github.com/phillinzzz/newBsc@v1.1.6/tests/fuzzers/rangeproof/rangeproof-fuzzer.go (about)

     1  // Copyright 2020 The go-ethereum Authors
     2  // This file is part of the go-ethereum library.
     3  //
     4  // The go-ethereum library is free software: you can redistribute it and/or modify
     5  // it under the terms of the GNU Lesser General Public License as published by
     6  // the Free Software Foundation, either version 3 of the License, or
     7  // (at your option) any later version.
     8  //
     9  // The go-ethereum library is distributed in the hope that it will be useful,
    10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    12  // GNU Lesser General Public License for more details.
    13  //
    14  // You should have received a copy of the GNU Lesser General Public License
    15  // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
    16  
    17  package rangeproof
    18  
    19  import (
    20  	"bytes"
    21  	"encoding/binary"
    22  	"fmt"
    23  	"io"
    24  	"sort"
    25  
    26  	"github.com/phillinzzz/newBsc/common"
    27  	"github.com/phillinzzz/newBsc/ethdb/memorydb"
    28  	"github.com/phillinzzz/newBsc/trie"
    29  )
    30  
    31  type kv struct {
    32  	k, v []byte
    33  	t    bool
    34  }
    35  
    36  type entrySlice []*kv
    37  
    38  func (p entrySlice) Len() int           { return len(p) }
    39  func (p entrySlice) Less(i, j int) bool { return bytes.Compare(p[i].k, p[j].k) < 0 }
    40  func (p entrySlice) Swap(i, j int)      { p[i], p[j] = p[j], p[i] }
    41  
    42  type fuzzer struct {
    43  	input     io.Reader
    44  	exhausted bool
    45  }
    46  
    47  func (f *fuzzer) randBytes(n int) []byte {
    48  	r := make([]byte, n)
    49  	if _, err := f.input.Read(r); err != nil {
    50  		f.exhausted = true
    51  	}
    52  	return r
    53  }
    54  
    55  func (f *fuzzer) readInt() uint64 {
    56  	var x uint64
    57  	if err := binary.Read(f.input, binary.LittleEndian, &x); err != nil {
    58  		f.exhausted = true
    59  	}
    60  	return x
    61  }
    62  
    63  func (f *fuzzer) randomTrie(n int) (*trie.Trie, map[string]*kv) {
    64  
    65  	trie := new(trie.Trie)
    66  	vals := make(map[string]*kv)
    67  	size := f.readInt()
    68  	// Fill it with some fluff
    69  	for i := byte(0); i < byte(size); i++ {
    70  		value := &kv{common.LeftPadBytes([]byte{i}, 32), []byte{i}, false}
    71  		value2 := &kv{common.LeftPadBytes([]byte{i + 10}, 32), []byte{i}, false}
    72  		trie.Update(value.k, value.v)
    73  		trie.Update(value2.k, value2.v)
    74  		vals[string(value.k)] = value
    75  		vals[string(value2.k)] = value2
    76  	}
    77  	if f.exhausted {
    78  		return nil, nil
    79  	}
    80  	// And now fill with some random
    81  	for i := 0; i < n; i++ {
    82  		k := f.randBytes(32)
    83  		v := f.randBytes(20)
    84  		value := &kv{k, v, false}
    85  		trie.Update(k, v)
    86  		vals[string(k)] = value
    87  		if f.exhausted {
    88  			return nil, nil
    89  		}
    90  	}
    91  	return trie, vals
    92  }
    93  
    94  func (f *fuzzer) fuzz() int {
    95  	maxSize := 200
    96  	tr, vals := f.randomTrie(1 + int(f.readInt())%maxSize)
    97  	if f.exhausted {
    98  		return 0 // input too short
    99  	}
   100  	var entries entrySlice
   101  	for _, kv := range vals {
   102  		entries = append(entries, kv)
   103  	}
   104  	if len(entries) <= 1 {
   105  		return 0
   106  	}
   107  	sort.Sort(entries)
   108  
   109  	var ok = 0
   110  	for {
   111  		start := int(f.readInt() % uint64(len(entries)))
   112  		end := 1 + int(f.readInt()%uint64(len(entries)-1))
   113  		testcase := int(f.readInt() % uint64(6))
   114  		index := int(f.readInt() & 0xFFFFFFFF)
   115  		index2 := int(f.readInt() & 0xFFFFFFFF)
   116  		if f.exhausted {
   117  			break
   118  		}
   119  		proof := memorydb.New()
   120  		if err := tr.Prove(entries[start].k, 0, proof); err != nil {
   121  			panic(fmt.Sprintf("Failed to prove the first node %v", err))
   122  		}
   123  		if err := tr.Prove(entries[end-1].k, 0, proof); err != nil {
   124  			panic(fmt.Sprintf("Failed to prove the last node %v", err))
   125  		}
   126  		var keys [][]byte
   127  		var vals [][]byte
   128  		for i := start; i < end; i++ {
   129  			keys = append(keys, entries[i].k)
   130  			vals = append(vals, entries[i].v)
   131  		}
   132  		if len(keys) == 0 {
   133  			return 0
   134  		}
   135  		var first, last = keys[0], keys[len(keys)-1]
   136  		testcase %= 6
   137  		switch testcase {
   138  		case 0:
   139  			// Modified key
   140  			keys[index%len(keys)] = f.randBytes(32) // In theory it can't be same
   141  		case 1:
   142  			// Modified val
   143  			vals[index%len(vals)] = f.randBytes(20) // In theory it can't be same
   144  		case 2:
   145  			// Gapped entry slice
   146  			index = index % len(keys)
   147  			keys = append(keys[:index], keys[index+1:]...)
   148  			vals = append(vals[:index], vals[index+1:]...)
   149  		case 3:
   150  			// Out of order
   151  			index1 := index % len(keys)
   152  			index2 := index2 % len(keys)
   153  			keys[index1], keys[index2] = keys[index2], keys[index1]
   154  			vals[index1], vals[index2] = vals[index2], vals[index1]
   155  		case 4:
   156  			// Set random key to nil, do nothing
   157  			keys[index%len(keys)] = nil
   158  		case 5:
   159  			// Set random value to nil, deletion
   160  			vals[index%len(vals)] = nil
   161  
   162  			// Other cases:
   163  			// Modify something in the proof db
   164  			// add stuff to proof db
   165  			// drop stuff from proof db
   166  
   167  		}
   168  		if f.exhausted {
   169  			break
   170  		}
   171  		ok = 1
   172  		//nodes, subtrie
   173  		hasMore, err := trie.VerifyRangeProof(tr.Hash(), first, last, keys, vals, proof)
   174  		if err != nil {
   175  			if hasMore {
   176  				panic("err != nil && hasMore == true")
   177  			}
   178  		}
   179  	}
   180  	return ok
   181  }
   182  
   183  // The function must return
   184  // 1 if the fuzzer should increase priority of the
   185  //   given input during subsequent fuzzing (for example, the input is lexically
   186  //   correct and was parsed successfully);
   187  // -1 if the input must not be added to corpus even if gives new coverage; and
   188  // 0 otherwise; other values are reserved for future use.
   189  func Fuzz(input []byte) int {
   190  	if len(input) < 100 {
   191  		return 0
   192  	}
   193  	r := bytes.NewReader(input)
   194  	f := fuzzer{
   195  		input:     r,
   196  		exhausted: false,
   197  	}
   198  	return f.fuzz()
   199  }