signature__checker_8cpp_source.html

// Copyright (c) 2009-2022 The Bitcoin Core developers

// Distributed under the MIT software license, see the accompanying

// file COPYING or http://www.opensource.org/licenses/mit-license.php.


#include <pubkey.h>

#include <script/interpreter.h>

#include <test/fuzz/FuzzedDataProvider.h>

#include <test/fuzz/fuzz.h>

#include <test/fuzz/util.h>

#include <test/util/script.h>


#include <cstdint>

#include <limits>

#include <string>

#include <vector>


namespace {

class FuzzedSignatureChecker : public BaseSignatureChecker

{

    FuzzedDataProvider& m_fuzzed_data_provider;


public:

    explicit FuzzedSignatureChecker(FuzzedDataProvider& fuzzed_data_provider) : m_fuzzed_data_provider(fuzzed_data_provider)

    {

    }


    bool CheckECDSASignature(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override

    {

        return m_fuzzed_data_provider.ConsumeBool();

    }


    bool CheckSchnorrSignature(Span<const unsigned char> sig, Span<const unsigned char> pubkey, SigVersion sigversion, ScriptExecutionData& execdata, ScriptError* serror = nullptr) const override

    {

        return m_fuzzed_data_provider.ConsumeBool();

    }


    bool CheckLockTime(const CScriptNum& nLockTime) const override

    {

        return m_fuzzed_data_provider.ConsumeBool();

    }


    bool CheckSequence(const CScriptNum& nSequence) const override

    {

        return m_fuzzed_data_provider.ConsumeBool();

    }


    virtual ~FuzzedSignatureChecker() = default;

};

} // namespace


FUZZ_TARGET(signature_checker)

{

    FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());

    const unsigned int flags = fuzzed_data_provider.ConsumeIntegral<unsigned int>();

    const SigVersion sig_version = fuzzed_data_provider.PickValueInArray({SigVersion::BASE, SigVersion::WITNESS_V0});

    const auto script_1{ConsumeScript(fuzzed_data_provider)};

    const auto script_2{ConsumeScript(fuzzed_data_provider)};

    std::vector<std::vector<unsigned char>> stack;

    (void)EvalScript(stack, script_1, flags, FuzzedSignatureChecker(fuzzed_data_provider), sig_version, nullptr);

    if (!IsValidFlagCombination(flags)) {

        return;

    }

    (void)VerifyScript(script_1, script_2, nullptr, flags, FuzzedSignatureChecker(fuzzed_data_provider), nullptr);

}

FuzzedDataProvider.h

flags
int flags
Definition: bitcoin-tx.cpp:536

BaseSignatureChecker
Definition: interpreter.h:246

BaseSignatureChecker::CheckLockTime
virtual bool CheckLockTime(const CScriptNum &nLockTime) const
Definition: interpreter.h:258

BaseSignatureChecker::CheckSchnorrSignature
virtual bool CheckSchnorrSignature(Span< const unsigned char > sig, Span< const unsigned char > pubkey, SigVersion sigversion, ScriptExecutionData &execdata, ScriptError *serror=nullptr) const
Definition: interpreter.h:253

BaseSignatureChecker::CheckSequence
virtual bool CheckSequence(const CScriptNum &nSequence) const
Definition: interpreter.h:263

BaseSignatureChecker::CheckECDSASignature
virtual bool CheckECDSASignature(const std::vector< unsigned char > &scriptSig, const std::vector< unsigned char > &vchPubKey, const CScript &scriptCode, SigVersion sigversion) const
Definition: interpreter.h:248

CScript
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:415

CScriptNum
Definition: script.h:227

FuzzedDataProvider
Definition: FuzzedDataProvider.h:32

FuzzedDataProvider::ConsumeBool
bool ConsumeBool()
Definition: FuzzedDataProvider.h:289

FuzzedDataProvider::PickValueInArray
T PickValueInArray(const T(&array)[size])
Definition: FuzzedDataProvider.h:304

FuzzedDataProvider::ConsumeIntegral
T ConsumeIntegral()
Definition: FuzzedDataProvider.h:195

Span< const unsigned char >

fuzz.h

EvalScript
bool EvalScript(std::vector< std::vector< unsigned char > > &stack, const CScript &script, unsigned int flags, const BaseSignatureChecker &checker, SigVersion sigversion, ScriptExecutionData &execdata, ScriptError *serror)
Definition: interpreter.cpp:406

VerifyScript
bool VerifyScript(const CScript &scriptSig, const CScript &scriptPubKey, const CScriptWitness *witness, unsigned int flags, const BaseSignatureChecker &checker, ScriptError *serror)
Definition: interpreter.cpp:1958

interpreter.h

SigVersion
SigVersion
Definition: interpreter.h:191

SigVersion::BASE
@ BASE
Bare scripts and BIP16 P2SH-wrapped redeemscripts.

SigVersion::WITNESS_V0
@ WITNESS_V0
Witness v0 (P2WPKH and P2WSH); see BIP 141.

pubkey.h

ScriptError
enum ScriptError_t ScriptError

FUZZ_TARGET
FUZZ_TARGET(signature_checker)
Definition: signature_checker.cpp:51

ScriptExecutionData
Definition: interpreter.h:199

ConsumeScript
CScript ConsumeScript(FuzzedDataProvider &fuzzed_data_provider, const bool maybe_p2wsh) noexcept
Definition: util.cpp:93

util.h

IsValidFlagCombination
bool IsValidFlagCombination(unsigned flags)
Flags that are not forbidden by an assert in script validation.
Definition: script.cpp:8

script.h