From affe1ecb4ff16a7f0962d5a77a52f4b46372b3f6 Mon Sep 17 00:00:00 2001 From: Evgeniy Stratonikov Date: Wed, 25 May 2022 17:14:05 +0300 Subject: [PATCH 1/2] encoding: add bigint fuzz test Signed-off-by: Evgeniy Stratonikov --- pkg/encoding/bigint/fuzz_test.go | 52 ++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 pkg/encoding/bigint/fuzz_test.go diff --git a/pkg/encoding/bigint/fuzz_test.go b/pkg/encoding/bigint/fuzz_test.go new file mode 100644 index 000000000..63609353b --- /dev/null +++ b/pkg/encoding/bigint/fuzz_test.go @@ -0,0 +1,52 @@ +//go:build go1.18 +// +build go1.18 + +package bigint + +import ( + "bytes" + "crypto/rand" + "math/big" + "testing" + + "github.com/stretchr/testify/require" +) + +func FuzzFromBytes(f *testing.F) { + for _, tc := range testCases { + f.Add(tc.buf) + } + for i := 0; i < 50; i++ { + for j := 1; j < MaxBytesLen; j++ { + b := make([]byte, j) + _, err := rand.Read(b) + require.NoError(f, err) + f.Add(b) + } + } + f.Fuzz(func(t *testing.T, raw []byte) { + var bi *big.Int + require.NotPanics(t, func() { bi = FromBytes(raw) }) + + var actual []byte + require.NotPanics(t, func() { actual = ToBytes(bi) }) + require.True(t, len(actual) <= len(raw), "actual: %x, raw: %x", actual, raw) + + require.True(t, bytes.Equal(actual, raw[:len(actual)]), "actual: %x, raw: %x", actual, raw) + if len(actual) == len(raw) { + return + } + + var b byte + if bi.Sign() == -1 { + b = 0xFF + } + for i := len(actual); i < len(raw); i++ { + require.Equal(t, b, raw[i], "invalid prefix") + } + + newRaw := ToBytes(bi) + newBi := FromBytes(newRaw) + require.Equal(t, bi, newBi) + }) +} From db977ce38d4c3c70d36253e9475eb5015c0361ff Mon Sep 17 00:00:00 2001 From: Evgeniy Stratonikov Date: Mon, 30 May 2022 15:46:40 +0300 Subject: [PATCH 2/2] vm: add fuzz test for `ParseMultiSigContract` Signed-off-by: Evgeniy Stratonikov --- pkg/vm/fuzz_test.go | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/pkg/vm/fuzz_test.go b/pkg/vm/fuzz_test.go index 93c789e1a..da03fea54 100644 --- a/pkg/vm/fuzz_test.go +++ b/pkg/vm/fuzz_test.go @@ -5,6 +5,8 @@ package vm import ( "testing" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" + "github.com/nspcc-dev/neo-go/pkg/smartcontract" "github.com/nspcc-dev/neo-go/pkg/vm/opcode" "github.com/stretchr/testify/require" ) @@ -35,6 +37,35 @@ func FuzzIsScriptCorrect(f *testing.F) { }) } +func FuzzParseMultiSigContract(f *testing.F) { + pubs := make(keys.PublicKeys, 10) + for i := range pubs { + p, _ := keys.NewPrivateKey() + pubs[i] = p.PublicKey() + } + + s, _ := smartcontract.CreateMultiSigRedeemScript(1, pubs[:1]) + f.Add(s) + + s, _ = smartcontract.CreateMultiSigRedeemScript(3, pubs[:6]) + f.Add(s) + + s, _ = smartcontract.CreateMultiSigRedeemScript(1, pubs) + f.Add(s) + + f.Fuzz(func(t *testing.T, script []byte) { + var b [][]byte + var ok bool + var n int + require.NotPanics(t, func() { + n, b, ok = ParseMultiSigContract(script) + }) + if ok { + require.True(t, n <= len(b)) + } + }) +} + func FuzzVMDontPanic(f *testing.F) { for _, s := range fuzzSeedValidScripts { f.Add(s)