Skip to content
This repository has been archived by the owner on Jun 4, 2024. It is now read-only.

[FUZZ] JsFuzz - Assertion failed #42

Closed
6 of 7 tasks
Buttaa opened this issue Jul 15, 2020 · 2 comments
Closed
6 of 7 tasks

[FUZZ] JsFuzz - Assertion failed #42

Buttaa opened this issue Jul 15, 2020 · 2 comments
Labels
crash confirmed Crash is confirmed and developers are notified lodestar

Comments

@Buttaa
Copy link

Buttaa commented Jul 15, 2020

I've identified a fuzzer crash and am contributing to the security of Ethereum 2!

I've done and provided the following:

  • Checked to see if any other [FUZZ] issue already refers to that crasher
  • Attached the crashing input (either attached to the issue as a .zip or .gz, or as a link to a file sharing service)
  • Noted the beacon-fuzz version or commit used.
  • Provided crash output
  • Noted the command or fuzzer used to generate the crash
  • Name of the original crash file
  • (Optional but optimal) Checked if the crash can be consistently replicated by re-running the input.

Info to Reproduce

  • Command run: e.g. docker run -it -v C:\Users\beacon-fuzz\eth2fuzz/workspace:/eth2fuzz/workspace eth2fuzz_lodestar continuously -q lodestar -t 3600
  • Crasher file name: crash-4099857b077da452d2e335d436b77653877418e47bdbc2e892a8d6daf0869f5f
  • Client exercised: lodestar
  • Fuzzing engine used (if applicable):

Crash output

=================================================================
AssertionError [ERR_ASSERTION]: Assertion failed.
    at ECDSA.verify (/eth2fuzz/node_modules/bcrypto/lib/js/ecdsa.js:1:66376)
    at Object.verify (/eth2fuzz/node_modules/@chainsafe/discv5/lib/enr/v4.js:1:5109)
    at Map.verify (/eth2fuzz/node_modules/@chainsafe/discv5/lib/enr/enr.js:1:32482)
    at Function.decodeFromValues (/eth2fuzz/node_modules/@chainsafe/discv5/lib/enr/enr.js:1:26207)
    at Function.decode (/eth2fuzz/node_modules/@chainsafe/discv5/lib/enr/enr.js:1:26556)
    at Function.decodeTxt (/eth2fuzz/node_modules/@chainsafe/discv5/lib/enr/enr.js:1:26863)
    at Object.fuzz_lodestar_enr (/eth2fuzz/workspace/targets/js/lib.js:1:9181)
    at process.<anonymous> (/usr/lib/node_modules/jsfuzz/build/src/worker.js:63:30)
    at process.emit (events.js:314:20) {
  type: 'AssertionError',
  code: 'ERR_ASSERTION',
  generatedMessage: true,
  actual: false,
  expected: true,
  operator: '=='
}
crash was written to crash-4099857b077da452d2e335d436b77653877418e47bdbc2e892a8d6daf0869f5f
Worker exited

Your Environment

  • Fuzzer ran: docker run -it -v C:\Users\beacon-fuzz\eth2fuzz/workspace:/eth2fuzz/workspace eth2fuzz_lodestar continuously -q lodestar -t 3600
  • Version/Commit used: cbee3d9
  • Operating System and version: windows10

crash-4099857b077da452d2e335d436b77653877418e47bdbc2e892a8d6daf0869f5f.zip
@Buttaa Buttaa changed the title [FUZZ] JsFuzz [FUZZ] JsFuzz - Assertion failed Jul 15, 2020
@pventuzelo pventuzelo mentioned this issue Jul 15, 2020
Closed
@pventuzelo
Copy link
Contributor

Congratz, look valid to me.
Reported here: ChainSafe/discv5#70

@pventuzelo pventuzelo added lodestar crash confirmed Crash is confirmed and developers are notified labels Aug 1, 2020
@pventuzelo
Copy link
Contributor

Fixed.
Thanks again @Buttaa

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
crash confirmed Crash is confirmed and developers are notified lodestar
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pventuzelo @Buttaa