Bitcoin Core 31.99.0
P2P Digital Currency
util.h
Go to the documentation of this file.
1// Copyright (c) 2009-present The Bitcoin Core developers
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5#ifndef BITCOIN_TEST_FUZZ_UTIL_H
6#define BITCOIN_TEST_FUZZ_UTIL_H
7
8#include <addresstype.h>
9#include <arith_uint256.h>
10#include <coins.h>
11#include <compat/compat.h>
12#include <consensus/amount.h>
13#include <consensus/consensus.h>
14#include <key.h>
15#include <merkleblock.h>
16#include <pow.h>
18#include <script/script.h>
19#include <serialize.h>
20#include <streams.h>
22#include <test/fuzz/fuzz.h>
23#include <uint256.h>
24#include <validation.h>
25
26#include <algorithm>
27#include <array>
28#include <cstdint>
29#include <cstdio>
30#include <optional>
31#include <string>
32#include <vector>
33
34class PeerManager;
35
36template <typename... Callables>
37size_t CallOneOf(FuzzedDataProvider& fuzzed_data_provider, Callables... callables)
38{
39 constexpr size_t call_size{sizeof...(callables)};
40 static_assert(call_size >= 1);
41 const size_t call_index{fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, call_size - 1)};
42
43 size_t i{0};
44 ((i++ == call_index ? callables() : void()), ...);
45 return call_size;
46}
47
48template <typename Collection>
50{
51 const auto sz{col.size()};
52 assert(sz >= 1);
53 return std::next(col.begin(), fuzzed_data_provider.ConsumeIntegralInRange<decltype(sz)>(0, sz - 1));
54}
55
56template <typename Collection>
58{
60}
61
62template<typename B = uint8_t>
63[[nodiscard]] inline std::vector<B> ConsumeRandomLengthByteVector(FuzzedDataProvider& fuzzed_data_provider, const std::optional<size_t>& max_length = std::nullopt) noexcept
64{
65 static_assert(sizeof(B) == 1);
66 const std::string s = max_length ?
69 std::vector<B> ret(s.size());
70 std::copy(s.begin(), s.end(), reinterpret_cast<char*>(ret.data()));
71 return ret;
72}
73
74[[nodiscard]] inline DataStream ConsumeDataStream(FuzzedDataProvider& fuzzed_data_provider, const std::optional<size_t>& max_length = std::nullopt) noexcept
75{
77}
78
79[[nodiscard]] inline std::vector<std::string> ConsumeRandomLengthStringVector(FuzzedDataProvider& fuzzed_data_provider, const size_t max_vector_size = 16, const size_t max_string_length = 16) noexcept
80{
81 const size_t n_elements = fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, max_vector_size);
82 std::vector<std::string> r;
83 r.reserve(n_elements);
84 for (size_t i = 0; i < n_elements; ++i) {
85 r.push_back(fuzzed_data_provider.ConsumeRandomLengthString(max_string_length));
86 }
87 return r;
88}
89
90template <typename T>
91[[nodiscard]] inline std::vector<T> ConsumeRandomLengthIntegralVector(FuzzedDataProvider& fuzzed_data_provider, const size_t max_vector_size = 16) noexcept
92{
93 const size_t n_elements = fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, max_vector_size);
94 std::vector<T> r;
95 r.reserve(n_elements);
96 for (size_t i = 0; i < n_elements; ++i) {
98 }
99 return r;
100}
101
102template <typename P>
104
105template <typename T, typename P>
106[[nodiscard]] std::optional<T> ConsumeDeserializable(FuzzedDataProvider& fuzzed_data_provider, const P& params, const std::optional<size_t>& max_length = std::nullopt) noexcept
107{
108 const std::vector<uint8_t> buffer{ConsumeRandomLengthByteVector(fuzzed_data_provider, max_length)};
109 SpanReader ds{buffer};
110 T obj;
111 try {
112 ds >> params(obj);
113 } catch (const std::ios_base::failure&) {
114 return std::nullopt;
115 }
116 return obj;
117}
118
119template <typename T>
120[[nodiscard]] inline std::optional<T> ConsumeDeserializable(FuzzedDataProvider& fuzzed_data_provider, const std::optional<size_t>& max_length = std::nullopt) noexcept
121{
122 const std::vector<uint8_t> buffer = ConsumeRandomLengthByteVector(fuzzed_data_provider, max_length);
123 SpanReader ds{buffer};
124 T obj;
125 try {
126 ds >> obj;
127 } catch (const std::ios_base::failure&) {
128 return std::nullopt;
129 }
130 return obj;
131}
132
133template <typename T>
134[[nodiscard]] inline std::optional<T> ConsumeDeserializableConstructor(FuzzedDataProvider& fuzzed_data_provider, const std::optional<size_t>& max_length = std::nullopt) noexcept
135{
136 const std::vector<uint8_t> buffer = ConsumeRandomLengthByteVector(fuzzed_data_provider, max_length);
137 SpanReader ds{buffer};
138 try {
139 T obj(deserialize, ds);
140 return obj;
141 } catch (const std::ios_base::failure&) {
142 return std::nullopt;
143 }
144}
145
146template <typename WeakEnumType, size_t size>
147[[nodiscard]] WeakEnumType ConsumeWeakEnum(FuzzedDataProvider& fuzzed_data_provider, const WeakEnumType (&all_types)[size]) noexcept
148{
150 fuzzed_data_provider.PickValueInArray<WeakEnumType>(all_types) :
151 WeakEnumType(fuzzed_data_provider.ConsumeIntegral<std::underlying_type_t<WeakEnumType>>());
152}
153
155{
156 return static_cast<opcodetype>(fuzzed_data_provider.ConsumeIntegralInRange<uint32_t>(0, MAX_OPCODE));
157}
158
159[[nodiscard]] CAmount ConsumeMoney(FuzzedDataProvider& fuzzed_data_provider, const std::optional<CAmount>& max = std::nullopt) noexcept;
160
161[[nodiscard]] NodeSeconds ConsumeTime(FuzzedDataProvider& fuzzed_data_provider, const std::optional<int64_t>& min = std::nullopt, const std::optional<int64_t>& max = std::nullopt) noexcept;
162
163template <class Dur>
164// Having the compiler infer the template argument from the function argument
165// is dangerous, because the desired return value generally has a different
166// type than the function argument. So std::common_type is used to force the
167// call site to specify the type of the return value.
168[[nodiscard]] Dur ConsumeDuration(FuzzedDataProvider& fuzzed_data_provider, std::common_type_t<Dur> min, std::common_type_t<Dur> max) noexcept
169{
170 return Dur{fuzzed_data_provider.ConsumeIntegralInRange(min.count(), max.count())};
171}
172
173[[nodiscard]] CMutableTransaction ConsumeTransaction(FuzzedDataProvider& fuzzed_data_provider, const std::optional<std::vector<Txid>>& prevout_txids, int max_num_in = 10, int max_num_out = 10) noexcept;
174
175[[nodiscard]] CScriptWitness ConsumeScriptWitness(FuzzedDataProvider& fuzzed_data_provider, size_t max_stack_elem_size = 32) noexcept;
176
177[[nodiscard]] CScript ConsumeScript(FuzzedDataProvider& fuzzed_data_provider, bool maybe_p2wsh = false) noexcept;
178
179[[nodiscard]] uint32_t ConsumeSequence(FuzzedDataProvider& fuzzed_data_provider) noexcept;
180
182{
184}
185
187{
188 const std::vector<uint8_t> v160 = fuzzed_data_provider.ConsumeBytes<uint8_t>(160 / 8);
189 if (v160.size() != 160 / 8) {
190 return {};
191 }
192 return uint160{v160};
193}
194
196{
197 const std::vector<uint8_t> v256 = fuzzed_data_provider.ConsumeBytes<uint8_t>(256 / 8);
198 if (v256.size() != 256 / 8) {
199 return {};
200 }
201 return uint256{v256};
202}
203
205{
207}
208
210{
211 assert(min <= max);
212 const arith_uint256 range = max - min;
214 arith_uint256 result = value;
215 // Avoid division by 0, in case range + 1 results in overflow.
216 if (range != ~arith_uint256(0)) {
217 const arith_uint256 quotient = value / (range + 1);
218 result = value - (quotient * (range + 1));
219 }
220 result += min;
221 assert(result >= min && result <= max);
222 return result;
223}
224
225[[nodiscard]] std::map<COutPoint, Coin> ConsumeCoins(FuzzedDataProvider& fuzzed_data_provider) noexcept;
226
228
229[[nodiscard]] CKey ConsumePrivateKey(FuzzedDataProvider& fuzzed_data_provider, std::optional<bool> compressed = std::nullopt) noexcept;
230
231template <typename T>
232[[nodiscard]] bool MultiplicationOverflow(const T i, const T j) noexcept
233{
234 static_assert(std::is_integral_v<T>, "Integral required.");
235 if (std::numeric_limits<T>::is_signed) {
236 if (i > 0) {
237 if (j > 0) {
238 return i > (std::numeric_limits<T>::max() / j);
239 } else {
240 return j < (std::numeric_limits<T>::min() / i);
241 }
242 } else {
243 if (j > 0) {
244 return i < (std::numeric_limits<T>::min() / j);
245 } else {
246 return i != 0 && (j < (std::numeric_limits<T>::max() / i));
247 }
248 }
249 } else {
250 return j != 0 && i > std::numeric_limits<T>::max() / j;
251 }
252}
253
254[[nodiscard]] bool ContainsSpentInput(const CTransaction& tx, const CCoinsViewCache& inputs) noexcept;
255
259template <typename T, size_t size>
260void SetFuzzedErrNo(FuzzedDataProvider& fuzzed_data_provider, const std::array<T, size>& errnos)
261{
263}
264
265/*
266 * Sets a fuzzed errno in the range [0, 133 (EHWPOISON)]. Can be used from functions emulating
267 * standard library functions that set errno, or in other contexts where the value of errno
268 * might be relevant for the execution path that will be taken.
269 */
271{
272 errno = fuzzed_data_provider.ConsumeIntegralInRange<int>(0, 133);
273}
274
279template<typename B = uint8_t>
280[[nodiscard]] inline std::vector<B> ConsumeFixedLengthByteVector(FuzzedDataProvider& fuzzed_data_provider, const size_t length) noexcept
281{
282 static_assert(sizeof(B) == 1);
283 auto random_bytes = fuzzed_data_provider.ConsumeBytes<B>(length);
284 random_bytes.resize(length);
285 return random_bytes;
286}
287
289{
291 int64_t m_offset = 0;
292
293public:
295 {
296 }
297
298 FILE* open();
299
300 static ssize_t read(void* cookie, char* buf, size_t size);
301
302 static ssize_t write(void* cookie, const char* buf, size_t size);
303
304 static int seek(void* cookie, int64_t* offset, int whence);
305
306 static int close(void* cookie);
307};
308
309#define WRITE_TO_STREAM_CASE(type, consume) \
310 [&] { \
311 type o = consume; \
312 stream << o; \
313 }
314template <typename Stream>
316{
318 try {
319 CallOneOf(
331 WRITE_TO_STREAM_CASE(std::vector<uint8_t>, ConsumeRandomLengthIntegralVector<uint8_t>(fuzzed_data_provider)));
332 } catch (const std::ios_base::failure&) {
333 break;
334 }
335 }
336}
337
338#define READ_FROM_STREAM_CASE(type) \
339 [&] { \
340 type o; \
341 stream >> o; \
342 }
343template <typename Stream>
345{
347 try {
348 CallOneOf(
351 READ_FROM_STREAM_CASE(int8_t),
352 READ_FROM_STREAM_CASE(uint8_t),
353 READ_FROM_STREAM_CASE(int16_t),
354 READ_FROM_STREAM_CASE(uint16_t),
355 READ_FROM_STREAM_CASE(int32_t),
356 READ_FROM_STREAM_CASE(uint32_t),
357 READ_FROM_STREAM_CASE(int64_t),
358 READ_FROM_STREAM_CASE(uint64_t),
359 READ_FROM_STREAM_CASE(std::string),
360 READ_FROM_STREAM_CASE(std::vector<uint8_t>));
361 } catch (const std::ios_base::failure&) {
362 break;
363 }
364 }
365}
366
367inline void FinalizeHeader(CBlockHeader& header, const ChainstateManager& chainman)
368{
369 while (!CheckProofOfWork(header.GetHash(), header.nBits, chainman.GetParams().GetConsensus())) {
370 ++(header.nNonce);
371 }
372}
373
374#endif // BITCOIN_TEST_FUZZ_UTIL_H
std::variant< CNoDestination, PubKeyDestination, PKHash, ScriptHash, WitnessV0ScriptHash, WitnessV0KeyHash, WitnessV1Taproot, PayToAnchor, WitnessUnknown > CTxDestination
A txout script categorized into standard templates.
Definition: addresstype.h:143
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12
arith_uint256 UintToArith256(const uint256 &a)
int ret
Nodes collect new transactions into a block, hash them into a hash tree, and scan through nonce value...
Definition: block.h:27
uint32_t nNonce
Definition: block.h:35
uint32_t nBits
Definition: block.h:34
uint256 GetHash() const
Definition: block.cpp:14
const Consensus::Params & GetConsensus() const
Definition: chainparams.h:89
CCoinsView that adds a memory cache for transactions to another CCoinsView.
Definition: coins.h:405
An encapsulated private key.
Definition: key.h:37
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:406
The basic transaction that is broadcasted on the network and contained in blocks.
Definition: transaction.h:281
Interface for managing multiple Chainstate objects, where each chainstate is associated with chainsta...
Definition: validation.h:945
const CChainParams & GetParams() const
Definition: validation.h:1012
Double ended buffer combining vector and stream-like interfaces.
Definition: streams.h:165
std::string ConsumeRandomLengthString(size_t max_length)
std::vector< T > ConsumeBytes(size_t num_bytes)
T ConsumeIntegralInRange(T min, T max)
T PickValueInArray(const T(&array)[size])
static ssize_t write(void *cookie, const char *buf, size_t size)
Definition: util.cpp:311
FuzzedDataProvider & m_fuzzed_data_provider
Definition: util.h:290
int64_t m_offset
Definition: util.h:291
static int seek(void *cookie, int64_t *offset, int whence)
Definition: util.cpp:323
static int close(void *cookie)
Definition: util.cpp:351
FuzzedFileProvider(FuzzedDataProvider &fuzzed_data_provider)
Definition: util.h:294
static ssize_t read(void *cookie, char *buf, size_t size)
Definition: util.cpp:292
FILE * open()
Definition: util.cpp:251
Minimal stream for reading from an existing byte array by std::span.
Definition: streams.h:83
256-bit unsigned big integer.
160-bit opaque blob.
Definition: uint256.h:184
256-bit opaque blob.
Definition: uint256.h:196
bool CheckProofOfWork(uint256 hash, unsigned int nBits, const Consensus::Params &params)
Check whether a block hash satisfies the proof-of-work requirement specified by nBits.
Definition: pow.cpp:140
static const unsigned int MAX_OPCODE
Definition: script.h:217
opcodetype
Script opcodes.
Definition: script.h:75
constexpr deserialize_type deserialize
Definition: serialize.h:52
A mutable version of CTransaction.
Definition: transaction.h:358
CScriptNum ConsumeScriptNum(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.h:181
WeakEnumType ConsumeWeakEnum(FuzzedDataProvider &fuzzed_data_provider, const WeakEnumType(&all_types)[size]) noexcept
Definition: util.h:147
uint32_t ConsumeSequence(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.cpp:155
DataStream ConsumeDataStream(FuzzedDataProvider &fuzzed_data_provider, const std::optional< size_t > &max_length=std::nullopt) noexcept
Definition: util.h:74
NodeSeconds ConsumeTime(FuzzedDataProvider &fuzzed_data_provider, const std::optional< int64_t > &min=std::nullopt, const std::optional< int64_t > &max=std::nullopt) noexcept
Definition: util.cpp:34
auto & PickValue(FuzzedDataProvider &fuzzed_data_provider, Collection &col)
Definition: util.h:57
void ReadFromStream(FuzzedDataProvider &fuzzed_data_provider, Stream &stream) noexcept
Definition: util.h:344
std::optional< T > ConsumeDeserializableConstructor(FuzzedDataProvider &fuzzed_data_provider, const std::optional< size_t > &max_length=std::nullopt) noexcept
Definition: util.h:134
P ConsumeDeserializationParams(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: net.cpp:94
std::vector< B > ConsumeFixedLengthByteVector(FuzzedDataProvider &fuzzed_data_provider, const size_t length) noexcept
Returns a byte vector of specified size regardless of the number of remaining bytes available from th...
Definition: util.h:280
bool ContainsSpentInput(const CTransaction &tx, const CCoinsViewCache &inputs) noexcept
Definition: util.cpp:240
uint256 ConsumeUInt256(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.h:195
#define READ_FROM_STREAM_CASE(type)
Definition: util.h:338
arith_uint256 ConsumeArithUInt256(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.h:204
size_t CallOneOf(FuzzedDataProvider &fuzzed_data_provider, Callables... callables)
Definition: util.h:37
std::vector< B > ConsumeRandomLengthByteVector(FuzzedDataProvider &fuzzed_data_provider, const std::optional< size_t > &max_length=std::nullopt) noexcept
Definition: util.h:63
std::vector< T > ConsumeRandomLengthIntegralVector(FuzzedDataProvider &fuzzed_data_provider, const size_t max_vector_size=16) noexcept
Definition: util.h:91
CScriptWitness ConsumeScriptWitness(FuzzedDataProvider &fuzzed_data_provider, size_t max_stack_elem_size=32) noexcept
Definition: util.cpp:83
void WriteToStream(FuzzedDataProvider &fuzzed_data_provider, Stream &stream) noexcept
Definition: util.h:315
CScript ConsumeScript(FuzzedDataProvider &fuzzed_data_provider, bool maybe_p2wsh=false) noexcept
Definition: util.cpp:93
std::optional< T > ConsumeDeserializable(FuzzedDataProvider &fuzzed_data_provider, const P &params, const std::optional< size_t > &max_length=std::nullopt) noexcept
Definition: util.h:106
std::vector< std::string > ConsumeRandomLengthStringVector(FuzzedDataProvider &fuzzed_data_provider, const size_t max_vector_size=16, const size_t max_string_length=16) noexcept
Definition: util.h:79
CMutableTransaction ConsumeTransaction(FuzzedDataProvider &fuzzed_data_provider, const std::optional< std::vector< Txid > > &prevout_txids, int max_num_in=10, int max_num_out=10) noexcept
Definition: util.cpp:42
CKey ConsumePrivateKey(FuzzedDataProvider &fuzzed_data_provider, std::optional< bool > compressed=std::nullopt) noexcept
Definition: util.cpp:230
bool MultiplicationOverflow(const T i, const T j) noexcept
Definition: util.h:232
Dur ConsumeDuration(FuzzedDataProvider &fuzzed_data_provider, std::common_type_t< Dur > min, std::common_type_t< Dur > max) noexcept
Definition: util.h:168
opcodetype ConsumeOpcodeType(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.h:154
void FinalizeHeader(CBlockHeader &header, const ChainstateManager &chainman)
Definition: util.h:367
void SetFuzzedErrNo(FuzzedDataProvider &fuzzed_data_provider, const std::array< T, size > &errnos)
Sets errno to a value selected from the given std::array errnos.
Definition: util.h:260
uint160 ConsumeUInt160(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.h:186
#define WRITE_TO_STREAM_CASE(type, consume)
Definition: util.h:309
CTxDestination ConsumeTxDestination(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.cpp:184
arith_uint256 ConsumeArithUInt256InRange(FuzzedDataProvider &fuzzed_data_provider, const arith_uint256 &min, const arith_uint256 &max) noexcept
Definition: util.h:209
std::map< COutPoint, Coin > ConsumeCoins(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.cpp:166
CAmount ConsumeMoney(FuzzedDataProvider &fuzzed_data_provider, const std::optional< CAmount > &max=std::nullopt) noexcept
Definition: util.cpp:29
auto PickIterator(FuzzedDataProvider &fuzzed_data_provider, Collection &col)
Definition: util.h:49
std::chrono::time_point< NodeClock, std::chrono::seconds > NodeSeconds
Definition: time.h:35
#define B
Definition: util_tests.cpp:563
assert(!tx.IsCoinBase())
FuzzedDataProvider & fuzzed_data_provider
Definition: fees.cpp:39