Skip to content

Commit fa769d3

Browse files
author
MarcoFalke
committed
fuzz: Limit p2p fuzz targets to MAX_PROTOCOL_MESSAGE_LENGTH
1 parent 9f0f83d commit fa769d3

File tree

2 files changed

+3
-11
lines changed

2 files changed

+3
-11
lines changed

src/test/fuzz/process_message.cpp

Lines changed: 2 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright (c) 2020-2022 The Bitcoin Core developers
1+
// Copyright (c) 2020-present The Bitcoin Core developers
22
// Distributed under the MIT software license, see the accompanying
33
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
44

@@ -8,9 +8,6 @@
88
#include <primitives/transaction.h>
99
#include <protocol.h>
1010
#include <script/script.h>
11-
#include <serialize.h>
12-
#include <span.h>
13-
#include <streams.h>
1411
#include <sync.h>
1512
#include <test/fuzz/FuzzedDataProvider.h>
1613
#include <test/fuzz/fuzz.h>
@@ -20,13 +17,10 @@
2017
#include <test/util/net.h>
2118
#include <test/util/setup_common.h>
2219
#include <test/util/validation.h>
23-
#include <util/chaintype.h>
2420
#include <util/check.h>
2521
#include <util/time.h>
26-
#include <validation.h>
2722
#include <validationinterface.h>
2823

29-
#include <atomic>
3024
#include <cstdlib>
3125
#include <iostream>
3226
#include <memory>
@@ -81,8 +75,7 @@ FUZZ_TARGET(process_message, .init = initialize_process_message)
8175

8276
CSerializedNetMsg net_msg;
8377
net_msg.m_type = random_message_type;
84-
// fuzzed_data_provider is fully consumed after this call, don't use it
85-
net_msg.data = fuzzed_data_provider.ConsumeRemainingBytes<unsigned char>();
78+
net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider, MAX_PROTOCOL_MESSAGE_LENGTH);
8679

8780
connman.FlushSendBuffer(p2p_node);
8881
(void)connman.ReceiveMsgFrom(p2p_node, std::move(net_msg));

src/test/fuzz/process_messages.cpp

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,6 @@
1616
#include <test/util/net.h>
1717
#include <test/util/setup_common.h>
1818
#include <test/util/validation.h>
19-
#include <util/chaintype.h>
2019
#include <util/time.h>
2120
#include <validationinterface.h>
2221

@@ -72,7 +71,7 @@ FUZZ_TARGET(process_messages, .init = initialize_process_messages)
7271

7372
CSerializedNetMsg net_msg;
7473
net_msg.m_type = random_message_type;
75-
net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider);
74+
net_msg.data = ConsumeRandomLengthByteVector(fuzzed_data_provider, MAX_PROTOCOL_MESSAGE_LENGTH);
7675

7776
CNode& random_node = *PickValue(fuzzed_data_provider, peers);
7877

0 commit comments

Comments
 (0)