/root/bitcoin/src/test/fuzz/signature_checker.cpp

Source
// Copyright (c) 2009-present The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <pubkey.h>
#include <script/interpreter.h>
#include <test/fuzz/FuzzedDataProvider.h>
#include <test/fuzz/fuzz.h>
#include <test/fuzz/util.h>
#include <test/util/script.h>

#include <cstdint>
#include <limits>
#include <string>
#include <vector>

namespace {
class FuzzedSignatureChecker : public BaseSignatureChecker
{
    FuzzedDataProvider& m_fuzzed_data_provider;

public:
    explicit FuzzedSignatureChecker(FuzzedDataProvider& fuzzed_data_provider) : m_fuzzed_data_provider(fuzzed_data_provider)
    {
    }

    bool CheckECDSASignature(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override
    {
        return m_fuzzed_data_provider.ConsumeBool();
    }

    bool CheckSchnorrSignature(std::span<const unsigned char> sig, std::span<const unsigned char> pubkey, SigVersion sigversion, ScriptExecutionData& execdata, ScriptError* serror = nullptr) const override
    {
        return m_fuzzed_data_provider.ConsumeBool();
    }

    bool CheckLockTime(const CScriptNum& nLockTime) const override
    {
        return m_fuzzed_data_provider.ConsumeBool();
    }

    bool CheckSequence(const CScriptNum& nSequence) const override
    {
        return m_fuzzed_data_provider.ConsumeBool();
    }

    virtual ~FuzzedSignatureChecker() = default;
};
} // namespace

FUZZ_TARGET(signature_checker)
{
    FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
    const unsigned int flags = fuzzed_data_provider.ConsumeIntegral<unsigned int>();
    const SigVersion sig_version = fuzzed_data_provider.PickValueInArray({SigVersion::BASE, SigVersion::WITNESS_V0});
    const auto script_1{ConsumeScript(fuzzed_data_provider)};
    const auto script_2{ConsumeScript(fuzzed_data_provider)};
    std::vector<std::vector<unsigned char>> stack;
    (void)EvalScript(stack, script_1, flags, FuzzedSignatureChecker(fuzzed_data_provider), sig_version, nullptr);
    if (!IsValidFlagCombination(flags)) {
        return;
    }
    (void)VerifyScript(script_1, script_2, nullptr, flags, FuzzedSignatureChecker(fuzzed_data_provider), nullptr);
}

Line	Count	Source
1		// Copyright (c) 2009-present The Bitcoin Core developers
2		// Distributed under the MIT software license, see the accompanying
3		// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5		#include <pubkey.h>
6		#include <script/interpreter.h>
7		#include <test/fuzz/FuzzedDataProvider.h>
8		#include <test/fuzz/fuzz.h>
9		#include <test/fuzz/util.h>
10		#include <test/util/script.h>
11
12		#include <cstdint>
13		#include <limits>
14		#include <string>
15		#include <vector>
16
17		namespace {
18		class FuzzedSignatureChecker : public BaseSignatureChecker
19		{
20		FuzzedDataProvider& m_fuzzed_data_provider;
21
22		public:
23	0	explicit FuzzedSignatureChecker(FuzzedDataProvider& fuzzed_data_provider) : m_fuzzed_data_provider(fuzzed_data_provider)
24	0	{
25	0	}
26
27		bool CheckECDSASignature(const std::vector<unsigned char>& scriptSig, const std::vector<unsigned char>& vchPubKey, const CScript& scriptCode, SigVersion sigversion) const override
28	0	{
29	0	return m_fuzzed_data_provider.ConsumeBool();
30	0	}
31
32		bool CheckSchnorrSignature(std::span<const unsigned char> sig, std::span<const unsigned char> pubkey, SigVersion sigversion, ScriptExecutionData& execdata, ScriptError* serror = nullptr) const override
33	0	{
34	0	return m_fuzzed_data_provider.ConsumeBool();
35	0	}
36
37		bool CheckLockTime(const CScriptNum& nLockTime) const override
38	0	{
39	0	return m_fuzzed_data_provider.ConsumeBool();
40	0	}
41
42		bool CheckSequence(const CScriptNum& nSequence) const override
43	0	{
44	0	return m_fuzzed_data_provider.ConsumeBool();
45	0	}
46
47		virtual ~FuzzedSignatureChecker() = default;
48		};
49		} // namespace
50
51		FUZZ_TARGET(signature_checker)
52	0	{
53	0	FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
54	0	const unsigned int flags = fuzzed_data_provider.ConsumeIntegral<unsigned int>();
55	0	const SigVersion sig_version = fuzzed_data_provider.PickValueInArray({SigVersion::BASE, SigVersion::WITNESS_V0});
56	0	const auto script_1{ConsumeScript(fuzzed_data_provider)};
57	0	const auto script_2{ConsumeScript(fuzzed_data_provider)};
58	0	std::vector<std::vector<unsigned char>> stack;
59	0	(void)EvalScript(stack, script_1, flags, FuzzedSignatureChecker(fuzzed_data_provider), sig_version, nullptr);
60	0	if (!IsValidFlagCombination(flags)) {
61	0	return;
62	0	}
63	0	(void)VerifyScript(script_1, script_2, nullptr, flags, FuzzedSignatureChecker(fuzzed_data_provider), nullptr);
64	0	}

Coverage Report

Created: 2025-09-19 18:31