highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-12-06 02:33:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

fuzz: make FuzzedDataProvider usage deterministic

Browse Source 
There exist many usages of `fuzzed_data_provider` where it is evaluated directly in the function call.
Unfortunately, the order of evaluation of function arguments is unspecified. This means it can differ
between compilers/version/optimization levels etc. But when the evaluation order changes, the same
fuzzing input will produce different output, which is bad for coverage/reproducibility.

This PR fixes all these cases where by moving multiple calls to `fuzzed_data_provider` out of the
function arguments.
This commit is contained in:
Martin Leitner-Ankerl
2023-12-09 13:19:02 +01:00
parent 3e691258d8
commit 01960c53c7
18 changed files with 129 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/test/fuzz/crypto.cpp
View File

@@ -22,7 +22,9 @@ FUZZ_TARGET(crypto)
FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};
std::vector<uint8_t> data = ConsumeRandomLengthByteVector(fuzzed_data_provider);
if (data.empty()) {
data.resize(fuzzed_data_provider.ConsumeIntegralInRange<size_t>(1, 4096), fuzzed_data_provider.ConsumeIntegral<uint8_t>());
auto new_size = fuzzed_data_provider.ConsumeIntegralInRange<size_t>(1, 4096);
auto x = fuzzed_data_provider.ConsumeIntegral<uint8_t>();
data.resize(new_size, x);
}
CHash160 hash160;
@@ -44,7 +46,9 @@ FUZZ_TARGET(crypto)
if (fuzzed_data_provider.ConsumeBool()) {
data = ConsumeRandomLengthByteVector(fuzzed_data_provider);
if (data.empty()) {
data.resize(fuzzed_data_provider.ConsumeIntegralInRange<size_t>(1, 4096), fuzzed_data_provider.ConsumeIntegral<uint8_t>());
auto new_size = fuzzed_data_provider.ConsumeIntegralInRange<size_t>(1, 4096);
auto x = fuzzed_data_provider.ConsumeIntegral<uint8_t>();
data.resize(new_size, x);
}
}