gitea-mirror/monero
1
0
Fork 0
mirror of https://github.com/monero-project/monero.git synced 2025-12-05 20:40:22 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
8d4c625713e3419573dfcc7119c8848f47cabbaa
monero/tests/fuzz/fuzz_rpc/fuzz_zmq.cpp
Arthur Chan 36bdfad073 rpc-fuzz: Add new fuzzers for RPC endpoints 
Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Add macro definition for fuzzers

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Fix FuzzedDataProvider header missing problem

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Add README

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Provide static FuzzedDataProvider.h

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Update and enhance fuzzer

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Activate UBSan

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Fix fuzz target retrieval

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Remove bias selector and fix protocol lifespan

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Drop SIGALARM handling and fix bug on selectors

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Fix rpc request changes

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Add a new fuzzer profile that catch all expcetions

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Fix typo

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>

Add warning

Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
2025-09-08 18:35:55 +00:00

44 lines
1018 B
C++
Raw Blame History

#include <fuzzer/FuzzedDataProvider.h>
#include "zmq_endpoints.h"
#include <vector>
#include <cstring>
using namespace cryptonote;
using namespace cryptonote::listener;
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
if (size < 64) {
return 0;
}
FuzzedDataProvider provider(data, size);
void* ctx = zmq_ctx_new();
if (!ctx) {
return 0;
}
// Randomly choose multiple zmq_targets to fuzz
int to_sent = provider.ConsumeIntegralInRange<int>(1, 8);
std::vector<int> selectors;
selectors.reserve(to_sent);
for (int i = 0; i < to_sent && provider.remaining_bytes() >= 2; ++i) {
uint16_t raw = provider.ConsumeIntegral<uint16_t>();
selectors.push_back(raw % zmq_targets.size());
}
try {
zmq_pub pub(ctx);
for (int selector : selectors) {
zmq_targets[selector](pub, provider);
}
} catch (const std::runtime_error& e) {
// Ignore known runtime_error from checking
}
zmq_ctx_shutdown(ctx);
zmq_ctx_term(ctx);
return 0;
}
Reference in New Issue View Git Blame Copy Permalink