Skip to content

Commit

Permalink
Merge pull request LedgerHQ#86 from lightsail-network/new-release (B2…
Browse files Browse the repository at this point in the history
…CA-1730)

New release
  • Loading branch information
tdejoigny-ledger authored Jul 26, 2024
2 parents 499a9e2 + 5081293 commit d589163
Show file tree
Hide file tree
Showing 2,425 changed files with 1,334 additions and 726 deletions.
46 changes: 33 additions & 13 deletions .github/workflows/cflite_batch.yml
Original file line number Diff line number Diff line change
@@ -1,33 +1,53 @@
name: ClusterFuzzLite batch fuzzing
name: ClusterFuzzLite cron tasks
on:
workflow_dispatch:
inputs:
fuzz-seconds:
description: "Number of seconds to run fuzzers"
required: false
default: "600"
push:
branches:
- develop # Use your actual default branch here.
schedule:
- cron: "0 8 * * 1" # At 08:00 on Monday.
permissions: read-all
jobs:
BatchFuzzing:
Fuzzing:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
sanitizer: [address, undefined, memory]
include:
- mode: batch
sanitizer: address
- mode: batch
sanitizer: undefined
- mode: batch
sanitizer: memory
- mode: prune
sanitizer: address
- mode: coverage
sanitizer: coverage
steps:
- name: Build Fuzzers (${{ matrix.sanitizer }})
- name: Build Fuzzers (${{ matrix.mode }} - ${{ matrix.sanitizer }})
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: c++
language: c # Change this to the language you are fuzzing.
github-token: ${{ secrets.GITHUB_TOKEN }}
sanitizer: ${{ matrix.sanitizer }}
- name: Run Fuzzers (${{ matrix.sanitizer }})
storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/lightsail-network/app-stellar-fuzz-corpus
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
- name: Run Fuzzers (${{ matrix.mode }} - ${{ matrix.sanitizer }})
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 3600 # 1 hour
mode: "batch"
fuzz-seconds: ${{ github.event.inputs.fuzz-seconds || '600' }} # Defaults to 10 minutes
mode: ${{ matrix.mode }}
sanitizer: ${{ matrix.sanitizer }}
# Optional but recommended: For storing certain artifacts from fuzzing.
# See later section on "Git repo for storage".
#storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/LedgerHQ/fuzzers-corpus.git
#storage-repo-branch: main # Optional. Defaults to "main"
#storage-repo-branch-coverage: gh-pages # Optional. Defaults to "gh-pages".
storage-repo: ${{ secrets.PERSONAL_ACCESS_TOKEN && format('https://{0}@github.com/lightsail-network/app-stellar-fuzz-corpus', secrets.PERSONAL_ACCESS_TOKEN) || '' }}
storage-repo-branch: ${{ secrets.PERSONAL_ACCESS_TOKEN && 'main' || '' }}
storage-repo-branch-coverage: ${{ secrets.PERSONAL_ACCESS_TOKEN && 'gh-pages' || '' }}
25 changes: 10 additions & 15 deletions .github/workflows/cflite_pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,32 +13,27 @@ jobs:
strategy:
fail-fast: false
matrix:
sanitizer: [address, undefined, memory]
sanitizer: [address, undefined, memory] # Override this with the sanitizers you want.
steps:
- name: Build Fuzzers (${{ matrix.sanitizer }})
id: build
uses: google/clusterfuzzlite/actions/build_fuzzers@v1
with:
language: c++
language: c # Change this to the language you are fuzzing.
github-token: ${{ secrets.GITHUB_TOKEN }}
sanitizer: ${{ matrix.sanitizer }}
# Optional but recommended: used to only run fuzzers that are affected
# by the PR.
# See later section on "Git repo for storage".
#storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/LedgerHQ/fuzzers-corpus.git
#storage-repo-branch: main # Optional. Defaults to "main"
#storage-repo-branch-coverage: gh-pages # Optional. Defaults to "gh-pages".
storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/lightsail-network/app-stellar-fuzz-corpus
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
- name: Run Fuzzers (${{ matrix.sanitizer }})
id: run
uses: google/clusterfuzzlite/actions/run_fuzzers@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
fuzz-seconds: 600 # 10 minutes
fuzz-seconds: 300 # 5 minutes
mode: "code-change"
sanitizer: ${{ matrix.sanitizer }}
# Optional but recommended: used to download the corpus produced by
# batch fuzzing.
# See later section on "Git repo for storage".
#storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/LedgerHQ/fuzzers-corpus.git
#storage-repo-branch: main # Optional. Defaults to "main"
#storage-repo-branch-coverage: gh-pages # Optional. Defaults to "gh-pages".
output-sarif: true
storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/lightsail-network/app-stellar-fuzz-corpus
storage-repo-branch: main
storage-repo-branch-coverage: gh-pages
2 changes: 1 addition & 1 deletion .github/workflows/ci-workflow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ jobs:
name: Stellar e2e tests
strategy:
matrix:
device: ["nanos", "nanox", "nanosp", "stax"]
device: ["nanos", "nanox", "nanosp", "stax", "flex"]
fail-fast: false
needs:
- build_application
Expand Down
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@ APPNAME = "Stellar"

# Application version
APPVERSION_M = 5
APPVERSION_N = 4
APPVERSION_P = 1
APPVERSION_N = 5
APPVERSION_P = 0
APPVERSION = "$(APPVERSION_M).$(APPVERSION_N).$(APPVERSION_P)"

# Application source files
Expand Down
7 changes: 4 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@

## Introduction

This is the wallet app for the [Ledger Nano S](https://shop.ledger.com/products/ledger-nano-s), [Ledger Nano S Plus](https://shop.ledger.com/pages/ledger-nano-s-plus) and [Ledger Nano X](https://shop.ledger.com/pages/ledger-nano-x) that makes it possible to store [Stellar](https://www.stellar.org/)-based assets on those devices and generally sign any transaction for the Stellar network.
This is the wallet app for the [Ledger hardware wallets](https://www.ledger.com/) that makes it possible to store [Stellar](https://www.stellar.org/)-based assets on those devices and generally sign any transaction for the Stellar network.

## Documentation

Expand Down Expand Up @@ -44,7 +44,7 @@ make delete

## Testing

This project provides unit tests, integration tests and end-to-end tests, unit tests are located under the [`./tests_unit`](./tests_unit) folder, and the integration tests and end-to-end tests are located under the [`./tests_zemu`](./tests_zemu) folder.
This project provides unit tests, integration tests and end-to-end tests, unit tests are located under the [`./tests_unit`](./tests_unit) folder, and the integration tests and end-to-end tests are located under the [`./tests_zemu`](./tests_zemu) folder.

During development, we recommend that you run the unit test first, as it takes less time to run, and then run the other tests after the unit test has run successfully.

Expand All @@ -67,9 +67,10 @@ make tests-unit
```

### Integration testing and end-to-end testing

Testing is done via the open-source framework [zemu](https://github.com/Zondax/zemu).

In order to run these tests, you need to install [Docker](https://www.docker.com/) in addition to the dependencies mentioned in *Unit testing*.
In order to run these tests, you need to install [Docker](https://www.docker.com/) in addition to the dependencies mentioned in _Unit testing_.

To build and execute the tests, run the following commands:

Expand Down
3 changes: 2 additions & 1 deletion build_elfs.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@ set -e
# NANOSP_SDK=
# NANOX_SDK=
# STAX_SDK=
# FLEX_SDK=

# list of SDKS
DEVICE_SDKS=("$NANOS_SDK" "$NANOSP_SDK" "$NANOX_SDK" "$STAX_SDK")
DEVICE_SDKS=("$NANOS_SDK" "$NANOSP_SDK" "$NANOX_SDK" "$STAX_SDK" "$FLEX_SDK")

# Do it only now since before the cd command, we might not have been inside the repository
GIT_REPO_ROOT=$(git rev-parse --show-toplevel)
Expand Down
36 changes: 17 additions & 19 deletions docs/COMMANDS.md
Original file line number Diff line number Diff line change
Expand Up @@ -82,22 +82,20 @@


## Status Words

| SW | SW name | Description |
| ------ | ------------------------------------- | ------------------------------------------------------- |
| 0x6125 | `SW_FORMATTING_FAIL` | Failed to format the data |
| 0x6985 | `SW_DENY` | Rejected by user |
| 0x6A87 | `SW_WRONG_DATA_LENGTH` | `Lc` or minimum APDU lenght is incorrect |
| 0x6B00 | `SW_WRONG_P1P2` | Either `P1` or `P2` is incorrect |
| 0x6C66 | `SW_HASH_SIGNING_MODE_NOT_ENABLED` | Hash signing model not enabled |
| 0x6D00 | `SW_INS_NOT_SUPPORTED` | No command exists with `INS` |
| 0x6E00 | `SW_CLA_NOT_SUPPORTED` | Bad `CLA` used for this application |
| 0xB002 | `SW_DISPLAY_ADDRESS_FAIL` | Failed to display address |
| 0xB003 | `SW_DISPLAY_TRANSACTION_HASH_FAIL` | Failed to display transaction hash |
| 0xB004 | `SW_DATA_TOO_LARGE` | The data is too large to be processed |
| 0xB005 | `SW_DATA_PARSING_FAIL` | Failed to parse raw data |
| 0xB006 | `SW_DATA_HASH_FAIL` | Failed to compute hash digest of raw data |
| 0xB007 | `SW_BAD_STATE` | Security issue with bad state |
| 0xB008 | `SW_SIGNATURE_FAIL` | Generating signature failed |
| 0xB009 | `SW_SWAP_CHECKING_FAIL` | Failed to check swap params (maybe the data is invalid) |
| 0x9000 | `SW_OK` | Success |
| SW | SW name | Description |
| ------ | ------------------------------------------ | --------------------------------------------------------- |
| 0x6125 | `SW_FORMATTING_FAIL` | Failed to format the data |
| 0x6985 | `SW_DENY` | Rejected by user |
| 0x6A87 | `SW_WRONG_DATA_LENGTH` | `Lc` or minimum APDU lenght is incorrect |
| 0x6B00 | `SW_WRONG_P1P2` | Either `P1` or `P2` is incorrect |
| 0x6D00 | `SW_INS_NOT_SUPPORTED` | No command exists with `INS` |
| 0x6E00 | `SW_CLA_NOT_SUPPORTED` | Bad `CLA` used for this application |
| 0xB002 | `SW_DISPLAY_ADDRESS_FAIL` | Failed to display address |
| 0xB003 | `SW_DISPLAY_TRANSACTION_HASH_FAIL` | Failed to display transaction hash |
| 0xB004 | `SW_DATA_TOO_LARGE` | The data is too large to be processed |
| 0xB005 | `SW_DATA_PARSING_FAIL` | Failed to parse raw data |
| 0xB006 | `SW_DATA_HASH_FAIL` | Failed to compute hash digest of raw data |
| 0xB007 | `SW_BAD_STATE` | Security issue with bad state |
| 0xB008 | `SW_SIGNATURE_FAIL` | Generating signature failed |
| 0xB009 | `SW_SWAP_CHECKING_FAIL` | Failed to check swap params (maybe the data is invalid) |
| 0x9000 | `SW_OK` | Success |
6 changes: 6 additions & 0 deletions fuzz/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,12 @@ if (NOT CMAKE_C_COMPILER_ID MATCHES "Clang")
message(FATAL_ERROR "Fuzzer needs to be built with Clang")
endif ()

# Build with code coverage generation
if(CODE_COVERAGE)
add_compile_options(-fprofile-instr-generate -fcoverage-mapping)
add_link_options(-fprofile-instr-generate -fcoverage-mapping)
endif()

include(CTest)
ENABLE_TESTING()

Expand Down
Binary file added fuzz/corpus/feeBumpTx.raw
Binary file not shown.
Binary file added fuzz/corpus/feeBumpTxOmitFeeSourceEqualSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/feeBumpTxOmitFeeSourceNotEqualSigner.raw
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/feeBumpTxWithMuxedFeeSource.raw
Binary file not shown.
Binary file added fuzz/corpus/opAccountMerge.raw
Binary file not shown.
Binary file added fuzz/corpus/opAccountMergeWithMuxedDestination.raw
Binary file not shown.
Binary file added fuzz/corpus/opAllowTrustAuthorize.raw
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opAllowTrustDeauthorize.raw
Binary file not shown.
Binary file added fuzz/corpus/opBeginSponsoringFutureReserves.raw
Binary file not shown.
Binary file added fuzz/corpus/opBumpSequence.raw
Binary file not shown.
Binary file added fuzz/corpus/opChangeTrustAddTrustLine.raw
Binary file not shown.
Binary file added fuzz/corpus/opChangeTrustRemoveTrustLine.raw
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opClaimClaimableBalance.raw
Binary file not shown.
Binary file added fuzz/corpus/opClawback.raw
Binary file not shown.
Binary file added fuzz/corpus/opClawbackClaimableBalance.raw
Binary file not shown.
Binary file added fuzz/corpus/opClawbackWithMuxedFrom.raw
Binary file not shown.
Binary file added fuzz/corpus/opCreateAccount.raw
Binary file not shown.
Binary file added fuzz/corpus/opCreateClaimableBalance.raw
Binary file not shown.
Binary file added fuzz/corpus/opCreatePassiveSellOffer.raw
Binary file not shown.
Binary file added fuzz/corpus/opEndSponsoringFutureReserves.raw
Binary file not shown.
Binary file added fuzz/corpus/opExtendFootprintTtl.raw
Binary file not shown.
Binary file added fuzz/corpus/opInflation.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionApproveUsdc.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionAssetApprove.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionAssetTransfer.raw
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionScvalsCase0.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionScvalsCase1.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionScvalsCase2.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionTestPlugin.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionTransferUsdc.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionTransferXlm.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionUploadWasm.raw
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionWithAuth.raw
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opInvokeHostFunctionWithoutArgs.raw
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opLiquidityPoolDeposit.raw
Binary file not shown.
Binary file added fuzz/corpus/opLiquidityPoolWithdraw.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageBuyOfferCreate.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageBuyOfferDelete.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageBuyOfferUpdate.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageDataAdd.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageDataAddWithUnprintableData.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageDataRemove.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageSellOfferCreate.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageSellOfferDelete.raw
Binary file not shown.
Binary file added fuzz/corpus/opManageSellOfferUpdate.raw
Binary file not shown.
Binary file added fuzz/corpus/opPathPaymentStrictReceive.raw
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opPathPaymentStrictSend.raw
Binary file not shown.
Binary file added fuzz/corpus/opPathPaymentStrictSendWithEmptyPath.raw
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opPaymentAssetAlphanum12.raw
Binary file not shown.
Binary file added fuzz/corpus/opPaymentAssetAlphanum4.raw
Binary file not shown.
Binary file added fuzz/corpus/opPaymentAssetNative.raw
Binary file not shown.
Binary file added fuzz/corpus/opPaymentWithMuxedDestination.raw
Binary file not shown.
Binary file added fuzz/corpus/opRestoreFootprint.raw
Binary file not shown.
Binary file added fuzz/corpus/opRevokeSponsorshipAccount.raw
Binary file not shown.
Binary file added fuzz/corpus/opRevokeSponsorshipClaimableBalance.raw
Binary file not shown.
Binary file added fuzz/corpus/opRevokeSponsorshipData.raw
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opRevokeSponsorshipHashXSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/opRevokeSponsorshipLiquidityPool.raw
Binary file not shown.
Binary file added fuzz/corpus/opRevokeSponsorshipOffer.raw
Binary file not shown.
Binary file added fuzz/corpus/opRevokeSponsorshipPreAuthTxSigner.raw
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opSetOptions.raw
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opSetOptionsAddHashXSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/opSetOptionsAddPreAuthTxSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/opSetOptionsAddPublicKeySigner.raw
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opSetOptionsRemoveHashXSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/opSetOptionsRemovePreAuthTxSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/opSetOptionsRemovePublicKeySigner.raw
Binary file not shown.
Binary file added fuzz/corpus/opSetOptionsWithEmptyBody.raw
Binary file not shown.
Binary file added fuzz/corpus/opSetTrustLineFlagsAuthorized.raw
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opSetTrustLineFlagsUnauthorized.raw
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/opWithEmptySource.raw
Binary file not shown.
Binary file added fuzz/corpus/opWithMuxedSource.raw
Binary file not shown.
Binary file added fuzz/corpus/sorobanAuthCreateSmartContract.raw
Binary file not shown.
Binary file added fuzz/corpus/sorobanAuthInvokeContract.raw
Binary file not shown.
Binary file added fuzz/corpus/sorobanAuthInvokeContractTestPlugin.raw
Binary file not shown.
Binary file not shown.
Binary file added fuzz/corpus/sorobanAuthInvokeContractWithoutArgs.raw
Binary file not shown.
Binary file added fuzz/corpus/sorobanAuthPublic.raw
Binary file not shown.
Binary file added fuzz/corpus/sorobanAuthTestnet.raw
Binary file not shown.
Binary file added fuzz/corpus/sorobanAuthUnknownNetwork.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondExtraSignersWithOneSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondExtraSignersWithTwoSigners.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondIsNone.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondLedgerBounds.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondLedgerBoundsAreZero.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondLedgerBoundsMaxIsZero.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondLedgerBoundsMinIsZero.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondMinAccountSequence.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondMinAccountSequenceAge.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondMinAccountSequenceLedgerGap.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondTimeBounds.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondTimeBoundsAreZero.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondTimeBoundsIsNone.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondTimeBoundsMaxIsZero.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondTimeBoundsMinIsZero.raw
Binary file not shown.
Binary file added fuzz/corpus/txCondWithAllItems.raw
Binary file not shown.
Binary file added fuzz/corpus/txCustomBaseFee.raw
Binary file not shown.
Binary file added fuzz/corpus/txMemoHash.raw
Binary file not shown.
Binary file added fuzz/corpus/txMemoId.raw
Binary file not shown.
Binary file added fuzz/corpus/txMemoNone.raw
Binary file not shown.
Binary file added fuzz/corpus/txMemoReturnHash.raw
Binary file not shown.
Binary file added fuzz/corpus/txMemoText.raw
Binary file not shown.
Binary file added fuzz/corpus/txMemoTextUnprintable.raw
Binary file not shown.
Binary file added fuzz/corpus/txMultiOperations.raw
Binary file not shown.
Binary file added fuzz/corpus/txNetworkCustom.raw
Binary file not shown.
Binary file added fuzz/corpus/txNetworkPublic.raw
Binary file not shown.
Binary file added fuzz/corpus/txNetworkTestnet.raw
Binary file not shown.
Binary file added fuzz/corpus/txSourceOmitMuxedSourceEqualSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/txSourceOmitSourceEqualSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/txSourceOmitSourceNotEqualSigner.raw
Binary file not shown.
Binary file added fuzz/corpus/txWithMuxedSource.raw
Binary file not shown.
68 changes: 68 additions & 0 deletions fuzz/fuzz_tx.c
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,17 @@
#define DETAIL_CAPTION_MAX_LENGTH 21
#define DETAIL_VALUE_MAX_LENGTH 105

static bool plugin_check_presence(const uint8_t *contract_address);
static stellar_plugin_result_t plugin_init_contract(const uint8_t *contract_address);
static stellar_plugin_result_t plugin_query_data_pair_count(const uint8_t *contract_address,
uint8_t *data_pair_count);
static stellar_plugin_result_t plugin_query_data_pair(const uint8_t *contract_address,
uint8_t data_pair_index,
char *caption,
uint8_t caption_len,
char *value,
uint8_t value_len);

int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
envelope_t envelope;
bool data_exists = true;
Expand Down Expand Up @@ -57,6 +68,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
.caption_len = DETAIL_CAPTION_MAX_LENGTH,
.value_len = DETAIL_VALUE_MAX_LENGTH,
.display_sequence = true,
.plugin_check_presence = &plugin_check_presence,
.plugin_init_contract = &plugin_init_contract,
.plugin_query_data_pair_count = &plugin_query_data_pair_count,
.plugin_query_data_pair = &plugin_query_data_pair,
};

reset_formatter();
Expand All @@ -74,3 +89,56 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {

return 0;
}

static bool plugin_check_presence(const uint8_t *contract_address) {
uint8_t expected[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
return memcmp(contract_address, expected, 32) == 0;
}

stellar_plugin_result_t plugin_init_contract(const uint8_t *contract_address) {
// Build-in token plugin
if (plugin_check_presence(contract_address)) {
return STELLAR_PLUGIN_RESULT_OK;
}
return STELLAR_PLUGIN_RESULT_UNAVAILABLE;
}

stellar_plugin_result_t plugin_query_data_pair_count(const uint8_t *contract_address,
uint8_t *data_pair_count) {
// Build-in token plugin
if (plugin_check_presence(contract_address)) {
*data_pair_count = 3;
return STELLAR_PLUGIN_RESULT_OK;
}
return STELLAR_PLUGIN_RESULT_UNAVAILABLE;
}

stellar_plugin_result_t plugin_query_data_pair(const uint8_t *contract_address,
uint8_t data_pair_index,
char *caption,
uint8_t caption_len,
char *value,
uint8_t value_len) {
if (!plugin_check_presence(contract_address)) {
return STELLAR_PLUGIN_RESULT_UNAVAILABLE;
}
switch (data_pair_index) {
case 0:
strncpy(caption, "caption 0", caption_len);
strncpy(value, "value 0", value_len);
break;
case 1:
strncpy(caption, "caption 1", caption_len);
strncpy(value, "value 1", value_len);
break;
case 2:
strncpy(caption, "caption 2", caption_len);
strncpy(value, "value 2", value_len);
break;
default:
return STELLAR_PLUGIN_RESULT_ERROR;
}
return STELLAR_PLUGIN_RESULT_OK;
}
22 changes: 22 additions & 0 deletions fuzz/run.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
#!/bin/bash
set -e

SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
BUILDDIR="$SCRIPTDIR/cmake-build-fuzz-coverage"
CORPUSDIR="$SCRIPTDIR/corpus"
HTMLCOVDIR="$SCRIPTDIR/html-coverage"

# Compile the fuzzer with code coverage support
rm -rf "$BUILDDIR" "$HTMLCOVDIR"
cmake -DBOLOS_SDK=/opt/ledger-secure-sdk -DCMAKE_C_COMPILER=clang -DCODE_COVERAGE=1 -B"$BUILDDIR" -H.
cmake --build "$BUILDDIR" --target fuzz_tx

# Run the fuzzer on the corpus files
export LLVM_PROFILE_FILE="$BUILDDIR/fuzz_tx.%p.profraw"
# "$BUILDDIR/fuzz_tx" "$CORPUSDIR"/*
"$BUILDDIR/fuzz_tx" -rss_limit_mb=1024 -max_len=20000 -max_total_time=600 -print_final_stats=1 "$CORPUSDIR" -jobs=4 -workers=4
llvm-profdata merge --sparse "$BUILDDIR"/fuzz_tx.*.profraw -o "$BUILDDIR/fuzz_tx.profdata"

# Exclude lib_standard_app directory, base32 and base64 code from coverage report
llvm-cov show "$BUILDDIR/fuzz_tx" -instr-profile="$BUILDDIR/fuzz_tx.profdata" -show-line-counts-or-regions -output-dir="$HTMLCOVDIR" -format=html -ignore-filename-regex="(.*lib_standard_app.*)|(.*libstellar/base64\.c.*)|(.*libstellar/base32\.c.*)"
llvm-cov report "$BUILDDIR/fuzz_tx" -instr-profile="$BUILDDIR/fuzz_tx.profdata" -ignore-filename-regex="(.*lib_standard_app.*)|(.*libstellar/base64\.c.*)|(.*libstellar/base32\.c.*)"
17 changes: 8 additions & 9 deletions libstellar/formatter.c
Original file line number Diff line number Diff line change
Expand Up @@ -911,6 +911,7 @@ static bool format_manage_sell_offer(formatter_data_t *fdata) {
fdata->value_len))
} else {
STRLCPY(fdata->caption, "Create Offer", fdata->caption_len);
STRLCPY(fdata->value, "New Offer", fdata->value_len);
}
FORMATTER_CHECK(push_to_formatter_stack(&format_manage_sell_offer_buy))
}
Expand Down Expand Up @@ -965,6 +966,7 @@ static bool format_manage_buy_offer(formatter_data_t *fdata) {
FORMATTER_CHECK(print_uint64_num(op->offer_id, fdata->value, fdata->value_len))
} else {
STRLCPY(fdata->caption, "Create Offer", fdata->caption_len);
STRLCPY(fdata->value, "New Offer", fdata->value_len);
}
FORMATTER_CHECK(push_to_formatter_stack(&format_manage_buy_offer_sell))
}
Expand Down Expand Up @@ -2261,17 +2263,14 @@ static const format_function_t formatters[] = {&format_create_account,

static bool format_confirm_operation(formatter_data_t *fdata) {
if (fdata->envelope->tx_details.tx.operations_count > 1) {
size_t length;
STRLCPY(fdata->caption, "Operation ", fdata->caption_len);
length = strlen(fdata->caption);
STRLCPY(fdata->caption, "Operation", fdata->caption_len);
FORMATTER_CHECK(print_uint64_num(fdata->envelope->tx_details.tx.operation_index + 1,
fdata->caption + length,
fdata->caption_len - length))
STRLCAT(fdata->caption, " of ", fdata->caption_len);
length = strlen(fdata->caption);
fdata->value,
fdata->value_len))
STRLCAT(fdata->value, " of ", fdata->value_len)
FORMATTER_CHECK(print_uint64_num(fdata->envelope->tx_details.tx.operations_count,
fdata->caption + length,
fdata->caption_len - length))
fdata->value + strlen(fdata->value),
fdata->value_len - strlen(fdata->value)))

FORMATTER_CHECK(push_to_formatter_stack(
((format_function_t) PIC(formatters[fdata->envelope->tx_details.tx.op_details.type]))));
Expand Down
Loading

0 comments on commit d589163

Please sign in to comment.