mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-02-11 11:16:09 -05:00
fa4baf0756
This should make it easier for the fuzz engine to explore multisig code paths. See discussion in https://github.com/bitcoin/bitcoin/issues/23105 The downside is that all fuzz inputs that use ConsumeScript are now invalidated and need to be re-generated. Another downside may be that most multisig scripts from ConsumeScript are using likely not fully valid pubkeys.
69 lines
2.4 KiB
C++
69 lines
2.4 KiB
C++
// Copyright (c) 2009-2020 The Bitcoin Core developers
|
|
// Distributed under the MIT software license, see the accompanying
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
|
|
#include <pubkey.h>
|
|
#include <script/interpreter.h>
|
|
#include <test/fuzz/FuzzedDataProvider.h>
|
|
#include <test/fuzz/fuzz.h>
|
|
#include <test/fuzz/util.h>
|
|
#include <test/util/script.h>
|
|
|
|
#include <cstdint>
|
|
#include <limits>
|
|
#include <string>
|
|
#include <vector>
|
|
|
|
void initialize_signature_checker()
|
|
{
|
|
static const auto verify_handle = std::make_unique<ECCVerifyHandle>();
|
|
}
|
|
|
|
namespace {
|
|
class FuzzedSignatureChecker : public BaseSignatureChecker
|
|
{
|
|
FuzzedDataProvider& m_fuzzed_data_provider;
|
|
|
|
public:
|
|
explicit FuzzedSignatureChecker(FuzzedDataProvider& fuzzed_data_provider) : m_fuzzed_data_provider(fuzzed_data_provider)
|
|
{
|
|
}
|
|
|
|
bool CheckECDSASignature(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override
|
|
{
|
|
return m_fuzzed_data_provider.ConsumeBool();
|
|
}
|
|
|
|
bool CheckSchnorrSignature(Span<const unsigned char> sig, Span<const unsigned char> pubkey, SigVersion sigversion, const ScriptExecutionData& execdata, ScriptError* serror = nullptr) const override
|
|
{
|
|
return m_fuzzed_data_provider.ConsumeBool();
|
|
}
|
|
|
|
bool CheckLockTime(const CScriptNum& nLockTime) const override
|
|
{
|
|
return m_fuzzed_data_provider.ConsumeBool();
|
|
}
|
|
|
|
bool CheckSequence(const CScriptNum& nSequence) const override
|
|
{
|
|
return m_fuzzed_data_provider.ConsumeBool();
|
|
}
|
|
|
|
virtual ~FuzzedSignatureChecker() {}
|
|
};
|
|
} // namespace
|
|
|
|
FUZZ_TARGET_INIT(signature_checker, initialize_signature_checker)
|
|
{
|
|
FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
|
|
const unsigned int flags = fuzzed_data_provider.ConsumeIntegral<unsigned int>();
|
|
const SigVersion sig_version = fuzzed_data_provider.PickValueInArray({SigVersion::BASE, SigVersion::WITNESS_V0});
|
|
const auto script_1{ConsumeScript(fuzzed_data_provider)};
|
|
const auto script_2{ConsumeScript(fuzzed_data_provider)};
|
|
std::vector<std::vector<unsigned char>> stack;
|
|
(void)EvalScript(stack, script_1, flags, FuzzedSignatureChecker(fuzzed_data_provider), sig_version, nullptr);
|
|
if (!IsValidFlagCombination(flags)) {
|
|
return;
|
|
}
|
|
(void)VerifyScript(script_1, script_2, nullptr, flags, FuzzedSignatureChecker(fuzzed_data_provider), nullptr);
|
|
}
|