partial bitcoin#18047: Add basic fuzzing harness for CNetAddr/CServic…

…e/CSubNet related functions (netaddress.h)
kwvg · Jul 4, 2022 · f6f20da · f6f20da
1 parent dee4750
commit f6f20da
Show file tree

Hide file tree

Showing 3 changed files with 128 additions and 0 deletions.
diff --git a/src/Makefile.test.include b/src/Makefile.test.include
@@ -55,6 +55,7 @@ FUZZ_TARGETS = \
   test/fuzz/messageheader_deserialize \
   test/fuzz/multiplication_overflow \
   test/fuzz/netaddr_deserialize \
+  test/fuzz/netaddress \
   test/fuzz/out_point_deserialize \
   test/fuzz/p2p_transport_deserializer \
   test/fuzz/parse_hd_keypath \
@@ -592,6 +593,12 @@ test_fuzz_netaddr_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON)
 test_fuzz_netaddr_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) $(LDFLAGS_WRAP_EXCEPTIONS)
 test_fuzz_netaddr_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp
 
+test_fuzz_netaddress_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
+test_fuzz_netaddress_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
+test_fuzz_netaddress_LDADD = $(FUZZ_SUITE_LD_COMMON)
+test_fuzz_netaddress_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS) $(LDFLAGS_WRAP_EXCEPTIONS)
+test_fuzz_netaddress_SOURCES = $(FUZZ_SUITE) test/fuzz/netaddress.cpp
+
 test_fuzz_out_point_deserialize_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DOUT_POINT_DESERIALIZE=1
 test_fuzz_out_point_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
 test_fuzz_out_point_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON)

diff --git a/src/test/fuzz/netaddress.cpp b/src/test/fuzz/netaddress.cpp
@@ -0,0 +1,120 @@
+// Copyright (c) 2020 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <netaddress.h>
+#include <test/fuzz/FuzzedDataProvider.h>
+#include <test/fuzz/fuzz.h>
+
+#include <cassert>
+#include <cstdint>
+#include <netinet/in.h>
+#include <vector>
+
+namespace {
+CNetAddr ConsumeNetAddr(FuzzedDataProvider& fuzzed_data_provider) noexcept
+{
+    const Network network = fuzzed_data_provider.PickValueInArray({Network::NET_IPV4, Network::NET_IPV6, Network::NET_INTERNAL, Network::NET_ONION});
+    if (network == Network::NET_IPV4) {
+        const in_addr v4_addr = {
+            .s_addr = fuzzed_data_provider.ConsumeIntegral<uint32_t>()};
+        return CNetAddr{v4_addr};
+    } else if (network == Network::NET_IPV6) {
+        if (fuzzed_data_provider.remaining_bytes() < 16) {
+            return CNetAddr{};
+        }
+        in6_addr v6_addr = {};
+        memcpy(v6_addr.s6_addr, fuzzed_data_provider.ConsumeBytes<uint8_t>(16).data(), 16);
+        return CNetAddr{v6_addr, fuzzed_data_provider.ConsumeIntegral<uint32_t>()};
+    } else if (network == Network::NET_INTERNAL) {
+        CNetAddr net_addr;
+        net_addr.SetInternal(fuzzed_data_provider.ConsumeBytesAsString(32));
+        return net_addr;
+    } else if (network == Network::NET_ONION) {
+        CNetAddr net_addr;
+        net_addr.SetSpecial(fuzzed_data_provider.ConsumeBytesAsString(32));
+        return net_addr;
+    } else {
+        assert(false);
+    }
+}
+}; // namespace
+
+void test_one_input(const std::vector<uint8_t>& buffer)
+{
+    FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
+
+    const CNetAddr net_addr = ConsumeNetAddr(fuzzed_data_provider);
+    (void)net_addr.GetHash();
+    (void)net_addr.GetNetClass();
+    if (net_addr.GetNetwork() == Network::NET_IPV4) {
+        assert(net_addr.IsIPv4());
+    }
+    if (net_addr.GetNetwork() == Network::NET_IPV6) {
+        assert(net_addr.IsIPv6());
+    }
+    if (net_addr.GetNetwork() == Network::NET_ONION) {
+        assert(net_addr.IsTor());
+    }
+    if (net_addr.GetNetwork() == Network::NET_INTERNAL) {
+        assert(net_addr.IsInternal());
+    }
+    if (net_addr.GetNetwork() == Network::NET_UNROUTABLE) {
+        assert(!net_addr.IsRoutable());
+    }
+    (void)net_addr.IsBindAny();
+    if (net_addr.IsInternal()) {
+        assert(net_addr.GetNetwork() == Network::NET_INTERNAL);
+    }
+    if (net_addr.IsIPv4()) {
+        assert(net_addr.GetNetwork() == Network::NET_IPV4 || net_addr.GetNetwork() == Network::NET_UNROUTABLE);
+    }
+    if (net_addr.IsIPv6()) {
+        assert(net_addr.GetNetwork() == Network::NET_IPV6 || net_addr.GetNetwork() == Network::NET_UNROUTABLE);
+    }
+    (void)net_addr.IsLocal();
+    if (net_addr.IsRFC1918() || net_addr.IsRFC2544() || net_addr.IsRFC6598() || net_addr.IsRFC5737() || net_addr.IsRFC3927()) {
+        assert(net_addr.IsIPv4());
+    }
+    (void)net_addr.IsRFC2544();
+    if (net_addr.IsRFC3849() || net_addr.IsRFC3964() || net_addr.IsRFC4380() || net_addr.IsRFC4843() || net_addr.IsRFC7343() || net_addr.IsRFC4862() || net_addr.IsRFC6052() || net_addr.IsRFC6145()) {
+        assert(net_addr.IsIPv6());
+    }
+    (void)net_addr.IsRFC3927();
+    (void)net_addr.IsRFC3964();
+    if (net_addr.IsRFC4193()) {
+        assert(net_addr.GetNetwork() == Network::NET_ONION || net_addr.GetNetwork() == Network::NET_INTERNAL || net_addr.GetNetwork() == Network::NET_UNROUTABLE);
+    }
+    (void)net_addr.IsRFC4380();
+    (void)net_addr.IsRFC4843();
+    (void)net_addr.IsRFC4862();
+    (void)net_addr.IsRFC5737();
+    (void)net_addr.IsRFC6052();
+    (void)net_addr.IsRFC6145();
+    (void)net_addr.IsRFC6598();
+    (void)net_addr.IsRFC7343();
+    if (!net_addr.IsRoutable()) {
+        assert(net_addr.GetNetwork() == Network::NET_UNROUTABLE || net_addr.GetNetwork() == Network::NET_INTERNAL);
+    }
+    if (net_addr.IsTor()) {
+        assert(net_addr.GetNetwork() == Network::NET_ONION);
+    }
+    (void)net_addr.IsValid();
+    (void)net_addr.ToString();
+    (void)net_addr.ToStringIP();
+
+    const CSubNet sub_net{net_addr, fuzzed_data_provider.ConsumeIntegral<uint8_t>()};
+    (void)sub_net.IsValid();
+    (void)sub_net.ToString();
+
+    const CService service{net_addr, fuzzed_data_provider.ConsumeIntegral<uint16_t>()};
+    (void)service.GetKey();
+    (void)service.GetPort();
+    (void)service.ToString();
+    (void)service.ToStringIPPort();
+    (void)service.ToStringPort();
+
+    const CNetAddr other_net_addr = ConsumeNetAddr(fuzzed_data_provider);
+    (void)net_addr.GetReachabilityFrom(&other_net_addr);
+    (void)sub_net.Match(other_net_addr);
+}
diff --git a/test/fuzz/test_runner.py b/test/fuzz/test_runner.py
@@ -33,6 +33,7 @@
     "key_origin_info_deserialize",
     "locale",
     "merkle_block_deserialize",
+    "netaddress",
     "out_point_deserialize",
     "p2p_transport_deserializer",
     "parse_hd_keypath",