Skip to content
This repository has been archived by the owner on Apr 17, 2019. It is now read-only.

MST fuzzing #1845

Merged
merged 2 commits into from
Nov 20, 2018
Merged

MST fuzzing #1845

merged 2 commits into from
Nov 20, 2018

Conversation

luckychess
Copy link
Contributor

Description of the Change

Fuzzing for MST endpoint (SendState).

Benefits

One more endpoint covered.

Possible Drawbacks

CI is needed.
Also it looks like a false positive warning from Address Sanitizer (at least I couldn't find a problem - see https://gist.github.com/luckychess/b65bd40e958887273e86a0a535cc896d).

Usage Examples or Tests

cmake -DCMAKE_C_COMPILER=/usr/local/opt/llvm/bin/clang -DCMAKE_CXX_COMPILER=/usr/local/opt/llvm/bin/clang++  -DFUZZING=ON ..
make mst_fuzz

igor-egorov
igor-egorov approved these changes Nov 13, 2018
View reviewed changes
Copy link
Contributor

@igor-egorov igor-egorov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did not catch the same issue as in referenced gist. The fuzzer caught SEGV.

lebdron
lebdron reviewed Nov 13, 2018
View reviewed changes
test/fuzzing/mst_fuzz.cpp
shared_model::interface::Transaction>>
tx_validator =
std::make_unique<shared_model::validation::
DefaultOptionalSignedTransactionValidator>();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The problem with this approach is that the possible changes in application.cpp will not be reflected in this file. Please think of a solution where components in application.cpp are referenced here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After discussion with @igor-egorov we decided to leave TODO and fix this issue later since it affect other tasks too.

nickaleks
nickaleks approved these changes Nov 14, 2018
View reviewed changes
Copy link
Contributor

@nickaleks nickaleks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please fix andrei's issue

@luckychess
Add fuzzing for MST endpoint
911bd06 
Signed-off-by: Konstantin Munichev <toobwn@gmail.com>
@l4l l4l added the security label Nov 19, 2018
@luckychess
Add TODO about validator reuse
3f0b667 
Signed-off-by: Konstantin Munichev <toobwn@gmail.com>
@luckychess luckychess merged commit 5a1643f into dev Nov 20, 2018
@luckychess luckychess deleted the feature/mst_fuzzing branch November 20, 2018 14:10
@kamilsa kamilsa mentioned this pull request Dec 12, 2018
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lebdron lebdron lebdron left review comments

@nickaleks nickaleks nickaleks approved these changes

@igor-egorov igor-egorov igor-egorov approved these changes

Assignees
No one assigned
Labels
security
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@luckychess @nickaleks @lebdron @igor-egorov @l4l