Commit graph

26301 commits

Author SHA1 Message Date
fanquake
c78b123982
build: add -bind_at_load to hardened LDFLAGS
This performs the same function as -Wl,-z,now, except for ld on macOS.

You can check the binaries using otool -l, looking for the
LC_DYLD_INFO_ONLY section. lazy_bind_off and lazy_bind_size should both
be 0.

man ld:

-bind_at_load
Sets a bit in the mach header of the resulting binary which tells dyld
to bind all symbols when the binary is loaded, rather than lazily.
2019-12-13 09:33:20 -05:00
Aaron Clauson
592af5ad3a
Moved the include of the system projects to before the build depends on task. Otherwise it doesn't get run. 2019-12-13 14:01:52 +00:00
fanquake
244501fc85
depends: disable unused qt networking features 2019-12-13 08:30:26 -05:00
fanquake
29d56c62b7
depends: -optimized-qmake is now -optimized-tools 2019-12-13 08:30:26 -05:00
fanquake
ccdda96804
depends: skip building qt proxies 2019-12-13 08:30:26 -05:00
Aaron Clauson
6e2215187e
Included test_bitcoin-qt in msvc build. 2019-12-13 12:07:32 +00:00
Wladimir J. van der Laan
988fe5b1ad
Merge #12763: Add RPC Whitelist Feature from #12248
2081442c42 test: Add test for rpc_whitelist (Emil Engler)
7414d3820c Add RPC Whitelist Feature from #12248 (Jeremy Rubin)

Pull request description:

  Summary
  ====

  This patch adds the RPC whitelisting feature requested in #12248. RPC Whitelists help enforce application policies for services being built on top of Bitcoin Core (e.g., your Lightning Node maybe shouldn't be adding new peers). The aim of this PR is not to make it advisable to connect your Bitcoin node to arbitrary services, but to reduce risk and prevent unintended access.

  Using RPC Whitelists
  ====
  The way it works is you specify (in your bitcoin.conf) configurations such as

  ```
  rpcauth=user1:4cc74397d6e9972e5ee7671fd241$11849357f26a5be7809c68a032bc2b16ab5dcf6348ef3ed1cf30dae47b8bcc71
  rpcauth=user2:181b4a25317bff60f3749adee7d6bca0$d9c331474f1322975fa170a2ffbcb176ba11644211746b27c1d317f265dd4ada
  rpcauth=user3:a6c8a511b53b1edcf69c36984985e$13cfba0e626db19061c9d61fa58e712d0319c11db97ad845fa84517f454f6675
  rpcwhitelist=user1:getnetworkinfo
  rpcwhitelist=user2:getnetworkinfo,getwalletinfo, getbestblockhash
  rpcwhitelistdefault=0
  ```

  Now user1 can only call getnetworkinfo, user2 can only call getnetworkinfo or getwalletinfo, while user3 can still call all RPCs.

  If any rpcwhitelist is set, act as if all users are subject to whitelists unless rpcwhitelistdefault is set to 0. If rpcwhitelistdefault is set to 1 and no rpcwhitelist is set, act as if all users are subject to whitelists.

  Review Request
  =====
  In addition to normal review, would love specific review from someone working on LN (e.g., @ roasbeef) and someone working on an infrastructure team at an exchange (e.g., @ jimpo) to check that this works well with their system.

  Notes
  =====

  The rpc list is spelling sensitive -- whitespace is stripped though. Spelling errors fail towards the RPC call being blocked, which is safer.

  It was unclear to me if HTTPReq_JSONRPC is the best function to patch this functionality into, or if it would be better to place it in exec or somewhere else.

  It was also unclear to me if it would be preferred to cache the whitelists on startup or parse them on every RPC as is done with multiUserAuthorized. I opted for the cached approach as I thought it was a bit cleaner.

  Future Work
  =====

  In a future PR, I would like to add an inheritance scheme. This seemed more controversial so I didn't want to include that here. Inheritance semantics are tricky, but it would also make these whitelists easier to read.

  It also might be good to add a `getrpcwhitelist` command to facilitate permission discovery.

  Tests
  =====
  Thanks to @ emilengler for adding tests for this feature. The tests cover all cases except for where `rpcwhitelistdefault=1` is used, given difficulties around testing with the current test framework.

ACKs for top commit:
  laanwj:
    ACK 2081442c42

Tree-SHA512: 0dc1ac6a6f2f4b0be9c9054d495dd17752fe7b3589aeab2c6ac4e1f91cf4e7e355deedcb5d76d707cbb5a949c2f989c871b74d6bf129351f429569a701adbcbf
2019-12-13 11:27:36 +01:00
Wladimir J. van der Laan
995b6c83e1
Merge #17721: util: Don't allow Base58 decoding of non-Base58 strings. Add Base58 tests.
d945c6f5e6 util: Don't allow base58-decoding of std::string:s containing non-base58 characters (practicalswift)
ff7a999226 tests: Add tests for base58-decoding of std::string:s containing non-base58 characters (practicalswift)

Pull request description:

  Don't allow Base58 decoding of non-Base58 strings. Add Base58 tests.

  Fixes #17718.

  Added tests before the Base58 decoding patch:

  ```
  $ make check
  …
  test/base58_tests.cpp(62): error: in "base58_tests/base58_DecodeBase58":
      check !DecodeBase58(std::string("\0invalid", 8), result) has failed
  test/base58_tests.cpp(67): error: in "base58_tests/base58_DecodeBase58":
      check !DecodeBase58(std::string("good\0bad0IOl", 12), result) has failed
  test/base58_tests.cpp(76): error: in "base58_tests/base58_DecodeBase58":
      check !DecodeBase58Check(std::string("3vQB7B6MrGQZaxCuFg4oh\00IOl", 26), result) has failed
  *** 3 failures are detected in the test module "Bitcoin Core Test Suite"
  …
  $ echo $?
  1
  ```

  Added tests before the Base58 decoding patch:

  ```
  $ make check
  …
  OK
  …
  $ echo $?
  0
  ```

ACKs for top commit:
  MarcoFalke:
    ACK d945c6f5e6 🚓
  laanwj:
    ACK d945c6f5e6

Tree-SHA512: 78fee3a18718c9cfbf2e4b26daaf8f24b4deca00475b7b254fec7f8be740f8898c696d9cd0eaa7c50bca55909b9dff3b516b6fe4db92dc132dcc0a1c5e3d61af
2019-12-13 11:15:28 +01:00
Wladimir J. van der Laan
d4b335c60a
Merge #17617: doc: unify unix epoch time descriptions
d94d34f05f doc: update developer notes wrt unix epoch time (Jon Atack)
e2f32cb5c5 qa: unify unix epoch time descriptions (Jon Atack)

Pull request description:

  Closes #17613.

  Updated call sites: mocktime, getblockheader, getblock, pruneblockchain,
  getchaintxstats, getblocktemplate, setmocktime, getpeerinfo, setban,
  getnodeaddresses, getrawtransaction, importmulti, listtransactions,
  listsinceblock, gettransaction, getwalletinfo, getaddressinfo

  Commands for testing manually:
  ```
  bitcoind -help-debug | grep -A1 mocktime
  bitcoin-cli help getblockheader
  bitcoin-cli help getblock
  bitcoin-cli help pruneblockchain
  bitcoin-cli help getchaintxstats
  bitcoin-cli help getblocktemplate
  bitcoin-cli help setmocktime
  bitcoin-cli help getpeerinfo
  bitcoin-cli help setban
  bitcoin-cli help getnodeaddresses
  bitcoin-cli help getrawtransaction
  bitcoin-cli help importmulti
  bitcoin-cli help listtransactions
  bitcoin-cli help listsinceblock
  bitcoin-cli help gettransaction
  bitcoin-cli help getwalletinfo
  bitcoin-cli help getaddressinfo
  ```

ACKs for top commit:
  laanwj:
    re-ACK d94d34f05f

Tree-SHA512: 060713ea4e20ab72c580f06c5c7e3ef344ad9c2c9cb034987d980a54e3ed2ac0268eb3929806daa5caa7797c45f5305254fd499767db7f22862212cf77acf236
2019-12-13 10:53:47 +01:00
Jon Atack
d94d34f05f
doc: update developer notes wrt unix epoch time 2019-12-13 02:05:05 +01:00
Jon Atack
e2f32cb5c5
qa: unify unix epoch time descriptions
to "UNIX epoch time".

Call sites updated:
```
mocktime
getblockheader
getblock
pruneblockchain
getchaintxstats
getblocktemplate
setmocktime
getpeerinfo
setban
getnodeaddresses
getrawtransaction
importmulti
listtransactions
listsinceblock
gettransaction
getwalletinfo
getaddressinfo
```
2019-12-13 02:02:29 +01:00
MarcoFalke
c5e318aea6
Merge #17736: Update msvc build for Visual Studio 2019 v16.4
75d9317bc1 Update msvc build for Visual Studio 2019 v16.4 (Aaron Clauson)

Pull request description:

  msvc warning C4834 for the Bitcoin Core build was introduced by Visual Studio 16.4.0. This PR adds an ignore rule for the warning (it's related to the nodiscard attribute and is not considered relevant).

  An additional side effect of the msvc compiler update is the prebuilt Qt5.9.8 libraries cannot be linked due to being built with an earlier version of the compiler. To fix this a new Qt5.9.8 version has been compiled and the appveyor job updated to use them.

  The GitHub Actions job needs to continue to use the original Qt5.9.8 libraries until the latest GitHub Windows image also updates to >= Visual Studio 2019 v16.4.

Top commit has no ACKs.

Tree-SHA512: c28d64d78a968eb0bd614932b2d42d762d68853120c345970072b473e2c43fb34e99865062ae1517b10e76f269de6b8f4eed119cf05d59aa883a3553d6a76812
2019-12-12 15:55:33 -05:00
Emil Engler
2081442c42 test: Add test for rpc_whitelist 2019-12-12 11:52:26 -08:00
Aaron Clauson
75d9317bc1
Update msvc build for Visual Studio 2019 v16.4
msvc warning C4834 for the Bitcoin Core build was introduced by Visual Studio 16.4.0. This PR adds an ignore rule for the warning (it's related to the nodiscard attribute and is not considered relevant).
An additional side effect of the msvc compiler update is the prebuilt Qt5.9.8 libraries cannot be linked due to being built with an earlier version of the compiler. To fix this a new Qt5.9.8 version has been compiled and the appveyor job updated to use them. The GitHub Actions job needs to continue to use the original Qt5.9.8 libraries until the latest GitHub Windows image also updates to >= Visual Studio 2019 v16.4.
2019-12-12 18:51:30 +00:00
James O'Beirne
02b9511d6b tests: add tests for GetCoinsCacheSizeState 2019-12-12 11:55:27 -05:00
James O'Beirne
b17e91d842 refactoring: introduce CChainState::GetCoinsCacheSizeState
This separates out some logic for detecting how full the coins cache is from
FlushStateToDisk. We'll want to reuse this logic when deciding when to flush
the coins cache during UTXO snapshot activation.
2019-12-12 11:20:17 -05:00
MarcoFalke
54e11a39e1
Merge #17735: ci: fix typo
5096baf26b build: fix typo (Harris)

Pull request description:

  This PR fixes a typo in .github/workflows/ci.yml.

  test_bticoin => test_bitcoin.

ACKs for top commit:
  practicalswift:
    ACK 5096baf26b

Tree-SHA512: 478fb906adad493ae75872157d269e5060002878784968cfa44b23973b6fccb30cd643728d081a9ed20cff652a8784a33bc281ca5804935ed3c918200190cc9e
2019-12-12 10:54:53 -05:00
Harris
5096baf26b
build: fix typo 2019-12-12 16:11:05 +01:00
fanquake
cf2f439876
Merge #17687: cli: fix Fatal LevelDB error when specifying -blockfilterindex=basic twice
034561f9cd cli: fix Fatal LevelDB error when specifying -blockfilterindex=basic twice (Harris)

Pull request description:

  This PR fixes #17679 by replacing BlockFilterType-vector with a set of the same type to make sure that only unique filter types get inserted.

ACKs for top commit:
  MarcoFalke:
    ACK 034561f9cd 📖
  laanwj:
    ACK 034561f9cd
  fanquake:
    ACK 034561f9cd - Tested with `src/bitcoind --blockfilterindex=basic --blockfilterindex=basic`

Tree-SHA512: 64ccec4d23528abfbb564f2b41fb846137875260ce06ea461da12175819985964a1a7442788d5ff7282b5de0c5fd46524d9a793788ee3b876626cbdf05b28c16
2019-12-12 08:04:31 -05:00
fanquake
8a01450b64
Merge #17598: doc: Update release process with latest changes
fab2f351f2 doc: Update release process with latest changes (MarcoFalke)

Pull request description:

  Mainly adding the reminder to bump the flatpak

ACKs for top commit:
  laanwj:
    ACK fab2f351f2
  fanquake:
    ACK fab2f351f2

Tree-SHA512: fe279a6cdee881e8dd608cb7d09d992c4b668b01b9d0d2dbfaf92f12f3032b8fcb2c256b20fcee861397451add1338f162b6e5fa7b3c21e76c247cc419315284
2019-12-12 07:06:21 -05:00
fanquake
75a2a4f357
Merge #17726: ci: Use python 3.7 on Windows Github Actions
fabd5b444e ci: Use python 3.7 on Windows Github Actions (MarcoFalke)

Pull request description:

  This mirrors the appveyor config 7da9e3a817/.appveyor.yml (L10) and is needed for PEP 540

ACKs for top commit:
  sipsorcery:
    tACK fabd5b444e.
  laanwj:
    ACK fabd5b444e

Tree-SHA512: 2d0118bf4eb5ec510d1ad6e287d35bf28cc800101fa18704c119c7bc84f545aaa236ffe45dc425559e6bd896610302a133b2c50ccdcd3ced6e4d6f8302de7cdb
2019-12-12 07:01:51 -05:00
Wladimir J. van der Laan
0192bd0652
Merge #17369: Refactor: Move encryption code between KeyMan and Wallet
7cecf10ac3 Replace LegacyScriptPubKeyMan::IsCrypted with LegacyScriptPubKeyMan::HasEncryptionKeys (Andrew Chow)
bf6417142f Remove SetCrypted() and fUseCrypto; Change IsCrypted()'s implementation (Andrew Chow)
77a777118e Rename EncryptKeys to Encrypt and pass in the encrypted batch to use (Andrew Chow)
35f962fcf0 Clear mapKeys before encrypting (Andrew Chow)
14b5efd66f Move fDecryptionThoroughlyChecked from CWallet to LegacyScriptPubKeyMan (Andrew Chow)
97c0374a46 Move Unlock implementation to LegacyScriptPubKeyMan (Andrew Chow)
e576b135d6 Replace LegacyScriptPubKeyMan::vMasterKey with GetDecryptionKey() (Andrew Chow)
fd9d6eebc1 Add GetEncryptionKey() and HasEncryptionKeys() to WalletStorage (Andrew Chow)

Pull request description:

  Let wallet class handle locked/unlocked status and master key, and let keyman
  handle encrypting its data and determining whether there is encrypted data.

  There should be no change in behavior, but state is tracked differently. The
  fUseCrypto atomic bool is eliminated and replaced with equivalent
  HasEncryptionKeys checks.

  Split from #17261

ACKs for top commit:
  laanwj:
    ACK 7cecf10ac3

Tree-SHA512: 95a997c366ca539abba0c0a7a0015f39d27b55220683d8d86344ff2d926db4724da67700d2c8ec2d82ed75d07404318c6cb81544af8aadeefab312167257e673
2019-12-12 12:17:10 +01:00
practicalswift
d945c6f5e6 util: Don't allow base58-decoding of std::string:s containing non-base58 characters 2019-12-12 11:01:56 +00:00
practicalswift
ff7a999226 tests: Add tests for base58-decoding of std::string:s containing non-base58 characters 2019-12-12 11:01:56 +00:00
Wladimir J. van der Laan
3914e877c4
Merge #17511: Add bounds checks before base58 decoding
5909bcd3bf Add bounds checks in key_io before DecodeBase58Check (Pieter Wuille)
2bcf1fc444 Pass a maximum output length to DecodeBase58 and DecodeBase58Check (Pieter Wuille)

Pull request description:

  Fixes #17501.

ACKs for top commit:
  laanwj:
    code review ACK 5909bcd3bf
  practicalswift:
    ACK 5909bcd3bf -- code looks correct

Tree-SHA512: 4807f4a9508dee9c0f1ad63f56f70f4ec4e6b7e35eb91322a525e3da3828521a41de9b8338a6bf67250803660b480d95fd02ce6b2fe79c4c88bc19b54f9d8889
2019-12-12 10:56:31 +01:00
fanquake
3f1966ead6
Merge #17705: test: re-enable CLI test support by using EncodeDecimal in json.dumps()
b6f9e3576a test: re-enable CLI test support by using EncodeDecimal in json.dumps() (fanquake)

Pull request description:

  As mentioned in https://github.com/bitcoin/bitcoin/pull/17675#issuecomment-563188648.

ACKs for top commit:
  practicalswift:
    ACK b6f9e3576a assuming Travis is happy too -- diff looks correct :)
  MarcoFalke:
    > ACK b6f9e35 assuming Travis is happy too -- diff looks correct :)

Tree-SHA512: 79fa535cc1756c8ee610a3d6a316a1c4f036797d6990a5620e44985393a2e52f78450f8e0021d0a148c08705fd1ba765508464a365f9030ae0d2cacbd7a93e19
2019-12-11 20:33:28 -05:00
Andrew Chow
7d263571be rpc: require second argument only for scantxoutset start action
The second argument of scanobjects is only required for the start action.
Stop and abort actions do not need this.
2019-12-11 17:19:33 -05:00
MarcoFalke
5948398b18
Merge #17474: Bugfix: GUI: Recognise NETWORK_LIMITED in formatServicesStr
4341bffb6e GUI: Refactor formatServicesStr to warn when a ServicesFlag is missing (Luke Dashjr)
df77de8c21 Bugfix: GUI: Recognise NETWORK_LIMITED in formatServicesStr (Luke Dashjr)

Pull request description:

  Currently, only the bottom 8 service bits are shown in the GUI peer details view.

  `NODE_NETWORK_LIMITED` is the 11th bit (2^10).

  The first commit expands the range to cover the full 64 bits, and properly label `"NETWORK_LIMITED"`.
  The second commit refactors the code so that any future omitted service bits will trigger a compile warning.

ACKs for top commit:
  jonasschnelli:
    utACK 4341bffb6e
  jonasschnelli:
    Tested ACK 4341bffb6e
  hebasto:
    Concept ACK 4341bffb6e

Tree-SHA512: 8338737d03fbcd92024159aabd7e632d46e13c72436d935b504d2bf7ee92b7d124e89a5917bf64d51c87f12a64de703270c2d7b4c6711fa8ed08ea7887d817c7
2019-12-11 17:00:27 -05:00
James O'Beirne
bee88b8c58 tests: have coins simulation test also use CCoinsViewDB
Before this change, the coins simulation test uses a base view of type
CCoinsViewTest, which has no relevance outside of the unittest suite. Might as
well reuse this testcase with a more realistic configuration that has
CCoinsViewDB at the bottom of the view structure.
2019-12-11 15:44:21 -05:00
Jeremy Rubin
7414d3820c Add RPC Whitelist Feature from #12248 2019-12-11 12:33:54 -08:00
MarcoFalke
fabd5b444e
ci: Use python 3.7 on Windows Github Actions 2019-12-11 15:30:23 -05:00
Jan Beich
a64e97dd47 wallet: unbreak with boost 1.72
wallet/walletutil.cpp:77:23: error: no member named 'level' in 'boost::filesystem::recursive_directory_iterator'
        } else if (it.level() == 0 && it->symlink_status().type() == fs::regular_file && IsBerkeleyBtree(it...
                   ~~ ^
2019-12-11 18:51:16 +00:00
MarcoFalke
7da9e3a817
Merge #17050: tests: Add fuzzing harnesses for functions parsing scripts, numbers, JSON and HD keypaths (bip32)
a1308b7e12 tests: Add fuzzing harnesses for various JSON/univalue parsing functions (practicalswift)
e3d2bcf5cf tests: Add fuzzing harnesses for various number parsing functions (practicalswift)
fb8c12093a tests: Add ParseScript(...) (core_io) fuzzing harness (practicalswift)
074cb6451b tests: Add ParseHDKeypath(...) (bip32) fuzzing harness (practicalswift)
0dc5907d0f tests: Add corpora suppression (FUZZERS_MISSING_CORPORA) for fuzzers missing in https://github.com/bitcoin-core/qa-assets/tree/master/fuzz_seed_corpus (practicalswift)

Pull request description:

  Add fuzzing harnesses for `DecodeRawPSBT(...)`, `ParseHDKeypath(...)`, `ParseScript(...)`, various number parsing functions and various JSON/univalue parsing functions.

  **Testing this PR**
  As usual the best way to test proposed fuzzing harnesses is to use `test_fuzzing_harnesses.sh` (#17000) to quickly verify that the relevant code regions are triggered, that the fuzzing throughput seems reasonable, etc.

  `test_fuzzing_harnesses.sh 'psbt|hd_keypath|numbers|parse_script|univalue' 10` runs all fuzzers matching the regexp and gives them ten seconds of runtime each.

  ```
  $ CC=clang CXX=clang++ ./configure --enable-fuzz --with-sanitizers=address,fuzzer,undefined
  $ make
  $ contrib/devtools/test_fuzzing_harnesses.sh 'psbt|hd_keypath|numbers|parse_script|univalue' 10
  Testing fuzzer parse_hd_keypath during 10 second(s)
  A subset of reached functions:
          NEW_FUNC[0/2]: 0x55bc23a76940 in ParsePrechecks(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) src/util/strencodings.cpp:267
          NEW_FUNC[1/2]: 0x55bc23a77300 in ParseUInt32(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, unsigned int*) src/util/strencodings.cpp:309
  stat::number_of_executed_units: 34237
  stat::average_exec_per_sec:     3112
  stat::new_units_added:          113
  stat::slowest_unit_time_sec:    0
  stat::peak_rss_mb:              282
  Number of unique code paths taken during fuzzing round: 30

  Testing fuzzer parse_numbers during 10 second(s)
  A subset of reached functions:
  stat::number_of_executed_units: 31309
  stat::average_exec_per_sec:     2846
  stat::new_units_added:          688
  stat::slowest_unit_time_sec:    0
  stat::peak_rss_mb:              234
  Number of unique code paths taken during fuzzing round: 149

  Testing fuzzer parse_script during 10 second(s)
  A subset of reached functions:
          NEW_FUNC[1/11]: 0x5636ff61ba00 in IsDigit(char) src/./util/strencodings.h:70
          NEW_FUNC[0/14]: 0x5636fe6c6280 in CScript::operator<<(opcodetype) src/./script/script.h:448
          NEW_FUNC[1/14]: 0x5636fe6e0290 in prevector<28u, unsigned char, unsigned int, int>::insert(prevector<28u, unsigned char, unsigned int, int>::iterator, unsigned char const&) src/./prevector.h:342
          NEW_FUNC[2/14]: 0x5636fe6e1040 in prevector<28u, unsigned char, unsigned int, int>::size() const src/./prevector.h:277
          NEW_FUNC[3/14]: 0x5636fe6e1250 in prevector<28u, unsigned char, unsigned int, int>::capacity() const src/./prevector.h:295
          NEW_FUNC[4/14]: 0x5636fe6e1cb0 in prevector<28u, unsigned char, unsigned int, int>::item_ptr(int) src/./prevector.h:196
          NEW_FUNC[0/10]: 0x5636fe6c5650 in CScript::operator<<(std::vector<unsigned char, std::allocator<unsigned char> > const&) src/./script/script.h:462
          NEW_FUNC[2/10]: 0x5636fe6e0a20 in void prevector<28u, unsigned char, unsigned int, int>::insert<__gnu_cxx::__normal_iterator<unsigned char const*, std::vector<unsigned char, std::allocator<unsigned char> > > >(prevector<28u, unsigned char, unsigned int, int>::iterator, __gnu_cxx::__normal_iterator<unsigned char const*, std::vector<unsigned char, std::allocator<[32/1902]
  char> > >, __gnu_cxx::__normal_iterator<unsigned char const*, std::vector<unsigned char, std::allocator<unsigned char> > >) src/./prevector.h:368
          NEW_FUNC[5/10]: 0x5636fe6e2350 in void prevector<28u, unsigned char, unsigned int, int>::fill<__gnu_cxx::__normal_iterator<unsigned char const*, std::vector<unsigned char, std::allocator<unsigned char> > > >(unsigned char*, __gnu_cxx::__normal_iterator<unsigned char const*, std::vector<unsigned char, std::allocator<unsigned char> > >, __gnu_cxx::__normal_iterator<unsign
  ed char const*, std::vector<unsigned char, std::allocator<unsigned char> > >) src/./prevector.h:204
          NEW_FUNC[0/1]: 0x5636ff8e48b0 in IsHex(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) src/util/strencodings.cpp:61
          NEW_FUNC[0/2]: 0x5636fe6e1410 in prevector<28u, unsigned char, unsigned int, int>::change_capacity(unsigned int) src/./prevector.h:165
          NEW_FUNC[1/2]: 0x5636fe6e1f00 in prevector<28u, unsigned char, unsigned int, int>::indirect_ptr(int) src/./prevector.h:161
          NEW_FUNC[0/1]: 0x5636fe6e0580 in void prevector<28u, unsigned char, unsigned int, int>::insert<unsigned char*>(prevector<28u, unsigned char, unsigned int, int>::iterator, unsigned char*, unsigned char*) src/./prevector.h:368
          NEW_FUNC[0/3]: 0x5636fe85f0d0 in CScript::push_int64(long) src/./script/script.h:394
          NEW_FUNC[1/3]: 0x5636fe85f520 in prevector<28u, unsigned char, unsigned int, int>::push_back(unsigned char const&) src/./prevector.h:422
          NEW_FUNC[2/3]: 0x5636ff8ed730 in atoi64(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) src/util/strencodings.cpp:417
  stat::number_of_executed_units: 8153
  stat::average_exec_per_sec:     741
  stat::new_units_added:          296
  stat::slowest_unit_time_sec:    0
  stat::peak_rss_mb:              237
  Number of unique code paths taken during fuzzing round: 98

  Testing fuzzer parse_univalue during 10 second(s)
  A subset of reached functions:
          NEW_FUNC[0/19]: 0x560db8655950 in tinyformat::detail::formatImpl(std::ostream&, char const*, tinyformat::detail::FormatArg const*, int) src/./tinyformat.h:791
          NEW_FUNC[4/19]: 0x560db86582b0 in tinyformat::detail::printFormatStringLiteral(std::ostream&, char const*) src/./tinyformat.h:564
          NEW_FUNC[5/19]: 0x560db8658690 in tinyformat::detail::streamStateFromFormat(std::ostream&, bool&, int&, char const*, tinyformat::detail::FormatArg const*, int&, int) src/./tinyformat.h:601
          NEW_FUNC[6/19]: 0x560db865f090 in tinyformat::detail::FormatArg::format(std::ostream&, char const*, char const*, int) const src/./tinyformat.h:513
          NEW_FUNC[12/19]: 0x560db8661ba0 in void tinyformat::detail::FormatArg::formatImpl<int>(std::ostream&, char const*, char const*, int, void const*) src/./tinyformat.h:530
          NEW_FUNC[13/19]: 0x560db8661d90 in void tinyformat::formatValue<int>(std::ostream&, char const*, char const*, int, int const&) src/./tinyformat.h:317
          NEW_FUNC[14/19]: 0x560db875c8b0 in void tinyformat::detail::FormatArg::formatImpl<unsigned int>(std::ostream&, char const*, char const*, int, void const*) src/./tinyformat.h:530
          NEW_FUNC[15/19]: 0x560db875caa0 in void tinyformat::formatValue<unsigned int>(std::ostream&, char const*, char const*, int, unsigned int const&) src/./tinyformat.h:317
          NEW_FUNC[16/19]: 0x560db9473ef0 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > tinyformat::format<int, unsigned int>(char const*, int const&, unsigned int const&) src/./tinyformat.h:976
          NEW_FUNC[17/19]: 0x560db94749a0 in void tinyformat::format<int, unsigned int>(std::ostream&, char const*, int const&, unsigned int const&) src/./tinyformat.h:968
          NEW_FUNC[18/19]: 0x560db9474cf0 in tinyformat::detail::FormatListN<2>::FormatListN<int, unsigned int>(int const&, unsigned int const&) src/./tinyformat.h:885
  stat::number_of_executed_units: 14089
  stat::average_exec_per_sec:     1280
  stat::new_units_added:          135
  stat::slowest_unit_time_sec:    0
  stat::peak_rss_mb:              356
  Number of unique code paths taken during fuzzing round: 62

  Testing fuzzer psbt_input_deserialize during 10 second(s)
  A subset of reached functions:
          NEW_FUNC[0/46]: 0x557847ce3530 in prevector<28u, unsigned char, unsigned int, int>::~prevector() src/./prevector.h:456
          NEW_FUNC[3/46]: 0x557847cfdcf0 in prevector<28u, unsigned char, unsigned int, int>::size() const src/./prevector.h:277
          NEW_FUNC[4/46]: 0x557847cfe0c0 in prevector<28u, unsigned char, unsigned int, int>::change_capacity(unsigned int) src/./prevector.h:165
          NEW_FUNC[13/46]: 0x557847d3c890 in unsigned long ReadCompactSize<CDataStream>(CDataStream&) src/./serialize.h:290
          NEW_FUNC[14/46]: 0x557847d47b60 in prevector<28u, unsigned char, unsigned int, int>::resize(unsigned int) src/./prevector.h:311
          NEW_FUNC[16/46]: 0x557847d48800 in CTxOut::CTxOut() src/./primitives/transaction.h:140
          NEW_FUNC[17/46]: 0x557847d4b050 in CTxOut::SetNull() src/./primitives/transaction.h:155
          NEW_FUNC[18/46]: 0x557847d4b140 in CScript::clear() src/./script/script.h:563
          NEW_FUNC[19/46]: 0x557847d4ead0 in void Unserialize_impl<CDataStream, unsigned char, std::allocator<unsigned char> >(CDataStream&, std::vector<unsigned char, std::allocator<unsigned char> >&, unsigned char const&) src/./serialize.h:746
          NEW_FUNC[0/58]: 0x557847cfdf00 in prevector<28u, unsigned char, unsigned int, int>::capacity() const src/./prevector.h:295
          NEW_FUNC[1/58]: 0x557847cfe960 in prevector<28u, unsigned char, unsigned int, int>::item_ptr(int) src/./prevector.h:196
          NEW_FUNC[2/58]: 0x557847cfebb0 in prevector<28u, unsigned char, unsigned int, int>::indirect_ptr(int) src/./prevector.h:161
          NEW_FUNC[3/58]: 0x557847d03990 in uint256::uint256() src/./uint256.h:123
          NEW_FUNC[0/3]: 0x557847d47430 in void CScript::SerializationOp<CDataStream, CSerActionUnserialize>(CDataStream&, CSerActionUnserialize) src/./script/script.h:418
          NEW_FUNC[1/3]: 0x557847d47730 in void Unserialize_impl<CDataStream, 28u, unsigned char>(CDataStream&, prevector<28u, unsigned char, unsigned int, int>&, unsigned char const&) src/./serialize.h:666
          NEW_FUNC[2/3]: 0x557847d60dd0 in CDataStream& CDataStream::operator>><CScript&>(CScript&) src/./streams.h:460
          NEW_FUNC[1/78]: 0x557847cffae0 in prevector<28u, unsigned char, unsigned int, int>::item_ptr(int) const src/./prevector.h:197
          NEW_FUNC[2/78]: 0x557847cffd30 in prevector<28u, unsigned char, unsigned int, int>::indirect_ptr(int) const src/./prevector.h:162
          NEW_FUNC[0/1]: 0x557847d65f90 in OverrideStream<CDataStream>& OverrideStream<CDataStream>::operator>><unsigned char&>(unsigned char&) src/./streams.h:46
          NEW_FUNC[0/3]: 0x557847d470e0 in void SerReadWriteMany<CDataStream, CScript&>(CDataStream&, CSerActionUnserialize, CScript&) src/./serialize.h:989
          NEW_FUNC[1/3]: 0x557847d4ac50 in void CTxOut::SerializationOp<CDataStream, CSerActionUnserialize>(CDataStream&, CSerActionUnserialize) src/./primitives/transaction.h:149
          NEW_FUNC[2/3]: 0x557847d5f860 in void UnserializeFromVector<CDataStream, CTxOut>(CDataStream&, CTxOut&) src/./script/sign.h:90
          NEW_FUNC[0/1]: 0x557847d60840 in void UnserializeFromVector<CDataStream, int>(CDataStream&, int&) src/./script/sign.h:90
          NEW_FUNC[0/1]: 0x557847d41010 in CMutableTransaction::HasWitness() const src/./primitives/transaction.h:398
  stat::number_of_executed_units: 13615
  stat::average_exec_per_sec:     1237
  stat::new_units_added:          357
  stat::slowest_unit_time_sec:    0
  stat::peak_rss_mb:              446
  Number of unique code paths taken during fuzzing round: 152

  Testing fuzzer psbt_output_deserialize during 10 second(s)
  A subset of reached functions:
          NEW_FUNC[0/27]: 0x55c9347e5940 in prevector<28u, unsigned char, unsigned int, int>::~prevector() src/./prevector.h:456
          NEW_FUNC[5/27]: 0x55c93483eca0 in unsigned long ReadCompactSize<CDataStream>(CDataStream&) src/./serialize.h:290
          NEW_FUNC[6/27]: 0x55c934850ee0 in void Unserialize_impl<CDataStream, unsigned char, std::allocator<unsigned char> >(CDataStream&, std::vector<unsigned char, std::allocator<unsigned char> >&, unsigned char const&) src/./serialize.h:746
          NEW_FUNC[14/27]: 0x55c934858500 in PSBTOutput::PSBTOutput() src/./psbt.h:281
          NEW_FUNC[15/27]: 0x55c934858870 in CDataStream& CDataStream::operator>><PSBTOutput&>(PSBTOutput&) src/./streams.h:460
          NEW_FUNC[0/1]: 0x55c934800100 in prevector<28u, unsigned char, unsigned int, int>::size() const src/./prevector.h:277
          NEW_FUNC[0/4]: 0x55c934849840 in void CScript::SerializationOp<CDataStream, CSerActionUnserialize>(CDataStream&, CSerActionUnserialize) src/./script/script.h:418
          NEW_FUNC[1/4]: 0x55c934849b40 in void Unserialize_impl<CDataStream, 28u, unsigned char>(CDataStream&, prevector<28u, unsigned char, unsigned int, int>&, unsigned char const&) src/./serialize.h:666
          NEW_FUNC[2/4]: 0x55c934849f70 in prevector<28u, unsigned char, unsigned int, int>::resize(unsigned int) src/./prevector.h:311
          NEW_FUNC[3/4]: 0x55c93485dc60 in CDataStream& CDataStream::operator>><CScript&>(CScript&) src/./streams.h:460
          NEW_FUNC[0/3]: 0x55c934800310 in prevector<28u, unsigned char, unsigned int, int>::capacity() const src/./prevector.h:295
          NEW_FUNC[1/3]: 0x55c934800d70 in prevector<28u, unsigned char, unsigned int, int>::item_ptr(int) src/./prevector.h:196
          NEW_FUNC[2/3]: 0x55c934849d40 in prevector<28u, unsigned char, unsigned int, int>::resize_uninitialized(unsigned int) src/./prevector.h:381
          NEW_FUNC[0/1]: 0x55c93485ddd0 in void DeserializeHDKeypaths<CDataStream>(CDataStream&, std::vector<unsigned char, std::allocator<unsigned char> > const&, std::map<CPubKey, KeyOriginInfo, std::less<CPubKey>, std::allocator<std::pair<CPubKey const, KeyOriginInfo> > >&) src/./script/sign.h:103
  stat::number_of_executed_units: 19130
  stat::average_exec_per_sec:     1739
  stat::new_units_added:          195
  stat::slowest_unit_time_sec:    0
  stat::peak_rss_mb:              411
  Number of unique code paths taken during fuzzing round: 64

  Tested fuzz harnesses seem to work as expected.
  ```

Top commit has no ACKs.

Tree-SHA512: baf1630a6e438d02d33c77b9e602c99546b9e8d83705e67c2749e0600039c37707cdf419cee19282f069e8d787c536ed4960f9c47e93bd0f0251495b83780ada
2019-12-11 13:37:15 -05:00
MarcoFalke
14dafcbc13
Merge #17713: doc: Add release notes for 17447
fa4b656e97 doc: Add release notes for 17447 (MarcoFalke)

Pull request description:

  Stolen from https://github.com/bitcoin/bitcoin/pull/17447#issuecomment-553475914

ACKs for top commit:
  promag:
    ACK fa4b656e97.
  laanwj:
    ACK fa4b656e97

Tree-SHA512: 5d281c0a85e75c9fae8885faf0e4a2ca4e4f73788f3d214ca65c7c891203a7435cc77fe3046e2d7e3e2226d96c547005f1d970e768d6cd82423f575e07881431
2019-12-11 13:10:36 -05:00
MarcoFalke
f1d3d3430e
Merge #17714: rpc: add missing newline in analyzepsbt RPCResult
7e8b4de059 rpc: add missing newline in analyzepsbt rpcresult (Jon Atack)

Pull request description:

  follow-up to 638e40c in #17524

  before
  ```
    "error" : "error"               (string) Error message if there is one}
  ```
  after
  ```
    "error" : "error"               (string) Error message if there is one
  }
  ```

ACKs for top commit:
  practicalswift:
    ACK 7e8b4de059
  promag:
    ACK 7e8b4de059.
  emilengler:
    ACK 7e8b4de

Tree-SHA512: 4cdd365e39d15b7925ea277b7ff3e9bfdc22f5845aa41ca547343b4dabdf319579843a1c7f11fb0edd6abbc31bae2ec96236b83e84f8872bd662848723725e4c
2019-12-11 10:40:49 -05:00
MarcoFalke
fab9d115cd
Merge #17697: CI: GitHub Action workflow which duplicates AppVeyor job
b0b1531737 Adds GitHub Action workflow which duplicates AppVeyor job. (Aaron Clauson)

Pull request description:

  As discussed in #17594 this PR contains a GitHub Action workflow file that performs the same job as the current Appveyor CI task except for the Python functional tests. For the latter I've been unable to get them to execute successfully due to a Unicode error. I've tried on and off for a week to get it to work but with no joy.

  It may be that someone more proficient in Python will recognise the error and be able to provide a pointer on how to proceed. I've tried some obvious things like changing the Windows console code page.

  To run this job it should just be a matter of clicking on the GitHub `Actions` tab and enabling workflows. It's also not required that the file is on the `master` branch for the job to run. If anyone else wants to run the job they can pull this PR into their own fork and enable `Actions` (it's free).

Top commit has no ACKs.

Tree-SHA512: 8dce7509922ece3438b15ea371ec509a08b507e981a8fb705f1cf5a2b4a147a22ded599942aa95f3bd8d5e98cfc65b50cf3df6171f02dd863659160f1d77ef76
2019-12-11 09:44:56 -05:00
Wladimir J. van der Laan
4863a8ff16
Merge #17698: depends: don't configure xcb_proto
e97f5c1823 depends: don't configure xcb_proto (fanquake)

Pull request description:

  xcb_proto's configure doesn't understand `--disable-shared` or
  `--with-pic`. All the package does it put a stack of XML files into
  a directory to be used by libxcb.

  Probably enough to close #16354.

ACKs for top commit:
  dongcarl:
    ACK e97f5c1823

Tree-SHA512: 1a49fd7c8269405bbf312be33c1aeaac5f25ef8666829b01dc3c58f3a2a9281c23c42614a7f1cfc3ee260be4ea3e71285869b1cb9c2035dceda336296d9d9dea
2019-12-11 12:27:51 +01:00
Andrew Chow
f1ef7f0aa4 Don't calculate tx fees for PSBTs with invalid money values
In decodepsbt if an invalid amount is seen, don't calculate the fee
but still show the invalid value in the decode.

In analyze psbt, if an invalid amount is seen, set the next step to
be the creator as the creator needs to remake the transaction so that
it is valid.
2019-12-10 21:10:48 -05:00
MarcoFalke
facb416ad5
ci: Add valgrind run 2019-12-10 19:37:37 -05:00
Jon Atack
7e8b4de059
rpc: add missing newline in analyzepsbt rpcresult
follow-up to 638e40c
2019-12-10 19:48:53 +01:00
MarcoFalke
3d6752779f
Merge #17633: tests: Add option --valgrind to run the functional tests under Valgrind
5db506ba59 tests: Add option --valgrind to run nodes under valgrind in the functional tests (practicalswift)

Pull request description:

  What is better than fixing bugs? Fixing entire bug classes of course! :)

  Add option `--valgrind` to run the functional tests under Valgrind.

  Regular functional testing under Valgrind would have caught many of the uninitialized reads we've seen historically.

  Let's kill this bug class once and for all: let's never use an uninitialized value ever again. Or at least not one that would be triggered by running the functional tests! :)

  My hope is that this addition will make it super-easy to run the functional tests under Valgrind and thus increase the probability of people making use of it :)

  Hopefully `test/functional/test_runner.py --valgrind` will become a natural part of the pre-release QA process.

  **Usage:**

  ```
  $ test/functional/test_runner.py --help
  …
    --valgrind            run nodes under the valgrind memory error detector:
                          expect at least a ~10x slowdown, valgrind 3.14 or
                          later required
  ```

  **Live demo:**

  First, let's re-introduce a memory bug by reverting the recent P2P uninitialized read bug fix from PR #17624 ("net: Fix an uninitialized read in ProcessMessage(…, "tx", …) when receiving a transaction we already have").

  ```
  $ git diff
  diff --git a/src/consensus/validation.h b/src/consensus/validation.h
  index 3401eb64c..940adea33 100644
  --- a/src/consensus/validation.h
  +++ b/src/consensus/validation.h
  @@ -114,7 +114,7 @@ inline ValidationState::~ValidationState() {};

   class TxValidationState : public ValidationState {
   private:
  -    TxValidationResult m_result = TxValidationResult::TX_RESULT_UNSET;
  +    TxValidationResult m_result;
   public:
       bool Invalid(TxValidationResult result,
                    const std::string &reject_reason="",
  ```

  Second, let's test as normal without Valgrind:

  ```
  $ test/functional/p2p_segwit.py -l INFO
  2019-11-28T09:30:42.810000Z TestFramework (INFO): Initializing test directory /tmp/bitcoin_func_test__fc8q3qo
  …
  2019-11-28T09:31:57.187000Z TestFramework (INFO): Subtest: test_non_standard_witness_blinding (Segwit active = True)
  …
  2019-11-28T09:32:08.265000Z TestFramework (INFO): Tests successful
  ```

  Third, let's test with `--valgrind` and see if the test fail (as we expect) when the unitialized value is used:

  ```
  $ test/functional/p2p_segwit.py -l INFO --valgrind
  2019-11-28T09:32:33.018000Z TestFramework (INFO): Initializing test directory /tmp/bitcoin_func_test_gtjecx2l
  …
  2019-11-28T09:40:36.702000Z TestFramework (INFO): Subtest: test_non_standard_witness_blinding (Segwit active = True)
  2019-11-28T09:40:37.813000Z TestFramework (ERROR): Assertion failed
  ConnectionRefusedError: [Errno 111] Connection refused
  ```

ACKs for top commit:
  MarcoFalke:
    ACK 5db506ba59
  jonatack:
    ACK 5db506ba59

Tree-SHA512: 2eaecacf4da166febad88b2a8ee6d7ac2bcd38d4c1892ca39516b6343e8f8c8814edf5eaf14c90f11a069a0389d24f0713076112ac284de987e72fc5f6cc3795
2019-12-10 13:30:37 -05:00
MarcoFalke
d5674c5f0f
Merge #17703: build: Improve configure.ac formatting
3ab1824625 build: Use dnl for all comments in configure.ac, rather than # (fanquake)
8ddcbb4e41 build: Remove backticks from configure.ac (fanquake)

Pull request description:

  Use `dnl` for all comments, rather than `#`.
  Remove backticks - Their usage for the `bdb_prefix` and `qt5_prefix` commands may have improved backwards compatibility in some cases, however we now require recent versions of macOS. I'm not sure why they were being used in the `HAVE_STD__SYSTEM` and `HAVE_WSYSTEM` defines.

ACKs for top commit:
  dongcarl:
    ACK 3ab1824625
  hebasto:
    ACK 3ab1824625, I have reviewed the code and it looks OK, I agree it can be merged.

Tree-SHA512: 2bcffb52c365acff87a0e6b9527ae31f36fdabb7ea095a8fd261f9a39b2c2848f5dfc148bc38d21e21e7bd761b1a2960e9a96f508c66be84d9569b8a401e812a
2019-12-10 13:16:17 -05:00
MarcoFalke
2126d6ce69
Merge #17561: doc: Changed MiniUPnPc link to https in dependencies.md
5ad4dd1ea1 doc: Changed MiniUPnPc link to https in dependencies.md (Marius Kjærstad)

Pull request description:

  doc: Changed MiniUPnPc link to https in dependencies.md

Top commit has no ACKs.

Tree-SHA512: 228ee98c877612468a34d09610999a47257ab1e060f3004a530639f0c29fb473b48e59588ff70297c53a3abeb2bb32bfedbb61e102a7fc10df4bb1b5d0d5893b
2019-12-10 13:09:05 -05:00
MarcoFalke
fa4b656e97
doc: Add release notes for 17447
Co-Authored-By: Russell Yanofsky <russ@yanofsky.org>
2019-12-10 13:03:28 -05:00
MarcoFalke
ea756bc48c
Merge #17502: test: add unit test for non-standard bare multisig txs
1bb5d517aa test: add unit test for non-standard bare multisig txs (Sebastian Falbesoner)

Pull request description:

  Approaches another missing unit test of issue #17394: Checks that the function `IsStandardTx()` returns rejection reason `"bare-multisig"` if any one of the outputs' scriptPubKey has bare multisignature format (i.e. `M <PubKey1> <PubKey2> ... <PubKeyN> N OP_CHECKSIG`, not P2SH!) and the policy flag `fIsBareMultisigStd` is set to false.

ACKs for top commit:
  instagibbs:
    utACK 1bb5d517aa

Tree-SHA512: d7c95e35da16520d6dcd2b4278e2426fedd13f68d1f23c90e85e929774e123fbfcfbccc26df6ad1c0dd61780896fa4b4b3d4e8280c647bb06df2bfcf2ba572fb
2019-12-10 12:49:31 -05:00
MarcoFalke
fae94785d9
Merge #17524: psbt: handle unspendable psbts
773d4572a4 Mark PSBTs spending unspendable outputs as invalid in analysis (Andrew Chow)
638e40cb60 Have a PSBTAnalysis state that indicates invalid PSBT (Andrew Chow)

Pull request description:

  When analyzing an unspendable PSBT, report that it is unspendable and exit analysis early.

ACKs for top commit:
  Sjors:
    ACK 773d457
  instagibbs:
    After some thought ACK 773d4572a4

Tree-SHA512: 99b0cb2fa1ea37593fc65a20effe881639d69ddeeecf5197bc87bc7f2220cbeb40f1d429d517e4d27f2e9fb563a00cd845d2b4b1ce05246a75a6cb56fb9b0ba5
2019-12-10 12:12:10 -05:00
MarcoFalke
fab2f351f2
doc: Update release process with latest changes 2019-12-10 12:04:04 -05:00
practicalswift
a1308b7e12 tests: Add fuzzing harnesses for various JSON/univalue parsing functions 2019-12-10 16:39:40 +00:00
practicalswift
e3d2bcf5cf tests: Add fuzzing harnesses for various number parsing functions 2019-12-10 16:39:40 +00:00
practicalswift
fb8c12093a tests: Add ParseScript(...) (core_io) fuzzing harness 2019-12-10 16:39:40 +00:00