Bitcoin Core 22.99.0
P2P Digital Currency
process_message.cpp
Go to the documentation of this file.
1// Copyright (c) 2020-2021 The Bitcoin Core developers
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5#include <banman.h>
6#include <chainparams.h>
7#include <consensus/consensus.h>
8#include <net.h>
9#include <net_processing.h>
10#include <protocol.h>
11#include <scheduler.h>
12#include <script/script.h>
13#include <streams.h>
14#include <test/fuzz/FuzzedDataProvider.h>
15#include <test/fuzz/fuzz.h>
16#include <test/fuzz/util.h>
17#include <test/util/mining.h>
18#include <test/util/net.h>
19#include <test/util/setup_common.h>
20#include <test/util/validation.h>
21#include <txorphanage.h>
22#include <validationinterface.h>
23#include <version.h>
24
25#include <atomic>
26#include <cassert>
27#include <chrono>
28#include <cstdint>
29#include <iosfwd>
30#include <iostream>
31#include <memory>
32#include <string>
33
34namespace {
35const TestingSetup* g_setup;
36} // namespace
37
38size_t& GetNumMsgTypes()
39{
40 static size_t g_num_msg_types{0};
41 return g_num_msg_types;
42}
43#define FUZZ_TARGET_MSG(msg_type) \
44 struct msg_type##_Count_Before_Main { \
45 msg_type##_Count_Before_Main() \
46 { \
47 ++GetNumMsgTypes(); \
48 } \
49 } const static g_##msg_type##_count_before_main; \
50 FUZZ_TARGET_INIT(process_message_##msg_type, initialize_process_message) \
51 { \
52 fuzz_target(buffer, #msg_type); \
53 }
54
55void initialize_process_message()
56{
57 Assert(GetNumMsgTypes() == getAllNetMessageTypes().size()); // If this fails, add or remove the message type below
58
59 static const auto testing_setup = MakeNoLogFileContext<const TestingSetup>();
60 g_setup = testing_setup.get();
61 for (int i = 0; i < 2 * COINBASE_MATURITY; i++) {
62 MineBlock(g_setup->m_node, CScript() << OP_TRUE);
63 }
64 SyncWithValidationInterfaceQueue();
65}
66
67void fuzz_target(FuzzBufferType buffer, const std::string& LIMIT_TO_MESSAGE_TYPE)
68{
69 FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
70
71 ConnmanTestMsg& connman = *static_cast<ConnmanTestMsg*>(g_setup->m_node.connman.get());
72 TestChainState& chainstate = *static_cast<TestChainState*>(&g_setup->m_node.chainman->ActiveChainstate());
73 SetMockTime(1610000000); // any time to successfully reset ibd
74 chainstate.ResetIbd();
75
76 const std::string random_message_type{fuzzed_data_provider.ConsumeBytesAsString(CMessageHeader::COMMAND_SIZE).c_str()};
77 if (!LIMIT_TO_MESSAGE_TYPE.empty() && random_message_type != LIMIT_TO_MESSAGE_TYPE) {
78 return;
79 }
80 CNode& p2p_node = *ConsumeNodeAsUniquePtr(fuzzed_data_provider).release();
81
82 const bool successfully_connected{fuzzed_data_provider.ConsumeBool()};
83 p2p_node.fSuccessfullyConnected = successfully_connected;
84 connman.AddTestNode(p2p_node);
85 g_setup->m_node.peerman->InitializeNode(&p2p_node);
86 FillNode(fuzzed_data_provider, p2p_node, /* init_version */ successfully_connected);
87
88 const auto mock_time = ConsumeTime(fuzzed_data_provider);
89 SetMockTime(mock_time);
90
91 // fuzzed_data_provider is fully consumed after this call, don't use it
92 CDataStream random_bytes_data_stream{fuzzed_data_provider.ConsumeRemainingBytes<unsigned char>(), SER_NETWORK, PROTOCOL_VERSION};
93 try {
94 g_setup->m_node.peerman->ProcessMessage(p2p_node, random_message_type, random_bytes_data_stream,
95 GetTime<std::chrono::microseconds>(), std::atomic<bool>{false});
96 } catch (const std::ios_base::failure&) {
97 }
98 {
99 LOCK(p2p_node.cs_sendProcessing);
100 g_setup->m_node.peerman->SendMessages(&p2p_node);
101 }
102 SyncWithValidationInterfaceQueue();
103 g_setup->m_node.connman->StopNodes();
104}
105
106FUZZ_TARGET_INIT(process_message, initialize_process_message) { fuzz_target(buffer, ""); }
107FUZZ_TARGET_MSG(addr);
108FUZZ_TARGET_MSG(addrv2);
109FUZZ_TARGET_MSG(block);
110FUZZ_TARGET_MSG(blocktxn);
111FUZZ_TARGET_MSG(cfcheckpt);
112FUZZ_TARGET_MSG(cfheaders);
113FUZZ_TARGET_MSG(cfilter);
114FUZZ_TARGET_MSG(cmpctblock);
115FUZZ_TARGET_MSG(feefilter);
116FUZZ_TARGET_MSG(filteradd);
117FUZZ_TARGET_MSG(filterclear);
118FUZZ_TARGET_MSG(filterload);
119FUZZ_TARGET_MSG(getaddr);
120FUZZ_TARGET_MSG(getblocks);
121FUZZ_TARGET_MSG(getblocktxn);
122FUZZ_TARGET_MSG(getcfcheckpt);
123FUZZ_TARGET_MSG(getcfheaders);
124FUZZ_TARGET_MSG(getcfilters);
125FUZZ_TARGET_MSG(getdata);
126FUZZ_TARGET_MSG(getheaders);
127FUZZ_TARGET_MSG(headers);
128FUZZ_TARGET_MSG(inv);
129FUZZ_TARGET_MSG(mempool);
130FUZZ_TARGET_MSG(merkleblock);
131FUZZ_TARGET_MSG(notfound);
132FUZZ_TARGET_MSG(ping);
133FUZZ_TARGET_MSG(pong);
134FUZZ_TARGET_MSG(sendaddrv2);
135FUZZ_TARGET_MSG(sendcmpct);
136FUZZ_TARGET_MSG(sendheaders);
137FUZZ_TARGET_MSG(tx);
138FUZZ_TARGET_MSG(verack);
139FUZZ_TARGET_MSG(version);
140FUZZ_TARGET_MSG(wtxidrelay);
Assert
#define Assert(val)
Identity function.
Definition: check.h:57
CDataStream
Double ended buffer combining vector and stream-like interfaces.
Definition: streams.h:205
CMessageHeader::COMMAND_SIZE
static constexpr size_t COMMAND_SIZE
Definition: protocol.h:34
CNode
Information about a peer.
Definition: net.h:394
CNode::cs_sendProcessing
RecursiveMutex cs_sendProcessing
Definition: net.h:419
CNode::fSuccessfullyConnected
std::atomic_bool fSuccessfullyConnected
fSuccessfullyConnected is set to true on receiving VERACK from the peer.
Definition: net.h:449
CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:406
FuzzedDataProvider::ConsumeBytesAsString
std::string ConsumeBytesAsString(size_t num_bytes)
Definition: FuzzedDataProvider.h:136
FuzzedDataProvider::ConsumeRemainingBytes
std::vector< T > ConsumeRemainingBytes()
Definition: FuzzedDataProvider.h:128
Span
A Span is an object that can refer to a contiguous sequence of objects.
Definition: span.h:93
Span::size
constexpr std::size_t size() const noexcept
Definition: span.h:182
Span::data
constexpr C * data() const noexcept
Definition: span.h:169
COINBASE_MATURITY
static const int COINBASE_MATURITY
Coinbase transaction outputs can only be spent after this number of new blocks (network rule)
Definition: consensus.h:19
net_processing.h
FUZZ_TARGET_INIT
FUZZ_TARGET_INIT(process_message, initialize_process_message)
Definition: process_message.cpp:106
FUZZ_TARGET_MSG
#define FUZZ_TARGET_MSG(msg_type)
Definition: process_message.cpp:43
fuzz_target
void fuzz_target(FuzzBufferType buffer, const std::string &LIMIT_TO_MESSAGE_TYPE)
Definition: process_message.cpp:67
GetNumMsgTypes
size_t & GetNumMsgTypes()
Definition: process_message.cpp:38
initialize_process_message
void initialize_process_message()
Definition: process_message.cpp:55
getAllNetMessageTypes
const std::vector< std::string > & getAllNetMessageTypes()
Definition: protocol.cpp:179
ping
static RPCHelpMan ping()
Definition: net.cpp:82
OP_TRUE
@ OP_TRUE
Definition: script.h:77
SER_NETWORK
@ SER_NETWORK
Definition: serialize.h:138
setup_common.h
ConnmanTestMsg::AddTestNode
void AddTestNode(CNode &node)
Definition: net.h:26
TestChainState::ResetIbd
void ResetIbd()
Reset the ibd cache to its initial state.
Definition: validation.cpp:11
TestingSetup
Testing setup that configures a complete environment.
Definition: setup_common.h:99
LOCK
#define LOCK(cs)
Definition: sync.h:226
ConsumeTime
int64_t ConsumeTime(FuzzedDataProvider &fuzzed_data_provider, const std::optional< int64_t > &min, const std::optional< int64_t > &max) noexcept
Definition: util.cpp:227
FillNode
void FillNode(FuzzedDataProvider &fuzzed_data_provider, CNode &node, bool init_version) noexcept
Definition: util.cpp:203
ConsumeNodeAsUniquePtr
std::unique_ptr< CNode > ConsumeNodeAsUniquePtr(FuzzedDataProvider &fdp, const std::optional< NodeId > &node_id_in=std::nullopt)
Definition: util.h:276
MineBlock
CTxIn MineBlock(const NodeContext &node, const CScript &coinbase_scriptPubKey)
Returns the generated coin.
Definition: mining.cpp:59
SetMockTime
void SetMockTime(int64_t nMockTimeIn)
DEPRECATED Use SetMockTime with chrono type.
Definition: time.cpp:101
SyncWithValidationInterfaceQueue
void SyncWithValidationInterfaceQueue()
This is a synonym for the following, which asserts certain locks are not held: std::promise<void> pro...
Definition: validationinterface.cpp:160
PROTOCOL_VERSION
static const int PROTOCOL_VERSION
network protocol versioning
Definition: version.h:12
Generated on Mon Nov 8 2021 14:20:07 for Bitcoin Core by doxygen 1.9.2