Bitcoin Core 28.99.0
P2P Digital Currency
descriptor_parse.cpp
Go to the documentation of this file.
1// Copyright (c) 2009-2021 The Bitcoin Core developers
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5#include <chainparams.h>
6#include <key_io.h>
7#include <pubkey.h>
8#include <script/descriptor.h>
9#include <test/fuzz/fuzz.h>
10#include <test/fuzz/util/descriptor.h>
11#include <util/chaintype.h>
12#include <util/strencodings.h>
13
15MockedDescriptorConverter MOCKED_DESC_CONVERTER;
16
18static void TestDescriptor(const Descriptor& desc, FlatSigningProvider& sig_provider, std::string& dummy, std::optional<bool>& is_ranged, std::optional<bool>& is_solvable)
19{
20 // Trivial helpers.
21 (void)desc.IsRange();
22 (void)desc.IsSingleType();
23 (void)desc.GetOutputType();
24
25 if (is_ranged.has_value()) {
26 assert(desc.IsRange() == *is_ranged);
27 } else {
28 is_ranged = desc.IsRange();
29 }
30 if (is_solvable.has_value()) {
31 assert(desc.IsSolvable() == *is_solvable);
32 } else {
33 is_solvable = desc.IsSolvable();
34 }
35
36 // Serialization to string representation.
37 (void)desc.ToString();
38 (void)desc.ToPrivateString(sig_provider, dummy);
39 (void)desc.ToNormalizedString(sig_provider, dummy);
40
41 // Serialization to Script.
42 DescriptorCache cache;
43 std::vector<CScript> out_scripts;
44 (void)desc.Expand(0, sig_provider, out_scripts, sig_provider, &cache);
45 (void)desc.ExpandPrivate(0, sig_provider, sig_provider);
46 (void)desc.ExpandFromCache(0, cache, out_scripts, sig_provider);
47
48 // If we could serialize to script we must be able to infer using the same provider.
49 if (!out_scripts.empty()) {
50 assert(InferDescriptor(out_scripts.back(), sig_provider));
51
52 // The ScriptSize() must match the size of the serialized Script. (ScriptSize() is set for all descs but 'combo()'.)
53 const bool is_combo{!desc.IsSingleType()};
54 assert(is_combo || desc.ScriptSize() == out_scripts.back().size());
55 }
56
57 const auto max_sat_maxsig{desc.MaxSatisfactionWeight(true)};
58 const auto max_sat_nonmaxsig{desc.MaxSatisfactionWeight(true)};
59 const auto max_elems{desc.MaxSatisfactionElems()};
60 // We must be able to estimate the max satisfaction size for any solvable descriptor (but combo).
61 const bool is_nontop_or_nonsolvable{!*is_solvable || !desc.GetOutputType()};
62 const bool is_input_size_info_set{max_sat_maxsig && max_sat_nonmaxsig && max_elems};
63 assert(is_input_size_info_set || is_nontop_or_nonsolvable);
64}
65
66void initialize_descriptor_parse()
67{
68 static ECC_Context ecc_context{};
69 SelectParams(ChainType::MAIN);
70}
71
72void initialize_mocked_descriptor_parse()
73{
74 initialize_descriptor_parse();
75 MOCKED_DESC_CONVERTER.Init();
76}
77
78FUZZ_TARGET(mocked_descriptor_parse, .init = initialize_mocked_descriptor_parse)
79{
80 // Key derivation is expensive. Deriving deep derivation paths take a lot of compute and we'd
81 // rather spend time elsewhere in this target, like on the actual descriptor syntax. So rule
82 // out strings which could correspond to a descriptor containing a too large derivation path.
83 if (HasDeepDerivPath(buffer)) return;
84
85 // Some fragments can take a virtually unlimited number of sub-fragments (thresh, multi_a) but
86 // may perform quadratic operations on them. Limit the number of sub-fragments per fragment.
87 if (HasTooManySubFrag(buffer)) return;
88
89 // The script building logic performs quadratic copies in the number of nested wrappers. Limit
90 // the number of nested wrappers per fragment.
91 if (HasTooManyWrappers(buffer)) return;
92
93 const std::string mocked_descriptor{buffer.begin(), buffer.end()};
94 if (const auto descriptor = MOCKED_DESC_CONVERTER.GetDescriptor(mocked_descriptor)) {
95 FlatSigningProvider signing_provider;
96 std::string error;
97 const auto desc = Parse(*descriptor, signing_provider, error);
98 std::optional<bool> is_ranged;
99 std::optional<bool> is_solvable;
100 for (const auto& d : desc) {
101 assert(d);
102 TestDescriptor(*d, signing_provider, error, is_ranged, is_solvable);
103 }
104 }
105}
106
107FUZZ_TARGET(descriptor_parse, .init = initialize_descriptor_parse)
108{
109 // See comments above for rationales.
110 if (HasDeepDerivPath(buffer)) return;
111 if (HasTooManySubFrag(buffer)) return;
112 if (HasTooManyWrappers(buffer)) return;
113
114 const std::string descriptor(buffer.begin(), buffer.end());
115 FlatSigningProvider signing_provider;
116 std::string error;
117 for (const bool require_checksum : {true, false}) {
118 const auto desc = Parse(descriptor, signing_provider, error, require_checksum);
119 std::optional<bool> is_ranged;
120 std::optional<bool> is_solvable;
121 for (const auto& d : desc) {
122 assert(d);
123 TestDescriptor(*d, signing_provider, error, is_ranged, is_solvable);
124 }
125 }
126}
ecc_context
ECC_Context ecc_context
Definition: bitcoin-wallet.cpp:135
SelectParams
void SelectParams(const ChainType chain)
Sets the params returned by Params() to those for the given chain type.
Definition: chainparams.cpp:135
DescriptorCache
Cache for single descriptor's derived extended pubkeys.
Definition: descriptor.h:19
ECC_Context
RAII class initializing and deinitializing global state for elliptic curve support.
Definition: key.h:322
MockedDescriptorConverter
Converts a mocked descriptor string to a valid one.
Definition: descriptor.h:21
MockedDescriptorConverter::Init
void Init()
When initializing the target, populate the list of keys.
Definition: descriptor.cpp:10
MockedDescriptorConverter::GetDescriptor
std::optional< std::string > GetDescriptor(std::string_view mocked_desc) const
Get an actual descriptor string from a descriptor string whose keys were mocked.
Definition: descriptor.cpp:51
Parse
static UniValue Parse(std::string_view raw)
Parse string to UniValue or throw runtime_error if string contains invalid JSON.
Definition: client.cpp:327
TestDescriptor
static void TestDescriptor(const Descriptor &desc, FlatSigningProvider &sig_provider, std::string &dummy, std::optional< bool > &is_ranged, std::optional< bool > &is_solvable)
Test a successfully parsed descriptor.
Definition: descriptor_parse.cpp:18
FUZZ_TARGET
FUZZ_TARGET(mocked_descriptor_parse,.init=initialize_mocked_descriptor_parse)
Definition: descriptor_parse.cpp:78
initialize_mocked_descriptor_parse
void initialize_mocked_descriptor_parse()
Definition: descriptor_parse.cpp:72
initialize_descriptor_parse
void initialize_descriptor_parse()
Definition: descriptor_parse.cpp:66
MOCKED_DESC_CONVERTER
MockedDescriptorConverter MOCKED_DESC_CONVERTER
The converter of mocked descriptors, needs to be initialized when the target is.
Definition: descriptor_parse.cpp:15
key_io.h
InferDescriptor
std::unique_ptr< Descriptor > InferDescriptor(const CScript &script, const SigningProvider &provider)
Find a descriptor for the specified script, using information from provider where possible.
Definition: descriptor.cpp:2394
Descriptor
Interface for parsed descriptor objects.
Definition: descriptor.h:98
Descriptor::IsSingleType
virtual bool IsSingleType() const =0
Whether this descriptor will return one scriptPubKey or multiple (aka is or is not combo)
Descriptor::MaxSatisfactionElems
virtual std::optional< int64_t > MaxSatisfactionElems() const =0
Get the maximum size number of stack elements for satisfying this descriptor.
Descriptor::ToNormalizedString
virtual bool ToNormalizedString(const SigningProvider &provider, std::string &out, const DescriptorCache *cache=nullptr) const =0
Convert the descriptor to a normalized string.
Descriptor::MaxSatisfactionWeight
virtual std::optional< int64_t > MaxSatisfactionWeight(bool use_max_sig) const =0
Get the maximum size of a satisfaction for this descriptor, in weight units.
Descriptor::ToString
virtual std::string ToString(bool compat_format=false) const =0
Convert the descriptor back to a string, undoing parsing.
Descriptor::GetOutputType
virtual std::optional< OutputType > GetOutputType() const =0
Descriptor::Expand
virtual bool Expand(int pos, const SigningProvider &provider, std::vector< CScript > &output_scripts, FlatSigningProvider &out, DescriptorCache *write_cache=nullptr) const =0
Expand a descriptor at a specified position.
Descriptor::IsRange
virtual bool IsRange() const =0
Whether the expansion of this descriptor depends on the position.
Descriptor::ScriptSize
virtual std::optional< int64_t > ScriptSize() const =0
Get the size of the scriptPubKey for this descriptor.
Descriptor::IsSolvable
virtual bool IsSolvable() const =0
Whether this descriptor has all information about signing ignoring lack of private keys.
Descriptor::ExpandPrivate
virtual void ExpandPrivate(int pos, const SigningProvider &provider, FlatSigningProvider &out) const =0
Expand the private key for a descriptor at a specified position, if possible.
Descriptor::ToPrivateString
virtual bool ToPrivateString(const SigningProvider &provider, std::string &out) const =0
Convert the descriptor to a private string.
Descriptor::ExpandFromCache
virtual bool ExpandFromCache(int pos, const DescriptorCache &read_cache, std::vector< CScript > &output_scripts, FlatSigningProvider &out) const =0
Expand a descriptor at a specified position using cached expansion data.
HasTooManySubFrag
bool HasTooManySubFrag(const FuzzBufferType &buff, const int max_subs, const size_t max_nested_subs)
Whether the buffer, if it represents a valid descriptor, contains a fragment with more sub-fragments ...
Definition: descriptor.cpp:91
HasTooManyWrappers
bool HasTooManyWrappers(const FuzzBufferType &buff, const int max_wrappers)
Whether the buffer, if it represents a valid descriptor, contains a fragment with more wrappers than ...
Definition: descriptor.cpp:115
HasDeepDerivPath
bool HasDeepDerivPath(const FuzzBufferType &buff, const int max_depth)
Whether the buffer, if it represents a valid descriptor, contains a derivation path deeper than a giv...
Definition: descriptor.cpp:77
assert
assert(!tx.IsCoinBase())
Generated on Wed Dec 18 2024 20:00:13 for Bitcoin Core by doxygen 1.9.4