From 20b24daae93bfa6cb21a258d8891b96de2a9edfa Mon Sep 17 00:00:00 2001
From: Chandra Pratap <chandrapratap3519@gmail.com>
Date: Fri, 28 Mar 2025 16:46:34 +0000
Subject: [PATCH 1/2] fuzz-tests: Enhance b64_encode() validation with
 roundtrip decoding
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Changelog-None: Currently, fuzz testing for b64_encode() merely
encodes input and frees the result, providing no real verification
of its behavior.

Introduce a new b64_decode() function (modeled after b32_decode())
and update the fuzz test to perform a roundtrip—encoding followed
by decoding—to ensure that b64_encode() correctly preserves the
original data.
---
 common/base64.c             | 9 +++++++++
 common/base64.h             | 1 +
 tests/fuzz/fuzz-base32-64.c | 3 +++
 3 files changed, 13 insertions(+)

diff --git a/common/base64.c b/common/base64.c
index 75db1a4698f3..687e6847118d 100644
--- a/common/base64.c
+++ b/common/base64.c
@@ -14,3 +14,12 @@ char *b64_encode(const tal_t *ctx, const void *data, size_t len)
 	str[enclen] = '\0';
 	return str;
 }
+
+u8 *b64_decode(const tal_t *ctx, const char *str, size_t len)
+{
+	size_t dlen = base64_decoded_length(len);
+	u8 *ret = tal_arr(ctx, u8, dlen);
+	if (base64_decode((char *)ret, dlen, str, len) < 0)
+		return tal_free(ret);
+	return ret;
+}
diff --git a/common/base64.h b/common/base64.h
index f963541dba17..2c2b4d4a3de4 100644
--- a/common/base64.h
+++ b/common/base64.h
@@ -5,5 +5,6 @@
 #include <ccan/tal/tal.h>
 
 char *b64_encode(const tal_t *ctx, const void *data, size_t len);
+u8 *b64_decode(const tal_t *ctx, const char *str, size_t len);
 
 #endif /* LIGHTNING_COMMON_BASE64_H */
diff --git a/tests/fuzz/fuzz-base32-64.c b/tests/fuzz/fuzz-base32-64.c
index 9dbec2e8fb4a..de30f96dae0b 100644
--- a/tests/fuzz/fuzz-base32-64.c
+++ b/tests/fuzz/fuzz-base32-64.c
@@ -21,5 +21,8 @@ void run(const uint8_t *data, size_t size)
 	tal_free(decoded);
 
 	encoded = b64_encode(NULL, data, size);
+	decoded = b64_decode(NULL, encoded, strlen(encoded));
+	assert(memcmp(decoded, data, size) == 0);
 	tal_free(encoded);
+	tal_free(decoded);
 }

From b4119e3dca1e60adf74643b96e50c983d6a9b78b Mon Sep 17 00:00:00 2001
From: Chandra Pratap <chandrapratap3519@gmail.com>
Date: Tue, 22 Apr 2025 06:33:49 +0000
Subject: [PATCH 2/2] fuzz-tests: Add coverage-increasing inputs to seed
 corpora

Change in the fuzz-testing scheme of fuzz-base32-64 led to
the discovery of test inputs that result in greater in
code-coverage. Add these inputs to the test's seed corpus.
---
 .../67ff224ec0481fc9bdda71d7f40b1ca036c25075      | Bin 0 -> 184 bytes
 .../74b7c3466e230ac05bd1f67743ac495eaf4bbbf7      | Bin 0 -> 546 bytes
 .../98f233373861251dc7427728aa8a4a737eda4143      | Bin 0 -> 911 bytes
 .../be38e7950432cb8668a08ebe00793b508a25341d      | Bin 0 -> 12 bytes
 4 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 tests/fuzz/corpora/fuzz-base32-64/67ff224ec0481fc9bdda71d7f40b1ca036c25075
 create mode 100644 tests/fuzz/corpora/fuzz-base32-64/74b7c3466e230ac05bd1f67743ac495eaf4bbbf7
 create mode 100644 tests/fuzz/corpora/fuzz-base32-64/98f233373861251dc7427728aa8a4a737eda4143
 create mode 100644 tests/fuzz/corpora/fuzz-base32-64/be38e7950432cb8668a08ebe00793b508a25341d

diff --git a/tests/fuzz/corpora/fuzz-base32-64/67ff224ec0481fc9bdda71d7f40b1ca036c25075 b/tests/fuzz/corpora/fuzz-base32-64/67ff224ec0481fc9bdda71d7f40b1ca036c25075
new file mode 100644
index 0000000000000000000000000000000000000000..0532956ff8030b4a7c819c61bd67291c4ab2c3d5
GIT binary patch
literal 184
ecmea^U;u%1+JTeA0wSEiz@XCM*HP8c!2kdOsa8M$

literal 0
HcmV?d00001

diff --git a/tests/fuzz/corpora/fuzz-base32-64/74b7c3466e230ac05bd1f67743ac495eaf4bbbf7 b/tests/fuzz/corpora/fuzz-base32-64/74b7c3466e230ac05bd1f67743ac495eaf4bbbf7
new file mode 100644
index 0000000000000000000000000000000000000000..72bb7501a6061af43a89fc2630c524a06e2008f0
GIT binary patch
literal 546
zcmbtRF%H5o3_LdEsZT&^W@qXjGW7$D@CKyvg3Jtju?wuM<s6%+J2%vp9p9Z@T>i#<
zEw2L{sm`@l3=UuvuZx`6QH7=jP%BOa>k1Wt7Klbanr*5Nv6z+_B(Brh34tec+k>Qy
z%=#zh$`8uTQJ5RTAN0`?E(Xru{gLUaXe_Y{eV?hA<+er}$vKC77PbP(V`z?_w=b?T
z4CbDj=iJ!0tuu2eGTGIR)hKuBk@ly16a5exDs<$Kh$F|zO6EFSX7ap`o2An4U$|!$
H2rHK_EiiFa

literal 0
HcmV?d00001

diff --git a/tests/fuzz/corpora/fuzz-base32-64/98f233373861251dc7427728aa8a4a737eda4143 b/tests/fuzz/corpora/fuzz-base32-64/98f233373861251dc7427728aa8a4a737eda4143
new file mode 100644
index 0000000000000000000000000000000000000000..3f75fb645401209a0fc6771089b5d15b34732c6f
GIT binary patch
literal 911
zcmcgqF>b>!47_duCqE&8y@s0n2TlG!#^enJoEK>B&@X0b*R0M_qy-N_5uibCkOWaW
z9*@N7-<Zz%=L3$ROr;cb4xksmKfD^G71=YJDs-3uwM1ja^$Hb%W{5^Sf>lZT#LHox
zK(S>!))1F(=&}V#E1AXjJS!LEPe<n25H&-;8bU?K{}+E`c~vxwiOn=u-Sv$<dDx6+
z3~qJ3#|$qjr4$Y&$*Ub0JQ%k0w_mSOrR&UKHYcTOz_Q@+v^-gik+cyTDL^<3EB@5B
zj-@XAU?aLKR!FpEvu)|wJ|}MzqEQ=jIVASJDl_IXnMNy`gX0#FWgSxIb6UI3cchB7
A$N&HU

literal 0
HcmV?d00001

diff --git a/tests/fuzz/corpora/fuzz-base32-64/be38e7950432cb8668a08ebe00793b508a25341d b/tests/fuzz/corpora/fuzz-base32-64/be38e7950432cb8668a08ebe00793b508a25341d
new file mode 100644
index 0000000000000000000000000000000000000000..04f647326931bffb3605bc66a6402abc968c1811
GIT binary patch
literal 12
TcmZSJ(qmv?2>8Ij^e-I%3qJzj

literal 0
HcmV?d00001