fuzz: add missing ECCVerifyHandle to base_encode_decode #22279

pull apoelstra wants to merge 1 commits into bitcoin:master from apoelstra:2021-06--fuzztestix changing 1 files +6 −1
  1. apoelstra commented at 11:17 PM on June 18, 2021: contributor

    It is possible to trigger a fuzztest failure in the base_encode_decode by asking it to decode any PSBT that has HD keypaths in it. For example, this one

    cHNidP8BAFUCAAAAASeaIyOl37UfxF8iD6WLD8E+HjNCeSqF1+Ns1jM7XLw5AAAAAAD/////AaBa6gsAAAAAGXapFP/pwAYQl8w7Y28ssEYPpPxCfStFiKwAAAAAAAEBIJVe6gsAAAAAF6kUY0UgD2jRieGtwN8cTRbqjxTA2+uHIgIDsTQcy6doO2r08SOM1ul+cWfVafrEfx5I1HVBhENVvUZGMEMCIAQktY7/qqaU4VWepck7v9SokGQiQFXN8HC2dxRpRC0HAh9cjrD+plFtYLisszrWTt5g6Hhb+zqpS5m9+GFR25qaAQEEIgAgdx/RitRZZm3Unz1WTj28QvTIR3TjYK2haBao7UiNVoEBBUdSIQOxNBzLp2g7avTxI4zW6X5xZ9Vp+sR/HkjUdUGEQ1W9RiED3lXR4drIBeP4pYwfv5uUwC89uq/hJ/78pJlfJvggg71SriIGA7E0HMunaDtq9PEjjNbpfnFn1Wn6xH8eSNR1QYRDVb1GELSmumcAAACAAAAAgAQAAIAiBgPeVdHh2sgF4/iljB+/m5TALz26r+En/vykmV8m+CCDvRC0prpnAAAAgAAAAIAFAACAAAA=

    which I took straight from the PSBT test vectors. The reason is that in src/psbt.h we call DeserializeHDKeypaths, which in turn calls CPubKey::IsFullyValid, which in turn asserts that a secp context has been created.

    The error appears to be masked on many systems by the definition of instance_of_eccryptoclosure in src/script/bitcoinconsensus.cpp, which defines a static object which contains an ECCVerifyHandle. If you just comment out that line you can reliably trigger the fuzz test failure, e.g. by creating a file crash with the above PSBT, and runnnig

    ASAN_OPTIONS=symbolize=0:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1 UBSAN_OPTIONS=suppressions=./test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1 FUZZ=base_encode_decode ./src/test/fuzz/fuzz -seed_inputs=crash
  2. fuzz: add missing ECCVerifyHandle to base_encode_decode 906d791311
  3. apoelstra referenced this in commit c98902bd1b on Jun 18, 2021
  4. apoelstra cross-referenced this on Jun 18, 2021 from issue fuzz: backport fixes to fuzzer errors by apoelstra
  5. DrahtBot added the label Tests on Jun 19, 2021
  6. practicalswift commented at 4:50 AM on June 19, 2021: contributor

    Good catch! Thanks!

    cr ACK 906d7913117c8f10934b37afa27ae8ac565da042

    If you have time, consider adding this coverage increasing input to the seed corpus over at https://github.com/bitcoin-core/qa-assets :)

  7. MarcoFalke merged this on Jun 19, 2021
  8. MarcoFalke closed this on Jun 19, 2021
  9. sidhujag referenced this in commit 2ef49c3ce7 on Jun 20, 2021
  10. apoelstra deleted the branch on Jun 24, 2021
  11. fanquake referenced this in commit f862717afd on Jun 29, 2021
  12. fanquake referenced this in commit b97f05f1b8 on Jun 29, 2021
  13. fanquake referenced this in commit c5357fa415 on Jun 29, 2021
  14. fanquake cross-referenced this on Jun 29, 2021 from issue [0.21] fuzz: add missing ECCVerifyHandle to base_encode_decode by fanquake
  15. fanquake commented at 3:06 AM on June 29, 2021: member

    Backported to 0.21 in #22366.

  16. luke-jr referenced this in commit ddb780d6a7 on Jun 29, 2021
  17. stevenroose referenced this in commit bd2e2d5c64 on Jul 1, 2021
  18. fanquake referenced this in commit bd2f4164c6 on Jul 8, 2021
  19. gwillen referenced this in commit ac9594fd74 on Jun 1, 2022
  20. gwillen referenced this in commit 374930ee5a on Jun 1, 2022
  21. bitcoin locked this on Aug 18, 2022
Contributors
apoelstrapracticalswiftfanquake
Labels
Tests
Linked (view graph)
#22366 [0.21] fuzz: add missing ECCVerifyHandle to base_encode_decode
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-20 06:54 UTC