Skip to content

fuzz-tests: Improved fuzz coverage for fuzz-addr #8232

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

fuzz-tests: Improved fuzz coverage for fuzz-addr #8232

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
77e1bff
fuzz-addr cov improved
eshumanohare Apr 13, 2025
9e258b3
update fuzz-addr; minimize fuzz-addr corpus
eshumanohare Apr 22, 2025
2bd29f7
Merge branch 'fuzz_improvement' of github.com:eshumanohare/lightning …
eshumanohare Apr 22, 2025
1d84451
Update fuzz-addr.c
eshumanohare Apr 22, 2025
e40ec14
local corpora removed
eshumanohare Apr 22, 2025
ea9e95a
Merge branch 'fuzz_improvement' of github.com:eshumanohare/lightning …
eshumanohare Apr 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added tests/fuzz/corpora/fuzz-addr/0472ad0802e6d95cd3533bfae6f703ea7d210e3d
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/06f11d41cb4686e112f6bd178138576f280f01e0
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/07e3bc1172bf239499996fb7d69710e2129e573b
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/0af54f34b98b977fb69f4b91eeadc2cc58cd1031
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/11e4fefc49a291a776ed4219a6b5e0ef806acd72
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/120a2a35fe571aa5fa2fc8cda9c8a9da839c33d1
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/13718a2c3519f3f82f95be97c89f4e42cea79baa
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/1bbcff9c5e4bb0b471271a3de0200df1dac70c2d
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/2083efb8dadbb10c3c8dbedf7f6577da4b478310
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/21918ff10cc6ed46e81b824526c882480b711b2e
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/29e1b513c3eeae3176597ce23f983d11a247c306
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/33bb6e8988cc32c03c1c3a67bfc5e8095fa089d5
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/46132ff424a5f696e551a0dfb872c5315712328d
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/47cf385a36bab83def4ea22bfa2bd44852a27bc3
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/4ab63a21c36f41db9af18a7c1d660cceb29d3b86
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/50171cc3862e8f07935ab98b5fda6347bd2f39ef
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/59071541367039fb5a31936ffd7e89d4b097690e
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/5b3580cda6929a7a6930326f8059a113e66bb8eb
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/7287de34a3aec9c513935330d71d0faba1b225a5
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/7319b5ed1f44f5167449616fff3f83e5953f973a
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/8afbc1fc602de52224f1d47c0c0b514e8386afc1
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/98f7007956862ff4360c4a93fbe0f082e2c3e32a
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/a4cfa158e0549b040314f1ab7d94dd1779dbd541
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/a9c6a9e02b33a8ba0e1ec4a8c198d2c85d7b8c7c
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/b3859a53b82136a1e625757e8aa3ea4b6b305199
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/b97633041153871eba6de69c75b0a441b412eaa2
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/c0b811383e1c0ba85a8f508b899cc90b3cc126b9
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/cd9e8d203ac03702a7e9dc8b98e0767b74a9686f
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/d3d5dde7a132c4c94d31ba0cb8eea0279c0f150f
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/d5ff43aebd6c614c7802abd2ba60095c2ae7f26c
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/df8a47c4acee3ab0ad33949a94e205666076e6dd
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/ea19731de0e05251aa07c78ffe9f889ffdb6ab50
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/ebf975b5a2fb1c1343fd5cb3a08a734a82f06a33
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/f36ebbad15cee97ebeb2d30677c21d575207fd0f
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/fdcb23c41db82d718b62407641af07dbdd813372
View file
Open in desktop
Binary file not shown.
Binary file added tests/fuzz/corpora/fuzz-addr/fdf69f36be7ace06e7c14b9e84127d95ed10e209
View file
Open in desktop
Binary file not shown.
8 changes: 5 additions & 3 deletions tests/fuzz/fuzz-addr.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,11 @@ void init(int *argc, char ***argv)

void run(const uint8_t *data, size_t size)
{
uint8_t *script_pubkey = tal_dup_arr(tmpctx, uint8_t, data, size, 0);
if(size == 22 || size == 23 || size == 25 || size == 34) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm skeptical that this materially improves the fuzzer's ability to find new coverage, since all the size checks are also present deeper in the encode_scriptpubkey_to_addr logic. I think the increased coverage you saw is likely due to the fact that this change introduces at least 5 new branches for the fuzzer to find.

This change also doesn't seem very future-proof -- if support for a new script type is added, the fuzzer won't be able to exercise that code.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi! Thanks a lot for the feedback — really appreciate it.

I've removed the changes to fuzz-addr.c as suggested, and kept only the corpus update. Also, I ran the corpus minimization steps using ./run.py corpora --merge_dir, and added the minimized corpus.

I'm still getting the hang of fuzzing, so happy to learn and iterate!

uint8_t *script_pubkey = tal_dup_arr(tmpctx, uint8_t, data, size, 0);

encode_scriptpubkey_to_addr(tmpctx, chainparams, script_pubkey);
encode_scriptpubkey_to_addr(tmpctx, chainparams, script_pubkey);

clean_tmpctx();
clean_tmpctx();
}
}