bitcoinfuzz icon indicating copy to clipboard operation
bitcoinfuzz copied to clipboard
verified publisher icon brunoerg

descriptor_parse: parse failed for `tr(0000000000000000000000000000000000000000000009223372036854 775807)`

Open brunoerg opened this issue 2 months ago • 4 comments 

Descriptor parse failed for tr(0000000000000000000000000000000000000000000009223372036854 775807)
Module: NBitcoin
Result: 1
Module: Bitcoin
Result: 0
bitcoinfuzz: driver.cpp:114: void bitcoinfuzz::Driver::DescriptorParseTarget(std::span<const uint8_t>) const: Assertion `*res == *last_response' failed.
==45294== ERROR: libFuzzer: deadly signal
    #0 0x5d929af3eeb5 in __sanitizer_print_stack_trace (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x224eb5) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #1 0x5d929ae989cc in fuzzer::PrintStackTrace() (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x17e9cc) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #2 0x5d929ae7ea57 in fuzzer::Fuzzer::CrashCallback() (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x164a57) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #3 0x70028f04532f  (/lib/x86_64-linux-gnu/libc.so.6+0x4532f) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
    #4 0x70028f09eb2b in pthread_kill (/lib/x86_64-linux-gnu/libc.so.6+0x9eb2b) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
    #5 0x70028f04527d in raise (/lib/x86_64-linux-gnu/libc.so.6+0x4527d) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
    #6 0x70028f0288fe in abort (/lib/x86_64-linux-gnu/libc.so.6+0x288fe) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
    #7 0x70028f02881a  (/lib/x86_64-linux-gnu/libc.so.6+0x2881a) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
    #8 0x70028f03b516 in __assert_fail (/lib/x86_64-linux-gnu/libc.so.6+0x3b516) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
    #9 0x5d929b51e92f in bitcoinfuzz::Driver::DescriptorParseTarget(std::span<unsigned char const, 18446744073709551615ul>) const (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x80492f) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #10 0x5d929b527aca in bitcoinfuzz::Driver::Run(unsigned char const*, unsigned long, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) const (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x80daca) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #11 0x5d929af74f1d in LLVMFuzzerTestOneInput (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x25af1d) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #12 0x5d929ae80024 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x166024) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #13 0x5d929ae7f719 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x165719) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #14 0x5d929ae80f05 in fuzzer::Fuzzer::MutateAndTestOne() (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x166f05) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #15 0x5d929ae81a65 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x167a65) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #16 0x5d929ae6ed3f in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x154d3f) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #17 0x5d929ae993c6 in main (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x17f3c6) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)
    #18 0x70028f02a1c9  (/lib/x86_64-linux-gnu/libc.so.6+0x2a1c9) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
    #19 0x70028f02a28a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2a28a) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
    #20 0x5d929ae63d24 in _start (/home/bruno/bitcoinfuzz/bitcoinfuzz+0x149d24) (BuildId: e6838315e5273b78d9d0f05e9078bcc5ba46ca96)

NOTE: libFuzzer has rudimentary signal handlers.
      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal
MS: 1 InsertByte-; base unit: cfc5f21360b8853c2e86dde9a35eafee09900db8
0x74,0x72,0x28,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x30,0x39,0x32,0x32,0x33,0x33,0x37,0x32,0x30,0x33,0x36,0x38,0x35,0x34,0x20,0x37,0x37,0x35,0x38,0x30,0x37,0x29,
tr(0000000000000000000000000000000000000000000009223372036854 775807)
artifact_prefix='./'; Test unit written to ./crash-32168444c519db23d4d32fef1b6a0b7d9f2ce506
Base64: dHIoMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwOTIyMzM3MjAzNjg1NCA3NzU4MDcp

brunoerg avatar Oct 14 '25 12:10 brunoerg

I think NBitcoin is probably ignoring the whitespace since it seems the key is valid.

brunoerg avatar Oct 14 '25 12:10 brunoerg

Hi sir @brunoerg can I work on this one...

Sukuna0007Abhi avatar Oct 20 '25 14:10 Sukuna0007Abhi

@Sukuna0007Abhi There is nothing to work about it from our side. Thanks.

brunoerg avatar Oct 28 '25 00:10 brunoerg

We need to check if the BIP mentions anything about this spaces.

brunoerg avatar Oct 30 '25 19:10 brunoerg