From 0dc871f4cc9c453b28662c8c6b771c0dc45582e7 Mon Sep 17 00:00:00 2001 From: Jun Luo <4catcode@gmail.com> Date: Mon, 6 May 2024 11:20:37 +0800 Subject: [PATCH 1/7] Improve fuzz testing. --- fuzz/fuzz_tx.c | 35 +++++++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) diff --git a/fuzz/fuzz_tx.c b/fuzz/fuzz_tx.c index c40ea9e5..c87709e9 100644 --- a/fuzz/fuzz_tx.c +++ b/fuzz/fuzz_tx.c @@ -11,6 +11,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { envelope_t envelope; + bool data_exists = true; + bool is_op_header = false; + memset(&envelope, 0, sizeof(envelope_t)); if (!parse_transaction_envelope(data, size, &envelope)) { return 0; @@ -23,7 +26,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 0xbd, 0x59, 0xce, 0xa9, 0x7, 0x9e, 0x7c, 0xc7, 0xc, 0xe7, 0xb1, 0xe1, 0x54, 0xf1, 0x14, 0xcd, 0xfe, 0x4e, 0x46, 0x6e, 0xcd}; - formatter_data_t fdata = { + formatter_data_t tx_fdata = { .raw_data = data, .raw_data_len = size, .envelope = &envelope, @@ -37,11 +40,35 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { reset_formatter(); - bool data_exists = true; - bool is_op_header = false; + while (true) { + if (!get_next_data(&tx_fdata, true, &data_exists, &is_op_header)) { + return 0; + } + + if (!data_exists) { + break; + } + } + + formatter_data_t = { + .raw_data = data, + .raw_data_len = size, + .envelope = &envelope, + .caption = detail_caption, + .value = detail_value, + .signing_key = signing_key, + .caption_len = DETAIL_CAPTION_MAX_LENGTH, + .value_len = DETAIL_VALUE_MAX_LENGTH, + .display_sequence = true, + }; + memset(&envelope, 0, sizeof(envelope_t)); + if (!parse_soroban_authorization_envelope(auth_fdata, size, &envelope)) { + return 0; + } + reset_formatter(); while (true) { - if (!get_next_data(&fdata, true, &data_exists, &is_op_header)) { + if (!get_next_data(&tx_fdata, true, &data_exists, &is_op_header)) { return 0; } From 86282ce49ffdde5ad1a045bc19958c0b94b08dba Mon Sep 17 00:00:00 2001 From: Jun Luo <4catcode@gmail.com> Date: Mon, 6 May 2024 11:28:22 +0800 Subject: [PATCH 2/7] Improve fuzz testing. --- fuzz/fuzz_tx.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fuzz/fuzz_tx.c b/fuzz/fuzz_tx.c index b5168ecd..16ff3b3f 100644 --- a/fuzz/fuzz_tx.c +++ b/fuzz/fuzz_tx.c @@ -67,7 +67,9 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (!parse_soroban_authorization_envelope(auth_fdata, size, &envelope)) { return 0; } - reset_formatter(); + if (!reset_formatter(&fdata)) { + return 0; + } while (true) { if (!get_next_data(&tx_fdata, true, &data_exists, &is_op_header)) { From c826518175c97f501c6a772c8db24c36b5300b13 Mon Sep 17 00:00:00 2001 From: Jun Luo <4catcode@gmail.com> Date: Mon, 6 May 2024 11:33:29 +0800 Subject: [PATCH 3/7] Improve fuzz testing. --- fuzz/fuzz_tx.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fuzz/fuzz_tx.c b/fuzz/fuzz_tx.c index 16ff3b3f..0fd2e940 100644 --- a/fuzz/fuzz_tx.c +++ b/fuzz/fuzz_tx.c @@ -38,7 +38,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { .display_sequence = true, }; - if (!reset_formatter(&fdata)) { + if (!reset_formatter(&tx_fdata)) { return 0; } @@ -67,7 +67,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { if (!parse_soroban_authorization_envelope(auth_fdata, size, &envelope)) { return 0; } - if (!reset_formatter(&fdata)) { + if (!reset_formatter(&tx_fdata)) { return 0; } From 081e112c543b3f34abb186bedf1b471e8ba7e1df Mon Sep 17 00:00:00 2001 From: Jun Luo <4catcode@gmail.com> Date: Mon, 6 May 2024 11:37:17 +0800 Subject: [PATCH 4/7] Improve fuzz testing. --- fuzz/fuzz_tx.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/fuzz/fuzz_tx.c b/fuzz/fuzz_tx.c index 0fd2e940..c2b538ad 100644 --- a/fuzz/fuzz_tx.c +++ b/fuzz/fuzz_tx.c @@ -52,7 +52,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { } } - formatter_data_t = { + formatter_data_t auth_fdata = { .raw_data = data, .raw_data_len = size, .envelope = &envelope, @@ -64,15 +64,15 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { .display_sequence = true, }; memset(&envelope, 0, sizeof(envelope_t)); - if (!parse_soroban_authorization_envelope(auth_fdata, size, &envelope)) { + if (!parse_soroban_authorization_envelope(data, size, &envelope)) { return 0; } - if (!reset_formatter(&tx_fdata)) { + if (!reset_formatter(&auth_fdata)) { return 0; } while (true) { - if (!get_next_data(&tx_fdata, true, &data_exists, &is_op_header)) { + if (!get_next_data(&auth_fdata, true, &data_exists, &is_op_header)) { return 0; } From ee2829c5a5743432c40b8a32d469275e9690aed9 Mon Sep 17 00:00:00 2001 From: Jun Luo <4catcode@gmail.com> Date: Mon, 6 May 2024 12:15:51 +0800 Subject: [PATCH 5/7] Improve fuzz testing. --- fuzz/fuzz_tx.c | 99 ++++++++++++-------------- libstellar/formatter.c | 5 +- libstellar/include/stellar/formatter.h | 2 +- src/ui/bagl_transaction.c | 2 +- src/ui/nbgl_transaction.c | 4 +- tests_unit/test_auth_formatter.c | 2 +- tests_unit/test_tx_formatter.c | 4 +- 7 files changed, 54 insertions(+), 64 deletions(-) diff --git a/fuzz/fuzz_tx.c b/fuzz/fuzz_tx.c index c2b538ad..e6f05d28 100644 --- a/fuzz/fuzz_tx.c +++ b/fuzz/fuzz_tx.c @@ -13,72 +13,65 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { envelope_t envelope; bool data_exists = true; bool is_op_header = false; - - memset(&envelope, 0, sizeof(envelope_t)); - if (!parse_transaction_envelope(data, size, &envelope)) { - return 0; - } - char detail_caption[DETAIL_CAPTION_MAX_LENGTH]; char detail_value[DETAIL_VALUE_MAX_LENGTH]; - uint8_t signing_key[] = {0xe9, 0x33, 0x88, 0xbb, 0xfd, 0x2f, 0xbd, 0x11, 0x80, 0x6d, 0xd0, - 0xbd, 0x59, 0xce, 0xa9, 0x7, 0x9e, 0x7c, 0xc7, 0xc, 0xe7, 0xb1, - 0xe1, 0x54, 0xf1, 0x14, 0xcd, 0xfe, 0x4e, 0x46, 0x6e, 0xcd}; + memset(&envelope, 0, sizeof(envelope_t)); + if (parse_transaction_envelope(data, size, &envelope)) { + uint8_t signing_key[] = {0xe9, 0x33, 0x88, 0xbb, 0xfd, 0x2f, 0xbd, 0x11, 0x80, 0x6d, 0xd0, + 0xbd, 0x59, 0xce, 0xa9, 0x7, 0x9e, 0x7c, 0xc7, 0xc, 0xe7, 0xb1, + 0xe1, 0x54, 0xf1, 0x14, 0xcd, 0xfe, 0x4e, 0x46, 0x6e, 0xcd}; - formatter_data_t tx_fdata = { - .raw_data = data, - .raw_data_len = size, - .envelope = &envelope, - .caption = detail_caption, - .value = detail_value, - .signing_key = signing_key, - .caption_len = DETAIL_CAPTION_MAX_LENGTH, - .value_len = DETAIL_VALUE_MAX_LENGTH, - .display_sequence = true, - }; + formatter_data_t tx_fdata = { + .raw_data = data, + .raw_data_len = size, + .envelope = &envelope, + .caption = detail_caption, + .value = detail_value, + .signing_key = signing_key, + .caption_len = DETAIL_CAPTION_MAX_LENGTH, + .value_len = DETAIL_VALUE_MAX_LENGTH, + .display_sequence = true, + }; + reset_formatter(); - if (!reset_formatter(&tx_fdata)) { - return 0; - } + while (true) { + if (!get_next_data(&tx_fdata, true, &data_exists, &is_op_header)) { + break; + } - while (true) { - if (!get_next_data(&tx_fdata, true, &data_exists, &is_op_header)) { - return 0; - } - - if (!data_exists) { - break; + if (!data_exists) { + break; + } } } - formatter_data_t auth_fdata = { - .raw_data = data, - .raw_data_len = size, - .envelope = &envelope, - .caption = detail_caption, - .value = detail_value, - .signing_key = signing_key, - .caption_len = DETAIL_CAPTION_MAX_LENGTH, - .value_len = DETAIL_VALUE_MAX_LENGTH, - .display_sequence = true, - }; memset(&envelope, 0, sizeof(envelope_t)); - if (!parse_soroban_authorization_envelope(data, size, &envelope)) { - return 0; - } - if (!reset_formatter(&auth_fdata)) { - return 0; - } + if (parse_soroban_authorization_envelope(data, size, &envelope)) { + formatter_data_t auth_fdata = { + .raw_data = data, + .raw_data_len = size, + .envelope = &envelope, + .caption = detail_caption, + .value = detail_value, + .signing_key = signing_key, + .caption_len = DETAIL_CAPTION_MAX_LENGTH, + .value_len = DETAIL_VALUE_MAX_LENGTH, + .display_sequence = true, + }; - while (true) { - if (!get_next_data(&auth_fdata, true, &data_exists, &is_op_header)) { - return 0; - } + reset_formatter(); + + while (true) { + if (!get_next_data(&auth_fdata, true, &data_exists, &is_op_header)) { + break; + } - if (!data_exists) { - break; + if (!data_exists) { + break; + } } } + return 0; } diff --git a/libstellar/formatter.c b/libstellar/formatter.c index d8b1031a..7dd3d3d0 100644 --- a/libstellar/formatter.c +++ b/libstellar/formatter.c @@ -2492,13 +2492,10 @@ static uint8_t get_data_count(formatter_data_t *fdata) { return op_cnt + 1; } -bool reset_formatter(formatter_data_t *fdata) { - // TODO: fix back button? - (void) fdata; +void reset_formatter() { explicit_bzero(formatter_stack, sizeof(formatter_stack)); formatter_index = 0; current_data_index = 0; - return true; } bool get_next_data(formatter_data_t *fdata, bool forward, bool *data_exists, bool *is_op_header) { diff --git a/libstellar/include/stellar/formatter.h b/libstellar/include/stellar/formatter.h index a397a3d0..71b8e28a 100644 --- a/libstellar/include/stellar/formatter.h +++ b/libstellar/include/stellar/formatter.h @@ -51,7 +51,7 @@ typedef struct { /** * Reset the formatter state. */ -bool reset_formatter(formatter_data_t *fdata); +void reset_formatter(); /** * Get the next data to display. diff --git a/src/ui/bagl_transaction.c b/src/ui/bagl_transaction.c index fd8ee4e8..00330478 100644 --- a/src/ui/bagl_transaction.c +++ b/src/ui/bagl_transaction.c @@ -220,7 +220,7 @@ void prepare_display() { .plugin_query_data_pair_count = &plugin_query_data_pair_count, .plugin_query_data_pair = &plugin_query_data_pair, }; - reset_formatter(&fdata); + reset_formatter(); // init formatter_data memcpy(&formatter_data, &fdata, sizeof(formatter_data_t)); diff --git a/src/ui/nbgl_transaction.c b/src/ui/nbgl_transaction.c index 048dea46..273c9a83 100644 --- a/src/ui/nbgl_transaction.c +++ b/src/ui/nbgl_transaction.c @@ -92,7 +92,7 @@ static void prepare_tx_pages_infos(void) { uint8_t page_line_nb = 0; uint8_t field_len = 0; uint8_t data_index = 0; - reset_formatter(&formatter_data); + reset_formatter(); // Reset globals. nb_pages = 0; @@ -165,7 +165,7 @@ static void prepare_tx_pages_infos(void) { static void prepare_page(uint8_t page) { PRINTF("prepare_page, page: %d\n", page); - reset_formatter(&formatter_data); + reset_formatter(); uint8_t data_start_index = pages_infos[page].data_idx; bool data_exists = true; bool is_op_header = false; diff --git a/tests_unit/test_auth_formatter.c b/tests_unit/test_auth_formatter.c index badf2ab9..9ff387e3 100644 --- a/tests_unit/test_auth_formatter.c +++ b/tests_unit/test_auth_formatter.c @@ -71,7 +71,7 @@ void test_format_envelope(void **state) { char output[4096] = {0}; bool data_exists = true; bool is_op_header = false; - assert_true(reset_formatter(&fdata)); + reset_formatter(); while (true) { assert_true(get_next_data(&fdata, true, &data_exists, &is_op_header)); if (!data_exists) { diff --git a/tests_unit/test_tx_formatter.c b/tests_unit/test_tx_formatter.c index a6d26831..7d8be43b 100644 --- a/tests_unit/test_tx_formatter.c +++ b/tests_unit/test_tx_formatter.c @@ -195,7 +195,7 @@ void test_format_envelope(void **state) { char output[4096] = {0}; bool data_exists = true; bool is_op_header = false; - assert_true(reset_formatter(&fdata)); + reset_formatter(); while (true) { assert_true(get_next_data(&fdata, true, &data_exists, &is_op_header)); if (!data_exists) { @@ -254,7 +254,7 @@ void test_formatter_forward(void **state) { bool data_exists = false; bool is_op_header = false; - assert_true(reset_formatter(&fdata)); + reset_formatter(); // Flow: // Memo Text; hello world From af6a12476c3c7f4622f78f31e66545c9f4827e4b Mon Sep 17 00:00:00 2001 From: Jun Luo <4catcode@gmail.com> Date: Mon, 6 May 2024 12:16:48 +0800 Subject: [PATCH 6/7] Improve fuzz testing. --- fuzz/fuzz_tx.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/fuzz/fuzz_tx.c b/fuzz/fuzz_tx.c index e6f05d28..3ba7c21e 100644 --- a/fuzz/fuzz_tx.c +++ b/fuzz/fuzz_tx.c @@ -15,13 +15,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { bool is_op_header = false; char detail_caption[DETAIL_CAPTION_MAX_LENGTH]; char detail_value[DETAIL_VALUE_MAX_LENGTH]; + uint8_t signing_key[] = {0xe9, 0x33, 0x88, 0xbb, 0xfd, 0x2f, 0xbd, 0x11, 0x80, 0x6d, 0xd0, + 0xbd, 0x59, 0xce, 0xa9, 0x7, 0x9e, 0x7c, 0xc7, 0xc, 0xe7, 0xb1, + 0xe1, 0x54, 0xf1, 0x14, 0xcd, 0xfe, 0x4e, 0x46, 0x6e, 0xcd}; memset(&envelope, 0, sizeof(envelope_t)); if (parse_transaction_envelope(data, size, &envelope)) { - uint8_t signing_key[] = {0xe9, 0x33, 0x88, 0xbb, 0xfd, 0x2f, 0xbd, 0x11, 0x80, 0x6d, 0xd0, - 0xbd, 0x59, 0xce, 0xa9, 0x7, 0x9e, 0x7c, 0xc7, 0xc, 0xe7, 0xb1, - 0xe1, 0x54, 0xf1, 0x14, 0xcd, 0xfe, 0x4e, 0x46, 0x6e, 0xcd}; - formatter_data_t tx_fdata = { .raw_data = data, .raw_data_len = size, From 003238da7a2d72f4af22a0e1ddf4e7424bf52433 Mon Sep 17 00:00:00 2001 From: Jun Luo <4catcode@gmail.com> Date: Mon, 6 May 2024 12:18:44 +0800 Subject: [PATCH 7/7] Improve fuzz testing. --- fuzz/fuzz_tx.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fuzz/fuzz_tx.c b/fuzz/fuzz_tx.c index 3ba7c21e..25be1c87 100644 --- a/fuzz/fuzz_tx.c +++ b/fuzz/fuzz_tx.c @@ -6,7 +6,7 @@ #include "stellar/parser.h" #include "stellar/formatter.h" -#define DETAIL_CAPTION_MAX_LENGTH 20 +#define DETAIL_CAPTION_MAX_LENGTH 21 #define DETAIL_VALUE_MAX_LENGTH 105 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {