phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-01-24 18:23:26 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge bitcoin/bitcoin#31092: doc: fuzz: remove Honggfuzz NetDriver instructions
Some checks are pending
CI / test each commit (push) Waiting to run
Details
CI / macOS 14 native, arm64, no depends, sqlite only, gui (push) Waiting to run
Details
CI / Win64 native, VS 2022 (push) Waiting to run
Details
CI / ASan + LSan + UBSan + integer, no depends, USDT (push) Waiting to run
Details

Browse source 
d823ba6e20 doc: fuzz: remove Honggfuzz NetDriver instructions (brunoerg)

Pull request description:

  Remove Honggfuzz NetDriver instructions from the documentation since it has not been useful for us. See https://github.com/bitcoin/bitcoin/issues/30957 and https://github.com/bitcoin/bitcoin/pull/31012.

ACKs for top commit:
  maflcko:
    lgtm ACK d823ba6e20
  marcofleon:
    ACK d823ba6e20

Tree-SHA512: f63fde1076d523dc5e511ef868ca3c1ea2e38fe7df56ae275f33209581f96452d86effedb54d9b0ee8b7a1d492b610799807a727d8bd81e2286d31db4aa68731
This commit is contained in:
merge-script 2024-10-15 12:17:53 +01:00
commit 0ca1d1bf69
No known key found for this signature in database
GPG key ID: 2EEB9F5CC09526C1
1 changed files with 0 additions and 76 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

76
doc/fuzzing.md
View file

@ -206,82 +206,6 @@ $ FUZZ=process_message ./honggfuzz/honggfuzz -i inputs/ -- build_fuzz/src/test/f
Read the [Honggfuzz documentation](https://github.com/google/honggfuzz/blob/master/docs/USAGE.md) for more information.
## Fuzzing the Bitcoin Core P2P layer using Honggfuzz NetDriver
Honggfuzz NetDriver allows for very easy fuzzing of TCP servers such as Bitcoin
Core without having to write any custom fuzzing harness. The `bitcoind` server
process is largely fuzzed without modification.
This makes the fuzzing highly realistic: a bug reachable by the fuzzer is likely
also remotely triggerable by an untrusted peer.
To quickly get started fuzzing the P2P layer using Honggfuzz NetDriver:
```sh
$ mkdir bitcoin-honggfuzz-p2p/
$ cd bitcoin-honggfuzz-p2p/
$ git clone https://github.com/bitcoin/bitcoin
$ cd bitcoin/
$ git clone https://github.com/google/honggfuzz
$ cd honggfuzz/
$ make
$ cd ..
$ git apply << "EOF"
diff --git a/src/compat/compat.h b/src/compat/compat.h
index 8195bceaec..cce2b31ff0 100644
--- a/src/compat/compat.h
+++ b/src/compat/compat.h
@@ -90,8 +90,12 @@ typedef char* sockopt_arg_type;
// building with a binutils < 2.36 is subject to this ld bug.
#define MAIN_FUNCTION __declspec(dllexport) int main(int argc, char* argv[])
#else
+#ifdef HFND_FUZZING_ENTRY_FUNCTION_CXX
+#define MAIN_FUNCTION HFND_FUZZING_ENTRY_FUNCTION_CXX(int argc, char* argv[])
+#else
#define MAIN_FUNCTION int main(int argc, char* argv[])
#endif
+#endif
// Note these both should work with the current usage of poll, but best to be safe
// WIN32 poll is broken https://daniel.haxx.se/blog/2012/10/10/wsapoll-is-broken/
diff --git a/src/net.cpp b/src/net.cpp
index 7601a6ea84..702d0f56ce 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -727,7 +727,7 @@ int V1TransportDeserializer::readHeader(Span<const uint8_t> msg_bytes)
}
// Check start string, network magic
- if (memcmp(hdr.pchMessageStart, m_chain_params.MessageStart(), CMessageHeader::MESSAGE_START_SIZE) != 0) {
+ if (false && memcmp(hdr.pchMessageStart, m_chain_params.MessageStart(), CMessageHeader::MESSAGE_START_SIZE) != 0) { // skip network magic checking
LogDebug(BCLog::NET, "Header error: Wrong MessageStart %s received, peer=%d\n", HexStr(hdr.pchMessageStart), m_node_id);
return -1;
}
@@ -788,7 +788,7 @@ CNetMessage V1TransportDeserializer::GetMessage(const std::chrono::microseconds
RandAddEvent(ReadLE32(hash.begin()));
// Check checksum and header message type string
- if (memcmp(hash.begin(), hdr.pchChecksum, CMessageHeader::CHECKSUM_SIZE) != 0) {
+ if (false && memcmp(hash.begin(), hdr.pchChecksum, CMessageHeader::CHECKSUM_SIZE) != 0) { // skip checksum checking
LogDebug(BCLog::NET, "Header error: Wrong checksum (%s, %u bytes), expected %s was %s, peer=%d\n",
SanitizeString(msg.m_type), msg.m_message_size,
HexStr(Span{hash}.first(CMessageHeader::CHECKSUM_SIZE)),
EOF
$ cmake -B build_fuzz \
-DCMAKE_C_COMPILER="$(pwd)/honggfuzz/hfuzz_cc/hfuzz-clang" \
-DCMAKE_CXX_COMPILER="$(pwd)/honggfuzz/hfuzz_cc/hfuzz-clang++" \
-DENABLE_WALLET=OFF \
-DBUILD_GUI=OFF \
-DSANITIZERS=address,undefined
$ cmake --build build_fuzz --target bitcoind
$ mkdir -p inputs/
$ ./honggfuzz/honggfuzz --exit_upon_crash --quiet --timeout 4 -n 1 -Q \
-E HFND_TCP_PORT=18444 -f inputs/ -- \
build_fuzz/src/bitcoind -regtest -discover=0 -dns=0 -dnsseed=0 -listenonion=0 \
-nodebuglogfile -bind=127.0.0.1:18444 -logthreadnames \
-debug
```
# OSS-Fuzz
Bitcoin Core participates in Google's [OSS-Fuzz](https://github.com/google/oss-fuzz/tree/master/projects/bitcoin-core)