Bitcoin Core  24.99.0
P2P Digital Currency
process_message.cpp
Go to the documentation of this file.
1 // Copyright (c) 2020-2022 The Bitcoin Core developers
2 // Distributed under the MIT software license, see the accompanying
3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 
5 #include <banman.h>
6 #include <chainparams.h>
7 #include <consensus/consensus.h>
8 #include <net.h>
9 #include <net_processing.h>
10 #include <protocol.h>
11 #include <scheduler.h>
12 #include <script/script.h>
13 #include <streams.h>
15 #include <test/fuzz/fuzz.h>
16 #include <test/fuzz/util.h>
17 #include <test/fuzz/util/net.h>
18 #include <test/util/mining.h>
19 #include <test/util/net.h>
20 #include <test/util/setup_common.h>
21 #include <test/util/validation.h>
22 #include <validationinterface.h>
23 #include <version.h>
24 
25 #include <atomic>
26 #include <cassert>
27 #include <chrono>
28 #include <cstdint>
29 #include <iosfwd>
30 #include <iostream>
31 #include <memory>
32 #include <string>
33 
34 namespace {
35 const TestingSetup* g_setup;
36 } // namespace
37 
38 size_t& GetNumMsgTypes()
39 {
40  static size_t g_num_msg_types{0};
41  return g_num_msg_types;
42 }
43 #define FUZZ_TARGET_MSG(msg_type) \
44  struct msg_type##_Count_Before_Main { \
45  msg_type##_Count_Before_Main() \
46  { \
47  ++GetNumMsgTypes(); \
48  } \
49  } const static g_##msg_type##_count_before_main; \
50  FUZZ_TARGET_INIT(process_message_##msg_type, initialize_process_message) \
51  { \
52  fuzz_target(buffer, #msg_type); \
53  }
54 
56 {
57  Assert(GetNumMsgTypes() == getAllNetMessageTypes().size()); // If this fails, add or remove the message type below
58 
59  static const auto testing_setup = MakeNoLogFileContext<const TestingSetup>(
60  /*chain_name=*/CBaseChainParams::REGTEST,
61  /*extra_args=*/{"-txreconciliation"});
62  g_setup = testing_setup.get();
63  for (int i = 0; i < 2 * COINBASE_MATURITY; i++) {
64  MineBlock(g_setup->m_node, CScript() << OP_TRUE);
65  }
67 }
68 
69 void fuzz_target(FuzzBufferType buffer, const std::string& LIMIT_TO_MESSAGE_TYPE)
70 {
71  FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
72 
73  ConnmanTestMsg& connman = *static_cast<ConnmanTestMsg*>(g_setup->m_node.connman.get());
74  TestChainState& chainstate = *static_cast<TestChainState*>(&g_setup->m_node.chainman->ActiveChainstate());
75  SetMockTime(1610000000); // any time to successfully reset ibd
76  chainstate.ResetIbd();
77 
79 
80  const std::string random_message_type{fuzzed_data_provider.ConsumeBytesAsString(CMessageHeader::COMMAND_SIZE).c_str()};
81  if (!LIMIT_TO_MESSAGE_TYPE.empty() && random_message_type != LIMIT_TO_MESSAGE_TYPE) {
82  return;
83  }
84  CNode& p2p_node = *ConsumeNodeAsUniquePtr(fuzzed_data_provider).release();
85 
86  connman.AddTestNode(p2p_node);
87  FillNode(fuzzed_data_provider, connman, p2p_node);
88 
89  const auto mock_time = ConsumeTime(fuzzed_data_provider);
90  SetMockTime(mock_time);
91 
92  // fuzzed_data_provider is fully consumed after this call, don't use it
93  CDataStream random_bytes_data_stream{fuzzed_data_provider.ConsumeRemainingBytes<unsigned char>(), SER_NETWORK, PROTOCOL_VERSION};
94  try {
95  g_setup->m_node.peerman->ProcessMessage(p2p_node, random_message_type, random_bytes_data_stream,
96  GetTime<std::chrono::microseconds>(), std::atomic<bool>{false});
97  } catch (const std::ios_base::failure&) {
98  }
99  g_setup->m_node.peerman->SendMessages(&p2p_node);
101  g_setup->m_node.connman->StopNodes();
102 }
103 
104 FUZZ_TARGET_INIT(process_message, initialize_process_message) { fuzz_target(buffer, ""); }
108 FUZZ_TARGET_MSG(blocktxn);
109 FUZZ_TARGET_MSG(cfcheckpt);
110 FUZZ_TARGET_MSG(cfheaders);
112 FUZZ_TARGET_MSG(cmpctblock);
113 FUZZ_TARGET_MSG(feefilter);
114 FUZZ_TARGET_MSG(filteradd);
115 FUZZ_TARGET_MSG(filterclear);
116 FUZZ_TARGET_MSG(filterload);
118 FUZZ_TARGET_MSG(getblocks);
119 FUZZ_TARGET_MSG(getblocktxn);
120 FUZZ_TARGET_MSG(getcfcheckpt);
121 FUZZ_TARGET_MSG(getcfheaders);
122 FUZZ_TARGET_MSG(getcfilters);
124 FUZZ_TARGET_MSG(getheaders);
128 FUZZ_TARGET_MSG(merkleblock);
129 FUZZ_TARGET_MSG(notfound);
132 FUZZ_TARGET_MSG(sendaddrv2);
133 FUZZ_TARGET_MSG(sendcmpct);
134 FUZZ_TARGET_MSG(sendheaders);
135 FUZZ_TARGET_MSG(sendtxrcncl);
139 FUZZ_TARGET_MSG(wtxidrelay);
#define Assert(val)
Identity function.
Definition: check.h:73
static const std::string REGTEST
static constexpr size_t COMMAND_SIZE
Definition: protocol.h:30
Information about a peer.
Definition: net.h:348
Serialized script, used inside transaction inputs and outputs.
Definition: script.h:411
std::string ConsumeBytesAsString(size_t num_bytes)
std::vector< T > ConsumeRemainingBytes()
static Mutex g_msgproc_mutex
Mutex for anything that is only accessed via the msg processing thread.
Definition: net.h:631
A Span is an object that can refer to a contiguous sequence of objects.
Definition: span.h:97
constexpr std::size_t size() const noexcept
Definition: span.h:186
constexpr C * data() const noexcept
Definition: span.h:173
static const int COINBASE_MATURITY
Coinbase transaction outputs can only be spent after this number of new blocks (network rule)
Definition: consensus.h:19
FUZZ_TARGET_INIT(process_message, initialize_process_message)
#define FUZZ_TARGET_MSG(msg_type)
void fuzz_target(FuzzBufferType buffer, const std::string &LIMIT_TO_MESSAGE_TYPE)
void initialize_process_message()
size_t & GetNumMsgTypes()
const std::vector< std::string > & getAllNetMessageTypes()
Definition: protocol.cpp:181
static RPCHelpMan ping()
Definition: net.cpp:69
@ OP_TRUE
Definition: script.h:80
@ SER_NETWORK
Definition: serialize.h:131
void AddTestNode(CNode &node)
Definition: net.h:28
void ResetIbd()
Reset the ibd cache to its initial state.
Definition: validation.cpp:12
Testing setup that configures a complete environment.
Definition: setup_common.h:108
#define LOCK(cs)
Definition: sync.h:258
void FillNode(FuzzedDataProvider &fuzzed_data_provider, ConnmanTestMsg &connman, CNode &node) noexcept
Definition: net.cpp:350
std::unique_ptr< CNode > ConsumeNodeAsUniquePtr(FuzzedDataProvider &fdp, const std::optional< NodeId > &node_id_in=std::nullopt)
Definition: net.h:137
int64_t ConsumeTime(FuzzedDataProvider &fuzzed_data_provider, const std::optional< int64_t > &min, const std::optional< int64_t > &max) noexcept
Definition: util.cpp:22
CTxIn MineBlock(const NodeContext &node, const CScript &coinbase_scriptPubKey)
Returns the generated coin.
Definition: mining.cpp:61
void SetMockTime(int64_t nMockTimeIn)
DEPRECATED Use SetMockTime with chrono type.
Definition: time.cpp:89
void SyncWithValidationInterfaceQueue()
This is a synonym for the following, which asserts certain locks are not held: std::promise<void> pro...
static const int PROTOCOL_VERSION
network protocol versioning
Definition: version.h:12