fuzz: Terminate immediately if a fuzzing harness tries to perform a DNS lookup (belt and suspenders) #21795

pull practicalswift wants to merge 1 commits into bitcoin:master from practicalswift:fuzz-terminate-on-dns-lookup changing 1 files +9 −0
  1. practicalswift commented at 10:57 AM on April 28, 2021: contributor

    Terminate immediately if a fuzzing harness tries to perform a DNS lookup (belt and suspenders).

    Obviously this should never happen, but if it does happen we want immediate termination instead of a DNS lookup :)

  2. fanquake added the label Tests on Apr 28, 2021
  3. in src/test/fuzz/fuzz.cpp:33 in 5454e2e33d outdated 
      29 | @@ -27,8 +30,15 @@ void FuzzFrameworkRegisterTarget(std::string_view name, TypeTestOneInput target,
  30 |  
  31 |  static TypeTestOneInput* g_test_one_input{nullptr};
  32 |  
  33 | +std::vector<CNetAddr> TerminateOnDNSLookup(const std::string&, bool) {
    MarcoFalke commented at 11:12 AM on April 28, 2021:

    clang-format?

  4. practicalswift force-pushed on Apr 28, 2021
  5. practicalswift force-pushed on Apr 28, 2021
  6. practicalswift renamed this:
    fuzz: Terminate immediately if a fuzzing input ever causes a DNS lookup (belts and suspenders)
    fuzz: Terminate immediately if a fuzzing harness ever tries to perform a DNS lookup (belts and suspenders)
    on Apr 28, 2021
  7. practicalswift force-pushed on Apr 28, 2021
  8. DrahtBot commented at 4:04 PM on April 28, 2021: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--174a7506f384e20aa4161008e828411d-->

    Conflicts

    No conflicts as of last run.

  9. DrahtBot cross-referenced this on Apr 28, 2021 from issue fuzz: execute each file in dir without fuzz engine by ghost
  10. DrahtBot added the label Needs rebase on May 7, 2021
  11. practicalswift force-pushed on May 12, 2021
  12. practicalswift renamed this:
    fuzz: Terminate immediately if a fuzzing harness ever tries to perform a DNS lookup (belts and suspenders)
    fuzz: Terminate immediately if a fuzzing harness ever tries to perform a DNS lookup (belt and suspenders)
    on May 12, 2021
  13. practicalswift renamed this:
    fuzz: Terminate immediately if a fuzzing harness ever tries to perform a DNS lookup (belt and suspenders)
    fuzz: Terminate immediately if a fuzzing harness tries to perform a DNS lookup (belt and suspenders)
    on May 12, 2021
  14. DrahtBot removed the label Needs rebase on May 12, 2021
  15. DrahtBot cross-referenced this on May 13, 2021 from issue fuzz: Terminate immediately if a fuzzing harness tries to create a TCP socket (belt and suspenders) by practicalswift
  16. practicalswift force-pushed on May 19, 2021
  17. DrahtBot cross-referenced this on May 20, 2021 from issue fuzz: Add fuzzing syscall sandbox: detect use of unexpected syscalls when fuzzing ("syscall sanitizer") by practicalswift
  18. practicalswift force-pushed on May 20, 2021
  19. DrahtBot added the label Needs rebase on May 21, 2021
  20. fuzz: Terminate immediately if a fuzzing harness ever tries to perform a DNS lookup (belts and suspenders) 3737d35fee
  21. practicalswift force-pushed on May 21, 2021
  22. DrahtBot removed the label Needs rebase on May 21, 2021
  23. practicalswift commented at 7:49 PM on June 5, 2021: contributor

    @MarcoFalke Thanks for reviewing. All feedback has been addressed. Let me know if there is anything more I can do :)

  24. MarcoFalke commented at 6:56 AM on June 6, 2021: member

    review ACK 3737d35fee283968f12e0772aa27aee4981fce41

  25. MarcoFalke merged this on Jun 7, 2021
  26. MarcoFalke closed this on Jun 7, 2021
  27. sidhujag referenced this in commit f632b40f9e on Jun 9, 2021
  28. vasild commented at 1:22 PM on June 30, 2021: contributor

    This bite me for good in #21878 (now fixed). It works!

  29. practicalswift commented at 4:00 PM on June 30, 2021: contributor

    @vasild This safety measure helped avoid an unwanted external DNS lookup? If so that's great news: thanks for sharing! :)

  30. vasild commented at 4:21 PM on June 30, 2021: contributor

    @practicalswift, yes! Fuzzing CConnman::OpenNetworkConnection(), it called CConnman::ConnectNode() which called Lookup() with the default fNameLookup which is true.

  31. gwillen referenced this in commit 7fe97f20c6 on Jun 1, 2022
  32. bitcoin locked this on Aug 18, 2022
Contributors
practicalswiftMarcoFalkeDrahtBotvasild
Labels
Tests
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-19 06:53 UTC