fuzz: Avoid -fsanitize=integer warnings in fuzzing harnesses

2025-04-22 14:35:07 +02:00 · 2021-01-24 18:45:44 +00:00 · 2021-01-24 18:45:44 +00:00 · 58232e3ffb
commit 58232e3ffb
parent 52d84a45e2
4 changed files with 15 additions and 6 deletions
--- a/src/test/fuzz/crypto_chacha20_poly1305_aead.cpp
+++ b/src/test/fuzz/crypto_chacha20_poly1305_aead.cpp
@ -45,18 +45,24 @@ FUZZ_TARGET(crypto_chacha20_poly1305_aead)
                assert(ok);
            },
            [&] {
+                if (AdditionOverflow(seqnr_payload, static_cast<uint64_t>(1))) {
+                    return;
+                }
                seqnr_payload += 1;
                aad_pos += CHACHA20_POLY1305_AEAD_AAD_LEN;
                if (aad_pos + CHACHA20_POLY1305_AEAD_AAD_LEN > CHACHA20_ROUND_OUTPUT) {
                    aad_pos = 0;
+                    if (AdditionOverflow(seqnr_aad, static_cast<uint64_t>(1))) {
+                        return;
+                    }
                    seqnr_aad += 1;
                }
            },
            [&] {
-                seqnr_payload = fuzzed_data_provider.ConsumeIntegral<int>();
+                seqnr_payload = fuzzed_data_provider.ConsumeIntegral<uint64_t>();
            },
            [&] {
-                seqnr_aad = fuzzed_data_provider.ConsumeIntegral<int>();
+                seqnr_aad = fuzzed_data_provider.ConsumeIntegral<uint64_t>();
            },
            [&] {
                is_encrypt = fuzzed_data_provider.ConsumeBool();
--- a/src/test/fuzz/pow.cpp
+++ b/src/test/fuzz/pow.cpp
@ -43,7 +43,10 @@ FUZZ_TARGET_INIT(pow, initialize_pow)
                current_block.nHeight = current_height;
            }
            if (fuzzed_data_provider.ConsumeBool()) {
-                current_block.nTime = fixed_time + current_height * consensus_params.nPowTargetSpacing;
+                const uint32_t seconds = current_height * consensus_params.nPowTargetSpacing;
+                if (!AdditionOverflow(fixed_time, seconds)) {
+                    current_block.nTime = fixed_time + seconds;
+                }
            }
            if (fuzzed_data_provider.ConsumeBool()) {
                current_block.nBits = fixed_bits;
--- a/src/test/fuzz/script.cpp
+++ b/src/test/fuzz/script.cpp
@ -154,13 +154,13 @@ FUZZ_TARGET_INIT(script, initialize_script)

    {
        WitnessUnknown witness_unknown_1{};
-        witness_unknown_1.version = fuzzed_data_provider.ConsumeIntegral<int>();
+        witness_unknown_1.version = fuzzed_data_provider.ConsumeIntegral<uint32_t>();
        const std::vector<uint8_t> witness_unknown_program_1 = fuzzed_data_provider.ConsumeBytes<uint8_t>(40);
        witness_unknown_1.length = witness_unknown_program_1.size();
        std::copy(witness_unknown_program_1.begin(), witness_unknown_program_1.end(), witness_unknown_1.program);

        WitnessUnknown witness_unknown_2{};
-        witness_unknown_2.version = fuzzed_data_provider.ConsumeIntegral<int>();
+        witness_unknown_2.version = fuzzed_data_provider.ConsumeIntegral<uint32_t>();
        const std::vector<uint8_t> witness_unknown_program_2 = fuzzed_data_provider.ConsumeBytes<uint8_t>(40);
        witness_unknown_2.length = witness_unknown_program_2.size();
        std::copy(witness_unknown_program_2.begin(), witness_unknown_program_2.end(), witness_unknown_2.program);
--- a/src/test/fuzz/util.h
+++ b/src/test/fuzz/util.h
@ -196,7 +196,7 @@ template <typename WeakEnumType, size_t size>
        },
        [&] {
            WitnessUnknown witness_unknown{};
-            witness_unknown.version = fuzzed_data_provider.ConsumeIntegral<int>();
+            witness_unknown.version = fuzzed_data_provider.ConsumeIntegral<uint32_t>();
            const std::vector<uint8_t> witness_unknown_program_1 = fuzzed_data_provider.ConsumeBytes<uint8_t>(40);
            witness_unknown.length = witness_unknown_program_1.size();
            std::copy(witness_unknown_program_1.begin(), witness_unknown_program_1.end(), witness_unknown.program);