tests: Add fuzzing harness for functions in script/descriptor.h

practicalswift · practicalswift · commit fa80117cfdec · 2020-05-30T10:37:01.000Z
diff --git a/src/Makefile.test.include b/src/Makefile.test.include
@@ -111,6 +111,7 @@ FUZZ_TARGETS = \
   test/fuzz/rolling_bloom_filter \
   test/fuzz/script \
   test/fuzz/script_bitcoin_consensus \
+  test/fuzz/script_descriptor_cache \
   test/fuzz/script_deserialize \
   test/fuzz/script_flags \
   test/fuzz/script_ops \
@@ -948,6 +949,12 @@ test_fuzz_script_bitcoin_consensus_LDADD = $(FUZZ_SUITE_LD_COMMON)
 test_fuzz_script_bitcoin_consensus_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
 test_fuzz_script_bitcoin_consensus_SOURCES = test/fuzz/script_bitcoin_consensus.cpp
 
+test_fuzz_script_descriptor_cache_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
+test_fuzz_script_descriptor_cache_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
+test_fuzz_script_descriptor_cache_LDADD = $(FUZZ_SUITE_LD_COMMON)
+test_fuzz_script_descriptor_cache_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
+test_fuzz_script_descriptor_cache_SOURCES = test/fuzz/script_descriptor_cache.cpp
+
 test_fuzz_script_deserialize_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -DSCRIPT_DESERIALIZE=1
 test_fuzz_script_deserialize_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
 test_fuzz_script_deserialize_LDADD = $(FUZZ_SUITE_LD_COMMON)
diff --git a/src/test/fuzz/script_descriptor_cache.cpp b/src/test/fuzz/script_descriptor_cache.cpp
@@ -0,0 +1,42 @@
+// Copyright (c) 2020 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <optional.h>
+#include <pubkey.h>
+#include <script/descriptor.h>
+#include <test/fuzz/FuzzedDataProvider.h>
+#include <test/fuzz/fuzz.h>
+#include <test/fuzz/util.h>
+
+#include <cstdint>
+#include <string>
+#include <vector>
+
+void test_one_input(const std::vector<uint8_t>& buffer)
+{
+    FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
+    DescriptorCache descriptor_cache;
+    while (fuzzed_data_provider.ConsumeBool()) {
+        const std::vector<uint8_t> code = fuzzed_data_provider.ConsumeBytes<uint8_t>(BIP32_EXTKEY_SIZE);
+        if (code.size() == BIP32_EXTKEY_SIZE) {
+            CExtPubKey xpub;
+            xpub.Decode(code.data());
+            const uint32_t key_exp_pos = fuzzed_data_provider.ConsumeIntegral<uint32_t>();
+            CExtPubKey xpub_fetched;
+            if (fuzzed_data_provider.ConsumeBool()) {
+                (void)descriptor_cache.GetCachedParentExtPubKey(key_exp_pos, xpub_fetched);
+                descriptor_cache.CacheParentExtPubKey(key_exp_pos, xpub);
+                assert(descriptor_cache.GetCachedParentExtPubKey(key_exp_pos, xpub_fetched));
+            } else {
+                const uint32_t der_index = fuzzed_data_provider.ConsumeIntegral<uint32_t>();
+                (void)descriptor_cache.GetCachedDerivedExtPubKey(key_exp_pos, der_index, xpub_fetched);
+                descriptor_cache.CacheDerivedExtPubKey(key_exp_pos, der_index, xpub);
+                assert(descriptor_cache.GetCachedDerivedExtPubKey(key_exp_pos, der_index, xpub_fetched));
+            }
+            assert(xpub == xpub_fetched);
+        }
+        (void)descriptor_cache.GetCachedParentExtPubKeys();
+        (void)descriptor_cache.GetCachedDerivedExtPubKeys();
+    }
+}
