From 400b9e9c8f87209b7def284faf8686e5b8c57fdb Mon Sep 17 00:00:00 2001 From: Dimitry Date: Mon, 13 Jul 2015 23:14:16 +0300 Subject: [PATCH] Fuzz: Rlp Fuzzing Suite --- test/fuzzTesting/CMakeLists.txt | 2 +- test/fuzzTesting/createRandomTest.cpp | 11 ++++++++--- test/fuzzTesting/fuzzHelper.cpp | 26 ++++++++++++-------------- test/fuzzTesting/fuzzHelper.h | 13 ++++++++++--- test/libdevcore/rlp.cpp | 11 +++++++++-- 5 files changed, 40 insertions(+), 23 deletions(-) diff --git a/test/fuzzTesting/CMakeLists.txt b/test/fuzzTesting/CMakeLists.txt index 9bd2b5540..ec56282bf 100644 --- a/test/fuzzTesting/CMakeLists.txt +++ b/test/fuzzTesting/CMakeLists.txt @@ -8,7 +8,7 @@ include_directories(${Boost_INCLUDE_DIRS}) include_directories(${CRYPTOPP_INCLUDE_DIRS}) include_directories(${JSON_RPC_CPP_INCLUDE_DIRS}) -add_executable(createRandomTest "./createRandomTest.cpp" "../TestHelper.cpp" "../Stats.cpp" "fuzzHelper.cpp" "../libethereum/transaction.cpp" "../libethereum/state.cpp" "../libevm/vm.cpp" "../libethereum/blockchain.cpp") +add_executable(createRandomTest "./createRandomTest.cpp" "../TestHelper.cpp" "../Stats.cpp" "fuzzHelper.cpp" "../libethereum/transaction.cpp" "../libethereum/state.cpp" "../libevm/vm.cpp" "../libethereum/blockchain.cpp" "../libdevcore/rlp.cpp") add_executable(createRandomVMTest "./createRandomVMTest.cpp" "../libevm/vm.cpp" "../TestHelper.cpp" "../Stats.cpp") add_executable(createRandomStateTest "./createRandomStateTest.cpp" "../TestHelper.cpp" "../Stats.cpp" "fuzzHelper.cpp") diff --git a/test/fuzzTesting/createRandomTest.cpp b/test/fuzzTesting/createRandomTest.cpp index 4937784f9..c47a47fec 100644 --- a/test/fuzzTesting/createRandomTest.cpp +++ b/test/fuzzTesting/createRandomTest.cpp @@ -145,9 +145,9 @@ int main(int argc, char *argv[]) if (testSuite == "RLPTests") { if (checktest) - return checkRandomTest(dev::test::doStateTests, testmValue, debug); + return checkRandomTest(dev::test::doRlpTests, testmValue, debug); else - fillRandomTest(dev::test::doStateTests, (filltest) ? testFillString : c_testExampleStateTest, filldebug); + fillRandomTest(dev::test::doRlpTests, (filltest) ? testFillString : c_testExampleRLPTest, filldebug); } } @@ -250,7 +250,12 @@ void parseTestWithTypes(std::string& _test) while (pos != std::string::npos) { if (types.at(i) == "[RLP]") - _test.replace(pos, 5, dev::test::RandomCode::generate(10, options)); + { + std::string debug; + int randomDepth = 1 + dev::test::RandomCode::randomUniInt() % 10; + _test.replace(pos, 5, dev::test::RandomCode::rndRLPSequence(randomDepth, debug)); + cnote << debug; + } else if (types.at(i) == "[CODE]") _test.replace(pos, 6, "0x"+dev::test::RandomCode::generate(10, options)); diff --git a/test/fuzzTesting/fuzzHelper.cpp b/test/fuzzTesting/fuzzHelper.cpp index afae6a9c9..d7585242f 100644 --- a/test/fuzzTesting/fuzzHelper.cpp +++ b/test/fuzzTesting/fuzzHelper.cpp @@ -42,7 +42,7 @@ boostIntGenerator RandomCode::randOpLengGen = boostIntGenerator(gen, opLengDist) boostIntGenerator RandomCode::randUniIntGen = boostIntGenerator(gen, uniIntDist); boostUInt64Generator RandomCode::randUInt64Gen = boostUInt64Generator(gen, uInt64Dist); -int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) +int RandomCode::recursiveRLP(std::string &_result, int _depth, std::string &_debug) { bool genvalidrlp = false; if (_depth > 1) @@ -52,10 +52,10 @@ int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) for (auto i = 0; i < size; i++) { std::string blockstr; - RlpDebug blockDebug; + std::string blockDebug; recursiveRLP(blockstr, _depth - 1, blockDebug); _result += blockstr; - _debug.rlp += blockDebug.rlp; + _debug += blockDebug; } //make rlp header @@ -94,7 +94,7 @@ int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) } } _result = header + _result; - _debug.rlp = "[" + header + "(" + toString(length) + "){" + toString(rtype) + "}]" + _debug.rlp; + _debug = "[" + header + "(" + toString(length) + "){" + toString(rtype) + "}]" + _debug; return _result.size() / 2; } if (_depth == 1) @@ -119,7 +119,7 @@ int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) //single byte [0x00, 0x7f] std::string rlp = emptyZeros + toCompactHex(genbug ? randUniIntGen() % 255 : randUniIntGen() % 128, HexPrefix::DontAdd, 1); _result.insert(0, rlp); - _debug.rlp.insert(0, "[" + rlp + "]"); + _debug.insert(0, "[" + rlp + "]"); return 1; } case 1: @@ -132,7 +132,7 @@ int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) hex = toCompactHex((u64)128); _result.insert(0, toCompactHex(128 + len) + emptyZeros + hex); - _debug.rlp.insert(0, "[" + toCompactHex(128 + len) + "(" + toString(len) + ")]" + emptyZeros + hex); + _debug.insert(0, "[" + toCompactHex(128 + len) + "(" + toString(len) + ")]" + emptyZeros + hex); return len + 1; } case 2: @@ -145,7 +145,7 @@ int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) std::string hex = rndByteSequence(len); std::string hexlen = emptyZeros2 + toCompactHex(len, HexPrefix::DontAdd, 1); std::string rlpblock = toCompactHex(183 + hexlen.size() / 2) + hexlen + emptyZeros + hex; - _debug.rlp.insert(0, "[" + toCompactHex(183 + hexlen.size() / 2) + hexlen + "(" + toString(len) + "){2}]" + emptyZeros + hex); + _debug.insert(0, "[" + toCompactHex(183 + hexlen.size() / 2) + hexlen + "(" + toString(len) + "){2}]" + emptyZeros + hex); _result.insert(0, rlpblock); return rlpblock.size() / 2; } @@ -155,7 +155,7 @@ int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) int len = genbug ? randUniIntGen() % 255 : randUniIntGen() % 55; std::string hex = emptyZeros + rndByteSequence(len); _result.insert(0, toCompactHex(192 + len) + hex); - _debug.rlp.insert(0, "[" + toCompactHex(192 + len) + "(" + toString(len) + "){3}]" + hex); + _debug.insert(0, "[" + toCompactHex(192 + len) + "(" + toString(len) + "){3}]" + hex); return len + 1; } case 4: @@ -166,7 +166,7 @@ int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) len = 56; std::string hexlen = emptyZeros2 + toCompactHex(len, HexPrefix::DontAdd, 1); std::string rlpblock = toCompactHex(247 + hexlen.size() / 2) + hexlen + emptyZeros + rndByteSequence(len); - _debug.rlp.insert(0, "[" + toCompactHex(247 + hexlen.size() / 2) + hexlen + "(" + toString(len) + "){4}]" + emptyZeros + rndByteSequence(len)); + _debug.insert(0, "[" + toCompactHex(247 + hexlen.size() / 2) + hexlen + "(" + toString(len) + "){4}]" + emptyZeros + rndByteSequence(len)); _result.insert(0, rlpblock); return rlpblock.size() / 2; } @@ -175,14 +175,12 @@ int RandomCode::recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug) return 0; } -std::string RandomCode::rndRLPSequence(int _depth, SizeStrictness _sizeType) +std::string RandomCode::rndRLPSequence(int _depth, std::string& _debug) { refreshSeed(); std::string hash; - _depth = (_sizeType == SizeStrictness::Strict) ? std::max(1, _depth) : randomUniInt() % _depth; - RlpDebug debug; - recursiveRLP(hash, _depth, debug); - cnote << debug.rlp; + _depth = std::min(std::max(1, _depth), 20); //limit depth to avoid overkill + recursiveRLP(hash, _depth, _debug); return hash; } diff --git a/test/fuzzTesting/fuzzHelper.h b/test/fuzzTesting/fuzzHelper.h index 957c33bc8..1d0dcde86 100644 --- a/test/fuzzTesting/fuzzHelper.h +++ b/test/fuzzTesting/fuzzHelper.h @@ -81,8 +81,15 @@ public: /// Generate random byte string of a given length static std::string rndByteSequence(int _length = 1, SizeStrictness _sizeType = SizeStrictness::Strict); - /// Gemerate random rlp byte sequence of a given depth (e.g [[[]],[]]) - static std::string rndRLPSequence(int _depth = 1, SizeStrictness _sizeType = SizeStrictness::Strict); + /// Generate random rlp byte sequence of a given depth (e.g [[[]],[]]). max depth level = 20. + /// The _debug string contains returned rlp string with analysed sections + /// [] - length section/ or single byte rlp encoding + /// () - decimal representation of length + /// {1} - Array + /// {2} - Array more than 55 + /// {3} - List + /// {4} - List more than 55 + static std::string rndRLPSequence(int _depth, std::string& _debug); /// Generate random int64 static std::string randomUniIntHex(u256 _maxVal = 0); @@ -92,7 +99,7 @@ private: static std::string fillArguments(dev::eth::Instruction _opcode, RandomCodeOptions const& _options); static std::string getPushCode(int _value); static std::string getPushCode(std::string const& _hex); - static int recursiveRLP(std::string &_result, int _depth, RlpDebug &_debug); + static int recursiveRLP(std::string &_result, int _depth, std::string& _debug); static void refreshSeed(); static boost::random::mt19937 gen; ///< Random generator diff --git a/test/libdevcore/rlp.cpp b/test/libdevcore/rlp.cpp index 016b183e2..b669092cc 100644 --- a/test/libdevcore/rlp.cpp +++ b/test/libdevcore/rlp.cpp @@ -30,8 +30,8 @@ #include #include #include -#include "../JsonSpiritHeaders.h" -#include "../TestHelper.h" +#include "test/JsonSpiritHeaders.h" +#include "test/TestHelper.h" using namespace std; using namespace dev; @@ -131,6 +131,9 @@ namespace dev RLP payload(payloadToDecode); ostringstream() << payload; + //attempt to read all the contents of RLP + ostringstream() << payload; + if (rlpType == RlpType::Test) dev::test::checkRLPAgainstJson(inputData, payload); } @@ -144,6 +147,10 @@ namespace dev cnote << "rlp exception: " << _e.what(); was_exception = true; } + catch (...) + { + was_exception = true; + } //Expect exception as input is INVALID if (rlpType == RlpType::Invalid && was_exception)