Commit graph

23843 commits

Author SHA1 Message Date
MarcoFalke
cf21293ef7
Merge #18515: test: add BIP37 remote crash bug [CVE-2013-5700] test to p2p_filter.py
0ed2d8e07d test: add BIP37 remote crash bug [CVE-2013-5700] test to p2p_filter.py (Sebastian Falbesoner)

Pull request description:

  Integrates the missing message type `filteradd` to the test framework and checks that the BIP37 implementation is not vulnerable to the "remote crash bug" [CVE-2013-5700](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5700) anymore. Prior to v.0.8.4, it was possible to trigger a division-by-zero error on the following line in the function `CBloomFilter::Hash()`:
  f0d6487e29/src/bloom.cpp (L45)
  By setting a zero-length filter via `filterload`, `vData.size()` is 0, so the modulo operation above, called on any .insert() or .contains() operation then crashed the node. The test uses the approach of just sending an arbitrary `filteradd` message after, which calls `CBloomFilter::insert()` (and in turn `CBloomFilter::Hash()`) on the node. The vulnerability was fixed by commit 37c6389c5a (an intentional covert fix, [according to gmaxwell](https://github.com/bitcoin/bitcoin/issues/18483#issuecomment-608224095)), which introduced flags `isEmpty`/`isFull` that wouldn't call the `Hash()` member function if `isFull` is true (set to true by default constructor).

  To validate that the test fails if the implementation is vulnerable, one can simply set the flags to false in the member function `UpdateEmptyFull()` (that is called after a filter received via `filterload` is constructed), which activates the vulnerable code path calling `Hash` in any case on adding or testing for data in the filter:
  ```diff
  diff --git a/src/bloom.cpp b/src/bloom.cpp
  index bd6069b..ef294a3 100644
  --- a/src/bloom.cpp
  +++ b/src/bloom.cpp
  @@ -199,8 +199,8 @@ void CBloomFilter::UpdateEmptyFull()
           full &= vData[i] == 0xff;
           empty &= vData[i] == 0;
       }
  -    isFull = full;
  -    isEmpty = empty;
  +    isFull = false;
  +    isEmpty = false;
   }
  ```
  Resulting in:
  ```
  $ ./p2p_filter.py
  [...]
  2020-04-03T14:38:59.593000Z TestFramework (INFO): Check that division-by-zero remote crash bug [CVE-2013-5700] is fixed
  2020-04-03T14:38:59.695000Z TestFramework (ERROR): Assertion failed
  [...]
  [... some exceptions following ...]
  ```

ACKs for top commit:
  naumenkogs:
    utACK 0ed2d8e07d

Tree-SHA512: 02d0253d13eab70c4bd007b0750c56a5a92d05d419d53033523eeb3ed80318bc95196ab90f7745ea3ac9ebae7caee3adbf2a055a40a4124e0915226e49018fe8
2020-04-05 21:18:11 +08:00
MarcoFalke
fa6a008434
fuzz: Add process_messages harness 2020-04-05 10:46:24 +08:00
MarcoFalke
96a30b98c9
Merge #18528: build: create test_fuzz library from src/test/fuzz/fuzz.cpp
691e2a7af7 build: create test_fuzz library from src/test/fuzz/fuzz.cpp (Harris)

Pull request description:

  This PR creates a static library **libtest_fuzz.a** to speed up the compilation of fuzz tests. It is functionally similar to https://github.com/bitcoin/bitcoin/pull/17542

  Fixes https://github.com/bitcoin/bitcoin/issues/18527

ACKs for top commit:
  MarcoFalke:
    ACK 691e2a7af7 🦁

Tree-SHA512: 39d7d2731ca4370db518dbb969eb17ddbf9c030c3fe0dec0d04ff6578f24a128563fe5aced78300c92ce296623a7079fea5aea70619819a20c56fb34191f00ef
2020-04-05 10:33:56 +08:00
Harris
691e2a7af7
build: create test_fuzz library from src/test/fuzz/fuzz.cpp 2020-04-05 01:01:13 +02:00
MarcoFalke
4830077494
Merge #18510: fuzz: Add CScriptNum::getint coverage
faa64af960 fuzz: Add CScriptNum::getint coverage (MarcoFalke)

Pull request description:

  Add coverage for

  * https://marcofalke.github.io/btc_cov/fuzz.coverage/src/script/script.h.gcov.html#311
  * https://marcofalke.github.io/btc_cov/fuzz.coverage/src/script/script.h.gcov.html#511

ACKs for top commit:
  practicalswift:
    ACK faa64af960 -- more fuzzing coverage is better than less fuzzing coverage :)

Tree-SHA512: 1a66a2edc3740e8c286049f6c27458c59c45b01052e51684eec0e1be63ffcee94b4ba3d41d88ad715ceb3e4754fd997cf03899085982454905e86d0553d58199
2020-04-05 04:53:19 +08:00
MarcoFalke
94fd4a56ed
Merge #18496: test: remove redundant sync_with_ping after add_p2p_connection
4670006762 test: remove redundant sync_with_ping after add_p2p_connection (Jon Atack)

Pull request description:

  Now that #18247 is merged, these calls are redundant.

ACKs for top commit:
  vasild:
    utACK 4670006

Tree-SHA512: bdbfe8bcf9dbdde0a8115e3a62bfe359910798d7a3010d920ffca07049cb5f97bf8fb9b6f70079b0607105192b61a6d665774e59a2b678597b47ad6237595ad5
2020-04-05 04:51:44 +08:00
MarcoFalke
e16da90d95
Merge #18518: fuzz: Extend descriptor fuzz test
fa0189955a fuzz: Extend descriptor fuzz test (MarcoFalke)

Pull request description:

ACKs for top commit:
  practicalswift:
    ACK fa0189955a

Tree-SHA512: 6d6a6417f06d90732bbf055ff54102530d6956f3082f1ff65598f790d588170768aee98e4835996876d28bca2a9c62f22fe122c3fc7eafd4b7660696f72f9835
2020-04-05 04:49:55 +08:00
MarcoFalke
16b6d3422b
Merge #18519: fuzz: Extend script fuzz test
fa86edf66d fuzz: Extend script fuzz test (MarcoFalke)

Pull request description:

ACKs for top commit:
  practicalswift:
    ACK fa86edf66d

Tree-SHA512: 611adee9e673183e67f9711e49289fa59e410bb3ac1bb3fcbb7f1ed331bf0d288c7065e256a82eb41a30a4afe53544c836463cf58865d6e40b18795c8716e57c
2020-04-05 04:48:47 +08:00
MarcoFalke
490ae0e87b
Merge #18520: test: remaining replacements of (send_message+sync_with_ping) with send_and_ping
3dc8c012f0 test: remaining replacements of (send_message+sync_with_ping) with send_and_ping (Sebastian Falbesoner)

Pull request description:

  This is a tiny follow-up PR to #18494, substituting the remaining occurences of `send_message(...)`/`sync_with_ping(...)` pairs with `send_and_ping(...)`, as suggested in the comment https://github.com/bitcoin/bitcoin/pull/18494#pullrequestreview-386418913. Thanks to jonatack and [MarcoFalke](https://github.com/bitcoin/bitcoin/pull/18494#issuecomment-608496342) for giving me the hint to do this follow-up.

ACKs for top commit:
  practicalswift:
    ACK 3dc8c012f0

Tree-SHA512: 44d64332933c23a7f59c0415e008ce1b2b2e07177f81cb9473b7c71558188f1c698e8973de5cc940280e4697f9553af852d9a42841304f82469673d1c8162852
2020-04-05 04:47:21 +08:00
MarcoFalke
a3b61cf641
Merge #18509: fuzz: Avoid running over all inputs after merging them
facc332dc5 fuzz: Avoid running over all inputs after merging them (MarcoFalke)

Pull request description:

  This cuts the time it takes to merge inputs by half

ACKs for top commit:
  practicalswift:
    ACK facc332dc5

Tree-SHA512: bb22992c463dd985d3b1e9b8908c591d0c8e620c38eba0a932d880f87133bfe4ca2036b166c4f79b92ddf7940f56c044e9cb8cc50309c74204df122b369c167d
2020-04-05 04:46:12 +08:00
MarcoFalke
4839560ee1
Merge #18407: tests: Add proof-of-work fuzzing harness
acf269e146 tests: Add proof-of-work fuzzing harness (practicalswift)

Pull request description:

  Add proof-of-work fuzzing harness.

Top commit has no ACKs.

Tree-SHA512: dcdfa211cf1ec3018b61f378bb0f95793bbbe5d00e2f4d17f9db2c7263fe8ce919760c56cae7122c62c82e05c90e7056eb1778871674bdb3c42869e5fe4c2b60
2020-04-05 04:41:07 +08:00
practicalswift
acf269e146 tests: Add proof-of-work fuzzing harness 2020-04-04 17:23:50 +00:00
Russell Yanofsky
d6815a2313 refactor: drop boost::signals2 in validationinterface
Stop using boost::signals2 internally in validationinterface. Replace with
std::list and Add/Remove/Clear/Iterate helper functions.

Motivation for change is to reduce dependencies and avoid issues happening with
boost versions before 1.59:

https://github.com/bitcoin/bitcoin/issues/18517
https://github.com/bitcoin/bitcoin/pull/18471
2020-04-04 11:44:39 -04:00
fanquake
5ca90f8b59
scripts: add MACHO lazy bindings check to security-check.py 2020-04-04 09:54:25 +08:00
Sebastian Falbesoner
3dc8c012f0 test: remaining replacements of (send_message+sync_with_ping) with send_and_ping 2020-04-03 22:11:08 +02:00
MarcoFalke
c8971547d9
Merge #18499: rpc: Make rpc documentation not depend on call-time rpc args
fab32557f2 rpc: Make rpc documentation not depend on rpc args (MarcoFalke)

Pull request description:

  This is required to host the documentation on a static resource (like a website or pdf)

ACKs for top commit:
  emilengler:
    utACK fab32557f2
  promag:
    ACK fab32557f2.

Tree-SHA512: 3ca2691c7fbd5f17c75df2887753da152f66521dcb7dee4c29af6339fdea011cecdd51f825b96bde9c6aaf82f4d915cbd5aacb52e4eae3898d9dbc216f627171
2020-04-04 03:15:00 +08:00
MarcoFalke
e35e118656
Merge #18508: RPC: Fix more formatting nits
f32ab443a9 Bugfix: RPC: JSON null is not "None" (Luke Dashjr)
26dcf39581 Bugfix: RPC: Don't use a continuation elipsis after an elision elipsis (Luke Dashjr)
eca65caadc Bugfix: RPC: Add missing commas and correct indentation of explicit ELISION (Luke Dashjr)

Pull request description:

  1. listsinceblock had a double ellipsis (elision + continuation); this looks ugly, just one is needed.
  2. Elision ellipsis wasn't getting a comma, so was truncated to `".."` by comma-removal code.
  3. Elision ellipsis was indented incorrectly (as if it was a subitem).
  4. Similarly, type "none" would get truncated to `"Non"`, when it should really be `"null"` anyway.

ACKs for top commit:
  MarcoFalke:
    ACK f32ab443a9 🐰

Tree-SHA512: 34e1c72673790ed11cdee838d64ea5e0ac498de19258df99d54b5322e003060123c65ad27ac2fd4729a1dfe52066a0629602a132b1ef85d4154affd99a065a3f
2020-04-04 03:08:05 +08:00
MarcoFalke
fa86edf66d
fuzz: Extend script fuzz test 2020-04-04 01:32:17 +08:00
MarcoFalke
fa0189955a
fuzz: Extend descriptor fuzz test 2020-04-04 01:16:19 +08:00
fanquake
9e071b0089
test: remove rapidcheck integration and tests 2020-04-03 22:47:59 +08:00
Wladimir J. van der Laan
0eeb0468e7 net: Hardcoded seeds update for 0.20
Update hardcoded seeds from seeds_emzy.txt seeds_lukejr.txt
seeds_sipa.txt seeds_sjors.txt, according to release process.

Output from makeseeds.py:
```
  IPv4   IPv6  Onion Pass
1364173 244127   2454 Initial
1364173 244127   2454 Skip entries with invalid address
1129552 213117   2345 After removing duplicates
1129548 213117   2345 Skip entries from suspicious hosts
338216 191944   2249 Enforce minimal number of blocks
336851 188993   2189 Require service bit 1
  6998   1520    150 Require minimum uptime
  5682   1290     89 Require a known and recent user agent
  5622   1279     89 Filter out hosts with multiple bitcoin ports
   512    146     89 Look up ASNs and limit results per ASN and per net
```
2020-04-03 16:29:26 +02:00
Sebastian Falbesoner
0ed2d8e07d test: add BIP37 remote crash bug [CVE-2013-5700] test to p2p_filter.py 2020-04-03 16:00:12 +02:00
fanquake
f0d6487e29
Merge #18513: doc: fix git add argument
4928a995e9 [doc] fix git add argument (Michael Polzer)

Pull request description:

  [`A`](https://git-scm.com/docs/git-add#Documentation/git-add.txt--A) is the correct flag.

ACKs for top commit:
  fanquake:
    ACK 4928a995e9 - checked that [`A`](https://git-scm.com/docs/git-add#Documentation/git-add.txt--A) and not `a` is the correct flag.

Tree-SHA512: 7e656ca9688b04ad2ef577aa1847799a34a377f5e6dfe4fd052a95d3dd98798dc10957e7f54164900ac1271f05e788ec4861026f53b910e369b0845532387cf4
2020-04-03 19:37:11 +08:00
fanquake
08c4994969
Merge #18503: init: Replace URL_WEBSITE with PACKAGE_URL
fad2f68353 init: Replace URL_WEBSITE with PACKAGE_URL (MarcoFalke)

Pull request description:

  This is needed for rebranding efforts such as #18489

ACKs for top commit:
  hebasto:
    ACK fad2f68353, tested on Linux Mint 19.3:
  fanquake:
    ACK fad2f68353 - clicked a link.

Tree-SHA512: c26e18cd328d3dd3fd7e25413e1bab780026687a148f126b8673e5f6cc13249f6c16689e45eba9da1545915c6001f96cd33f4e656c08cda3eae1c3fd88da23ea
2020-04-03 19:11:07 +08:00
Michael Polzer
4928a995e9
[doc] fix git add argument
error: unknown switch `a'
usage: git add [<options>] [--] <pathspec>...

    -n, --dry-run         dry run
    -v, --verbose         be verbose

    -i, --interactive     interactive picking
    -p, --patch           select hunks interactively
    -e, --edit            edit current diff and apply
    -f, --force           allow adding otherwise ignored files
    -u, --update          update tracked files
    --renormalize         renormalize EOL of tracked files (implies -u)
    -N, --intent-to-add   record only the fact that the path will be added later
    -A, --all             add changes from all tracked and untracked files
    --ignore-removal      ignore paths removed in the working tree (same as --no-all)
    --refresh             don't add, only refresh the index
    --ignore-errors       just skip files which cannot be added because of errors
    --ignore-missing      check if - even missing - files are ignored in dry run
    --chmod (+|-)x        override the executable bit of the listed files
2020-04-03 12:52:36 +02:00
fanquake
be60e37e40
Merge #18505: doc: Update webchat URLs in README.md
7b2975ae8f doc: Update webchat URLs in README.md (Suriyaa Sundararuban)

Pull request description:

  #### What happend?
  Web links in `doc/README.md` redirected from `http://webchat.freenode.net?channels=bitcoin` to `https://webchat.freenode.net/#bitcoin`.

  #### What did I changed?
  * Remove URL redirection. (Update all webchat links.)
  * Use HTTPS protocol instead of HTTP.

ACKs for top commit:
  fanquake:
    ACK 7b2975ae8f

Tree-SHA512: e55970ad368ce6dbb79295d12629d0f16318e7c43d8d194876e16e81c6e325bb136c9e8b361d61c5a04e2f3624350f81c99131b1e85d9ee5410ac22f524a4ef2
2020-04-03 18:24:38 +08:00
fanquake
d478595fad
Merge #18382: doc: note the costs of fetching all pull requests
d695eb4c21 doc: note the costs of fetching all pull requests (Vasil Dimov)

Pull request description:

  Also mention that it is possible to fetch just one pull request.

ACKs for top commit:
  MarcoFalke:
    ACK d695eb4c21
  fanquake:
    ACK d695eb4c21

Tree-SHA512: afe080fd018b2e773fb974956937e819085831bf0c1c5623f7f12c728639906b80666b785234058ee39fd98115a53a2fad431c54ee0840667e60bb317e4a828d
2020-04-03 18:17:09 +08:00
fanquake
6ec42df32b
Merge #18426: scripts: previous_release: improve behaviour on failed download
332f373a9d [scripts] previous_release: improve failed download error message (Sebastian Falbesoner)

Pull request description:

  Currently, if the earlier release build/fetch script `previous_release.sh` is invoked with the option `-b` (intending to fetch a binary package from `https://bitcoin.org`) and the download fails, the user sees the following confusing output:
  ```
  $ contrib/devtools/previous_release.sh -r -b v0.9.5
  [...]
  gzip: stdin: not in gzip format
  tar: Child returned status 1
  tar: Error is not recoverable: exiting now
  ```
  This implies that the download worked, but the archive is corrupted, when in reality the HTML document containing the delivery fail reason (most likely 404 Not Found) is saved and tried to get unpacked. In contrast to wget, curl is a bit stubborn and needs explicit instructions to react to server errors via the flag `-f` (outputs error message and returns error code, ideal for scripts): https://curl.haxx.se/docs/manpage.html#-f

  On the PR branch, the output on failed download looks now the following:
  ```
  $ contrib/devtools/previous_release.sh -r -b v0.9.5
  [...]
  curl: (22) The requested URL returned error: 404 Not Found
  Download failed.
  ```

ACKs for top commit:
  fanquake:
    ACK 332f373a9d

Tree-SHA512: 046c931ad9e78aeb2d13faa4866d46122ed325aa142483547c2b04032d03223ed2411783b00106fcab0cd91b2f78691531ac526ed7bb3ed7547b6e2adbfb2e93
2020-04-03 18:10:28 +08:00
MarcoFalke
faa64af960
fuzz: Add CScriptNum::getint coverage 2020-04-03 09:02:34 +08:00
MarcoFalke
facc332dc5
fuzz: Avoid running over all inputs after merging them 2020-04-03 08:30:40 +08:00
MarcoFalke
dce6f3b29b
Merge #18383: refactor: Check for overflow when calculating sum of tx outputs
f65c9ad40f Check for overflow when calculating sum of outputs (Elichai Turkel)

Pull request description:

  This was reported by practicalswift here #18046
  The exact order of the if, is important, we first do `!MoneyRange(tx_out.nValue)` to make sure the amount is non-negative. and then `std::numeric_limits<CAmount>::max() - tx_out.nValue < nValueOut` checks that the addition cannot overflow (if we won't check that the amount is positive this check can also overflow! (by doing something like `max - -max`))
  and only then we make sure that the some is also valid `!MoneyRange(nValueOut + tx_out.nValue)`
  if any of these conditions fail we throw.

  the overflowing logic:
  ```
  a + b > max // we want to fail if a+b is more than the maximum -> will overflow
  b > max - a
  max - a < b
  ```

  Closes: #18046

ACKs for top commit:
  MarcoFalke:
    ACK f65c9ad40f, checked that clang with O2 produces identical binaries 💕
  practicalswift:
    ACK f65c9ad40f
  instagibbs:
    utACK f65c9ad40f
  vasild:
    ACK f65c9ad40f modulo `s/assert.h/cassert/`

Tree-SHA512: 512d6cf4762f24c41cf9a38da486b17b19c634fa3f4efbdebfe6608779e96fc3014d5d2d29adb8001e113152c0217bbd5b3900ac4edc7b8abe77f82f36209e33
2020-04-03 06:50:29 +08:00
Carl Dong
35a96792dd
guix: Check mingw symbols, improve SSP fix docs 2020-04-02 17:20:05 -04:00
Carl Dong
449d8fe25b
guix: Expand on INT trap message 2020-04-02 17:20:04 -04:00
Carl Dong
3f1f03c67a
guix: Spelling fixes 2020-04-02 17:20:03 -04:00
Carl Dong
ff821dd2a1
guix: Reinstate make-ssp-fixed-gcc
Unfortunately, gcc is still not smart enough to detect whether or not
mingw-w64 provides ssp, so let's put it back just for mingw-w64.
2020-04-02 17:20:02 -04:00
Carl Dong
360a9e0ad5
guix: Bump time-machine for mingw-w64 patches
This bump will includes a couple of commits which improve the
reproducibility of the mingw-w64 toolchain. Most of which came from
debian. They will be upstreamed as upstream Guix release timeline
allows.
2020-04-02 17:20:01 -04:00
Carl Dong
93e41b7e3b
guix: Use gcc-8 for mingw-w64 instead of 7
We're using mingw-w64 6.0.0, which is paired with gcc-8 in most distros.
2020-04-02 17:20:00 -04:00
Carl Dong
ef4f7e4c45
guix: Set the well-known timezone env var 2020-04-02 17:19:59 -04:00
Carl Dong
acf4b3b3b5
guix: Make x86_64-w64-mingw32 builds reproducible
- Add "--no-insert-timestamp" LDFLAG for x86_64-w64-mingw32 builds

"The option --no-insert-timestamp can be used to insert a zero value for
the timestamp, this ensuring that binaries produced from identical
sources will compare identically." - ld(1)

- Set "SetDateSave off" in NSIS script

From https://nsis.sourceforge.io/Docs/Chapter4.html#flags

"This command sets the file date/time saving flag which is used by the
File command to determine whether or not to save the last write date and
time of the file, so that it can be restored on installation. Valid
flags are 'on' and 'off'. 'on' is the default."

- Add commented out NSIS options for reproducibility debugging in NSIS
  script

- Make ZIPs deterministic by reseting file modification times to
  SOURCE_DATE_EPOCH using touch(1) (Reference:
  https://reproducible-builds.org/docs/archives/)
2020-04-02 17:19:57 -04:00
Carl Dong
c4cce00eac
guix: Remove dead links from README. 2020-04-02 17:19:56 -04:00
Carl Dong
df953a4c9a
guix: Appease shellcheck. 2020-04-02 17:19:55 -04:00
Carl Dong
91897c95e1
guix: Improve guix-build.sh documentation 2020-04-02 17:19:54 -04:00
Carl Dong
570d769c6c
guix: Build support for Windows 2020-04-02 17:19:53 -04:00
MarcoFalke
0d71395848
Merge #18464: doc: block-relay-only vs blocksonly
fa6e01f2a1 doc: block-relay-only is not blocksonly (MarcoFalke)

Pull request description:

  Those are different concepts, see https://github.com/bitcoin/bitcoin/blob/master/doc/release-notes/release-notes-0.19.0.1.md#p2p-changes for the block-relay-only nodes.

ACKs for top commit:
  jonatack:
    ACK fa6e01f
  hebasto:
    ACK fa6e01f2a1

Tree-SHA512: 6de2c81201b62ed59e504a3a6f164068600182e1bbf63eda7f9db3160507bdba091c13882ee0e75e713f0832bfaf5973a86eba3b94588d5b72196f05ae0a9c9a
2020-04-03 05:06:23 +08:00
MarcoFalke
ff53433fe4
Merge #18494: test: replace (send_message + sync_with_ping) with send_and_ping
6112a20982 test: replace (send_message + sync_with_ping) with send_and_ping (Jon Atack)

Pull request description:

  This is a follow-up to faf1d04731 yesterday.

ACKs for top commit:
  vasild:
    utACK 6112a20
  MarcoFalke:
    ACK 6112a20982 🎞

Tree-SHA512: 749644ac9a1ef0e1aa6c3ac5e899eb3fa7fb9c0909352f922a80412df2bc0e539692a7757af550eff4d4914cbe57b0c75ce3948f569acc7a52852e91a55ad457
2020-04-03 02:12:46 +08:00
Luke Dashjr
b5795a7886 Wallet: Add warning comments and assert to CWallet::DelAddressBook 2020-04-02 16:37:42 +00:00
Luke Dashjr
6d2905f57a Wallet: Avoid unnecessary/redundant m_address_book lookups 2020-04-02 16:37:41 +00:00
João Barbosa
7b8e15728d rpc: Fix rpcRunLater race in walletpassphrase 2020-04-02 17:25:27 +01:00
Luke Dashjr
c751d886f4 Wallet: Avoid treating change-in-the-addressbook as non-change everywhere 2020-04-02 16:25:17 +00:00
Luke Dashjr
8e64b8c84b Wallet: New FindAddressBookEntry method to filter out change entries (and skip ->second everywhere) 2020-04-02 16:02:56 +00:00