From 15ecae31a83ea66985496d2b8f2017cbd7749c26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C5=91rinc?= Date: Thu, 20 Feb 2025 16:48:28 +0100 Subject: [PATCH] fuzz: Always restrict base conversion input lengths They seem to cause timeouts: > Issue 397734700: bitcoin-core:base58check_encode_decode: Timeout in base58check_encode_decode The `encoded_string.empty()` check was corrected here to `decoded.empty()` to make sure the `(0, decoded.size() - 1)` range is always valid. Github-Pull: #31917 Rebased-From: bad1433ef2b5b02ac4b1c6c1d9482c513e5b2192 Co-authored-by: maflcko <6399679+maflcko@users.noreply.github.com> Co-authored-by: marcofleon Co-authored-by: Martin Zumsande --- src/test/fuzz/base_encode_decode.cpp | 35 ++++++++++++++-------------- 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/src/test/fuzz/base_encode_decode.cpp b/src/test/fuzz/base_encode_decode.cpp index 06b249fb8d3..69caac58100 100644 --- a/src/test/fuzz/base_encode_decode.cpp +++ b/src/test/fuzz/base_encode_decode.cpp @@ -6,6 +6,7 @@ #include #include +#include #include #include #include @@ -19,42 +20,40 @@ using util::TrimStringView; FUZZ_TARGET(base58_encode_decode) { - FuzzedDataProvider provider(buffer.data(), buffer.size()); - const std::string random_string{provider.ConsumeRandomLengthString(1000)}; - const int max_ret_len{provider.ConsumeIntegralInRange(-1, 1000)}; + FuzzedDataProvider provider{buffer.data(), buffer.size()}; + const auto random_string{provider.ConsumeRandomLengthString(100)}; + const int max_ret_len{provider.ConsumeIntegralInRange(-1, 100)}; // Decode/Encode roundtrip - std::vector decoded; - if (DecodeBase58(random_string, decoded, max_ret_len)) { + if (std::vector decoded; DecodeBase58(random_string, decoded, max_ret_len)) { const auto encoded_string{EncodeBase58(decoded)}; assert(encoded_string == TrimStringView(random_string)); - assert(encoded_string.empty() || !DecodeBase58(encoded_string, decoded, provider.ConsumeIntegralInRange(0, decoded.size() - 1))); + assert(decoded.empty() || !DecodeBase58(encoded_string, decoded, provider.ConsumeIntegralInRange(0, decoded.size() - 1))); } // Encode/Decode roundtrip - const auto encoded{EncodeBase58(buffer)}; + const auto encoded{EncodeBase58(MakeUCharSpan(random_string))}; std::vector roundtrip_decoded; - assert(DecodeBase58(encoded, roundtrip_decoded, buffer.size()) - && std::ranges::equal(roundtrip_decoded, buffer)); + assert(DecodeBase58(encoded, roundtrip_decoded, random_string.size()) + && std::ranges::equal(roundtrip_decoded, MakeUCharSpan(random_string))); } FUZZ_TARGET(base58check_encode_decode) { - FuzzedDataProvider provider(buffer.data(), buffer.size()); - const std::string random_string{provider.ConsumeRandomLengthString(1000)}; - const int max_ret_len{provider.ConsumeIntegralInRange(-1, 1000)}; + FuzzedDataProvider provider{buffer.data(), buffer.size()}; + const auto random_string{provider.ConsumeRandomLengthString(100)}; + const int max_ret_len{provider.ConsumeIntegralInRange(-1, 100)}; // Decode/Encode roundtrip - std::vector decoded; - if (DecodeBase58Check(random_string, decoded, max_ret_len)) { + if (std::vector decoded; DecodeBase58Check(random_string, decoded, max_ret_len)) { const auto encoded_string{EncodeBase58Check(decoded)}; assert(encoded_string == TrimStringView(random_string)); - assert(encoded_string.empty() || !DecodeBase58Check(encoded_string, decoded, provider.ConsumeIntegralInRange(0, decoded.size() - 1))); + assert(decoded.empty() || !DecodeBase58Check(encoded_string, decoded, provider.ConsumeIntegralInRange(0, decoded.size() - 1))); } // Encode/Decode roundtrip - const auto encoded{EncodeBase58Check(buffer)}; + const auto encoded{EncodeBase58Check(MakeUCharSpan(random_string))}; std::vector roundtrip_decoded; - assert(DecodeBase58Check(encoded, roundtrip_decoded, buffer.size()) - && std::ranges::equal(roundtrip_decoded, buffer)); + assert(DecodeBase58Check(encoded, roundtrip_decoded, random_string.size()) + && std::ranges::equal(roundtrip_decoded, MakeUCharSpan(random_string))); } FUZZ_TARGET(base32_encode_decode)