tests: Add fuzzing harness for rolling bloom filter class CRollingBloomFilter

Author: practicalswift

src/Makefile.test.include

@@ -51,6 +51,7 @@ FUZZ_TARGETS = \
   test/fuzz/psbt_input_deserialize \
   test/fuzz/psbt_output_deserialize \
   test/fuzz/pub_key_deserialize \
+  test/fuzz/rolling_bloom_filter \
   test/fuzz/script \
   test/fuzz/script_deserialize \
   test/fuzz/script_flags \
@@ -523,6 +524,12 @@ test_fuzz_pub_key_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON)
 test_fuzz_pub_key_deserialize_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
 test_fuzz_pub_key_deserialize_SOURCES = $(FUZZ_SUITE) test/fuzz/deserialize.cpp
 
+test_fuzz_rolling_bloom_filter_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
+test_fuzz_rolling_bloom_filter_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
+test_fuzz_rolling_bloom_filter_LDADD = $(FUZZ_SUITE_LD_COMMON)
+test_fuzz_rolling_bloom_filter_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
+test_fuzz_rolling_bloom_filter_SOURCES = $(FUZZ_SUITE) test/fuzz/rolling_bloom_filter.cpp
+
 test_fuzz_script_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
 test_fuzz_script_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
 test_fuzz_script_LDADD = $(FUZZ_SUITE_LD_COMMON)

src/test/fuzz/rolling_bloom_filter.cpp

@@ -0,0 +1,50 @@
+// Copyright (c) 2020 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <bloom.h>
+#include <optional.h>
+#include <test/fuzz/FuzzedDataProvider.h>
+#include <test/fuzz/fuzz.h>
+#include <test/fuzz/util.h>
+#include <uint256.h>
+
+#include <cassert>
+#include <cstdint>
+#include <string>
+#include <vector>
+
+void test_one_input(const std::vector<uint8_t>& buffer)
+{
+    FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
+
+    CRollingBloomFilter rolling_bloom_filter{
+        fuzzed_data_provider.ConsumeIntegralInRange<unsigned int>(1, 1000),
+        0.999 / fuzzed_data_provider.ConsumeIntegralInRange<unsigned int>(1, std::numeric_limits<unsigned int>::max())};
+    while (fuzzed_data_provider.remaining_bytes() > 0) {
+        switch (fuzzed_data_provider.ConsumeIntegralInRange(0, 2)) {
+        case 0: {
+            const std::vector<unsigned char>& b = ConsumeRandomLengthByteVector(fuzzed_data_provider);
+            (void)rolling_bloom_filter.contains(b);
+            rolling_bloom_filter.insert(b);
+            const bool present = rolling_bloom_filter.contains(b);
+            assert(present);
+            break;
+        }
+        case 1: {
+            const Optional<uint256> u256 = ConsumeDeserializable<uint256>(fuzzed_data_provider);
+            if (!u256) {
+                break;
+            }
+            (void)rolling_bloom_filter.contains(*u256);
+            rolling_bloom_filter.insert(*u256);
+            const bool present = rolling_bloom_filter.contains(*u256);
+            assert(present);
+            break;
+        }
+        case 2:
+            rolling_bloom_filter.reset();
+            break;
+        }
+    }
+}

test/fuzz/test_runner.py

@@ -40,6 +40,7 @@
     "psbt_input_deserialize",
     "psbt_output_deserialize",
     "pub_key_deserialize",
+    "rolling_bloom_filter",
     "script_deserialize",
     "strprintf",
     "sub_net_deserialize",