Bitcoin Core 31.99.0
P2P Digital Currency
deserialize.cpp
Go to the documentation of this file.
1// Copyright (c) 2009-present The Bitcoin Core developers
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5#include <addrdb.h>
6#include <addrman.h>
7#include <addrman_impl.h>
8#include <blockencodings.h>
9#include <blockfilter.h>
10#include <chain.h>
11#include <coins.h>
12#include <common/args.h>
13#include <compressor.h>
14#include <consensus/merkle.h>
15#include <key.h>
16#include <merkleblock.h>
17#include <net.h>
18#include <netbase.h>
19#include <netgroup.h>
20#include <node/blockstorage.h>
21#include <node/utxo_snapshot.h>
22#include <primitives/block.h>
23#include <protocol.h>
24#include <psbt.h>
25#include <pubkey.h>
26#include <script/keyorigin.h>
27#include <streams.h>
28#include <test/fuzz/fuzz.h>
29#include <test/fuzz/util.h>
30#include <test/util/setup_common.h>
31#include <undo.h>
32
33#include <cstdint>
34#include <exception>
35#include <optional>
36#include <stdexcept>
37
38using kernel::CBlockFileInfo;
39using node::SnapshotMetadata;
40
41void initialize_deserialize()
42{
43 static const auto testing_setup = MakeNoLogFileContext<>();
44}
45
46#define FUZZ_TARGET_DESERIALIZE(name, code) \
47 FUZZ_TARGET(name, .init = initialize_deserialize) \
48 { \
49 try { \
50 code \
51 } catch (const invalid_fuzzing_input_exception&) { \
52 } \
53 }
54
55namespace {
56
57struct invalid_fuzzing_input_exception : public std::exception {
58};
59
60template <typename T, typename P>
61DataStream Serialize(const T& obj, const P& params)
62{
63 DataStream ds{};
64 ds << params(obj);
65 return ds;
66}
67
68template <typename T, typename P>
69T Deserialize(DataStream&& ds, const P& params)
70{
71 T obj;
72 ds >> params(obj);
73 return obj;
74}
75
76template <typename T, typename P>
77void DeserializeFromFuzzingInput(FuzzBufferType buffer, T&& obj, const P& params)
78{
79 try {
80 SpanReader{buffer} >> params(obj);
81 } catch (const std::ios_base::failure&) {
82 throw invalid_fuzzing_input_exception();
83 }
84 assert(buffer.empty() || !Serialize(obj, params).empty());
85}
86
87template <typename T>
88DataStream Serialize(const T& obj)
89{
90 DataStream ds{};
91 ds << obj;
92 return ds;
93}
94
95template <typename T>
96T Deserialize(DataStream ds)
97{
98 T obj;
99 ds >> obj;
100 return obj;
101}
102
103template <typename T>
104void DeserializeFromFuzzingInput(FuzzBufferType buffer, T&& obj)
105{
106 try {
107 SpanReader{buffer} >> obj;
108 } catch (const std::ios_base::failure&) {
109 throw invalid_fuzzing_input_exception();
110 }
111 assert(buffer.empty() || !Serialize(obj).empty());
112}
113
114template <typename T>
115T DeserializeConstructFromFuzzingInput(FuzzBufferType buffer)
116{
117 try {
118 SpanReader reader{buffer};
119 T obj(deserialize, reader);
120 assert(buffer.empty() || !Serialize(obj).empty());
121 return obj;
122 } catch (const std::ios_base::failure&) {
123 throw invalid_fuzzing_input_exception();
124 }
125}
126
127template <typename T, typename P>
128void AssertEqualAfterSerializeDeserialize(const T& obj, const P& params)
129{
130 assert(Deserialize<T>(Serialize(obj, params), params) == obj);
131}
132template <typename T>
133void AssertEqualAfterSerializeDeserialize(const T& obj)
134{
135 assert(Deserialize<T>(Serialize(obj)) == obj);
136}
137
138} // namespace
139
140FUZZ_TARGET_DESERIALIZE(block_filter_deserialize, {
141 BlockFilter block_filter;
142 DeserializeFromFuzzingInput(buffer, block_filter);
143})
144FUZZ_TARGET(addr_info_deserialize, .init = initialize_deserialize)
145{
146 FuzzedDataProvider fdp{buffer.data(), buffer.size()};
147 (void)ConsumeDeserializable<AddrInfo>(fdp, ConsumeDeserializationParams<CAddress::SerParams>(fdp));
148}
149FUZZ_TARGET_DESERIALIZE(block_file_info_deserialize, {
150 CBlockFileInfo block_file_info;
151 DeserializeFromFuzzingInput(buffer, block_file_info);
152})
153FUZZ_TARGET_DESERIALIZE(block_header_and_short_txids_deserialize, {
154 CBlockHeaderAndShortTxIDs block_header_and_short_txids;
155 DeserializeFromFuzzingInput(buffer, block_header_and_short_txids);
156})
157FUZZ_TARGET_DESERIALIZE(fee_rate_deserialize, {
158 CFeeRate fee_rate;
159 DeserializeFromFuzzingInput(buffer, fee_rate);
160 AssertEqualAfterSerializeDeserialize(fee_rate);
161})
162FUZZ_TARGET_DESERIALIZE(merkle_block_deserialize, {
163 CMerkleBlock merkle_block;
164 DeserializeFromFuzzingInput(buffer, merkle_block);
165})
166FUZZ_TARGET_DESERIALIZE(out_point_deserialize, {
167 COutPoint out_point;
168 DeserializeFromFuzzingInput(buffer, out_point);
169 AssertEqualAfterSerializeDeserialize(out_point);
170})
171FUZZ_TARGET_DESERIALIZE(partial_merkle_tree_deserialize, {
172 CPartialMerkleTree partial_merkle_tree;
173 DeserializeFromFuzzingInput(buffer, partial_merkle_tree);
174})
175FUZZ_TARGET_DESERIALIZE(pub_key_deserialize, {
176 CPubKey pub_key;
177 DeserializeFromFuzzingInput(buffer, pub_key);
178 AssertEqualAfterSerializeDeserialize(pub_key);
179})
180FUZZ_TARGET_DESERIALIZE(script_deserialize, {
181 CScript script;
182 DeserializeFromFuzzingInput(buffer, script);
183})
184FUZZ_TARGET_DESERIALIZE(tx_in_deserialize, {
185 CTxIn tx_in;
186 DeserializeFromFuzzingInput(buffer, tx_in);
187 AssertEqualAfterSerializeDeserialize(tx_in);
188})
189FUZZ_TARGET_DESERIALIZE(flat_file_pos_deserialize, {
190 FlatFilePos flat_file_pos;
191 DeserializeFromFuzzingInput(buffer, flat_file_pos);
192 AssertEqualAfterSerializeDeserialize(flat_file_pos);
193})
194FUZZ_TARGET_DESERIALIZE(key_origin_info_deserialize, {
195 KeyOriginInfo key_origin_info;
196 DeserializeFromFuzzingInput(buffer, key_origin_info);
197 AssertEqualAfterSerializeDeserialize(key_origin_info);
198})
199FUZZ_TARGET_DESERIALIZE(partially_signed_transaction_deserialize, {
200 PartiallySignedTransaction partially_signed_transaction = DeserializeConstructFromFuzzingInput<PartiallySignedTransaction>(buffer);
201})
202FUZZ_TARGET_DESERIALIZE(prefilled_transaction_deserialize, {
203 PrefilledTransaction prefilled_transaction;
204 DeserializeFromFuzzingInput(buffer, prefilled_transaction);
205})
206FUZZ_TARGET_DESERIALIZE(psbt_input_deserialize, {
207 PSBTInput psbt_input(0, Txid{}, 0);
208 DeserializeFromFuzzingInput(buffer, psbt_input);
209})
210FUZZ_TARGET_DESERIALIZE(psbt_output_deserialize, {
211 PSBTOutput psbt_output(0, 0, CScript());
212 DeserializeFromFuzzingInput(buffer, psbt_output);
213})
214FUZZ_TARGET_DESERIALIZE(block_deserialize, {
215 CBlock block;
216 DeserializeFromFuzzingInput(buffer, TX_WITH_WITNESS(block));
217})
218FUZZ_TARGET_DESERIALIZE(blocklocator_deserialize, {
219 CBlockLocator bl;
220 DeserializeFromFuzzingInput(buffer, bl);
221})
222FUZZ_TARGET_DESERIALIZE(blockmerkleroot, {
223 CBlock block;
224 DeserializeFromFuzzingInput(buffer, TX_WITH_WITNESS(block));
225 bool mutated;
226 BlockMerkleRoot(block, &mutated);
227})
228FUZZ_TARGET_DESERIALIZE(blockheader_deserialize, {
229 CBlockHeader bh;
230 DeserializeFromFuzzingInput(buffer, bh);
231})
232FUZZ_TARGET_DESERIALIZE(txundo_deserialize, {
233 CTxUndo tu;
234 DeserializeFromFuzzingInput(buffer, tu);
235})
236FUZZ_TARGET_DESERIALIZE(blockundo_deserialize, {
237 CBlockUndo bu;
238 DeserializeFromFuzzingInput(buffer, bu);
239})
240FUZZ_TARGET_DESERIALIZE(coins_deserialize, {
241 Coin coin;
242 DeserializeFromFuzzingInput(buffer, coin);
243})
244FUZZ_TARGET(netaddr_deserialize, .init = initialize_deserialize)
245{
246 FuzzedDataProvider fdp{buffer.data(), buffer.size()};
247 const auto maybe_na{ConsumeDeserializable<CNetAddr>(fdp, ConsumeDeserializationParams<CNetAddr::SerParams>(fdp))};
248 if (!maybe_na) return;
249 const CNetAddr& na{*maybe_na};
250 if (na.IsAddrV1Compatible()) {
251 AssertEqualAfterSerializeDeserialize(na, CNetAddr::V1);
252 }
253 AssertEqualAfterSerializeDeserialize(na, CNetAddr::V2);
254}
255FUZZ_TARGET(service_deserialize, .init = initialize_deserialize)
256{
257 FuzzedDataProvider fdp{buffer.data(), buffer.size()};
258 const auto ser_params{ConsumeDeserializationParams<CNetAddr::SerParams>(fdp)};
259 const auto maybe_s{ConsumeDeserializable<CService>(fdp, ser_params)};
260 if (!maybe_s) return;
261 const CService& s{*maybe_s};
262 if (s.IsAddrV1Compatible()) {
263 AssertEqualAfterSerializeDeserialize(s, CNetAddr::V1);
264 }
265 AssertEqualAfterSerializeDeserialize(s, CNetAddr::V2);
266 if (ser_params.enc == CNetAddr::Encoding::V1) {
267 assert(s.IsAddrV1Compatible());
268 }
269}
270FUZZ_TARGET_DESERIALIZE(messageheader_deserialize, {
271 CMessageHeader mh;
272 DeserializeFromFuzzingInput(buffer, mh);
273 (void)mh.IsMessageTypeValid();
274})
275FUZZ_TARGET(address_deserialize, .init = initialize_deserialize)
276{
277 FuzzedDataProvider fdp{buffer.data(), buffer.size()};
278 const auto ser_enc{ConsumeDeserializationParams<CAddress::SerParams>(fdp)};
279 const auto maybe_a{ConsumeDeserializable<CAddress>(fdp, ser_enc)};
280 if (!maybe_a) return;
281 const CAddress& a{*maybe_a};
282 // A CAddress in V1 mode will roundtrip
283 // in all 4 formats (v1/v2, network/disk)
284 if (ser_enc.enc == CNetAddr::Encoding::V1) {
285 AssertEqualAfterSerializeDeserialize(a, CAddress::V1_NETWORK);
286 AssertEqualAfterSerializeDeserialize(a, CAddress::V1_DISK);
287 AssertEqualAfterSerializeDeserialize(a, CAddress::V2_NETWORK);
288 AssertEqualAfterSerializeDeserialize(a, CAddress::V2_DISK);
289 } else {
290 // A CAddress in V2 mode will roundtrip in both V2 formats, and also in the V1 formats
291 // if it's V1 compatible.
292 if (a.IsAddrV1Compatible()) {
293 AssertEqualAfterSerializeDeserialize(a, CAddress::V1_DISK);
294 AssertEqualAfterSerializeDeserialize(a, CAddress::V1_NETWORK);
295 }
296 AssertEqualAfterSerializeDeserialize(a, CAddress::V2_NETWORK);
297 AssertEqualAfterSerializeDeserialize(a, CAddress::V2_DISK);
298 }
299}
300FUZZ_TARGET_DESERIALIZE(inv_deserialize, {
301 CInv i;
302 DeserializeFromFuzzingInput(buffer, i);
303})
304FUZZ_TARGET_DESERIALIZE(bloomfilter_deserialize, {
305 CBloomFilter bf;
306 DeserializeFromFuzzingInput(buffer, bf);
307})
308FUZZ_TARGET_DESERIALIZE(diskblockindex_deserialize, {
309 CDiskBlockIndex dbi;
310 DeserializeFromFuzzingInput(buffer, dbi);
311})
312FUZZ_TARGET_DESERIALIZE(txoutcompressor_deserialize, {
313 CTxOut to;
314 auto toc = Using<TxOutCompression>(to);
315 DeserializeFromFuzzingInput(buffer, toc);
316})
317FUZZ_TARGET_DESERIALIZE(blocktransactions_deserialize, {
318 BlockTransactions bt;
319 DeserializeFromFuzzingInput(buffer, bt);
320})
321FUZZ_TARGET_DESERIALIZE(blocktransactionsrequest_deserialize, {
322 BlockTransactionsRequest btr;
323 DeserializeFromFuzzingInput(buffer, btr);
324})
325FUZZ_TARGET_DESERIALIZE(snapshotmetadata_deserialize, {
326 auto msg_start = Params().MessageStart();
327 SnapshotMetadata snapshot_metadata{msg_start};
328 DeserializeFromFuzzingInput(buffer, snapshot_metadata);
329})
330FUZZ_TARGET_DESERIALIZE(uint160_deserialize, {
331 uint160 u160;
332 DeserializeFromFuzzingInput(buffer, u160);
333 AssertEqualAfterSerializeDeserialize(u160);
334})
335FUZZ_TARGET_DESERIALIZE(uint256_deserialize, {
336 uint256 u256;
337 DeserializeFromFuzzingInput(buffer, u256);
338 AssertEqualAfterSerializeDeserialize(u256);
339})
340// Classes intentionally not covered in this file since their deserialization code is
341// fuzzed elsewhere:
342// * Deserialization of CTxOut is fuzzed in test/fuzz/tx_out.cpp
343// * Deserialization of CMutableTransaction is fuzzed in src/test/fuzz/transaction.cpp
addrman_impl.h
Params
const CChainParams & Params()
Return the currently selected parameters.
Definition: chainparams.cpp:112
BlockFilter
Complete block filter struct as defined in BIP 157.
Definition: blockfilter.h:116
CAddress
A CService with information about it as peer.
Definition: protocol.h:367
CAddress::V1_NETWORK
static constexpr SerParams V1_NETWORK
Definition: protocol.h:408
CAddress::V2_NETWORK
static constexpr SerParams V2_NETWORK
Definition: protocol.h:409
CAddress::V1_DISK
static constexpr SerParams V1_DISK
Definition: protocol.h:410
CAddress::V2_DISK
static constexpr SerParams V2_DISK
Definition: protocol.h:411
CBlockHeader
Nodes collect new transactions into a block, hash them into a hash tree, and scan through nonce value...
Definition: block.h:27
CBlock
Definition: block.h:74
CBlockUndo
Undo information for a CBlock.
Definition: undo.h:64
CBloomFilter
BloomFilter is a probabilistic filter which SPV clients provide so that we can filter the transaction...
Definition: bloom.h:45
CChainParams::MessageStart
const MessageStartChars & MessageStart() const
Definition: chainparams.h:90
CDiskBlockIndex
Used to marshal pointers into hashes for db storage.
Definition: chain.h:318
CFeeRate
Fee rate in satoshis per virtualbyte: CAmount / vB the feerate is represented internally as FeeFrac.
Definition: feerate.h:32
CInv
inv message data
Definition: protocol.h:494
CMerkleBlock
Used to relay blocks as header + vector<merkle branch> to filtered nodes.
Definition: merkleblock.h:127
CMessageHeader
Message header.
Definition: protocol.h:29
CMessageHeader::IsMessageTypeValid
bool IsMessageTypeValid() const
Definition: protocol.cpp:26
CNetAddr
Network address.
Definition: netaddress.h:113
CNetAddr::V1
static constexpr SerParams V1
Definition: netaddress.h:231
CNetAddr::V2
static constexpr SerParams V2
Definition: netaddress.h:232
COutPoint
An outpoint - a combination of a transaction hash and an index n into its vout.
Definition: transaction.h:29
CPartialMerkleTree
Data structure that represents a partial merkle tree.
Definition: merkleblock.h:57
CPubKey
An encapsulated public key.
Definition: pubkey.h:34
CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:405
CService
A combination of a network address (CNetAddr) and a (TCP) port.
Definition: netaddress.h:530
CTxIn
An input of a transaction.
Definition: transaction.h:62
CTxOut
An output of a transaction.
Definition: transaction.h:140
CTxUndo
Undo information for a CTransaction.
Definition: undo.h:54
Coin
A UTXO entry.
Definition: coins.h:35
DataStream
Double ended buffer combining vector and stream-like interfaces.
Definition: streams.h:165
PSBTInput
A structure for PSBTs which contain per-input information.
Definition: psbt.h:280
PSBTOutput
A structure for PSBTs which contains per output information.
Definition: psbt.h:938
PartiallySignedTransaction
A version of CTransaction with the PSBT format.
Definition: psbt.h:1239
SpanReader
Minimal stream for reading from an existing byte array by std::span.
Definition: streams.h:83
node::SnapshotMetadata
Metadata describing a serialized version of a UTXO set from which an assumeutxo Chainstate can be con...
Definition: utxo_snapshot.h:38
transaction_identifier< false >
uint160
160-bit opaque blob.
Definition: uint256.h:184
uint256
256-bit opaque blob.
Definition: uint256.h:196
BlockMerkleRoot
uint256 BlockMerkleRoot(const CBlock &block, bool *mutated)
Definition: merkle.cpp:66
FUZZ_TARGET_DESERIALIZE
#define FUZZ_TARGET_DESERIALIZE(name, code)
Definition: deserialize.cpp:46
initialize_deserialize
void initialize_deserialize()
Definition: deserialize.cpp:41
FUZZ_TARGET
#define FUZZ_TARGET(...)
Definition: fuzz.h:35
FuzzBufferType
std::span< const uint8_t > FuzzBufferType
Definition: fuzz.h:25
T
#define T(expected, seed, data)
init
Definition: basic.cpp:8
test_vectors_musig2_generate.s
tuple s
Definition: test_vectors_musig2_generate.py:72
TX_WITH_WITNESS
static constexpr TransactionSerParams TX_WITH_WITNESS
Definition: transaction.h:180
Serialize
void Serialize(Stream &, V)=delete
deserialize
constexpr deserialize_type deserialize
Definition: serialize.h:51
setup_common.h
CBlockLocator
Describes a place in the block chain to another node such that if the other node doesn't have the sam...
Definition: block.h:117
utxo_snapshot.h
assert
assert(!tx.IsCoinBase())
Generated on Sun May 24 2026 20:00:33 for Bitcoin Core by doxygen 1.9.4