINTER)x, 0, sizeof (x)); + memwipe ((POINTER)x, sizeof (x)); } /* Note: Replace "for loop" with standard memcpy if possible. @@ -431,9 +431,9 @@ namespace md5 MD5Update(&hmac->octx, k_opad, 64); /* apply outer pad */ /* scrub the pads and key context (if used) */ - MD5_memset( (POINTER)&k_ipad, 0, sizeof(k_ipad)); - MD5_memset( (POINTER)&k_opad, 0, sizeof(k_opad)); - MD5_memset( (POINTER)&tk, 0, sizeof(tk)); + memwipe( (POINTER)&k_ipad, sizeof(k_ipad)); + memwipe( (POINTER)&k_opad, sizeof(k_opad)); + memwipe( (POINTER)&tk, sizeof(tk)); /* and we're done. */ } @@ -459,7 +459,7 @@ namespace md5 state->istate[lupe] = htonl(hmac.ictx.state[lupe]); state->ostate[lupe] = htonl(hmac.octx.state[lupe]); } - MD5_memset( (POINTER)&hmac, 0, sizeof(hmac)); + memwipe( (POINTER)&hmac, sizeof(hmac)); } diff --git a/contrib/epee/include/net/abstract_tcp_server2.inl b/contrib/epee/include/net/abstract_tcp_server2.inl index 43ede3cc1..cbacd118c 100644 --- a/contrib/epee/include/net/abstract_tcp_server2.inl +++ b/contrib/epee/include/net/abstract_tcp_server2.inl @@ -32,7 +32,6 @@ -#include <boost/bind.hpp> #include <boost/foreach.hpp> #include <boost/uuid/random_generator.hpp> #include <boost/chrono.hpp> @@ -210,15 +209,15 @@ PRAGMA_WARNING_DISABLE_VS(4355) socket().async_receive(boost::asio::buffer(buffer_), boost::asio::socket_base::message_peek, strand_.wrap( - boost::bind(&connection<t_protocol_handler>::handle_receive, self, - boost::asio::placeholders::error, - boost::asio::placeholders::bytes_transferred))); + std::bind(&connection<t_protocol_handler>::handle_receive, self, + std::placeholders::_1, + std::placeholders::_2))); else async_read_some(boost::asio::buffer(buffer_), strand_.wrap( - boost::bind(&connection<t_protocol_handler>::handle_read, self, - boost::asio::placeholders::error, - boost::asio::placeholders::bytes_transferred))); + std::bind(&connection<t_protocol_handler>::handle_read, self, + std::placeholders::_1, + std::placeholders::_2))); #if !defined(_WIN32) || !defined(__i686) // not supported before Windows7, too lazy for runtime check // Just exclude for 32bit windows builds @@ -688,7 +687,7 @@ PRAGMA_WARNING_DISABLE_VS(4355) reset_timer(get_default_timeout(), false); async_write(boost::asio::buffer(m_send_que.front().data(), size_now ) , strand_.wrap( - boost::bind(&connection<t_protocol_handler>::handle_write, self, _1, _2) + std::bind(&connection<t_protocol_handler>::handle_write, self, std::placeholders::_1, std::placeholders::_2) ) ); //_dbg3("(chunk): " << size_now); @@ -892,7 +891,7 @@ PRAGMA_WARNING_DISABLE_VS(4355) CHECK_AND_ASSERT_MES( size_now == m_send_que.front().size(), void(), "Unexpected queue size"); async_write(boost::asio::buffer(m_send_que.front().data(), size_now) , strand_.wrap( - boost::bind(&connection<t_protocol_handler>::handle_write, connection<t_protocol_handler>::shared_from_this(), _1, _2) + std::bind(&connection<t_protocol_handler>::handle_write, connection<t_protocol_handler>::shared_from_this(), std::placeholders::_1, std::placeholders::_2) ) ); //_dbg3("(normal)" << size_now); @@ -1402,7 +1401,7 @@ POP_WARNINGS shared_context->connect_mut.lock(); shared_context->ec = ec_; shared_context->cond.notify_one(); shared_context->connect_mut.unlock(); }; - sock_.async_connect(remote_endpoint, boost::bind<void>(connect_callback, _1, local_shared_context)); + sock_.async_connect(remote_endpoint, std::bind<void>(connect_callback, std::placeholders::_1, local_shared_context)); while(local_shared_context->ec == boost::asio::error::would_block) { bool r = local_shared_context->cond.timed_wait(lock, boost::get_system_time() + boost::posix_time::milliseconds(conn_timeout)); diff --git a/contrib/epee/include/net/http_server_impl_base.h b/contrib/epee/include/net/http_server_impl_base.h index 6cd19f17b..d88b53c94 100644 --- a/contrib/epee/include/net/http_server_impl_base.h +++ b/contrib/epee/include/net/http_server_impl_base.h @@ -31,7 +31,7 @@ #include <boost/thread.hpp> -#include <boost/bind.hpp> +#include <boost/bind/bind.hpp> #include "net/abstract_tcp_server2.h" #include "http_protocol_handler.h" diff --git a/contrib/epee/include/storages/levin_abstract_invoke2.h b/contrib/epee/include/storages/levin_abstract_invoke2.h index b18e04a27..4633fa546 100644 --- a/contrib/epee/include/storages/levin_abstract_invoke2.h +++ b/contrib/epee/include/storages/levin_abstract_invoke2.h @@ -28,6 +28,7 @@ #include "portable_storage_template_helper.h" #include <boost/utility/value_init.hpp> +#include <functional> #include "span.h" #include "net/levin_base.h" @@ -294,20 +295,20 @@ namespace epee #define HANDLE_INVOKE2(command_id, func, type_name_in, typename_out) \ if(!is_notify && command_id == command) \ - {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, type_name_in, typename_out>(this, command, in_buff, buff_out, boost::bind(func, this, _1, _2, _3, _4), context);} + {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, type_name_in, typename_out>(this, command, in_buff, buff_out, std::bind(func, this, std::placeholders::_1, std::placeholders::_2, std::placeholders::_3, std::placeholders::_4), context);} #define HANDLE_INVOKE_T2(COMMAND, func) \ if(!is_notify && COMMAND::ID == command) \ - {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, typename COMMAND::request, typename COMMAND::response>(command, in_buff, buff_out, boost::bind(func, this, _1, _2, _3, _4), context);} + {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, typename COMMAND::request, typename COMMAND::response>(command, in_buff, buff_out, std::bind(func, this, std::placeholders::_1, std::placeholders::_2, std::placeholders::_3, std::placeholders::_4), context);} #define HANDLE_NOTIFY2(command_id, func, type_name_in) \ if(is_notify && command_id == command) \ - {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, type_name_in>(this, command, in_buff, boost::bind(func, this, _1, _2, _3), context);} + {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, type_name_in>(this, command, in_buff, std::bind(func, this, std::placeholders::_1, std::placeholders::_2, std::placeholders::_3), context);} #define HANDLE_NOTIFY_T2(NOTIFY, func) \ if(is_notify && NOTIFY::ID == command) \ - {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, typename NOTIFY::request>(this, command, in_buff, boost::bind(func, this, _1, _2, _3), context);} + {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, typename NOTIFY::request>(this, command, in_buff, std::bind(func, this, std::placeholders::_1, std::placeholders::_2, std::placeholders::_3), context);} #define CHAIN_INVOKE_MAP2(func) \ diff --git a/contrib/epee/src/byte_slice.cpp b/contrib/epee/src/byte_slice.cpp index 99c37fae3..12cc83e6c 100644 --- a/contrib/epee/src/byte_slice.cpp +++ b/contrib/epee/src/byte_slice.cpp @@ -173,9 +173,14 @@ namespace epee byte_slice::byte_slice(byte_stream&& stream) noexcept : storage_(nullptr), portion_(stream.data(), stream.size()) { - std::uint8_t* const data = stream.take_buffer().release() - sizeof(raw_byte_slice); - new (data) raw_byte_slice{}; - storage_.reset(reinterpret_cast<raw_byte_slice*>(data)); + if (stream.size()) + { + std::uint8_t* const data = stream.take_buffer().release() - sizeof(raw_byte_slice); + new (data) raw_byte_slice{}; + storage_.reset(reinterpret_cast<raw_byte_slice*>(data)); + } + else + portion_ = nullptr; } byte_slice::byte_slice(byte_slice&& source) noexcept @@ -205,14 +210,17 @@ namespace epee byte_slice byte_slice::take_slice(const std::size_t max_bytes) noexcept { byte_slice out{}; - std::uint8_t const* const ptr = data(); - out.portion_ = {ptr, portion_.remove_prefix(max_bytes)}; - if (portion_.empty()) - out.storage_ = std::move(storage_); // no atomic inc/dec - else - out = {storage_.get(), out.portion_}; + if (max_bytes) + { + std::uint8_t const* const ptr = data(); + out.portion_ = {ptr, portion_.remove_prefix(max_bytes)}; + if (portion_.empty()) + out.storage_ = std::move(storage_); // no atomic inc/dec + else + out = {storage_.get(), out.portion_}; + } return out; } diff --git a/contrib/gitian/README.md b/contrib/gitian/README.md index c09786c36..c0f230887 100644 --- a/contrib/gitian/README.md +++ b/contrib/gitian/README.md @@ -126,7 +126,7 @@ Setup for LXC: ```bash GH_USER=fluffypony -VERSION=v0.15.0.0 +VERSION=v0.16.0.0 ./gitian-build.py --setup $GH_USER $VERSION ``` @@ -182,7 +182,7 @@ If you chose to do detached signing using `--detach-sign` above (recommended), y ```bash GH_USER=fluffypony -VERSION=v0.15.0.0 +VERSION=v0.16.0.0 gpg --detach-sign ${VERSION}-linux/${GH_USER}/monero-linux-*-build.assert gpg --detach-sign ${VERSION}-win/${GH_USER}/monero-win-*-build.assert diff --git a/external/easylogging++/easylogging++.cc b/external/easylogging++/easylogging++.cc index 8439bec0b..0d748c225 100644 --- a/external/easylogging++/easylogging++.cc +++ b/external/easylogging++/easylogging++.cc @@ -2475,6 +2475,100 @@ void DefaultLogDispatchCallback::handle(const LogDispatchData* data) { } } + +template<typename Transform> +static inline std::string utf8canonical(const std::string &s, Transform t = [](wint_t c)->wint_t { return c; }) +{ + std::string sc = ""; + size_t avail = s.size(); + const char *ptr = s.data(); + wint_t cp = 0; + int bytes = 1; + char wbuf[8], *wptr; + while (avail--) + { + if ((*ptr & 0x80) == 0) + { + cp = *ptr++; + bytes = 1; + } + else if ((*ptr & 0xe0) == 0xc0) + { + if (avail < 1) + throw std::runtime_error("Invalid UTF-8"); + cp = (*ptr++ & 0x1f) << 6; + cp |= *ptr++ & 0x3f; + --avail; + bytes = 2; + } + else if ((*ptr & 0xf0) == 0xe0) + { + if (avail < 2) + throw std::runtime_error("Invalid UTF-8"); + cp = (*ptr++ & 0xf) << 12; + cp |= (*ptr++ & 0x3f) << 6; + cp |= *ptr++ & 0x3f; + avail -= 2; + bytes = 3; + } + else if ((*ptr & 0xf8) == 0xf0) + { + if (avail < 3) + throw std::runtime_error("Invalid UTF-8"); + cp = (*ptr++ & 0x7) << 18; + cp |= (*ptr++ & 0x3f) << 12; + cp |= (*ptr++ & 0x3f) << 6; + cp |= *ptr++ & 0x3f; + avail -= 3; + bytes = 4; + } + else + throw std::runtime_error("Invalid UTF-8"); + + cp = t(cp); + if (cp <= 0x7f) + bytes = 1; + else if (cp <= 0x7ff) + bytes = 2; + else if (cp <= 0xffff) + bytes = 3; + else if (cp <= 0x10ffff) + bytes = 4; + else + throw std::runtime_error("Invalid code point UTF-8 transformation"); + + wptr = wbuf; + switch (bytes) + { + case 1: *wptr++ = cp; break; + case 2: *wptr++ = 0xc0 | (cp >> 6); *wptr++ = 0x80 | (cp & 0x3f); break; + case 3: *wptr++ = 0xe0 | (cp >> 12); *wptr++ = 0x80 | ((cp >> 6) & 0x3f); *wptr++ = 0x80 | (cp & 0x3f); break; + case 4: *wptr++ = 0xf0 | (cp >> 18); *wptr++ = 0x80 | ((cp >> 12) & 0x3f); *wptr++ = 0x80 | ((cp >> 6) & 0x3f); *wptr++ = 0x80 | (cp & 0x3f); break; + default: throw std::runtime_error("Invalid UTF-8"); + } + *wptr = 0; + sc.append(wbuf, bytes); + cp = 0; + bytes = 1; + } + return sc; +} + +void sanitize(std::string &s) +{ + s = utf8canonical(s, [](wint_t c)->wint_t { + if (c == 9 || c == 10 || c == 13) + return c; + if (c < 0x20) + return '?'; + if (c == 0x7f) + return '?'; + if (c >= 0x80 && c <= 0x9f) + return '?'; + return c; + }); +} + void DefaultLogDispatchCallback::dispatch(base::type::string_t&& rawLinePrefix, base::type::string_t&& rawLinePayload, base::type::string_t&& logLine) { if (m_data->dispatchAction() == base::DispatchAction::NormalLog || m_data->dispatchAction() == base::DispatchAction::FileOnlyLog) { if (m_data->logMessage()->logger()->m_typedConfigurations->toFile(m_data->logMessage()->level())) { @@ -2506,6 +2600,8 @@ void DefaultLogDispatchCallback::dispatch(base::type::string_t&& rawLinePrefix, m_data->logMessage()->logger()->logBuilder()->setColor(el::base::utils::colorFromLevel(level), false); ELPP_COUT << rawLinePrefix; m_data->logMessage()->logger()->logBuilder()->setColor(color == el::Color::Default ? el::base::utils::colorFromLevel(level): color, color != el::Color::Default); + try { sanitize(rawLinePayload); } + catch (const std::exception &e) { rawLinePayload = "<Invalid UTF-8 in log>"; } ELPP_COUT << rawLinePayload; m_data->logMessage()->logger()->logBuilder()->setColor(el::Color::Default, false); ELPP_COUT << std::flush; diff --git a/src/blockchain_utilities/blocksdat_file.h b/src/blockchain_utilities/blocksdat_file.h index 72b7afc17..1accfbba2 100644 --- a/src/blockchain_utilities/blocksdat_file.h +++ b/src/blockchain_utilities/blocksdat_file.h @@ -43,7 +43,6 @@ #include <algorithm> #include <cstdio> #include <fstream> -#include <boost/iostreams/copy.hpp> #include <atomic> #include "common/command_line.h" diff --git a/src/blockchain_utilities/bootstrap_file.h b/src/blockchain_utilities/bootstrap_file.h index 1e6ef5d81..db0556175 100644 --- a/src/blockchain_utilities/bootstrap_file.h +++ b/src/blockchain_utilities/bootstrap_file.h @@ -41,7 +41,6 @@ #include <algorithm> #include <cstdio> #include <fstream> -#include <boost/iostreams/copy.hpp> #include <atomic> #include "common/command_line.h" diff --git a/src/blocks/checkpoints.dat b/src/blocks/checkpoints.dat Binary files differindex b14f9e8d2..fa58387ab 100644 --- a/src/blocks/checkpoints.dat +++ b/src/blocks/checkpoints.dat diff --git a/src/checkpoints/checkpoints.cpp b/src/checkpoints/checkpoints.cpp index 4a4b3c5c2..620bc5ce7 100644 --- a/src/checkpoints/checkpoints.cpp +++ b/src/checkpoints/checkpoints.cpp @@ -34,6 +34,7 @@ #include "string_tools.h" #include "storages/portable_storage_template_helper.h" // epee json include #include "serialization/keyvalue_serialization.h" +#include <functional> #include <vector> using namespace epee; @@ -133,11 +134,9 @@ namespace cryptonote //--------------------------------------------------------------------------- uint64_t checkpoints::get_max_height() const { - std::map< uint64_t, crypto::hash >::const_iterator highest = - std::max_element( m_points.begin(), m_points.end(), - ( boost::bind(&std::map< uint64_t, crypto::hash >::value_type::first, _1) < - boost::bind(&std::map< uint64_t, crypto::hash >::value_type::first, _2 ) ) ); - return highest->first; + if (m_points.empty()) + return 0; + return m_points.rbegin()->first; } //--------------------------------------------------------------------------- const std::map<uint64_t, crypto::hash>& checkpoints::get_points() const @@ -211,6 +210,8 @@ namespace cryptonote ADD_CHECKPOINT(1775600, "1c6e01c661dc22cab939e79ec6a5272190624ce8356d2f7b958e4f9a57fdb05e"); ADD_CHECKPOINT(1856000, "9b57f17f29c71a3acd8a7904b93c41fa6eb8d2b7c73936ce4f1702d14880ba29"); ADD_CHECKPOINT(1958000, "98a5d6e51afdf3146e0eefb10a66e8648d8d4d5c2742be8835e976ba217c9bb2"); + ADD_CHECKPOINT(2046000, "5e867f0b8baefed9244a681df97fc885d8ab36c3dfcd24c7a3abf3b8ac8b8314"); + ADD_CHECKPOINT(2092500, "c4e00820c9c7989b49153d5e90ae095a18a11d990e82fcc3be54e6ed785472b5"); return true; } diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index f06737b31..35b3555a2 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -86,7 +86,8 @@ set(common_private_headers updates.h aligned.h timings.h - combinator.h) + combinator.h + utf8.h) monero_private_headers(common ${common_private_headers}) diff --git a/src/common/utf8.h b/src/common/utf8.h new file mode 100644 index 000000000..60247f1b2 --- /dev/null +++ b/src/common/utf8.h @@ -0,0 +1,114 @@ +// Copyright (c) 2019, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#pragma once + +#include <cctype> +#include <cwchar> +#include <stdexcept> + +namespace tools +{ + template<typename T, typename Transform> + inline T utf8canonical(const T &s, Transform t = [](wint_t c)->wint_t { return c; }) + { + T sc = ""; + size_t avail = s.size(); + const char *ptr = s.data(); + wint_t cp = 0; + int bytes = 1; + char wbuf[8], *wptr; + while (avail--) + { + if ((*ptr & 0x80) == 0) + { + cp = *ptr++; + bytes = 1; + } + else if ((*ptr & 0xe0) == 0xc0) + { + if (avail < 1) + throw std::runtime_error("Invalid UTF-8"); + cp = (*ptr++ & 0x1f) << 6; + cp |= *ptr++ & 0x3f; + --avail; + bytes = 2; + } + else if ((*ptr & 0xf0) == 0xe0) + { + if (avail < 2) + throw std::runtime_error("Invalid UTF-8"); + cp = (*ptr++ & 0xf) << 12; + cp |= (*ptr++ & 0x3f) << 6; + cp |= *ptr++ & 0x3f; + avail -= 2; + bytes = 3; + } + else if ((*ptr & 0xf8) == 0xf0) + { + if (avail < 3) + throw std::runtime_error("Invalid UTF-8"); + cp = (*ptr++ & 0x7) << 18; + cp |= (*ptr++ & 0x3f) << 12; + cp |= (*ptr++ & 0x3f) << 6; + cp |= *ptr++ & 0x3f; + avail -= 3; + bytes = 4; + } + else + throw std::runtime_error("Invalid UTF-8"); + + cp = t(cp); + if (cp <= 0x7f) + bytes = 1; + else if (cp <= 0x7ff) + bytes = 2; + else if (cp <= 0xffff) + bytes = 3; + else if (cp <= 0x10ffff) + bytes = 4; + else + throw std::runtime_error("Invalid code point UTF-8 transformation"); + + wptr = wbuf; + switch (bytes) + { + case 1: *wptr++ = cp; break; + case 2: *wptr++ = 0xc0 | (cp >> 6); *wptr++ = 0x80 | (cp & 0x3f); break; + case 3: *wptr++ = 0xe0 | (cp >> 12); *wptr++ = 0x80 | ((cp >> 6) & 0x3f); *wptr++ = 0x80 | (cp & 0x3f); break; + case 4: *wptr++ = 0xf0 | (cp >> 18); *wptr++ = 0x80 | ((cp >> 12) & 0x3f); *wptr++ = 0x80 | ((cp >> 6) & 0x3f); *wptr++ = 0x80 | (cp & 0x3f); break; + default: throw std::runtime_error("Invalid UTF-8"); + } + *wptr = 0; + sc.append(wbuf, bytes); + cp = 0; + bytes = 1; + } + return sc; + } +} diff --git a/src/cryptonote_core/blockchain.cpp b/src/cryptonote_core/blockchain.cpp index 2571e4203..fb2c71a3a 100644 --- a/src/cryptonote_core/blockchain.cpp +++ b/src/cryptonote_core/blockchain.cpp @@ -5028,7 +5028,7 @@ void Blockchain::cancel() } #if defined(PER_BLOCK_CHECKPOINT) -static const char expected_block_hashes_hash[] = "fce1dc7c17f7679f5f447df206b8f5fe2ef6b1a2845e59f650850a0ef00d265f"; +static const char expected_block_hashes_hash[] = "8b48d259d4b1126801b1f329683a26e1d16237420197cd3ccc76af2c55a36e83"; void Blockchain::load_compiled_in_block_hashes(const GetCheckpointsCallback& get_checkpoints) { if (get_checkpoints == nullptr || !m_fast_sync) diff --git a/src/cryptonote_protocol/cryptonote_protocol_handler.h b/src/cryptonote_protocol/cryptonote_protocol_handler.h index e2ad3727f..3055474ef 100644 --- a/src/cryptonote_protocol/cryptonote_protocol_handler.h +++ b/src/cryptonote_protocol/cryptonote_protocol_handler.h @@ -51,7 +51,8 @@ PUSH_WARNINGS DISABLE_VS_WARNINGS(4355) #define LOCALHOST_INT 2130706433 -#define CURRENCY_PROTOCOL_MAX_OBJECT_REQUEST_COUNT 500 +#define CURRENCY_PROTOCOL_MAX_OBJECT_REQUEST_COUNT 100 +static_assert(CURRENCY_PROTOCOL_MAX_OBJECT_REQUEST_COUNT >= BLOCKS_SYNCHRONIZING_DEFAULT_COUNT_PRE_V4, "Invalid CURRENCY_PROTOCOL_MAX_OBJECT_REQUEST_COUNT"); namespace cryptonote { diff --git a/src/cryptonote_protocol/cryptonote_protocol_handler.inl b/src/cryptonote_protocol/cryptonote_protocol_handler.inl index 3cbfbbe85..dd7e4d8a7 100644 --- a/src/cryptonote_protocol/cryptonote_protocol_handler.inl +++ b/src/cryptonote_protocol/cryptonote_protocol_handler.inl @@ -793,6 +793,12 @@ namespace cryptonote int t_cryptonote_protocol_handler<t_core>::handle_request_fluffy_missing_tx(int command, NOTIFY_REQUEST_FLUFFY_MISSING_TX::request& arg, cryptonote_connection_context& context) { MLOG_P2P_MESSAGE("Received NOTIFY_REQUEST_FLUFFY_MISSING_TX (" << arg.missing_tx_indices.size() << " txes), block hash " << arg.block_hash); + if (context.m_state == cryptonote_connection_context::state_before_handshake) + { + LOG_ERROR_CCONTEXT("Requested fluffy tx before handshake, dropping connection"); + drop_connection(context, false, false); + return 1; + } std::vector<std::pair<cryptonote::blobdata, block>> local_blocks; std::vector<cryptonote::blobdata> local_txs; @@ -884,6 +890,8 @@ namespace cryptonote int t_cryptonote_protocol_handler<t_core>::handle_notify_get_txpool_complement(int command, NOTIFY_GET_TXPOOL_COMPLEMENT::request& arg, cryptonote_connection_context& context) { MLOG_P2P_MESSAGE("Received NOTIFY_GET_TXPOOL_COMPLEMENT (" << arg.hashes.size() << " txes)"); + if(context.m_state != cryptonote_connection_context::state_normal) + return 1; std::vector<std::pair<cryptonote::blobdata, block>> local_blocks; std::vector<cryptonote::blobdata> local_txs; @@ -987,6 +995,12 @@ namespace cryptonote template<class t_core> int t_cryptonote_protocol_handler<t_core>::handle_request_get_objects(int command, NOTIFY_REQUEST_GET_OBJECTS::request& arg, cryptonote_connection_context& context) { + if (context.m_state == cryptonote_connection_context::state_before_handshake) + { + LOG_ERROR_CCONTEXT("Requested objects before handshake, dropping connection"); + drop_connection(context, false, false); + return 1; + } MLOG_P2P_MESSAGE("Received NOTIFY_REQUEST_GET_OBJECTS (" << arg.blocks.size() << " blocks)"); if (arg.blocks.size() > CURRENCY_PROTOCOL_MAX_OBJECT_REQUEST_COUNT) { @@ -1717,6 +1731,12 @@ skip: int t_cryptonote_protocol_handler<t_core>::handle_request_chain(int command, NOTIFY_REQUEST_CHAIN::request& arg, cryptonote_connection_context& context) { MLOG_P2P_MESSAGE("Received NOTIFY_REQUEST_CHAIN (" << arg.block_ids.size() << " blocks"); + if (context.m_state == cryptonote_connection_context::state_before_handshake) + { + LOG_ERROR_CCONTEXT("Requested chain before handshake, dropping connection"); + drop_connection(context, false, false); + return 1; + } NOTIFY_RESPONSE_CHAIN_ENTRY::request r; if(!m_core.find_blockchain_supplement(arg.block_ids, !arg.prune, r)) { diff --git a/src/device_trezor/device_trezor.cpp b/src/device_trezor/device_trezor.cpp index 8bde1cb75..367327c70 100644 --- a/src/device_trezor/device_trezor.cpp +++ b/src/device_trezor/device_trezor.cpp @@ -678,8 +678,10 @@ namespace trezor { throw exc::TrezorException("Trezor firmware 2.0.10 and lower are not supported. Please update."); } - // default client version, higher versions check will be added unsigned client_version = 1; + if (trezor_version >= pack_version(2, 3, 1)){ + client_version = 3; + } #ifdef WITH_TREZOR_DEBUGGING // Override client version for tests diff --git a/src/device_trezor/trezor/transport.cpp b/src/device_trezor/trezor/transport.cpp index 52bee6c6c..494706373 100644 --- a/src/device_trezor/trezor/transport.cpp +++ b/src/device_trezor/trezor/transport.cpp @@ -32,6 +32,7 @@ #endif #include <algorithm> +#include <functional> #include <boost/endian/conversion.hpp> #include <boost/asio/io_service.hpp> #include <boost/asio/ip/udp.hpp> @@ -711,7 +712,7 @@ namespace trezor{ // Start the asynchronous operation itself. The handle_receive function // used as a callback will update the ec and length variables. m_socket->async_receive_from(boost::asio::buffer(buffer), m_endpoint, - boost::bind(&UdpTransport::handle_receive, _1, _2, &ec, &length)); + std::bind(&UdpTransport::handle_receive, std::placeholders::_1, std::placeholders::_2, &ec, &length)); // Block until the asynchronous operation has completed. do { diff --git a/src/mnemonics/language_base.h b/src/mnemonics/language_base.h index 7d2599e9a..ad09dc5fa 100644 --- a/src/mnemonics/language_base.h +++ b/src/mnemonics/language_base.h @@ -41,6 +41,7 @@ #include <boost/algorithm/string.hpp>
#include "misc_log_ex.h"
#include "fnv1.h"
+#include "common/utf8.h"
/*!
* \namespace Language
@@ -73,78 +74,11 @@ namespace Language return prefix;
}
- template<typename T>
- inline T utf8canonical(const T &s)
- {
- T sc = "";
- size_t avail = s.size();
- const char *ptr = s.data();
- wint_t cp = 0;
- int bytes = 1;
- char wbuf[8], *wptr;
- while (avail--)
- {
- if ((*ptr & 0x80) == 0)
- {
- cp = *ptr++;
- bytes = 1;
- }
- else if ((*ptr & 0xe0) == 0xc0)
- {
- if (avail < 1)
- throw std::runtime_error("Invalid UTF-8");
- cp = (*ptr++ & 0x1f) << 6;
- cp |= *ptr++ & 0x3f;
- --avail;
- bytes = 2;
- }
- else if ((*ptr & 0xf0) == 0xe0)
- {
- if (avail < 2)
- throw std::runtime_error("Invalid UTF-8");
- cp = (*ptr++ & 0xf) << 12;
- cp |= (*ptr++ & 0x3f) << 6;
- cp |= *ptr++ & 0x3f;
- avail -= 2;
- bytes = 3;
- }
- else if ((*ptr & 0xf8) == 0xf0)
- {
- if (avail < 3)
- throw std::runtime_error("Invalid UTF-8");
- cp = (*ptr++ & 0x7) << 18;
- cp |= (*ptr++ & 0x3f) << 12;
- cp |= (*ptr++ & 0x3f) << 6;
- cp |= *ptr++ & 0x3f;
- avail -= 3;
- bytes = 4;
- }
- else
- throw std::runtime_error("Invalid UTF-8");
-
- cp = std::towlower(cp);
- wptr = wbuf;
- switch (bytes)
- {
- case 1: *wptr++ = cp; break;
- case 2: *wptr++ = 0xc0 | (cp >> 6); *wptr++ = 0x80 | (cp & 0x3f); break;
- case 3: *wptr++ = 0xe0 | (cp >> 12); *wptr++ = 0x80 | ((cp >> 6) & 0x3f); *wptr++ = 0x80 | (cp & 0x3f); break;
- case 4: *wptr++ = 0xf0 | (cp >> 18); *wptr++ = 0x80 | ((cp >> 12) & 0x3f); *wptr++ = 0x80 | ((cp >> 6) & 0x3f); *wptr++ = 0x80 | (cp & 0x3f); break;
- default: throw std::runtime_error("Invalid UTF-8");
- }
- *wptr = 0;
- sc += T(wbuf, bytes);
- cp = 0;
- bytes = 1;
- }
- return sc;
- }
-
struct WordHash
{
std::size_t operator()(const epee::wipeable_string &s) const
{
- const epee::wipeable_string sc = utf8canonical(s);
+ const epee::wipeable_string sc = tools::utf8canonical(s, [](wint_t c) -> wint_t { return std::towlower(c); });
return epee::fnv::FNV1a(sc.data(), sc.size());
}
};
@@ -153,8 +87,8 @@ namespace Language {
bool operator()(const epee::wipeable_string &s0, const epee::wipeable_string &s1) const
{
- const epee::wipeable_string s0c = utf8canonical(s0);
- const epee::wipeable_string s1c = utf8canonical(s1);
+ const epee::wipeable_string s0c = tools::utf8canonical(s0, [](wint_t c) -> wint_t { return std::towlower(c); });
+ const epee::wipeable_string s1c = tools::utf8canonical(s1, [](wint_t c) -> wint_t { return std::towlower(c); });
return s0c == s1c;
}
};
diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl index f8c177e3a..5bd845e4f 100644 --- a/src/p2p/net_node.inl +++ b/src/p2p/net_node.inl @@ -31,7 +31,7 @@ // IP blocking adapted from Boolberry #include <algorithm> -#include <boost/bind.hpp> +#include <boost/bind/bind.hpp> #include <boost/date_time/posix_time/posix_time.hpp> #include <boost/filesystem/operations.hpp> #include <boost/optional/optional.hpp> diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp index 82a7234d1..062386087 100644 --- a/src/rpc/core_rpc_server.cpp +++ b/src/rpc/core_rpc_server.cpp @@ -68,6 +68,11 @@ using namespace epee; #define DEFAULT_PAYMENT_DIFFICULTY 1000 #define DEFAULT_PAYMENT_CREDITS_PER_HASH 100 +#define RESTRICTED_BLOCK_HEADER_RANGE 1000 +#define RESTRICTED_TRANSACTIONS_COUNT 100 +#define RESTRICTED_SPENT_KEY_IMAGES_COUNT 5000 +#define RESTRICTED_BLOCK_COUNT 1000 + #define RPC_TRACKER(rpc) \ PERF_TIMER(rpc); \ RPCTracker tracker(#rpc, PERF_TIMER_NAME(rpc)) @@ -639,6 +644,13 @@ namespace cryptonote if (use_bootstrap_daemon_if_necessary<COMMAND_RPC_GET_BLOCKS_BY_HEIGHT>(invoke_http_mode::BIN, "/getblocks_by_height.bin", req, res, r)) return r; + const bool restricted = m_restricted && ctx; + if (restricted && req.heights.size() > RESTRICTED_BLOCK_COUNT) + { + res.status = "Too many blocks requested in restricted mode"; + return true; + } + res.status = "Failed"; res.blocks.clear(); res.blocks.reserve(req.heights.size()); @@ -793,11 +805,17 @@ namespace cryptonote if (use_bootstrap_daemon_if_necessary<COMMAND_RPC_GET_TRANSACTIONS>(invoke_http_mode::JON, "/gettransactions", req, res, ok)) return ok; - CHECK_PAYMENT_MIN1(req, res, req.txs_hashes.size() * COST_PER_TX, false); - const bool restricted = m_restricted && ctx; const bool request_has_rpc_origin = ctx != NULL; + if (restricted && req.txs_hashes.size() > RESTRICTED_TRANSACTIONS_COUNT) + { + res.status = "Too many transactions requested in restricted mode"; + return true; + } + + CHECK_PAYMENT_MIN1(req, res, req.txs_hashes.size() * COST_PER_TX, false); + std::vector<crypto::hash> vh; for(const auto& tx_hex_str: req.txs_hashes) { @@ -1027,11 +1045,17 @@ namespace cryptonote if (use_bootstrap_daemon_if_necessary<COMMAND_RPC_IS_KEY_IMAGE_SPENT>(invoke_http_mode::JON, "/is_key_image_spent", req, res, ok)) return ok; - CHECK_PAYMENT_MIN1(req, res, req.key_images.size() * COST_PER_KEY_IMAGE, false); - const bool restricted = m_restricted && ctx; const bool request_has_rpc_origin = ctx != NULL; + if (restricted && req.key_images.size() > RESTRICTED_SPENT_KEY_IMAGES_COUNT) + { + res.status = "Too many key images queried in restricted mode"; + return true; + } + + CHECK_PAYMENT_MIN1(req, res, req.key_images.size() * COST_PER_KEY_IMAGE, false); + std::vector<crypto::key_image> key_images; for(const auto& ki_hex_str: req.key_images) { @@ -2034,6 +2058,14 @@ namespace cryptonote CHECK_PAYMENT_MIN1(req, res, COST_PER_BLOCK_HEADER, false); + const bool restricted = m_restricted && ctx; + if (restricted && req.hashes.size() > RESTRICTED_BLOCK_COUNT) + { + error_resp.code = CORE_RPC_ERROR_CODE_RESTRICTED; + error_resp.message = "Too many block headers requested in restricted mode"; + return false; + } + auto get = [this](const std::string &hash, bool fill_pow_hash, block_header_response &block_header, bool restricted, epee::json_rpc::error& error_resp) -> bool { crypto::hash block_hash; bool hash_parsed = parse_hash256(hash, block_hash); @@ -2069,7 +2101,6 @@ namespace cryptonote return true; }; - const bool restricted = m_restricted && ctx; if (!req.hash.empty()) { if (!get(req.hash, req.fill_pow_hash, res.block_header, restricted, error_resp)) @@ -2101,6 +2132,14 @@ namespace cryptonote error_resp.message = "Invalid start/end heights."; return false; } + const bool restricted = m_restricted && ctx; + if (restricted && req.end_height - req.start_height > RESTRICTED_BLOCK_HEADER_RANGE) + { + error_resp.code = CORE_RPC_ERROR_CODE_RESTRICTED; + error_resp.message = "Too many block headers requested."; + return false; + } + CHECK_PAYMENT_MIN1(req, res, (req.end_height - req.start_height + 1) * COST_PER_BLOCK_HEADER, false); for (uint64_t h = req.start_height; h <= req.end_height; ++h) { @@ -2127,7 +2166,6 @@ namespace cryptonote return false; } res.headers.push_back(block_header_response()); - const bool restricted = m_restricted && ctx; bool response_filled = fill_block_header_response(blk, false, block_height, block_hash, res.headers.back(), req.fill_pow_hash && !restricted); if (!response_filled) { diff --git a/src/rpc/core_rpc_server_error_codes.h b/src/rpc/core_rpc_server_error_codes.h index 2fd42f43f..98e40d05f 100644 --- a/src/rpc/core_rpc_server_error_codes.h +++ b/src/rpc/core_rpc_server_error_codes.h @@ -48,6 +48,7 @@ #define CORE_RPC_ERROR_CODE_PAYMENT_TOO_LOW -16 #define CORE_RPC_ERROR_CODE_DUPLICATE_PAYMENT -17 #define CORE_RPC_ERROR_CODE_STALE_PAYMENT -18 +#define CORE_RPC_ERROR_CODE_RESTRICTED -19 static inline const char *get_rpc_server_error_message(int64_t code) { @@ -70,6 +71,7 @@ static inline const char *get_rpc_server_error_message(int64_t code) case CORE_RPC_ERROR_CODE_PAYMENT_TOO_LOW: return "Payment too low"; case CORE_RPC_ERROR_CODE_DUPLICATE_PAYMENT: return "Duplicate payment"; case CORE_RPC_ERROR_CODE_STALE_PAYMENT: return "Stale payment"; + case CORE_RPC_ERROR_CODE_RESTRICTED: return "Parameters beyond restricted allowance"; default: MERROR("Unknown error: " << code); return "Unknown error"; } } diff --git a/src/rpc/rpc_args.cpp b/src/rpc/rpc_args.cpp index 9153e76ea..8601bd0b4 100644 --- a/src/rpc/rpc_args.cpp +++ b/src/rpc/rpc_args.cpp @@ -30,7 +30,7 @@ #include <boost/algorithm/string.hpp> #include <boost/asio/ip/address.hpp> -#include <boost/bind.hpp> +#include <functional> #include "common/command_line.h" #include "common/i18n.h" #include "hex.h" @@ -221,7 +221,7 @@ namespace cryptonote std::vector<std::string> access_control_origins; boost::split(access_control_origins, access_control_origins_input, boost::is_any_of(",")); - std::for_each(access_control_origins.begin(), access_control_origins.end(), boost::bind(&boost::trim<std::string>, _1, std::locale::classic())); + std::for_each(access_control_origins.begin(), access_control_origins.end(), std::bind(&boost::trim<std::string>, std::placeholders::_1, std::locale::classic())); config.access_control_origins = std::move(access_control_origins); } diff --git a/src/serialization/json_object.cpp b/src/serialization/json_object.cpp index 6228b4bec..5c042aa7b 100644 --- a/src/serialization/json_object.cpp +++ b/src/serialization/json_object.cpp @@ -120,7 +120,7 @@ void read_hex(const rapidjson::Value& val, epee::span<std::uint8_t> dest) throw WRONG_TYPE("string"); } - if (!epee::from_hex::to_buffer(dest, {val.GetString(), val.Size()})) + if (!epee::from_hex::to_buffer(dest, {val.GetString(), val.GetStringLength()})) { throw BAD_INPUT(); } diff --git a/src/simplewallet/simplewallet.cpp b/src/simplewallet/simplewallet.cpp index b1e69161f..70eb278d5 100644 --- a/src/simplewallet/simplewallet.cpp +++ b/src/simplewallet/simplewallet.cpp @@ -33,6 +33,11 @@ * * \brief Source file that defines simple_wallet class. */ + +// use boost bind placeholders for now +#define BOOST_BIND_GLOBAL_PLACEHOLDERS 1 +#include <boost/bind.hpp> + #include <locale.h> #include <thread> #include <iostream> @@ -250,6 +255,7 @@ namespace const char* USAGE_MMS_SET("mms set <option_name> [<option_value>]"); const char* USAGE_MMS_SEND_SIGNER_CONFIG("mms send_signer_config"); const char* USAGE_MMS_START_AUTO_CONFIG("mms start_auto_config [<label> <label> ...]"); + const char* USAGE_MMS_CONFIG_CHECKSUM("mms config_checksum"); const char* USAGE_MMS_STOP_AUTO_CONFIG("mms stop_auto_config"); const char* USAGE_MMS_AUTO_CONFIG("mms auto_config <auto_config_token>"); const char* USAGE_PRINT_RING("print_ring <key_image> | <txid>"); @@ -3460,7 +3466,7 @@ simple_wallet::simple_wallet() tr("Interface with the MMS (Multisig Messaging System)\n" "<subcommand> is one of:\n" " init, info, signer, list, next, sync, transfer, delete, send, receive, export, note, show, set, help\n" - " send_signer_config, start_auto_config, stop_auto_config, auto_config\n" + " send_signer_config, start_auto_config, stop_auto_config, auto_config, config_checksum\n" "Get help about a subcommand with: help_advanced mms <subcommand>")); m_cmd_binder.set_handler("mms init", boost::bind(&simple_wallet::on_command, this, &simple_wallet::mms, _1), @@ -3529,6 +3535,10 @@ simple_wallet::simple_wallet() boost::bind(&simple_wallet::on_command, this, &simple_wallet::mms, _1), tr(USAGE_MMS_START_AUTO_CONFIG), tr("Start auto-config at the auto-config manager's wallet by issuing auto-config tokens and optionally set others' labels")); + m_cmd_binder.set_handler("mms config_checksum", + boost::bind(&simple_wallet::on_command, this, &simple_wallet::mms, _1), + tr(USAGE_MMS_CONFIG_CHECKSUM), + tr("Get a checksum that allows signers to easily check for identical MMS configuration")); m_cmd_binder.set_handler("mms stop_auto_config", boost::bind(&simple_wallet::on_command, this, &simple_wallet::mms, _1), tr(USAGE_MMS_STOP_AUTO_CONFIG), @@ -5466,7 +5476,7 @@ void simple_wallet::on_new_block(uint64_t height, const cryptonote::block& block m_refresh_progress_reporter.update(height, false); } //---------------------------------------------------------------------------------------------------- -void simple_wallet::on_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index, uint64_t unlock_time) +void simple_wallet::on_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index, bool is_change, uint64_t unlock_time) { if (m_locked) return; @@ -5477,7 +5487,7 @@ void simple_wallet::on_money_received(uint64_t height, const crypto::hash &txid, tr("idx ") << subaddr_index; const uint64_t warn_height = m_wallet->nettype() == TESTNET ? 1000000 : m_wallet->nettype() == STAGENET ? 50000 : 1650000; - if (height >= warn_height) + if (height >= warn_height && !is_change) { std::vector<tx_extra_field> tx_extra_fields; parse_tx_extra(tx.extra, tx_extra_fields); // failure ok @@ -10361,6 +10371,14 @@ bool simple_wallet::user_confirms(const std::string &question) return !std::cin.eof() && command_line::is_yes(answer); } +bool simple_wallet::user_confirms_auto_config() +{ + message_writer(console_color_red, true) << tr("WARNING: Using MMS auto-config mechanisms is not trustless"); + message_writer() << tr("A malicious auto-config manager could send you info about own wallets instead of other signers' info"); + message_writer() << tr("If in doubt do not use auto-config or at least compare configs using the \"mms config_checksum\" command"); + return user_confirms("Accept the risks and continue?"); +} + bool simple_wallet::get_number_from_arg(const std::string &arg, uint32_t &number, const uint32_t lower_bound, const uint32_t upper_bound) { bool valid = false; @@ -10513,7 +10531,7 @@ void simple_wallet::show_message(const mms::message &m) case mms::message_type::additional_key_set: case mms::message_type::note: display_content = true; - ms.get_sanitized_message_text(m, sanitized_text); + sanitized_text = mms::message_store::get_sanitized_text(m.content, 1000); break; default: display_content = false; @@ -10862,6 +10880,11 @@ void simple_wallet::mms_next(const std::vector<std::string> &args) { break; } + if (!user_confirms_auto_config()) + { + message_writer() << tr("You can use the \"mms delete\" command to delete any unwanted message"); + break; + } } ms.process_signer_config(state, m.content); ms.stop_auto_config(); @@ -11188,6 +11211,18 @@ void simple_wallet::mms_start_auto_config(const std::vector<std::string> &args) list_signers(ms.get_all_signers()); } +void simple_wallet::mms_config_checksum(const std::vector<std::string> &args) +{ + if (args.size() != 0) + { + fail_msg_writer() << tr("Usage: mms config_checksum"); + return; + } + mms::message_store& ms = m_wallet->get_message_store(); + LOCK_IDLE_SCOPE(); + message_writer() << ms.get_config_checksum(); +} + void simple_wallet::mms_stop_auto_config(const std::vector<std::string> &args) { if (args.size() != 0) @@ -11218,6 +11253,10 @@ void simple_wallet::mms_auto_config(const std::vector<std::string> &args) fail_msg_writer() << tr("Invalid auto-config token"); return; } + if (!user_confirms_auto_config()) + { + return; + } mms::authorized_signer me = ms.get_signer(0); if (me.auto_config_running) { @@ -11330,6 +11369,10 @@ bool simple_wallet::mms(const std::vector<std::string> &args) { mms_start_auto_config(mms_args); } + else if (sub_command == "config_checksum") + { + mms_config_checksum(mms_args); + } else if (sub_command == "stop_auto_config") { mms_stop_auto_config(mms_args); diff --git a/src/simplewallet/simplewallet.h b/src/simplewallet/simplewallet.h index 59818b303..12cee11dc 100644 --- a/src/simplewallet/simplewallet.h +++ b/src/simplewallet/simplewallet.h @@ -53,7 +53,7 @@ #undef MONERO_DEFAULT_LOG_CATEGORY #define MONERO_DEFAULT_LOG_CATEGORY "wallet.simplewallet" // Hardcode Monero's donation address (see #1447) -constexpr const char MONERO_DONATION_ADDR[] = "44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A"; +constexpr const char MONERO_DONATION_ADDR[] = "888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H"; /*! * \namespace cryptonote @@ -342,7 +342,7 @@ namespace cryptonote //----------------- i_wallet2_callback --------------------- virtual void on_new_block(uint64_t height, const cryptonote::block& block); - virtual void on_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index, uint64_t unlock_time); + virtual void on_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index, bool is_change, uint64_t unlock_time); virtual void on_unconfirmed_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index); virtual void on_money_spent(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& in_tx, uint64_t amount, const cryptonote::transaction& spend_tx, const cryptonote::subaddress_index& subaddr_index); virtual void on_skip_transaction(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx); @@ -478,6 +478,7 @@ namespace cryptonote void ask_send_all_ready_messages(); void check_for_messages(); bool user_confirms(const std::string &question); + bool user_confirms_auto_config(); bool get_message_from_arg(const std::string &arg, mms::message &m); bool get_number_from_arg(const std::string &arg, uint32_t &number, const uint32_t lower_bound, const uint32_t upper_bound); @@ -498,6 +499,7 @@ namespace cryptonote void mms_help(const std::vector<std::string> &args); void mms_send_signer_config(const std::vector<std::string> &args); void mms_start_auto_config(const std::vector<std::string> &args); + void mms_config_checksum(const std::vector<std::string> &args); void mms_stop_auto_config(const std::vector<std::string> &args); void mms_auto_config(const std::vector<std::string> &args); }; diff --git a/src/version.cpp.in b/src/version.cpp.in index ccb88f1fe..2071acb8c 100644 --- a/src/version.cpp.in +++ b/src/version.cpp.in @@ -1,5 +1,5 @@ #define DEF_MONERO_VERSION_TAG "@VERSIONTAG@" -#define DEF_MONERO_VERSION "0.15.0.0" +#define DEF_MONERO_VERSION "0.16.0.0" #define DEF_MONERO_RELEASE_NAME "Carbon Chamaeleon" #define DEF_MONERO_VERSION_FULL DEF_MONERO_VERSION "-" DEF_MONERO_VERSION_TAG #define DEF_MONERO_VERSION_IS_RELEASE @VERSION_IS_RELEASE@ diff --git a/src/wallet/api/wallet.cpp b/src/wallet/api/wallet.cpp index d89261c64..0badd922a 100644 --- a/src/wallet/api/wallet.cpp +++ b/src/wallet/api/wallet.cpp @@ -157,7 +157,7 @@ struct Wallet2CallbackImpl : public tools::i_wallet2_callback } } - virtual void on_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index, uint64_t unlock_time) + virtual void on_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index, bool is_change, uint64_t unlock_time) { std::string tx_hash = epee::string_tools::pod_to_hex(txid); diff --git a/src/wallet/message_store.cpp b/src/wallet/message_store.cpp index 25a8bd4ef..fb07b42f0 100644 --- a/src/wallet/message_store.cpp +++ b/src/wallet/message_store.cpp @@ -39,6 +39,7 @@ #include "serialization/binary_utils.h" #include "common/base58.h" #include "common/util.h" +#include "common/utf8.h" #include "string_tools.h" @@ -129,18 +130,18 @@ void message_store::set_signer(const multisig_wallet_state &state, authorized_signer &m = m_signers[index]; if (label) { - m.label = label.get(); + m.label = get_sanitized_text(label.get(), 50); } if (transport_address) { - m.transport_address = transport_address.get(); + m.transport_address = get_sanitized_text(transport_address.get(), 200); } if (monero_address) { m.monero_address_known = true; m.monero_address = monero_address.get(); } - // Save to minimize the chance to loose that info (at least while in beta) + // Save to minimize the chance to loose that info save(state); } @@ -202,6 +203,13 @@ void message_store::unpack_signer_config(const multisig_wallet_state &state, con } uint32_t num_signers = (uint32_t)signers.size(); THROW_WALLET_EXCEPTION_IF(num_signers != m_num_authorized_signers, tools::error::wallet_internal_error, "Wrong number of signers in config: " + std::to_string(num_signers)); + for (uint32_t i = 0; i < num_signers; ++i) + { + authorized_signer &m = signers[i]; + m.label = get_sanitized_text(m.label, 50); + m.transport_address = get_sanitized_text(m.transport_address, 200); + m.auto_config_token = get_sanitized_text(m.auto_config_token, 20); + } } void message_store::process_signer_config(const multisig_wallet_state &state, const std::string &signer_config) @@ -242,10 +250,10 @@ void message_store::process_signer_config(const multisig_wallet_state &state, co } } authorized_signer &modify = m_signers[take_index]; - modify.label = m.label; // ALWAYS set label, see comments above + modify.label = get_sanitized_text(m.label, 50); // ALWAYS set label, see comments above if (!modify.me) { - modify.transport_address = m.transport_address; + modify.transport_address = get_sanitized_text(m.transport_address, 200); modify.monero_address_known = m.monero_address_known; if (m.monero_address_known) { @@ -392,6 +400,45 @@ void message_store::process_auto_config_data_message(uint32_t id) signer.auto_config_running = false; } +void add_hash(crypto::hash &sum, const crypto::hash &summand) +{ + for (uint32_t i = 0; i < crypto::HASH_SIZE; ++i) + { + uint32_t x = (uint32_t)sum.data[i]; + uint32_t y = (uint32_t)summand.data[i]; + sum.data[i] = (char)((x + y) % 256); + } +} + +// Calculate a checksum that allows signers to make sure they work with an identical signer config +// by exchanging and comparing checksums out-of-band i.e. not using the MMS; +// Because different signers have a different order of signers in the config work with "adding" +// individual hashes because that operation is commutative +std::string message_store::get_config_checksum() const +{ + crypto::hash sum = crypto::null_hash; + uint32_t num = SWAP32LE(m_num_authorized_signers); + add_hash(sum, crypto::cn_fast_hash(&num, sizeof(num))); + num = SWAP32LE(m_num_required_signers); + add_hash(sum, crypto::cn_fast_hash(&num, sizeof(num))); + for (uint32_t i = 0; i < m_num_authorized_signers; ++i) + { + const authorized_signer &m = m_signers[i]; + add_hash(sum, crypto::cn_fast_hash(m.transport_address.data(), m.transport_address.size())); + if (m.monero_address_known) + { + add_hash(sum, crypto::cn_fast_hash(&m.monero_address.m_spend_public_key, sizeof(m.monero_address.m_spend_public_key))); + add_hash(sum, crypto::cn_fast_hash(&m.monero_address.m_view_public_key, sizeof(m.monero_address.m_view_public_key))); + } + } + std::string checksum_bytes; + checksum_bytes += sum.data[0]; + checksum_bytes += sum.data[1]; + checksum_bytes += sum.data[2]; + checksum_bytes += sum.data[3]; + return epee::string_tools::buff_to_hex_nodelimer(checksum_bytes); +} + void message_store::stop_auto_config() { for (uint32_t i = 0; i < m_num_authorized_signers; ++i) @@ -661,32 +708,38 @@ void message_store::delete_all_messages() m_messages.clear(); } -// Make a message text, which is "attacker controlled data", reasonably safe to display +// Make a text, which is "attacker controlled data", reasonably safe to display // This is mostly geared towards the safe display of notes sent by "mms note" with a "mms show" command -void message_store::get_sanitized_message_text(const message &m, std::string &sanitized_text) const +std::string message_store::get_sanitized_text(const std::string &text, size_t max_length) { - sanitized_text.clear(); - // Restrict the size to fend of DOS-style attacks with heaps of data - size_t length = std::min(m.content.length(), (size_t)1000); + size_t length = std::min(text.length(), max_length); + std::string sanitized_text = text.substr(0, length); - for (size_t i = 0; i < length; ++i) + try { - char c = m.content[i]; - if ((int)c < 32) + sanitized_text = tools::utf8canonical(sanitized_text, [](wint_t c) { - // Strip out any controls, especially ESC for getting rid of potentially dangerous - // ANSI escape sequences that a console window might interpret - c = ' '; - } - else if ((c == '<') || (c == '>')) - { - // Make XML or HTML impossible that e.g. might contain scripts that Qt might execute - // when displayed in the GUI wallet - c = ' '; - } - sanitized_text += c; + if ((c < 0x20) || (c == 0x7f) || (c >= 0x80 && c <= 0x9f)) + { + // Strip out any controls, especially ESC for getting rid of potentially dangerous + // ANSI escape sequences that a console window might interpret + c = '?'; + } + else if ((c == '<') || (c == '>')) + { + // Make XML or HTML impossible that e.g. might contain scripts that Qt might execute + // when displayed in the GUI wallet + c = '?'; + } + return c; + }); + } + catch (const std::exception &e) + { + sanitized_text = "(Illegal UTF-8 string)"; } + return sanitized_text; } void message_store::write_to_file(const multisig_wallet_state &state, const std::string &filename) diff --git a/src/wallet/message_store.h b/src/wallet/message_store.h index d40daf186..9055fd776 100644 --- a/src/wallet/message_store.h +++ b/src/wallet/message_store.h @@ -242,6 +242,7 @@ namespace mms size_t add_auto_config_data_message(const multisig_wallet_state &state, const std::string &auto_config_token); void process_auto_config_data_message(uint32_t id); + std::string get_config_checksum() const; void stop_auto_config(); // Process data just created by "me" i.e. the own local wallet, e.g. as the result of a "prepare_multisig" command @@ -275,7 +276,7 @@ namespace mms void set_message_processed_or_sent(uint32_t id); void delete_message(uint32_t id); void delete_all_messages(); - void get_sanitized_message_text(const message &m, std::string &sanitized_text) const; + static std::string get_sanitized_text(const std::string &text, size_t max_length); void send_message(const multisig_wallet_state &state, uint32_t id); bool check_for_messages(const multisig_wallet_state &state, std::vector<message> &messages); diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index 93e522a93..a127e0b93 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -947,7 +947,7 @@ uint32_t get_subaddress_clamped_sum(uint32_t idx, uint32_t extra) static void setup_shim(hw::wallet_shim * shim, tools::wallet2 * wallet) { - shim->get_tx_pub_key_from_received_outs = boost::bind(&tools::wallet2::get_tx_pub_key_from_received_outs, wallet, _1); + shim->get_tx_pub_key_from_received_outs = std::bind(&tools::wallet2::get_tx_pub_key_from_received_outs, wallet, std::placeholders::_1); } bool get_pruned_tx(const cryptonote::COMMAND_RPC_GET_TRANSACTIONS::entry &entry, cryptonote::transaction &tx, crypto::hash &tx_hash) @@ -1867,6 +1867,20 @@ void wallet2::cache_tx_data(const cryptonote::transaction& tx, const crypto::has } } //---------------------------------------------------------------------------------------------------- +bool wallet2::spends_one_of_ours(const cryptonote::transaction &tx) const +{ + for (const auto &in: tx.vin) + { + if (in.type() != typeid(cryptonote::txin_to_key)) + continue; + const cryptonote::txin_to_key &in_to_key = boost::get<cryptonote::txin_to_key>(in); + auto it = m_key_images.find(in_to_key.k_image); + if (it != m_key_images.end()) + return true; + } + return false; +} +//---------------------------------------------------------------------------------------------------- void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote::transaction& tx, const std::vector<uint64_t> &o_indices, uint64_t height, uint8_t block_version, uint64_t ts, bool miner_tx, bool pool, bool double_spend_seen, const tx_cache_data &tx_cache_data, std::map<std::pair<uint64_t, uint64_t>, size_t> *output_tracker_cache) { PERF_TIMER(process_new_transaction); @@ -2153,7 +2167,7 @@ void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote } LOG_PRINT_L0("Received money: " << print_money(td.amount()) << ", with tx: " << txid); if (0 != m_callback) - m_callback->on_money_received(height, txid, tx, td.m_amount, td.m_subaddr_index, td.m_tx.unlock_time); + m_callback->on_money_received(height, txid, tx, td.m_amount, td.m_subaddr_index, spends_one_of_ours(tx), td.m_tx.unlock_time); } total_received_1 += amount; notify = true; @@ -2230,7 +2244,7 @@ void wallet2::process_new_transaction(const crypto::hash &txid, const cryptonote LOG_PRINT_L0("Received money: " << print_money(td.amount()) << ", with tx: " << txid); if (0 != m_callback) - m_callback->on_money_received(height, txid, tx, td.m_amount, td.m_subaddr_index, td.m_tx.unlock_time); + m_callback->on_money_received(height, txid, tx, td.m_amount, td.m_subaddr_index, spends_one_of_ours(tx), td.m_tx.unlock_time); } total_received_1 += extra_amount; notify = true; @@ -13080,7 +13094,7 @@ size_t wallet2::import_multisig(std::vector<cryptonote::blobdata> blobs) CHECK_AND_ASSERT_THROW_MES(info.size() + 1 <= m_multisig_signers.size() && info.size() + 1 >= m_multisig_threshold, "Wrong number of multisig sources"); std::vector<std::vector<rct::key>> k; - auto wiper = epee::misc_utils::create_scope_leave_handler([&](){memwipe(k.data(), k.size() * sizeof(k[0]));}); + auto wiper = epee::misc_utils::create_scope_leave_handler([&](){for (auto &v: k) memwipe(v.data(), v.size() * sizeof(v[0]));}); k.reserve(m_transfers.size()); for (const auto &td: m_transfers) k.push_back(td.m_multisig_k); diff --git a/src/wallet/wallet2.h b/src/wallet/wallet2.h index eb33713b5..3a14215b3 100644 --- a/src/wallet/wallet2.h +++ b/src/wallet/wallet2.h @@ -131,7 +131,7 @@ private: public: // Full wallet callbacks virtual void on_new_block(uint64_t height, const cryptonote::block& block) {} - virtual void on_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index, uint64_t unlock_time) {} + virtual void on_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index, bool is_change, uint64_t unlock_time) {} virtual void on_unconfirmed_money_received(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx, uint64_t amount, const cryptonote::subaddress_index& subaddr_index) {} virtual void on_money_spent(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& in_tx, uint64_t amount, const cryptonote::transaction& spend_tx, const cryptonote::subaddress_index& subaddr_index) {} virtual void on_skip_transaction(uint64_t height, const crypto::hash &txid, const cryptonote::transaction& tx) {} @@ -1517,6 +1517,7 @@ private: void check_rpc_cost(const char *call, uint64_t post_call_credits, uint64_t pre_credits, double expected_cost); bool should_expand(const cryptonote::subaddress_index &index) const; + bool spends_one_of_ours(const cryptonote::transaction &tx) const; cryptonote::account_base m_account; boost::optional<epee::net_utils::http::login> m_daemon_login; diff --git a/tests/core_tests/chaingen.h b/tests/core_tests/chaingen.h index 453ee923d..e94bf6be1 100644 --- a/tests/core_tests/chaingen.h +++ b/tests/core_tests/chaingen.h @@ -30,6 +30,7 @@ #pragma once +#include <functional> #include <vector> #include <iostream> #include <stdint.h> @@ -856,10 +857,10 @@ inline bool do_replay_file(const std::string& filename) } #define REGISTER_CALLBACK(CB_NAME, CLBACK) \ - register_callback(CB_NAME, boost::bind(&CLBACK, this, _1, _2, _3)); + register_callback(CB_NAME, std::bind(&CLBACK, this, std::placeholders::_1, std::placeholders::_2, std::placeholders::_3)); #define REGISTER_CALLBACK_METHOD(CLASS, METHOD) \ - register_callback(#METHOD, boost::bind(&CLASS::METHOD, this, _1, _2, _3)); + register_callback(#METHOD, std::bind(&CLASS::METHOD, this, std::placeholders::_1, std::placeholders::_2, std::placeholders::_3)); #define MAKE_GENESIS_BLOCK(VEC_EVENTS, BLK_NAME, MINER_ACC, TS) \ test_generator generator; \ diff --git a/tests/data/fuzz/tx-extra/TXEXTRA1 b/tests/data/fuzz/tx-extra/TXEXTRA1 Binary files differnew file mode 100644 index 000000000..08852abe3 --- /dev/null +++ b/tests/data/fuzz/tx-extra/TXEXTRA1 diff --git a/tests/data/fuzz/tx-extra/TXEXTRA2 b/tests/data/fuzz/tx-extra/TXEXTRA2 Binary files differnew file mode 100644 index 000000000..170301145 --- /dev/null +++ b/tests/data/fuzz/tx-extra/TXEXTRA2 diff --git a/tests/functional_tests/address_book.py b/tests/functional_tests/address_book.py index f9ec217af..99140847c 100755 --- a/tests/functional_tests/address_book.py +++ b/tests/functional_tests/address_book.py @@ -145,7 +145,7 @@ class AddressBookTest(): res = wallet.get_address_book() assert len(res.entries) == 1 e = res.entries[0] - assert e.address == '44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A' + assert e.address == '888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H' assert e.description == 'dev fund' # UTF-8 @@ -173,7 +173,7 @@ class AddressBookTest(): # get them back res = wallet.get_address_book([0]) assert len(res.entries) == 1 - assert res.entries[0].address == '44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A' + assert res.entries[0].address == '888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H' assert res.entries[0].description == 'dev fund' res = wallet.get_address_book([1]) assert len(res.entries) == 1 @@ -213,12 +213,12 @@ class AddressBookTest(): assert e.index == 1 assert e.address == '42ey1afDFnn4886T7196doS9GPMzexD9gXpsZJDwVjeRVdFCSoHnv7KPbBeGpzJBzHRCAs9UxqeoyFQMYbqSWYTfJJQAWDm' assert e.description == u'えんしゅう' - res = wallet.edit_address_book(1, address = '44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A') + res = wallet.edit_address_book(1, address = '888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H') res = wallet.get_address_book([1]) assert len(res.entries) == 1 e = res.entries[0] assert e.index == 1 - assert e.address == '44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A' + assert e.address == '888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H' assert e.description == u'えんしゅう' ok = False try: res = wallet.edit_address_book(1, address = '') @@ -237,7 +237,7 @@ class AddressBookTest(): wallet.delete_address_book(0) res = wallet.get_address_book([0]) # entries above the deleted one collapse one slot up assert len(res.entries) == 1 - assert res.entries[0].address == '44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A' + assert res.entries[0].address == '888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H' assert res.entries[0].description == u'えんしゅう' wallet.delete_address_book(2) wallet.delete_address_book(0) diff --git a/tests/functional_tests/speed.py b/tests/functional_tests/speed.py index 71be785b8..c0c1d23c2 100755 --- a/tests/functional_tests/speed.py +++ b/tests/functional_tests/speed.py @@ -67,7 +67,7 @@ class SpeedTest(): destinations = [] for i in range(3): - destinations.append({"amount":1,"address":'44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A'}) + destinations.append({"amount":1,"address":'888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H'}) self._test_speed_generateblocks(daemon=daemon, blocks=70) for i in range(1, 10): @@ -89,7 +89,7 @@ class SpeedTest(): print('Test speed of transfer') start = time.time() - destinations = [{"amount":1,"address":'44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A'}] + destinations = [{"amount":1,"address":'888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H'}] res = wallet.transfer_split(destinations) print('generating tx took: ', time.time() - start, 'seconds') diff --git a/tests/functional_tests/validate_address.py b/tests/functional_tests/validate_address.py index 7c3d8abfa..af0de87e5 100755 --- a/tests/functional_tests/validate_address.py +++ b/tests/functional_tests/validate_address.py @@ -94,7 +94,7 @@ class AddressValidationTest(): def check_openalias_addresses(self): print('Validating openalias addresses') addresses = [ - ['donate@getmonero.org', '44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A'] + ['donate@getmonero.org', '888tNkZrPN6JsEgekjMnABU4TBzc2Dt29EPAvkRxbANsAnjyPbb3iQ1YBRk1UXcdRsiKc9dhwMVgN5S9cQUiyoogDavup3H'] ] for address in addresses: res = self.wallet.validate_address(address[0]) @@ -102,7 +102,7 @@ class AddressValidationTest(): res = self.wallet.validate_address(address[0], allow_openalias = True) assert res.valid assert not res.integrated - assert not res.subaddress + assert res.subaddress assert res.nettype == 'mainnet' assert res.openalias_address == address[1] diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt index a6ef139f5..606fec465 100644 --- a/tests/fuzz/CMakeLists.txt +++ b/tests/fuzz/CMakeLists.txt @@ -34,7 +34,8 @@ target_link_libraries(block_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET block_fuzz_tests PROPERTY FOLDER "tests") @@ -47,7 +48,8 @@ target_link_libraries(transaction_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET transaction_fuzz_tests PROPERTY FOLDER "tests") @@ -61,7 +63,8 @@ target_link_libraries(signature_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET signature_fuzz_tests PROPERTY FOLDER "tests") @@ -75,7 +78,8 @@ target_link_libraries(cold-outputs_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET cold-outputs_fuzz_tests PROPERTY FOLDER "tests") @@ -89,7 +93,8 @@ target_link_libraries(cold-transaction_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET cold-transaction_fuzz_tests PROPERTY FOLDER "tests") @@ -101,7 +106,8 @@ target_link_libraries(load-from-binary_fuzz_tests epee ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET load-from-binary_fuzz_tests PROPERTY FOLDER "tests") @@ -113,7 +119,8 @@ target_link_libraries(load-from-json_fuzz_tests epee ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET load-from-json_fuzz_tests PROPERTY FOLDER "tests") @@ -125,7 +132,8 @@ target_link_libraries(base58_fuzz_tests epee ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET base58_fuzz_tests PROPERTY FOLDER "tests") @@ -138,7 +146,8 @@ target_link_libraries(parse-url_fuzz_tests ${Boost_PROGRAM_OPTIONS_LIBRARY} ${Boost_SYSTEM_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET parse-url_fuzz_tests PROPERTY FOLDER "tests") @@ -153,7 +162,8 @@ target_link_libraries(http-client_fuzz_tests ${Boost_PROGRAM_OPTIONS_LIBRARY} ${Boost_SYSTEM_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET http-client_fuzz_tests PROPERTY FOLDER "tests") @@ -168,7 +178,8 @@ target_link_libraries(levin_fuzz_tests ${Boost_REGEX_LIBRARY} ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET levin_fuzz_tests PROPERTY FOLDER "tests") @@ -183,8 +194,27 @@ target_link_libraries(bulletproof_fuzz_tests ${Boost_REGEX_LIBRARY} ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET bulletproof_fuzz_tests PROPERTY FOLDER "tests") +add_executable(tx-extra_fuzz_tests tx-extra.cpp fuzzer.cpp) +target_link_libraries(tx-extra_fuzz_tests + PRIVATE + cryptonote_basic + common + epee + ${Boost_THREAD_LIBRARY} + ${Boost_CHRONO_LIBRARY} + ${Boost_REGEX_LIBRARY} + ${Boost_PROGRAM_OPTIONS_LIBRARY} + ${Boost_SYSTEM_LIBRARY} + ${CMAKE_THREAD_LIBS_INIT} + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) +set_property(TARGET tx-extra_fuzz_tests + PROPERTY + FOLDER "tests") + diff --git a/tests/fuzz/base58.cpp b/tests/fuzz/base58.cpp index 5f909a5d9..08fa402dd 100644 --- a/tests/fuzz/base58.cpp +++ b/tests/fuzz/base58.cpp @@ -27,50 +27,13 @@ // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include "include_base_utils.h" -#include "file_io_utils.h" #include "common/base58.h" #include "fuzzer.h" -class Base58Fuzzer: public Fuzzer -{ -public: - Base58Fuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); -}; - -int Base58Fuzzer::init() -{ - return 0; -} - -int Base58Fuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - std::string data; - tools::base58::decode(s, data); - } - catch (const std::exception &e) - { - std::cerr << "Failed to load from binary: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - Base58Fuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + std::string data; + tools::base58::decode(std::string((const char*)buf, len), data); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/block.cpp b/tests/fuzz/block.cpp index 850c58890..44818f8cd 100644 --- a/tests/fuzz/block.cpp +++ b/tests/fuzz/block.cpp @@ -33,36 +33,10 @@ #include "cryptonote_basic/cryptonote_format_utils.h" #include "fuzzer.h" -class BlockFuzzer: public Fuzzer -{ -public: - virtual int run(const std::string &filename); +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() -private: -}; - -int BlockFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } +BEGIN_SIMPLE_FUZZER() cryptonote::block b = AUTO_VAL_INIT(b); - if(!parse_and_validate_block_from_blob(s, b)) - { - std::cout << "Error: failed to parse block from file " << filename << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - BlockFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} + parse_and_validate_block_from_blob(std::string((const char*)buf, len), b); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/bulletproof.cpp b/tests/fuzz/bulletproof.cpp index e9a6ded7d..7e58770ca 100644 --- a/tests/fuzz/bulletproof.cpp +++ b/tests/fuzz/bulletproof.cpp @@ -33,40 +33,13 @@ #include "cryptonote_basic/cryptonote_format_utils.h" #include "fuzzer.h" -class BulletproofFuzzer: public Fuzzer -{ -public: - virtual int run(const std::string &filename); +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() -private: -}; - -int BulletproofFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } +BEGIN_SIMPLE_FUZZER() std::stringstream ss; - ss << s; + ss << std::string((const char*)buf, len); binary_archive<false> ba(ss); rct::Bulletproof proof = AUTO_VAL_INIT(proof); - bool r = ::serialization::serialize(ba, proof); - if(!r) - { - std::cout << "Error: failed to parse bulletproof from file " << filename << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - BulletproofFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} + ::serialization::serialize(ba, proof); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/cold-outputs.cpp b/tests/fuzz/cold-outputs.cpp index f4050c948..ce6d6640c 100644 --- a/tests/fuzz/cold-outputs.cpp +++ b/tests/fuzz/cold-outputs.cpp @@ -34,70 +34,28 @@ #include "wallet/wallet2.h" #include "fuzzer.h" -class ColdOutputsFuzzer: public Fuzzer -{ -public: - ColdOutputsFuzzer(): wallet(cryptonote::TESTNET) {} - virtual int init(); - virtual int run(const std::string &filename); +static tools::wallet2 *wallet = NULL; -private: - tools::wallet2 wallet; -}; +BEGIN_INIT_SIMPLE_FUZZER() + static tools::wallet2 local_wallet; + wallet = &local_wallet; -int ColdOutputsFuzzer::init() -{ static const char * const spendkey_hex = "0b4f47697ec99c3de6579304e5f25c68b07afbe55b71d99620bf6cbf4e45a80f"; crypto::secret_key spendkey; epee::string_tools::hex_to_pod(spendkey_hex, spendkey); - try - { - wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); - wallet.set_subaddress_lookahead(1, 1); - wallet.generate("", "", spendkey, true, false); - } - catch (const std::exception &e) - { - std::cerr << "Error on ColdOutputsFuzzer::init: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int ColdOutputsFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - s = std::string("\x01\x16serialization::archive") + s; - try - { - std::pair<size_t, std::vector<tools::wallet2::transfer_details>> outputs; - std::stringstream iss; - iss << s; - boost::archive::portable_binary_iarchive ar(iss); - ar >> outputs; - size_t n_outputs = wallet.import_outputs(outputs); - std::cout << boost::lexical_cast<std::string>(n_outputs) << " outputs imported" << std::endl; - } - catch (const std::exception &e) - { - std::cerr << "Failed to import outputs: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - ColdOutputsFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} - + wallet->init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); + wallet->set_subaddress_lookahead(1, 1); + wallet->generate("", "", spendkey, true, false); +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + std::string s = std::string("\x01\x16serialization::archive") + std::string((const char*)buf, len); + std::pair<size_t, std::vector<tools::wallet2::transfer_details>> outputs; + std::stringstream iss; + iss << s; + boost::archive::portable_binary_iarchive ar(iss); + ar >> outputs; + size_t n_outputs = wallet->import_outputs(outputs); + std::cout << boost::lexical_cast<std::string>(n_outputs) << " outputs imported" << std::endl; +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/cold-transaction.cpp b/tests/fuzz/cold-transaction.cpp index 08117281b..ebbbc283f 100644 --- a/tests/fuzz/cold-transaction.cpp +++ b/tests/fuzz/cold-transaction.cpp @@ -34,71 +34,29 @@ #include "wallet/wallet2.h" #include "fuzzer.h" -class ColdTransactionFuzzer: public Fuzzer -{ -public: - ColdTransactionFuzzer(): wallet(cryptonote::TESTNET) {} - virtual int init(); - virtual int run(const std::string &filename); +static tools::wallet2 *wallet = NULL; -private: - tools::wallet2 wallet; -}; +BEGIN_INIT_SIMPLE_FUZZER() + static tools::wallet2 local_wallet; + wallet = &local_wallet; - -int ColdTransactionFuzzer::init() -{ static const char * const spendkey_hex = "0b4f47697ec99c3de6579304e5f25c68b07afbe55b71d99620bf6cbf4e45a80f"; crypto::secret_key spendkey; epee::string_tools::hex_to_pod(spendkey_hex, spendkey); - try - { - wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); - wallet.set_subaddress_lookahead(1, 1); - wallet.generate("", "", spendkey, true, false); - } - catch (const std::exception &e) - { - std::cerr << "Error on ColdTransactionFuzzer::init: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int ColdTransactionFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - s = std::string("\x01\x16serialization::archive") + s; - try - { - tools::wallet2::unsigned_tx_set exported_txs; - std::stringstream iss; - iss << s; - boost::archive::portable_binary_iarchive ar(iss); - ar >> exported_txs; - std::vector<tools::wallet2::pending_tx> ptx; - bool success = wallet.sign_tx(exported_txs, "/tmp/cold-transaction-test-signed", ptx); - std::cout << (success ? "signed" : "error") << std::endl; - } - catch (const std::exception &e) - { - std::cerr << "Failed to sign transaction: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - ColdTransactionFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} + wallet->init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); + wallet->set_subaddress_lookahead(1, 1); + wallet->generate("", "", spendkey, true, false); +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + std::string s = std::string("\x01\x16serialization::archive") + std::string((const char*)buf, len); + tools::wallet2::unsigned_tx_set exported_txs; + std::stringstream iss; + iss << s; + boost::archive::portable_binary_iarchive ar(iss); + ar >> exported_txs; + std::vector<tools::wallet2::pending_tx> ptx; + bool success = wallet->sign_tx(exported_txs, "/tmp/cold-transaction-test-signed", ptx); + std::cout << (success ? "signed" : "error") << std::endl; +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/fuzzer.cpp b/tests/fuzz/fuzzer.cpp index 24db5ee05..0d2366263 100644 --- a/tests/fuzz/fuzzer.cpp +++ b/tests/fuzz/fuzzer.cpp @@ -33,6 +33,8 @@ #include "common/util.h" #include "fuzzer.h" +#ifndef OSSFUZZ + #if (!defined(__clang__) || (__clang__ < 5)) static int __AFL_LOOP(int) { @@ -74,3 +76,5 @@ int run_fuzzer(int argc, const char **argv, Fuzzer &fuzzer) CATCH_ENTRY_L0("run_fuzzer", 1); } + +#endif diff --git a/tests/fuzz/fuzzer.h b/tests/fuzz/fuzzer.h index 5cbd1abc2..ce230fb66 100644 --- a/tests/fuzz/fuzzer.h +++ b/tests/fuzz/fuzzer.h @@ -27,6 +27,56 @@ // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include <string> +#include "file_io_utils.h" + +#ifdef OSSFUZZ + +#define BEGIN_INIT_SIMPLE_FUZZER() \ + static int init() \ + { \ + try \ + { + +#define END_INIT_SIMPLE_FUZZER() \ + } \ + catch (const std::exception &e) \ + { \ + fprintf(stderr, "Exception: %s\n", e.what()); \ + return 1; \ + } \ + return 0; \ + } + +#define BEGIN_SIMPLE_FUZZER() \ +extern "C" { \ + int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) \ + { \ + try \ + { \ + static bool first = true; \ + if (first) \ + { \ + if (init()) \ + return 1; \ + first = false; \ + } \ + +#define END_SIMPLE_FUZZER() \ + } \ + catch (const std::exception &e) \ + { \ + fprintf(stderr, "Exception: %s\n", e.what()); \ + delete el::base::elStorage; \ + el::base::elStorage = NULL; \ + return 0; \ + } \ + delete el::base::elStorage; \ + el::base::elStorage = NULL; \ + return 0; \ + } \ +} + +#else class Fuzzer { @@ -36,3 +86,61 @@ public: }; int run_fuzzer(int argc, const char **argv, Fuzzer &fuzzer); + +#define BEGIN_INIT_SIMPLE_FUZZER() \ + class SimpleFuzzer: public Fuzzer \ + { \ + virtual int init() \ + { \ + try \ + { + +#define END_INIT_SIMPLE_FUZZER() \ + } \ + catch (const std::exception &e) \ + { \ + fprintf(stderr, "Exception: %s\n", e.what()); \ + return 1; \ + } \ + return 0; \ + } + +#define BEGIN_SIMPLE_FUZZER() \ + virtual int run(const std::string &filename) \ + { \ + try \ + { \ + std::string s; \ + if (!epee::file_io_utils::load_file_to_string(filename, s)) \ + { \ + std::cout << "Error: failed to load file " << filename << std::endl; \ + return 1; \ + } \ + const uint8_t *buf = (const uint8_t*)s.data(); \ + const size_t len = s.size(); \ + { + +#define END_SIMPLE_FUZZER() \ + } \ + } \ + catch (const std::exception &e) \ + { \ + fprintf(stderr, "Exception: %s\n", e.what()); \ + delete el::base::elStorage; \ + el::base::elStorage = NULL; \ + return 0; \ + } \ + delete el::base::elStorage; \ + el::base::elStorage = NULL; \ + return 0; \ + } \ + }; \ + int main(int argc, const char **argv) \ + { \ + TRY_ENTRY(); \ + SimpleFuzzer fuzzer; \ + return run_fuzzer(argc, argv, fuzzer); \ + CATCH_ENTRY_L0("main", 1); \ + } + +#endif diff --git a/tests/fuzz/http-client.cpp b/tests/fuzz/http-client.cpp index ea6d5a2ad..1801affee 100644 --- a/tests/fuzz/http-client.cpp +++ b/tests/fuzz/http-client.cpp @@ -58,48 +58,11 @@ private: std::string data; }; -class HTTPClientFuzzer: public Fuzzer -{ -public: - HTTPClientFuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); - -private: - epee::net_utils::http::http_simple_client_template<dummy_client> client; -}; - -int HTTPClientFuzzer::init() -{ - return 0; -} - -int HTTPClientFuzzer::run(const std::string &filename) -{ - std::string s; +static epee::net_utils::http::http_simple_client_template<dummy_client> client; - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - client.test(s, std::chrono::milliseconds(1000)); - } - catch (const std::exception &e) - { - std::cerr << "Failed to test http client: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - HTTPClientFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + client.test(std::string((const char*)buf, len), std::chrono::milliseconds(1000)); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/levin.cpp b/tests/fuzz/levin.cpp index 6c16a0a85..ab7bbb6da 100644 --- a/tests/fuzz/levin.cpp +++ b/tests/fuzz/levin.cpp @@ -279,26 +279,10 @@ namespace #endif } -class LevinFuzzer: public Fuzzer -{ -public: - LevinFuzzer() {} //: handler(endpoint, config, context) {} - virtual int init(); - virtual int run(const std::string &filename); - -private: - //epee::net_utils::connection_context_base context; - //epee::levin::async_protocol_handler<> handler; -}; +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() -int LevinFuzzer::init() -{ - return 0; -} - -int LevinFuzzer::run(const std::string &filename) -{ - std::string s; +BEGIN_SIMPLE_FUZZER() #if 0 epee::levin::bucket_head2 req_head; @@ -313,13 +297,6 @@ int LevinFuzzer::run(const std::string &filename) fwrite(&req_head,sizeof(req_head),1, f); fclose(f); #endif - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { //std::unique_ptr<test_connection> conn = new test(); boost::asio::io_service io_service; test_levin_protocol_handler_config m_handler_config; @@ -329,21 +306,5 @@ int LevinFuzzer::run(const std::string &filename) conn->start(); //m_commands_handler.invoke_out_buf(expected_out_data); //m_commands_handler.return_code(expected_return_code); - conn->m_protocol_handler.handle_recv(s.data(), s.size()); - } - catch (const std::exception &e) - { - std::cerr << "Failed to test http client: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - LevinFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} - + conn->m_protocol_handler.handle_recv(buf, len); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/load_from_binary.cpp b/tests/fuzz/load_from_binary.cpp index 85b7361e5..b185df522 100644 --- a/tests/fuzz/load_from_binary.cpp +++ b/tests/fuzz/load_from_binary.cpp @@ -33,46 +33,10 @@ #include "storages/portable_storage_base.h" #include "fuzzer.h" -class PortableStorageFuzzer: public Fuzzer -{ -public: - PortableStorageFuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); -}; - -int PortableStorageFuzzer::init() -{ - return 0; -} - -int PortableStorageFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - epee::serialization::portable_storage ps; - ps.load_from_binary(s); - } - catch (const std::exception &e) - { - std::cerr << "Failed to load from binary: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - PortableStorageFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + epee::serialization::portable_storage ps; + ps.load_from_binary(std::string((const char*)buf, len)); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/load_from_json.cpp b/tests/fuzz/load_from_json.cpp index 3ba98050b..0252360ba 100644 --- a/tests/fuzz/load_from_json.cpp +++ b/tests/fuzz/load_from_json.cpp @@ -33,46 +33,10 @@ #include "storages/portable_storage_base.h" #include "fuzzer.h" -class PortableStorageFuzzer: public Fuzzer -{ -public: - PortableStorageFuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); -}; - -int PortableStorageFuzzer::init() -{ - return 0; -} - -int PortableStorageFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - epee::serialization::portable_storage ps; - ps.load_from_json(s); - } - catch (const std::exception &e) - { - std::cerr << "Failed to load from binary: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - PortableStorageFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + epee::serialization::portable_storage ps; + ps.load_from_json(std::string((const char*)buf, len)); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/parse_url.cpp b/tests/fuzz/parse_url.cpp index 3db78f9d9..41f4319a6 100644 --- a/tests/fuzz/parse_url.cpp +++ b/tests/fuzz/parse_url.cpp @@ -31,46 +31,10 @@ #include "net/net_parse_helpers.h" #include "fuzzer.h" -class ParseURLFuzzer: public Fuzzer -{ -public: - ParseURLFuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); -}; - -int ParseURLFuzzer::init() -{ - return 0; -} - -int ParseURLFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - epee::net_utils::http::url_content url; - epee::net_utils::parse_url(s, url); - } - catch (const std::exception &e) - { - std::cerr << "Failed to load from binary: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - ParseURLFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + epee::net_utils::http::url_content url; + epee::net_utils::parse_url(std::string((const char*)buf, len), url); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/signature.cpp b/tests/fuzz/signature.cpp index 038378ae2..3743cfdd0 100644 --- a/tests/fuzz/signature.cpp +++ b/tests/fuzz/signature.cpp @@ -34,66 +34,31 @@ #include "wallet/wallet2.h" #include "fuzzer.h" -class SignatureFuzzer: public Fuzzer -{ -public: - SignatureFuzzer(): Fuzzer(), wallet(cryptonote::TESTNET) {} - virtual int init(); - virtual int run(const std::string &filename); +static tools::wallet2 *wallet = NULL; +static cryptonote::account_public_address address; -private: - tools::wallet2 wallet; - cryptonote::account_public_address address; -}; +BEGIN_INIT_SIMPLE_FUZZER() + static tools::wallet2 local_wallet(cryptonote::TESTNET); + wallet = &local_wallet; -int SignatureFuzzer::init() -{ static const char * const spendkey_hex = "0b4f47697ec99c3de6579304e5f25c68b07afbe55b71d99620bf6cbf4e45a80f"; crypto::secret_key spendkey; epee::string_tools::hex_to_pod(spendkey_hex, spendkey); - try - { - wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); - wallet.set_subaddress_lookahead(1, 1); - wallet.generate("", "", spendkey, true, false); + wallet->init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); + wallet->set_subaddress_lookahead(1, 1); + wallet->generate("", "", spendkey, true, false); - cryptonote::address_parse_info info; - if (!cryptonote::get_account_address_from_str_or_url(info, cryptonote::TESTNET, "9uVsvEryzpN8WH2t1WWhFFCG5tS8cBNdmJYNRuckLENFimfauV5pZKeS1P2CbxGkSDTUPHXWwiYE5ZGSXDAGbaZgDxobqDN")) - { - std::cerr << "failed to parse address" << std::endl; - return 1; - } - address = info.address; - } - catch (const std::exception &e) + cryptonote::address_parse_info info; + if (!cryptonote::get_account_address_from_str_or_url(info, cryptonote::TESTNET, "9uVsvEryzpN8WH2t1WWhFFCG5tS8cBNdmJYNRuckLENFimfauV5pZKeS1P2CbxGkSDTUPHXWwiYE5ZGSXDAGbaZgDxobqDN")) { - std::cerr << "Error on SignatureFuzzer::init: " << e.what() << std::endl; + std::cerr << "failed to parse address" << std::endl; return 1; } - return 0; -} - -int SignatureFuzzer::run(const std::string &filename) -{ - std::string s; + address = info.address; +END_INIT_SIMPLE_FUZZER() - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - - bool valid = wallet.verify("test", address, s); +BEGIN_SIMPLE_FUZZER() + bool valid = wallet->verify("test", address, std::string((const char*)buf, len)); std::cout << "Signature " << (valid ? "valid" : "invalid") << std::endl; - - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - SignatureFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/transaction.cpp b/tests/fuzz/transaction.cpp index 0f62888a1..1e4a61a78 100644 --- a/tests/fuzz/transaction.cpp +++ b/tests/fuzz/transaction.cpp @@ -33,36 +33,10 @@ #include "cryptonote_basic/cryptonote_format_utils.h" #include "fuzzer.h" -class TransactionFuzzer: public Fuzzer -{ -public: - virtual int run(const std::string &filename); +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() -private: -}; - -int TransactionFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } +BEGIN_SIMPLE_FUZZER() cryptonote::transaction tx = AUTO_VAL_INIT(tx); - if(!parse_and_validate_tx_from_blob(s, tx)) - { - std::cout << "Error: failed to parse transaction from file " << filename << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - TransactionFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} + parse_and_validate_tx_from_blob(std::string((const char*)buf, len), tx); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/tx-extra.cpp b/tests/fuzz/tx-extra.cpp new file mode 100644 index 000000000..35b14b802 --- /dev/null +++ b/tests/fuzz/tx-extra.cpp @@ -0,0 +1,40 @@ +// Copyright (c) 2020, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#include "include_base_utils.h" +#include "cryptonote_basic/cryptonote_format_utils.h" +#include "fuzzer.h" + +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + std::vector<cryptonote::tx_extra_field> tx_extra_fields; + cryptonote::parse_tx_extra(std::vector<uint8_t>(buf, buf + len), tx_extra_fields); +END_SIMPLE_FUZZER() + diff --git a/tests/unit_tests/epee_utils.cpp b/tests/unit_tests/epee_utils.cpp index 2e93f9e67..a2cec965e 100644 --- a/tests/unit_tests/epee_utils.cpp +++ b/tests/unit_tests/epee_utils.cpp @@ -667,6 +667,23 @@ TEST(ByteSlice, TakeSlice) EXPECT_TRUE(boost::range::equal(base_string, slice)); const epee::span<const std::uint8_t> original = epee::to_span(slice); + const epee::byte_slice empty_slice = slice.take_slice(0); + EXPECT_EQ(original.begin(), slice.begin()); + EXPECT_EQ(slice.begin(), slice.cbegin()); + EXPECT_EQ(original.end(), slice.end()); + EXPECT_EQ(slice.end(), slice.cend()); + + EXPECT_EQ(nullptr, empty_slice.begin()); + EXPECT_EQ(nullptr, empty_slice.cbegin()); + EXPECT_EQ(nullptr, empty_slice.end()); + EXPECT_EQ(nullptr, empty_slice.cend()); + EXPECT_EQ(nullptr, empty_slice.data()); + EXPECT_TRUE(empty_slice.empty()); + EXPECT_EQ(0u, empty_slice.size()); + + EXPECT_FALSE(slice.empty()); + EXPECT_EQ(slice.cbegin(), slice.data()); + const epee::byte_slice slice2 = slice.take_slice(remove_size); EXPECT_EQ(original.begin() + remove_size, slice.begin()); @@ -1061,6 +1078,20 @@ TEST(ByteStream, ToByteSlice) EXPECT_EQ(nullptr, stream.data()); EXPECT_EQ(nullptr, stream.tellp()); EXPECT_TRUE(equal(source, slice)); + + stream = epee::byte_stream{}; + stream.reserve(1); + EXPECT_NE(nullptr, stream.data()); + EXPECT_NE(nullptr, stream.tellp()); + + const epee::byte_slice empty_slice{std::move(stream)}; + EXPECT_TRUE(empty_slice.empty()); + EXPECT_EQ(0u, empty_slice.size()); + EXPECT_EQ(nullptr, empty_slice.begin()); + EXPECT_EQ(nullptr, empty_slice.cbegin()); + EXPECT_EQ(nullptr, empty_slice.end()); + EXPECT_EQ(nullptr, empty_slice.cend()); + EXPECT_EQ(nullptr, empty_slice.data()); } TEST(ToHex, String) |