highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-04-26 14:59:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge bitcoin/bitcoin#34317: fuzz: Exclude too expensive inputs in descriptor_parse targets

Browse Source 
fab2f3df4b fuzz: Exclude too expensive inputs in descriptor_parse targets (MarcoFalke)

Pull request description:

  Accepting "expensive" fuzz inputs which have no real use-case is problematic, because it prevents the fuzz engine from spending time on the next useful fuzz input.

  For example, those will take several seconds (!) and the flamegraph shows that base58 encoding is the cause:

  ```
  curl -fLO 'f5abf41608'
  curl -fLO '78cb317546'

  FUZZ=mocked_descriptor_parse ./bld-cmake/bin/fuzz ./f5abf41608addcef3538da61d8096c2050235032
  FUZZ=descriptor_parse ./bld-cmake/bin/fuzz ./78cb3175467f53b467b949883ee6072e92dbb267
  ```

  This will also break 32-bit fuzzing, see https://github.com/bitcoin/bitcoin/issues/34110#issuecomment-3759461248.

  Fix all issues by checking for `HasTooLargeLeafSize`.

  Sorry for creating several pull requests to fix this class of issue, but I think this one should be the last one. 😅

ACKs for top commit:
  brunoerg:
    reACK fab2f3df4b
  frankomosh:
    re-ACK fab2f3df4b

Tree-SHA512: 4ecf98ec4adc39f6e014370945fb1598cdd3ceba60f7209b00789ac1164b6d20e82a69d71f8419d9a40d57ee3fea36ef593c47fe48b584b6e8344c44f20a15c1
This commit is contained in:
merge-script
2026-01-23 09:54:22 +00:00
parent cdb42a8df8 fab2f3df4b
commit 1b079becf1
4 changed files with 34 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/wallet/test/fuzz/scriptpubkeyman.cpp
View File

@@ -50,23 +50,12 @@ void initialize_spkm()
MOCKED_DESC_CONVERTER.Init();
}
/**
* Deriving "expensive" descriptors will consume useful fuzz compute. The
* compute is better spent on a smaller subset of descriptors, which still
* covers all real end-user settings.
*/
static bool IsTooExpensive(std::span<const uint8_t> desc)
{
return HasDeepDerivPath(desc) || HasTooManySubFrag(desc) || HasTooManyWrappers(desc);
}
static std::optional<std::pair<WalletDescriptor, FlatSigningProvider>> CreateWalletDescriptor(FuzzedDataProvider& fuzzed_data_provider)
{
const std::string mocked_descriptor{fuzzed_data_provider.ConsumeRandomLengthString()};
if (IsTooExpensive(MakeUCharSpan(mocked_descriptor))) return {};
const auto desc_str{MOCKED_DESC_CONVERTER.GetDescriptor(mocked_descriptor)};
if (!desc_str.has_value()) return std::nullopt;
if (HasTooLargeLeafSize(MakeUCharSpan(*desc_str))) return {};
if (IsTooExpensive(MakeUCharSpan(*desc_str))) return {};
FlatSigningProvider keys;
std::string error;