Skip to content

fuzz-tests: add a test for handle_peer_error_or_warning() #8304

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

fuzz-tests: add a test for handle_peer_error_or_warning() #8304

wants to merge 2 commits into from

Conversation

Chand-ra
Copy link

handle_peer_error_or_warning() in common/read_peer_message is responsible for parsing any incoming error or warning messages as defined in BOLT #1. Add a test for it.

Checklist

Before submitting the PR, ensure the following tasks are completed. If an item is not applicable to your PR, please mark it as checked:

  • The changelog has been updated in the relevant commit(s) according to the guidelines.
  • Tests have been added or modified to reflect the changes.
  • Documentation has been reviewed and updated as needed.
  • Related issues have been listed and linked, including any that this PR closes.

Chandra Pratap added 2 commits May 20, 2025 07:00
fuzz-tests: order FUZZ_COMMON_OBJS lexicographic
396d0a9 
The FUZZ_COMMON_OBJS list roughly follows lexicographic
order. Make it adhere strictly to the order. This makes adding
and reviewing changes to the file easier.
fuzz-tests: add a test for handle_peer_error_or_warning()
5af4f63 
handle_peer_error_or_warning() in common/read_peer_message is
responsible for parsing any incoming `error` or `warning`
messages as defined in BOLT ElementsProject#1. Add a test for it.
@Chand-ra
Copy link
Author

Chand-ra commented May 22, 2025
edited
Loading

@morehouse , I think this test has exposed a bug, although I'm not 100% confident.

We're injecting the fuzzer input as msg to handle_peer_error_or_warning(struct per_peer_state *pps, const u8 *msg). I've looked into this function's callers and I'm pretty sure msg is derived from the wire in most of them. I set up a similar test for the ping-pong message handler:

void run(const uint8_t *data, size_t size)
{
    u8 *pong;
    u8 *buf = tal_dup_arr(tmpctx, u8, data, size, 0);
    check_ping_make_pong(tmpctx, buf, &pong);

    clean_tmpctx();
}

and that works without any breakage.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Chand-ra