X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=fuzz%2Ffuzz_targets%2Fchannel_target.rs;h=e7cc6f76c999e42d6bdfc861a6a0244f500b1885;hb=1f1f82569a1774d2f6cb84e1de3c55dc733022c8;hp=38f898c53298d59673c2064fbd928633e91a7d38;hpb=03c6f84aa82e04c20692f01303bb9eaf6fde4411;p=rust-lightning diff --git a/fuzz/fuzz_targets/channel_target.rs b/fuzz/fuzz_targets/channel_target.rs index 38f898c5..e7cc6f76 100644 --- a/fuzz/fuzz_targets/channel_target.rs +++ b/fuzz/fuzz_targets/channel_target.rs @@ -8,13 +8,14 @@ use bitcoin::util::hash::Sha256dHash; use bitcoin::network::serialize::{serialize, BitcoinHash}; use lightning::ln::channel::{Channel, ChannelKeys}; -use lightning::ln::channelmanager::{HTLCFailReason, PendingForwardHTLCInfo}; +use lightning::ln::channelmanager::{HTLCFailReason, HTLCSource, PendingHTLCStatus}; use lightning::ln::msgs; -use lightning::ln::msgs::{MsgDecodable, ErrorAction}; +use lightning::ln::msgs::{ErrorAction}; use lightning::chain::chaininterface::{FeeEstimator, ConfirmationTarget}; use lightning::chain::transaction::OutPoint; use lightning::util::reset_rng_state; use lightning::util::logger::Logger; +use lightning::util::ser::Readable; mod utils; @@ -119,20 +120,24 @@ pub fn do_test(data: &[u8]) { } macro_rules! decode_msg { - ($MsgType: path, $len: expr) => { - match <($MsgType)>::decode(get_slice!($len)) { + ($MsgType: path, $len: expr) => {{ + let mut reader = ::std::io::Cursor::new(get_slice!($len)); + match <($MsgType)>::read(&mut reader) { Ok(msg) => msg, Err(e) => match e { msgs::DecodeError::UnknownRealmByte => return, + msgs::DecodeError::UnknownRequiredFeature => return, msgs::DecodeError::BadPublicKey => return, msgs::DecodeError::BadSignature => return, msgs::DecodeError::BadText => return, msgs::DecodeError::ExtraAddressesPerType => return, msgs::DecodeError::BadLengthDescriptor => return, msgs::DecodeError::ShortRead => panic!("We picked the length..."), + msgs::DecodeError::InvalidValue => panic!("Should not happen with p2p message decoding"), + msgs::DecodeError::Io(e) => panic!(format!("{}", e)), } } - } + }} } macro_rules! decode_msg_with_len16 { @@ -142,18 +147,7 @@ pub fn do_test(data: &[u8]) { Some(slice) => slice, None => return, }[$begin_len..$begin_len + 2]); - match <($MsgType)>::decode(get_slice!($begin_len as usize + 2 + (extra_len as usize)*$factor)) { - Ok(msg) => msg, - Err(e) => match e { - msgs::DecodeError::UnknownRealmByte => return, - msgs::DecodeError::BadPublicKey => return, - msgs::DecodeError::BadSignature => return, - msgs::DecodeError::BadText => return, - msgs::DecodeError::ExtraAddressesPerType => return, - msgs::DecodeError::BadLengthDescriptor => return, - msgs::DecodeError::ShortRead => panic!("We picked the length..."), - } - } + decode_msg!($MsgType, $begin_len as usize + 2 + (extra_len as usize)*$factor) } } } @@ -199,8 +193,11 @@ pub fn do_test(data: &[u8]) { let mut channel = if get_slice!(1)[0] != 0 { let chan_value = slice_to_be24(get_slice!(3)); - let mut chan = Channel::new_outbound(&fee_est, chan_keys!(), their_pubkey, chan_value, get_slice!(1)[0] == 0, slice_to_be64(get_slice!(8)), Arc::clone(&logger)); - chan.get_open_channel(Sha256dHash::from(get_slice!(32)), &fee_est).unwrap(); + let mut chan = match Channel::new_outbound(&fee_est, chan_keys!(), their_pubkey, chan_value, slice_to_be24(get_slice!(3)), get_slice!(1)[0] == 0, slice_to_be64(get_slice!(8)), Arc::clone(&logger)) { + Ok(chan) => chan, + Err(_) => return, + }; + chan.get_open_channel(Sha256dHash::from(get_slice!(32)), &fee_est); let accept_chan = if get_slice!(1)[0] == 0 { decode_msg_with_len16!(msgs::AcceptChannel, 270, 1) } else { @@ -225,7 +222,7 @@ pub fn do_test(data: &[u8]) { Ok(chan) => chan, Err(_) => return, }; - chan.get_accept_channel().unwrap(); + chan.get_accept_channel(); tx.output.push(TxOut{ value: open_chan.funding_satoshis, script_pubkey: chan.get_funding_redeemscript().to_v0_p2wsh() }); let funding_output = OutPoint::new(Sha256dHash::from_data(&serialize(&tx).unwrap()[..]), 0); @@ -253,7 +250,6 @@ pub fn do_test(data: &[u8]) { Ok(r) => Some(r), Err(e) => match e.action { None => return, - Some(ErrorAction::UpdateFailHTLC {..}) => None, Some(ErrorAction::DisconnectPeer {..}) => return, Some(ErrorAction::IgnoreError) => None, Some(ErrorAction::SendErrorMessage {..}) => None, @@ -265,9 +261,9 @@ pub fn do_test(data: &[u8]) { loop { match get_slice!(1)[0] { 0 => { - test_err!(channel.send_htlc(slice_to_be64(get_slice!(8)), [42; 32], slice_to_be32(get_slice!(4)), msgs::OnionPacket { + test_err!(channel.send_htlc(slice_to_be64(get_slice!(8)), [42; 32], slice_to_be32(get_slice!(4)), HTLCSource::dummy(), msgs::OnionPacket { version: get_slice!(1)[0], - public_key: get_pubkey!(), + public_key: PublicKey::from_slice(&secp_ctx, get_slice!(33)), hop_data: [0; 20*65], hmac: [0; 32], })); @@ -277,7 +273,7 @@ pub fn do_test(data: &[u8]) { }, 2 => { let update_add_htlc = decode_msg!(msgs::UpdateAddHTLC, 32+8+8+32+4+4+33+20*65+32); - test_err!(channel.update_add_htlc(&update_add_htlc, PendingForwardHTLCInfo::dummy())); + test_err!(channel.update_add_htlc(&update_add_htlc, PendingHTLCStatus::dummy())); }, 3 => { let update_fulfill_htlc = decode_msg!(msgs::UpdateFulfillHTLC, 32 + 8 + 32); @@ -322,11 +318,11 @@ pub fn do_test(data: &[u8]) { } #[cfg(feature = "afl")] -extern crate afl; +#[macro_use] extern crate afl; #[cfg(feature = "afl")] fn main() { - afl::read_stdio_bytes(|data| { - do_test(&data); + fuzz!(|data| { + do_test(data); }); }