tests: Add fuzzing harness for AS-mapping (asmap) #18029

pull practicalswift wants to merge 2 commits into bitcoin:master from practicalswift:fuzzers-asmap changing 4 files +36 −1
  1. practicalswift commented at 4:11 PM on January 30, 2020: contributor

    Add fuzzing harness for AS-mapping (asmap).

    To test this PR:

    $ make distclean
$ ./autogen.sh
$ CC=clang CXX=clang++ ./configure --enable-fuzz \
      --with-sanitizers=address,fuzzer,undefined
$ make
$ src/test/fuzz/asmap
…
  2. tests: Add fuzzing harness for AS-mapping (asmap) 8d07706985
  3. tests: Add fuzzer asmap to FUZZERS_MISSING_CORPORA (temporarily) 4d2aceaad8
  4. DrahtBot added the label Build system on Jan 30, 2020
  5. DrahtBot added the label P2P on Jan 30, 2020
  6. DrahtBot added the label Tests on Jan 30, 2020
  7. MarcoFalke commented at 5:15 PM on January 30, 2020: member

    ACK 4d2aceaad8d28a54246b6639966e2278d2d795e3

  8. MarcoFalke removed the label Build system on Jan 30, 2020
  9. MarcoFalke removed the label P2P on Jan 30, 2020
  10. fanquake cross-referenced this on Jan 31, 2020 from issue GetMappedAS(...) lookup on an IPv6 address against a maliciously constructed AS-map triggers heap buffer-overflow by practicalswift
  11. in src/netaddress.h:42 in 4d2aceaad8 
      38 | @@ -39,7 +39,6 @@ class CNetAddr
  39 |          explicit CNetAddr(const struct in_addr& ipv4Addr);
  40 |          void SetIP(const CNetAddr& ip);
  41 |  
  42 | -    private:
    jonatack commented at 10:27 AM on February 1, 2020:

    public: at line 48 now redundant, can be removed as well?

  12. jonatack commented at 10:39 AM on February 1, 2020: contributor

    ACK 4d2aceaad8d28a54246b6639966e2278d2d795e3

    Code review, test. Fuzz output: https://gist.github.com/jonatack/5d78f682e0b245455192567d6af12b7e

    PR #17812 adds test coverage as well (review beg).

  13. jonatack commented at 6:16 AM on February 2, 2020: contributor

    Tested #18023 for 18 hours and 72M execs with this fuzzer (before that patch it found a heap buffer overflow immediately, as shown in https://gist.github.com/jonatack/5d78f682e0b245455192567d6af12b7e):

    [#72474660](/github-metadata-backup-bitcoin-bitcoin/72474660/) REDUCE cov: 1198 ft: 3529 corp: 197/12792b exec/s: 1063 rss: 452Mb L: 41/1527 MS: 4 InsertByte-EraseBytes-InsertByte-PersAutoDict- DE: "\x00 \x00\x00\x00\x00\x00\x00"-
  14. laanwj referenced this in commit 554d89fb29 on Feb 5, 2020
  15. laanwj merged this on Feb 5, 2020
  16. laanwj closed this on Feb 5, 2020
  17. sidhujag referenced this in commit ff8f75b913 on Feb 9, 2020
  18. MarkLTZ cross-referenced this on Apr 4, 2020 from issue Bitcoin PR tracking by MarkLTZ
  19. jasonbcox referenced this in commit 87080a256f on Nov 1, 2020
  20. sidhujag referenced this in commit 03b5a5b784 on Nov 10, 2020
  21. practicalswift deleted the branch on Apr 10, 2021
  22. furszy cross-referenced this on Jul 15, 2021 from issue [Net] asmap to improve IP bucketing in addrman - backports by furszy
  23. random-zebra referenced this in commit 85f000ecbe on Jul 30, 2021
  24. kwvg referenced this in commit bdcbd0fbdf on Feb 27, 2022
  25. kwvg referenced this in commit e344d147ab on Feb 27, 2022
  26. kwvg referenced this in commit 0111804cf8 on Feb 28, 2022
  27. kwvg referenced this in commit 6f554a0458 on Feb 28, 2022
  28. kwvg referenced this in commit f7ee0efc26 on Feb 28, 2022
  29. kwvg referenced this in commit ad5c4d4651 on Mar 13, 2022
  30. kwvg referenced this in commit c4491309dc on Mar 24, 2022
  31. bitcoin locked this on Aug 16, 2022
Contributors
practicalswiftMarcoFalkejonatack
Labels
Tests
Linked (view graph)
#18023 Fix some asmap issues#18033 GetMappedAS(...) lookup on an IPv6 address against a maliciously constructed AS-map triggers heap buffer-overflow
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-20 06:54 UTC