Merge pull request #2851 from nspcc-dev/fuzz-tests

roman-khimov · web-flow · commit 5f2e25de113f · 2022-12-28T16:05:55.000+07:00
*: add fuzz tests for `bigint.FromBytes` and `vm.ParseMultisigContract`
diff --git a/pkg/encoding/bigint/fuzz_test.go b/pkg/encoding/bigint/fuzz_test.go
@@ -0,0 +1,52 @@
+//go:build go1.18
+// +build go1.18
+
+package bigint
+
+import (
+	"bytes"
+	"crypto/rand"
+	"math/big"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func FuzzFromBytes(f *testing.F) {
+	for _, tc := range testCases {
+		f.Add(tc.buf)
+	}
+	for i := 0; i < 50; i++ {
+		for j := 1; j < MaxBytesLen; j++ {
+			b := make([]byte, j)
+			_, err := rand.Read(b)
+			require.NoError(f, err)
+			f.Add(b)
+		}
+	}
+	f.Fuzz(func(t *testing.T, raw []byte) {
+		var bi *big.Int
+		require.NotPanics(t, func() { bi = FromBytes(raw) })
+
+		var actual []byte
+		require.NotPanics(t, func() { actual = ToBytes(bi) })
+		require.True(t, len(actual) <= len(raw), "actual: %x, raw: %x", actual, raw)
+
+		require.True(t, bytes.Equal(actual, raw[:len(actual)]), "actual: %x, raw: %x", actual, raw)
+		if len(actual) == len(raw) {
+			return
+		}
+
+		var b byte
+		if bi.Sign() == -1 {
+			b = 0xFF
+		}
+		for i := len(actual); i < len(raw); i++ {
+			require.Equal(t, b, raw[i], "invalid prefix")
+		}
+
+		newRaw := ToBytes(bi)
+		newBi := FromBytes(newRaw)
+		require.Equal(t, bi, newBi)
+	})
+}
diff --git a/pkg/vm/fuzz_test.go b/pkg/vm/fuzz_test.go
@@ -5,6 +5,8 @@ package vm
 import (
 	"testing"
 
+	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
+	"github.com/nspcc-dev/neo-go/pkg/smartcontract"
 	"github.com/nspcc-dev/neo-go/pkg/vm/opcode"
 	"github.com/stretchr/testify/require"
 )
@@ -35,6 +37,35 @@ func FuzzIsScriptCorrect(f *testing.F) {
 	})
 }
 
+func FuzzParseMultiSigContract(f *testing.F) {
+	pubs := make(keys.PublicKeys, 10)
+	for i := range pubs {
+		p, _ := keys.NewPrivateKey()
+		pubs[i] = p.PublicKey()
+	}
+
+	s, _ := smartcontract.CreateMultiSigRedeemScript(1, pubs[:1])
+	f.Add(s)
+
+	s, _ = smartcontract.CreateMultiSigRedeemScript(3, pubs[:6])
+	f.Add(s)
+
+	s, _ = smartcontract.CreateMultiSigRedeemScript(1, pubs)
+	f.Add(s)
+
+	f.Fuzz(func(t *testing.T, script []byte) {
+		var b [][]byte
+		var ok bool
+		var n int
+		require.NotPanics(t, func() {
+			n, b, ok = ParseMultiSigContract(script)
+		})
+		if ok {
+			require.True(t, n <= len(b))
+		}
+	})
+}
+
 func FuzzVMDontPanic(f *testing.F) {
 	for _, s := range fuzzSeedValidScripts {
 		f.Add(s)
