From bdcbc8594c208f11e7d5221700bfa7f7a874aec9 Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Tue, 18 Jul 2023 16:48:01 -0400 Subject: [PATCH] fuzz: support std::byte in Consume{Fixed,Variable}LengthByteVector --- src/test/fuzz/crypto_chacha20.cpp | 17 ++++++++--------- src/test/fuzz/crypto_poly1305.cpp | 13 ++++++------- src/test/fuzz/util.h | 21 ++++++++++++--------- 3 files changed, 26 insertions(+), 25 deletions(-) diff --git a/src/test/fuzz/crypto_chacha20.cpp b/src/test/fuzz/crypto_chacha20.cpp index afe93249491..50c77bf699b 100644 --- a/src/test/fuzz/crypto_chacha20.cpp +++ b/src/test/fuzz/crypto_chacha20.cpp @@ -17,15 +17,15 @@ FUZZ_TARGET(crypto_chacha20) { FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()}; - const std::vector key = ConsumeFixedLengthByteVector(fuzzed_data_provider, 32); - ChaCha20 chacha20{MakeByteSpan(key)}; + const auto key = ConsumeFixedLengthByteVector(fuzzed_data_provider, ChaCha20::KEYLEN); + ChaCha20 chacha20{key}; LIMITED_WHILE(fuzzed_data_provider.ConsumeBool(), 10000) { CallOneOf( fuzzed_data_provider, [&] { - std::vector key = ConsumeFixedLengthByteVector(fuzzed_data_provider, 32); - chacha20.SetKey(MakeByteSpan(key)); + auto key = ConsumeFixedLengthByteVector(fuzzed_data_provider, ChaCha20::KEYLEN); + chacha20.SetKey(key); }, [&] { chacha20.Seek( @@ -39,9 +39,9 @@ FUZZ_TARGET(crypto_chacha20) chacha20.Keystream(MakeWritableByteSpan(output)); }, [&] { - std::vector output(fuzzed_data_provider.ConsumeIntegralInRange(0, 4096)); - const std::vector input = ConsumeFixedLengthByteVector(fuzzed_data_provider, output.size()); - chacha20.Crypt(MakeByteSpan(input), MakeWritableByteSpan(output)); + std::vector output(fuzzed_data_provider.ConsumeIntegralInRange(0, 4096)); + const auto input = ConsumeFixedLengthByteVector(fuzzed_data_provider, output.size()); + chacha20.Crypt(input, output); }); } } @@ -60,8 +60,7 @@ template void ChaCha20SplitFuzz(FuzzedDataProvider& provider) { // Determine key, iv, start position, length. - auto key_bytes = provider.ConsumeBytes(ChaCha20::KEYLEN); - key_bytes.resize(ChaCha20::KEYLEN); + auto key_bytes = ConsumeFixedLengthByteVector(provider, ChaCha20::KEYLEN); uint64_t iv = provider.ConsumeIntegral(); uint32_t iv_prefix = provider.ConsumeIntegral(); uint64_t total_bytes = provider.ConsumeIntegralInRange(0, 1000000); diff --git a/src/test/fuzz/crypto_poly1305.cpp b/src/test/fuzz/crypto_poly1305.cpp index f49729a34b6..6ce6648f56a 100644 --- a/src/test/fuzz/crypto_poly1305.cpp +++ b/src/test/fuzz/crypto_poly1305.cpp @@ -14,14 +14,13 @@ FUZZ_TARGET(crypto_poly1305) { FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()}; - const std::vector key = ConsumeFixedLengthByteVector(fuzzed_data_provider, Poly1305::KEYLEN); - const std::vector in = ConsumeRandomLengthByteVector(fuzzed_data_provider); + const auto key = ConsumeFixedLengthByteVector(fuzzed_data_provider, Poly1305::KEYLEN); + const auto in = ConsumeRandomLengthByteVector(fuzzed_data_provider); std::vector tag_out(Poly1305::TAGLEN); - Poly1305{MakeByteSpan(key)}.Update(MakeByteSpan(in)).Finalize(tag_out); + Poly1305{key}.Update(in).Finalize(tag_out); } - FUZZ_TARGET(crypto_poly1305_split) { FuzzedDataProvider provider{buffer.data(), buffer.size()}; @@ -36,10 +35,10 @@ FUZZ_TARGET(crypto_poly1305_split) // Process input in pieces. LIMITED_WHILE(provider.remaining_bytes(), 100) { - auto in = provider.ConsumeRandomLengthString(); - poly_split.Update(MakeByteSpan(in)); + auto in = ConsumeRandomLengthByteVector(provider); + poly_split.Update(in); // Update total_input to match what was processed. - total_input.insert(total_input.end(), MakeByteSpan(in).begin(), MakeByteSpan(in).end()); + total_input.insert(total_input.end(), in.begin(), in.end()); } // Process entire input at once. diff --git a/src/test/fuzz/util.h b/src/test/fuzz/util.h index 736311ed55d..5d27d2a1802 100644 --- a/src/test/fuzz/util.h +++ b/src/test/fuzz/util.h @@ -53,12 +53,16 @@ auto& PickValue(FuzzedDataProvider& fuzzed_data_provider, Collection& col) return *it; } -[[nodiscard]] inline std::vector ConsumeRandomLengthByteVector(FuzzedDataProvider& fuzzed_data_provider, const std::optional& max_length = std::nullopt) noexcept +template +[[nodiscard]] inline std::vector ConsumeRandomLengthByteVector(FuzzedDataProvider& fuzzed_data_provider, const std::optional& max_length = std::nullopt) noexcept { + static_assert(sizeof(B) == 1); const std::string s = max_length ? fuzzed_data_provider.ConsumeRandomLengthString(*max_length) : fuzzed_data_provider.ConsumeRandomLengthString(); - return {s.begin(), s.end()}; + std::vector ret(s.size()); + std::copy(s.begin(), s.end(), reinterpret_cast(ret.data())); + return ret; } [[nodiscard]] inline std::vector ConsumeRandomLengthBitVector(FuzzedDataProvider& fuzzed_data_provider, const std::optional& max_length = std::nullopt) noexcept @@ -209,14 +213,13 @@ inline void SetFuzzedErrNo(FuzzedDataProvider& fuzzed_data_provider) noexcept * Returns a byte vector of specified size regardless of the number of remaining bytes available * from the fuzzer. Pads with zero value bytes if needed to achieve the specified size. */ -[[nodiscard]] inline std::vector ConsumeFixedLengthByteVector(FuzzedDataProvider& fuzzed_data_provider, const size_t length) noexcept +template +[[nodiscard]] inline std::vector ConsumeFixedLengthByteVector(FuzzedDataProvider& fuzzed_data_provider, const size_t length) noexcept { - std::vector result(length); - const std::vector random_bytes = fuzzed_data_provider.ConsumeBytes(length); - if (!random_bytes.empty()) { - std::memcpy(result.data(), random_bytes.data(), random_bytes.size()); - } - return result; + static_assert(sizeof(B) == 1); + auto random_bytes = fuzzed_data_provider.ConsumeBytes(length); + random_bytes.resize(length); + return random_bytes; } class FuzzedFileProvider