-
Notifications
You must be signed in to change notification settings - Fork 35.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rpc: signed-integer-overflow in analyzepsbt["estimated_feerate"] #27913
Labels
Comments
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this issue
Jun 26, 2023
…nstead of round trip through GetFee 11d6500 feerate: For GetFeePerK() return nSatoshisPerK instead of round trip through GetFee (Andrew Chow) Pull request description: Returning the sats/kvb does not need to round trip through GetFee(1000) since the feerate is already stored as sats/kvb. Fixes bitcoin#27913, although this does bring up a larger question of how we should handle such large feerates in fuzzing. ACKs for top commit: furszy: Code ACK 11d6500 Tree-SHA512: bec1a0d4b572a0c810cf7eb4e97d729d67e96835c2d576a909f755b053a9707c2f1b3df9adb8f08a9c4d310cdbb8b1e1b42b9c004bd1ade02a07d8ce9e902138
fanquake
added a commit
to bitcoin-core/gui
that referenced
this issue
Jul 7, 2023
…ally fa1e27f fuzz: Generate rpc fuzz targets individually (MarcoFalke) Pull request description: The `rpc` fuzz target was added more than two years ago in e458631. However, the bug bitcoin/bitcoin#27913 was only found recently. Thus, it is pretty clear that fuzz engines can't deal with a search space that is too broad and can be extended in too many directions. Fix that by limiting the search space to each RPC method name and then iterate over all names, instead of letting the fuzz engine do the iteration. With this, the bug can be found in seconds, as opposed to years of CPU time (or never). ACKs for top commit: brunoerg: ACK fa1e27f dergoegge: ACK fa1e27f Tree-SHA512: 45ccba842367650d010320603153276b1b303deda9ba8c6bb31a4d2473b00aa5bca866db95f541485d65efd8276e2575026968c037872ef344fa33cf45bcdcd7
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this issue
Jul 7, 2023
fa1e27f fuzz: Generate rpc fuzz targets individually (MarcoFalke) Pull request description: The `rpc` fuzz target was added more than two years ago in e458631. However, the bug bitcoin#27913 was only found recently. Thus, it is pretty clear that fuzz engines can't deal with a search space that is too broad and can be extended in too many directions. Fix that by limiting the search space to each RPC method name and then iterate over all names, instead of letting the fuzz engine do the iteration. With this, the bug can be found in seconds, as opposed to years of CPU time (or never). ACKs for top commit: brunoerg: ACK fa1e27f dergoegge: ACK fa1e27f Tree-SHA512: 45ccba842367650d010320603153276b1b303deda9ba8c6bb31a4d2473b00aa5bca866db95f541485d65efd8276e2575026968c037872ef344fa33cf45bcdcd7
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue for this?
Current behaviour
crash/UB in
bitcoin/src/rpc/rawtransaction.cpp
Line 1906 in f0758d8
Expected behaviour
no crash
Steps to reproduce
UBSAN_OPTIONS="suppressions=$(pwd)/test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1" ./src/qt/bitcoin-qt
analyzepsbt cHNidP8BACkgICAgAAEgICAgIP8DABYgICAgICAgICAgICAgICAgICAgICAgICAgIAAA
Relevant log output
How did you obtain Bitcoin Core
Compiled from source
What version of Bitcoin Core are you using?
current master
Operating system and version
Linux
Machine specifications
No response
The text was updated successfully, but these errors were encountered: