diff options
| -rw-r--r-- | CMakeLists.txt | 12 | ||||
| -rw-r--r-- | contrib/epee/include/console_handler.h | 4 | ||||
| -rw-r--r-- | contrib/epee/include/storages/levin_abstract_invoke2.h | 8 | ||||
| -rw-r--r-- | src/checkpoints/checkpoints.cpp | 4 | ||||
| -rw-r--r-- | src/device_trezor/trezor/transport.cpp | 2 | ||||
| -rw-r--r-- | tests/core_tests/chaingen.h | 4 | ||||
| -rw-r--r-- | tests/fuzz/CMakeLists.txt | 36 | ||||
| -rw-r--r-- | tests/fuzz/base58.cpp | 49 | ||||
| -rw-r--r-- | tests/fuzz/block.cpp | 36 | ||||
| -rw-r--r-- | tests/fuzz/bulletproof.cpp | 39 | ||||
| -rw-r--r-- | tests/fuzz/cold-outputs.cpp | 79 | ||||
| -rw-r--r-- | tests/fuzz/cold-transaction.cpp | 81 | ||||
| -rw-r--r-- | tests/fuzz/fuzzer.cpp | 4 | ||||
| -rw-r--r-- | tests/fuzz/fuzzer.h | 100 | ||||
| -rw-r--r-- | tests/fuzz/http-client.cpp | 49 | ||||
| -rw-r--r-- | tests/fuzz/levin.cpp | 49 | ||||
| -rw-r--r-- | tests/fuzz/load_from_binary.cpp | 48 | ||||
| -rw-r--r-- | tests/fuzz/load_from_json.cpp | 48 | ||||
| -rw-r--r-- | tests/fuzz/parse_url.cpp | 48 | ||||
| -rw-r--r-- | tests/fuzz/signature.cpp | 66 | ||||
| -rw-r--r-- | tests/fuzz/transaction.cpp | 36 |
21 files changed, 249 insertions, 553 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index d9ec866e4..4fcf782aa 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -262,6 +262,12 @@ else() endif() option(BUILD_DEBUG_UTILITIES "Build debug utilities." DEFAULT_BUILD_DEBUG_UTILITIES) +if(OSSFUZZ) + message(STATUS "Using OSS-Fuzz fuzzing system") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DOSSFUZZ") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DOSSFUZZ") +endif() + # Check whether we're on a 32-bit or 64-bit system if(CMAKE_SIZEOF_VOID_P EQUAL "8") set(DEFAULT_BUILD_64 ON) @@ -646,7 +652,8 @@ else() endif() # linker - if (NOT (WIN32 AND (CMAKE_C_COMPILER_ID STREQUAL "GNU" AND CMAKE_C_COMPILER_VERSION VERSION_LESS 9.1))) + if (NOT SANITIZE AND NOT (WIN32 AND (CMAKE_C_COMPILER_ID STREQUAL "GNU" AND CMAKE_C_COMPILER_VERSION VERSION_LESS 9.1))) + # PIE executables randomly crash at startup with ASAN # Windows binaries die on startup with PIE when compiled with GCC <9.x add_linker_flag_if_supported(-pie LD_SECURITY_FLAGS) endif() @@ -768,7 +775,8 @@ else() endif(ARM) - if(ANDROID AND NOT BUILD_GUI_DEPS STREQUAL "ON" OR IOS) + # random crash on startup when asan is on if pie is enabled + if(NOT SANITIZE AND ANDROID AND NOT BUILD_GUI_DEPS STREQUAL "ON" OR IOS) #From Android 5: "only position independent executables (PIE) are supported" message(STATUS "Enabling PIE executable") set(PIC_FLAG "") diff --git a/contrib/epee/include/console_handler.h b/contrib/epee/include/console_handler.h index a7788aeb8..a58850557 100644 --- a/contrib/epee/include/console_handler.h +++ b/contrib/epee/include/console_handler.h @@ -465,7 +465,7 @@ eof: bool run_default_console_handler_no_srv_param(t_server* ptsrv, t_handler handlr, std::function<std::string(void)> prompt, const std::string& usage = "") { async_console_handler console_handler; - return console_handler.run(ptsrv, boost::bind<bool>(no_srv_param_adapter<t_server, t_handler>, _1, _2, handlr), prompt, usage); + return console_handler.run(ptsrv, boost::bind<bool>(no_srv_param_adapter<t_server, t_handler>, boost::placeholders::_1, boost::placeholders::_2, handlr), prompt, usage); } template<class t_server, class t_handler> @@ -634,7 +634,7 @@ eof: bool run_handling(std::function<std::string(void)> prompt, const std::string& usage_string, std::function<void(void)> exit_handler = NULL) { - return m_console_handler.run(boost::bind(&console_handlers_binder::process_command_str, this, _1), prompt, usage_string, exit_handler); + return m_console_handler.run(boost::bind(&console_handlers_binder::process_command_str, this, boost::placeholders::_1), prompt, usage_string, exit_handler); } void print_prompt() diff --git a/contrib/epee/include/storages/levin_abstract_invoke2.h b/contrib/epee/include/storages/levin_abstract_invoke2.h index b18e04a27..de8107781 100644 --- a/contrib/epee/include/storages/levin_abstract_invoke2.h +++ b/contrib/epee/include/storages/levin_abstract_invoke2.h @@ -294,20 +294,20 @@ namespace epee #define HANDLE_INVOKE2(command_id, func, type_name_in, typename_out) \ if(!is_notify && command_id == command) \ - {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, type_name_in, typename_out>(this, command, in_buff, buff_out, boost::bind(func, this, _1, _2, _3, _4), context);} + {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, type_name_in, typename_out>(this, command, in_buff, buff_out, boost::bind(func, this, boost::placeholders::_1, boost::placeholders::_2, boost::placeholders::_3, boost::placeholders::_4), context);} #define HANDLE_INVOKE_T2(COMMAND, func) \ if(!is_notify && COMMAND::ID == command) \ - {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, typename COMMAND::request, typename COMMAND::response>(command, in_buff, buff_out, boost::bind(func, this, _1, _2, _3, _4), context);} + {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, typename COMMAND::request, typename COMMAND::response>(command, in_buff, buff_out, boost::bind(func, this, boost::placeholders::_1, boost::placeholders::_2, boost::placeholders::_3, boost::placeholders::_4), context);} #define HANDLE_NOTIFY2(command_id, func, type_name_in) \ if(is_notify && command_id == command) \ - {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, type_name_in>(this, command, in_buff, boost::bind(func, this, _1, _2, _3), context);} + {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, type_name_in>(this, command, in_buff, boost::bind(func, this, boost::placeholders::_1, boost::placeholders::_2, boost::placeholders::_3), context);} #define HANDLE_NOTIFY_T2(NOTIFY, func) \ if(is_notify && NOTIFY::ID == command) \ - {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, typename NOTIFY::request>(this, command, in_buff, boost::bind(func, this, _1, _2, _3), context);} + {handled=true;return epee::net_utils::buff_to_t_adapter<internal_owner_type_name, typename NOTIFY::request>(this, command, in_buff, boost::bind(func, this, boost::placeholders::_1, boost::placeholders::_2, boost::placeholders::_3), context);} #define CHAIN_INVOKE_MAP2(func) \ diff --git a/src/checkpoints/checkpoints.cpp b/src/checkpoints/checkpoints.cpp index 4a4b3c5c2..852e21318 100644 --- a/src/checkpoints/checkpoints.cpp +++ b/src/checkpoints/checkpoints.cpp @@ -135,8 +135,8 @@ namespace cryptonote { std::map< uint64_t, crypto::hash >::const_iterator highest = std::max_element( m_points.begin(), m_points.end(), - ( boost::bind(&std::map< uint64_t, crypto::hash >::value_type::first, _1) < - boost::bind(&std::map< uint64_t, crypto::hash >::value_type::first, _2 ) ) ); + ( boost::bind(&std::map< uint64_t, crypto::hash >::value_type::first, boost::placeholders::_1) < + boost::bind(&std::map< uint64_t, crypto::hash >::value_type::first, boost::placeholders::_2 ) ) ); return highest->first; } //--------------------------------------------------------------------------- diff --git a/src/device_trezor/trezor/transport.cpp b/src/device_trezor/trezor/transport.cpp index 52bee6c6c..51396d90a 100644 --- a/src/device_trezor/trezor/transport.cpp +++ b/src/device_trezor/trezor/transport.cpp @@ -711,7 +711,7 @@ namespace trezor{ // Start the asynchronous operation itself. The handle_receive function // used as a callback will update the ec and length variables. m_socket->async_receive_from(boost::asio::buffer(buffer), m_endpoint, - boost::bind(&UdpTransport::handle_receive, _1, _2, &ec, &length)); + boost::bind(&UdpTransport::handle_receive, boost::placeholders::_1, boost::placeholders::_2, &ec, &length)); // Block until the asynchronous operation has completed. do { diff --git a/tests/core_tests/chaingen.h b/tests/core_tests/chaingen.h index 453ee923d..441f483ed 100644 --- a/tests/core_tests/chaingen.h +++ b/tests/core_tests/chaingen.h @@ -856,10 +856,10 @@ inline bool do_replay_file(const std::string& filename) } #define REGISTER_CALLBACK(CB_NAME, CLBACK) \ - register_callback(CB_NAME, boost::bind(&CLBACK, this, _1, _2, _3)); + register_callback(CB_NAME, boost::bind(&CLBACK, this, boost::placeholders::_1, boost::placeholders::_2, boost::placeholders::_3)); #define REGISTER_CALLBACK_METHOD(CLASS, METHOD) \ - register_callback(#METHOD, boost::bind(&CLASS::METHOD, this, _1, _2, _3)); + register_callback(#METHOD, boost::bind(&CLASS::METHOD, this, boost::placeholders::_1, boost::placeholders::_2, boost::placeholders::_3)); #define MAKE_GENESIS_BLOCK(VEC_EVENTS, BLK_NAME, MINER_ACC, TS) \ test_generator generator; \ diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt index a6ef139f5..8654d41d5 100644 --- a/tests/fuzz/CMakeLists.txt +++ b/tests/fuzz/CMakeLists.txt @@ -34,7 +34,8 @@ target_link_libraries(block_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET block_fuzz_tests PROPERTY FOLDER "tests") @@ -47,7 +48,8 @@ target_link_libraries(transaction_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET transaction_fuzz_tests PROPERTY FOLDER "tests") @@ -61,7 +63,8 @@ target_link_libraries(signature_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET signature_fuzz_tests PROPERTY FOLDER "tests") @@ -75,7 +78,8 @@ target_link_libraries(cold-outputs_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET cold-outputs_fuzz_tests PROPERTY FOLDER "tests") @@ -89,7 +93,8 @@ target_link_libraries(cold-transaction_fuzz_tests epee device ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET cold-transaction_fuzz_tests PROPERTY FOLDER "tests") @@ -101,7 +106,8 @@ target_link_libraries(load-from-binary_fuzz_tests epee ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET load-from-binary_fuzz_tests PROPERTY FOLDER "tests") @@ -113,7 +119,8 @@ target_link_libraries(load-from-json_fuzz_tests epee ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET load-from-json_fuzz_tests PROPERTY FOLDER "tests") @@ -125,7 +132,8 @@ target_link_libraries(base58_fuzz_tests epee ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET base58_fuzz_tests PROPERTY FOLDER "tests") @@ -138,7 +146,8 @@ target_link_libraries(parse-url_fuzz_tests ${Boost_PROGRAM_OPTIONS_LIBRARY} ${Boost_SYSTEM_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET parse-url_fuzz_tests PROPERTY FOLDER "tests") @@ -153,7 +162,8 @@ target_link_libraries(http-client_fuzz_tests ${Boost_PROGRAM_OPTIONS_LIBRARY} ${Boost_SYSTEM_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET http-client_fuzz_tests PROPERTY FOLDER "tests") @@ -168,7 +178,8 @@ target_link_libraries(levin_fuzz_tests ${Boost_REGEX_LIBRARY} ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET levin_fuzz_tests PROPERTY FOLDER "tests") @@ -183,7 +194,8 @@ target_link_libraries(bulletproof_fuzz_tests ${Boost_REGEX_LIBRARY} ${Boost_PROGRAM_OPTIONS_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} - ${EXTRA_LIBRARIES}) + ${EXTRA_LIBRARIES} + $ENV{LIB_FUZZING_ENGINE}) set_property(TARGET bulletproof_fuzz_tests PROPERTY FOLDER "tests") diff --git a/tests/fuzz/base58.cpp b/tests/fuzz/base58.cpp index 5f909a5d9..08fa402dd 100644 --- a/tests/fuzz/base58.cpp +++ b/tests/fuzz/base58.cpp @@ -27,50 +27,13 @@ // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include "include_base_utils.h" -#include "file_io_utils.h" #include "common/base58.h" #include "fuzzer.h" -class Base58Fuzzer: public Fuzzer -{ -public: - Base58Fuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); -}; - -int Base58Fuzzer::init() -{ - return 0; -} - -int Base58Fuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - std::string data; - tools::base58::decode(s, data); - } - catch (const std::exception &e) - { - std::cerr << "Failed to load from binary: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - Base58Fuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + std::string data; + tools::base58::decode(std::string((const char*)buf, len), data); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/block.cpp b/tests/fuzz/block.cpp index 850c58890..44818f8cd 100644 --- a/tests/fuzz/block.cpp +++ b/tests/fuzz/block.cpp @@ -33,36 +33,10 @@ #include "cryptonote_basic/cryptonote_format_utils.h" #include "fuzzer.h" -class BlockFuzzer: public Fuzzer -{ -public: - virtual int run(const std::string &filename); +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() -private: -}; - -int BlockFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } +BEGIN_SIMPLE_FUZZER() cryptonote::block b = AUTO_VAL_INIT(b); - if(!parse_and_validate_block_from_blob(s, b)) - { - std::cout << "Error: failed to parse block from file " << filename << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - BlockFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} + parse_and_validate_block_from_blob(std::string((const char*)buf, len), b); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/bulletproof.cpp b/tests/fuzz/bulletproof.cpp index e9a6ded7d..7e58770ca 100644 --- a/tests/fuzz/bulletproof.cpp +++ b/tests/fuzz/bulletproof.cpp @@ -33,40 +33,13 @@ #include "cryptonote_basic/cryptonote_format_utils.h" #include "fuzzer.h" -class BulletproofFuzzer: public Fuzzer -{ -public: - virtual int run(const std::string &filename); +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() -private: -}; - -int BulletproofFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } +BEGIN_SIMPLE_FUZZER() std::stringstream ss; - ss << s; + ss << std::string((const char*)buf, len); binary_archive<false> ba(ss); rct::Bulletproof proof = AUTO_VAL_INIT(proof); - bool r = ::serialization::serialize(ba, proof); - if(!r) - { - std::cout << "Error: failed to parse bulletproof from file " << filename << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - BulletproofFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} + ::serialization::serialize(ba, proof); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/cold-outputs.cpp b/tests/fuzz/cold-outputs.cpp index f4050c948..af0a33422 100644 --- a/tests/fuzz/cold-outputs.cpp +++ b/tests/fuzz/cold-outputs.cpp @@ -34,70 +34,25 @@ #include "wallet/wallet2.h" #include "fuzzer.h" -class ColdOutputsFuzzer: public Fuzzer -{ -public: - ColdOutputsFuzzer(): wallet(cryptonote::TESTNET) {} - virtual int init(); - virtual int run(const std::string &filename); +static tools::wallet2 wallet; -private: - tools::wallet2 wallet; -}; - -int ColdOutputsFuzzer::init() -{ +BEGIN_INIT_SIMPLE_FUZZER() static const char * const spendkey_hex = "0b4f47697ec99c3de6579304e5f25c68b07afbe55b71d99620bf6cbf4e45a80f"; crypto::secret_key spendkey; epee::string_tools::hex_to_pod(spendkey_hex, spendkey); - try - { - wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); - wallet.set_subaddress_lookahead(1, 1); - wallet.generate("", "", spendkey, true, false); - } - catch (const std::exception &e) - { - std::cerr << "Error on ColdOutputsFuzzer::init: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int ColdOutputsFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - s = std::string("\x01\x16serialization::archive") + s; - try - { - std::pair<size_t, std::vector<tools::wallet2::transfer_details>> outputs; - std::stringstream iss; - iss << s; - boost::archive::portable_binary_iarchive ar(iss); - ar >> outputs; - size_t n_outputs = wallet.import_outputs(outputs); - std::cout << boost::lexical_cast<std::string>(n_outputs) << " outputs imported" << std::endl; - } - catch (const std::exception &e) - { - std::cerr << "Failed to import outputs: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - ColdOutputsFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} - + wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); + wallet.set_subaddress_lookahead(1, 1); + wallet.generate("", "", spendkey, true, false); +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + std::string s = std::string("\x01\x16serialization::archive") + std::string((const char*)buf, len); + std::pair<size_t, std::vector<tools::wallet2::transfer_details>> outputs; + std::stringstream iss; + iss << s; + boost::archive::portable_binary_iarchive ar(iss); + ar >> outputs; + size_t n_outputs = wallet.import_outputs(outputs); + std::cout << boost::lexical_cast<std::string>(n_outputs) << " outputs imported" << std::endl; +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/cold-transaction.cpp b/tests/fuzz/cold-transaction.cpp index 08117281b..9808362e4 100644 --- a/tests/fuzz/cold-transaction.cpp +++ b/tests/fuzz/cold-transaction.cpp @@ -34,71 +34,26 @@ #include "wallet/wallet2.h" #include "fuzzer.h" -class ColdTransactionFuzzer: public Fuzzer -{ -public: - ColdTransactionFuzzer(): wallet(cryptonote::TESTNET) {} - virtual int init(); - virtual int run(const std::string &filename); +static tools::wallet2 wallet; -private: - tools::wallet2 wallet; -}; - - -int ColdTransactionFuzzer::init() -{ +BEGIN_INIT_SIMPLE_FUZZER() static const char * const spendkey_hex = "0b4f47697ec99c3de6579304e5f25c68b07afbe55b71d99620bf6cbf4e45a80f"; crypto::secret_key spendkey; epee::string_tools::hex_to_pod(spendkey_hex, spendkey); - try - { - wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); - wallet.set_subaddress_lookahead(1, 1); - wallet.generate("", "", spendkey, true, false); - } - catch (const std::exception &e) - { - std::cerr << "Error on ColdTransactionFuzzer::init: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int ColdTransactionFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - s = std::string("\x01\x16serialization::archive") + s; - try - { - tools::wallet2::unsigned_tx_set exported_txs; - std::stringstream iss; - iss << s; - boost::archive::portable_binary_iarchive ar(iss); - ar >> exported_txs; - std::vector<tools::wallet2::pending_tx> ptx; - bool success = wallet.sign_tx(exported_txs, "/tmp/cold-transaction-test-signed", ptx); - std::cout << (success ? "signed" : "error") << std::endl; - } - catch (const std::exception &e) - { - std::cerr << "Failed to sign transaction: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - ColdTransactionFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} + wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); + wallet.set_subaddress_lookahead(1, 1); + wallet.generate("", "", spendkey, true, false); +END_INIT_SIMPLE_FUZZER() + +BEGIN_SIMPLE_FUZZER() + std::string s = std::string("\x01\x16serialization::archive") + std::string((const char*)buf, len); + tools::wallet2::unsigned_tx_set exported_txs; + std::stringstream iss; + iss << s; + boost::archive::portable_binary_iarchive ar(iss); + ar >> exported_txs; + std::vector<tools::wallet2::pending_tx> ptx; + bool success = wallet.sign_tx(exported_txs, "/tmp/cold-transaction-test-signed", ptx); + std::cout << (success ? "signed" : "error") << std::endl; +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/fuzzer.cpp b/tests/fuzz/fuzzer.cpp index 24db5ee05..0d2366263 100644 --- a/tests/fuzz/fuzzer.cpp +++ b/tests/fuzz/fuzzer.cpp @@ -33,6 +33,8 @@ #include "common/util.h" #include "fuzzer.h" +#ifndef OSSFUZZ + #if (!defined(__clang__) || (__clang__ < 5)) static int __AFL_LOOP(int) { @@ -74,3 +76,5 @@ int run_fuzzer(int argc, const char **argv, Fuzzer &fuzzer) CATCH_ENTRY_L0("run_fuzzer", 1); } + +#endif diff --git a/tests/fuzz/fuzzer.h b/tests/fuzz/fuzzer.h index 5cbd1abc2..2d0a29dfc 100644 --- a/tests/fuzz/fuzzer.h +++ b/tests/fuzz/fuzzer.h @@ -27,6 +27,52 @@ // THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include <string> +#include "file_io_utils.h" + +#ifdef OSSFUZZ + +#define BEGIN_INIT_SIMPLE_FUZZER() \ + static int init() \ + { \ + try \ + { + +#define END_INIT_SIMPLE_FUZZER() \ + } \ + catch (const std::exception &e) \ + { \ + fprintf(stderr, "Exception: %s\n", e.what()); \ + return 1; \ + } \ + return 0; \ + } + +#define BEGIN_SIMPLE_FUZZER() \ +extern "C" { \ + int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) \ + { \ + try \ + { \ + static bool first = true; \ + if (first) \ + { \ + if (!init()) \ + return 1; \ + first = false; \ + } \ + +#define END_SIMPLE_FUZZER() \ + } \ + catch (const std::exception &e) \ + { \ + fprintf(stderr, "Exception: %s\n", e.what()); \ + return 1; \ + } \ + return 0; \ + } \ +} + +#else class Fuzzer { @@ -36,3 +82,57 @@ public: }; int run_fuzzer(int argc, const char **argv, Fuzzer &fuzzer); + +#define BEGIN_INIT_SIMPLE_FUZZER() \ + class SimpleFuzzer: public Fuzzer \ + { \ + virtual int init() \ + { \ + try \ + { + +#define END_INIT_SIMPLE_FUZZER() \ + } \ + catch (const std::exception &e) \ + { \ + fprintf(stderr, "Exception: %s\n", e.what()); \ + return 1; \ + } \ + return 0; \ + } + +#define BEGIN_SIMPLE_FUZZER() \ + virtual int run(const std::string &filename) \ + { \ + try \ + { \ + std::string s; \ + if (!epee::file_io_utils::load_file_to_string(filename, s)) \ + { \ + std::cout << "Error: failed to load file " << filename << std::endl; \ + return 1; \ + } \ + const uint8_t *buf = (const uint8_t*)s.data(); \ + const size_t len = s.size(); \ + { + +#define END_SIMPLE_FUZZER() \ + } \ + } \ + catch (const std::exception &e) \ + { \ + fprintf(stderr, "Exception: %s\n", e.what()); \ + return 1; \ + } \ + return 0; \ + } \ + }; \ + int main(int argc, const char **argv) \ + { \ + TRY_ENTRY(); \ + SimpleFuzzer fuzzer; \ + return run_fuzzer(argc, argv, fuzzer); \ + CATCH_ENTRY_L0("main", 1); \ + } + +#endif diff --git a/tests/fuzz/http-client.cpp b/tests/fuzz/http-client.cpp index ea6d5a2ad..1801affee 100644 --- a/tests/fuzz/http-client.cpp +++ b/tests/fuzz/http-client.cpp @@ -58,48 +58,11 @@ private: std::string data; }; -class HTTPClientFuzzer: public Fuzzer -{ -public: - HTTPClientFuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); - -private: - epee::net_utils::http::http_simple_client_template<dummy_client> client; -}; - -int HTTPClientFuzzer::init() -{ - return 0; -} - -int HTTPClientFuzzer::run(const std::string &filename) -{ - std::string s; +static epee::net_utils::http::http_simple_client_template<dummy_client> client; - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - client.test(s, std::chrono::milliseconds(1000)); - } - catch (const std::exception &e) - { - std::cerr << "Failed to test http client: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - HTTPClientFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + client.test(std::string((const char*)buf, len), std::chrono::milliseconds(1000)); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/levin.cpp b/tests/fuzz/levin.cpp index 6c16a0a85..ab7bbb6da 100644 --- a/tests/fuzz/levin.cpp +++ b/tests/fuzz/levin.cpp @@ -279,26 +279,10 @@ namespace #endif } -class LevinFuzzer: public Fuzzer -{ -public: - LevinFuzzer() {} //: handler(endpoint, config, context) {} - virtual int init(); - virtual int run(const std::string &filename); - -private: - //epee::net_utils::connection_context_base context; - //epee::levin::async_protocol_handler<> handler; -}; +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() -int LevinFuzzer::init() -{ - return 0; -} - -int LevinFuzzer::run(const std::string &filename) -{ - std::string s; +BEGIN_SIMPLE_FUZZER() #if 0 epee::levin::bucket_head2 req_head; @@ -313,13 +297,6 @@ int LevinFuzzer::run(const std::string &filename) fwrite(&req_head,sizeof(req_head),1, f); fclose(f); #endif - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { //std::unique_ptr<test_connection> conn = new test(); boost::asio::io_service io_service; test_levin_protocol_handler_config m_handler_config; @@ -329,21 +306,5 @@ int LevinFuzzer::run(const std::string &filename) conn->start(); //m_commands_handler.invoke_out_buf(expected_out_data); //m_commands_handler.return_code(expected_return_code); - conn->m_protocol_handler.handle_recv(s.data(), s.size()); - } - catch (const std::exception &e) - { - std::cerr << "Failed to test http client: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - LevinFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} - + conn->m_protocol_handler.handle_recv(buf, len); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/load_from_binary.cpp b/tests/fuzz/load_from_binary.cpp index 85b7361e5..b185df522 100644 --- a/tests/fuzz/load_from_binary.cpp +++ b/tests/fuzz/load_from_binary.cpp @@ -33,46 +33,10 @@ #include "storages/portable_storage_base.h" #include "fuzzer.h" -class PortableStorageFuzzer: public Fuzzer -{ -public: - PortableStorageFuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); -}; - -int PortableStorageFuzzer::init() -{ - return 0; -} - -int PortableStorageFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - epee::serialization::portable_storage ps; - ps.load_from_binary(s); - } - catch (const std::exception &e) - { - std::cerr << "Failed to load from binary: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - PortableStorageFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + epee::serialization::portable_storage ps; + ps.load_from_binary(std::string((const char*)buf, len)); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/load_from_json.cpp b/tests/fuzz/load_from_json.cpp index 3ba98050b..0252360ba 100644 --- a/tests/fuzz/load_from_json.cpp +++ b/tests/fuzz/load_from_json.cpp @@ -33,46 +33,10 @@ #include "storages/portable_storage_base.h" #include "fuzzer.h" -class PortableStorageFuzzer: public Fuzzer -{ -public: - PortableStorageFuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); -}; - -int PortableStorageFuzzer::init() -{ - return 0; -} - -int PortableStorageFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - epee::serialization::portable_storage ps; - ps.load_from_json(s); - } - catch (const std::exception &e) - { - std::cerr << "Failed to load from binary: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - PortableStorageFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + epee::serialization::portable_storage ps; + ps.load_from_json(std::string((const char*)buf, len)); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/parse_url.cpp b/tests/fuzz/parse_url.cpp index 3db78f9d9..41f4319a6 100644 --- a/tests/fuzz/parse_url.cpp +++ b/tests/fuzz/parse_url.cpp @@ -31,46 +31,10 @@ #include "net/net_parse_helpers.h" #include "fuzzer.h" -class ParseURLFuzzer: public Fuzzer -{ -public: - ParseURLFuzzer() {} - virtual int init(); - virtual int run(const std::string &filename); -}; - -int ParseURLFuzzer::init() -{ - return 0; -} - -int ParseURLFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } - try - { - epee::net_utils::http::url_content url; - epee::net_utils::parse_url(s, url); - } - catch (const std::exception &e) - { - std::cerr << "Failed to load from binary: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - ParseURLFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() +BEGIN_SIMPLE_FUZZER() + epee::net_utils::http::url_content url; + epee::net_utils::parse_url(std::string((const char*)buf, len), url); +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/signature.cpp b/tests/fuzz/signature.cpp index 038378ae2..cd65e42d0 100644 --- a/tests/fuzz/signature.cpp +++ b/tests/fuzz/signature.cpp @@ -34,66 +34,28 @@ #include "wallet/wallet2.h" #include "fuzzer.h" -class SignatureFuzzer: public Fuzzer -{ -public: - SignatureFuzzer(): Fuzzer(), wallet(cryptonote::TESTNET) {} - virtual int init(); - virtual int run(const std::string &filename); +static tools::wallet2 wallet(cryptonote::TESTNET); +static cryptonote::account_public_address address; -private: - tools::wallet2 wallet; - cryptonote::account_public_address address; -}; - -int SignatureFuzzer::init() -{ +BEGIN_INIT_SIMPLE_FUZZER() static const char * const spendkey_hex = "0b4f47697ec99c3de6579304e5f25c68b07afbe55b71d99620bf6cbf4e45a80f"; crypto::secret_key spendkey; epee::string_tools::hex_to_pod(spendkey_hex, spendkey); - try - { - wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); - wallet.set_subaddress_lookahead(1, 1); - wallet.generate("", "", spendkey, true, false); - - cryptonote::address_parse_info info; - if (!cryptonote::get_account_address_from_str_or_url(info, cryptonote::TESTNET, "9uVsvEryzpN8WH2t1WWhFFCG5tS8cBNdmJYNRuckLENFimfauV5pZKeS1P2CbxGkSDTUPHXWwiYE5ZGSXDAGbaZgDxobqDN")) - { - std::cerr << "failed to parse address" << std::endl; - return 1; - } - address = info.address; - } - catch (const std::exception &e) - { - std::cerr << "Error on SignatureFuzzer::init: " << e.what() << std::endl; - return 1; - } - return 0; -} - -int SignatureFuzzer::run(const std::string &filename) -{ - std::string s; + wallet.init("", boost::none, boost::asio::ip::tcp::endpoint{}, 0, true, epee::net_utils::ssl_support_t::e_ssl_support_disabled); + wallet.set_subaddress_lookahead(1, 1); + wallet.generate("", "", spendkey, true, false); - if (!epee::file_io_utils::load_file_to_string(filename, s)) + cryptonote::address_parse_info info; + if (!cryptonote::get_account_address_from_str_or_url(info, cryptonote::TESTNET, "9uVsvEryzpN8WH2t1WWhFFCG5tS8cBNdmJYNRuckLENFimfauV5pZKeS1P2CbxGkSDTUPHXWwiYE5ZGSXDAGbaZgDxobqDN")) { - std::cout << "Error: failed to load file " << filename << std::endl; + std::cerr << "failed to parse address" << std::endl; return 1; } + address = info.address; +END_INIT_SIMPLE_FUZZER() - bool valid = wallet.verify("test", address, s); +BEGIN_SIMPLE_FUZZER() + bool valid = wallet.verify("test", address, std::string((const char*)buf, len)); std::cout << "Signature " << (valid ? "valid" : "invalid") << std::endl; - - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - SignatureFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} +END_SIMPLE_FUZZER() diff --git a/tests/fuzz/transaction.cpp b/tests/fuzz/transaction.cpp index 0f62888a1..1e4a61a78 100644 --- a/tests/fuzz/transaction.cpp +++ b/tests/fuzz/transaction.cpp @@ -33,36 +33,10 @@ #include "cryptonote_basic/cryptonote_format_utils.h" #include "fuzzer.h" -class TransactionFuzzer: public Fuzzer -{ -public: - virtual int run(const std::string &filename); +BEGIN_INIT_SIMPLE_FUZZER() +END_INIT_SIMPLE_FUZZER() -private: -}; - -int TransactionFuzzer::run(const std::string &filename) -{ - std::string s; - - if (!epee::file_io_utils::load_file_to_string(filename, s)) - { - std::cout << "Error: failed to load file " << filename << std::endl; - return 1; - } +BEGIN_SIMPLE_FUZZER() cryptonote::transaction tx = AUTO_VAL_INIT(tx); - if(!parse_and_validate_tx_from_blob(s, tx)) - { - std::cout << "Error: failed to parse transaction from file " << filename << std::endl; - return 1; - } - return 0; -} - -int main(int argc, const char **argv) -{ - TRY_ENTRY(); - TransactionFuzzer fuzzer; - return run_fuzzer(argc, argv, fuzzer); - CATCH_ENTRY_L0("main", 1); -} + parse_and_validate_tx_from_blob(std::string((const char*)buf, len), tx); +END_SIMPLE_FUZZER() |