go-ethereum icon indicating copy to clipboard operation
go-ethereum copied to clipboard
verified publisher icon ethereum

eth/protocols/eth: add protocol handler fuzzers

Open MariusVanDerWijden opened this issue 1 year ago • 2 comments

Adds a protocol handler fuzzer that will try to fuzz the protocol handlers.

Two points of discussion:

  • currently input needs to be valid RLP which makes it harder to reach certain states
  • currently all handlers are fuzzed at the same time which might confuse a mutator, I could pull it out into 12+ individual fuzzers, but that seems overkill to me

wdyt @holiman

MariusVanDerWijden avatar Sep 10 '24 05:09 MariusVanDerWijden

wdyt @holiman

Well, the fuzzer will hit a little bit of production code, but the whole backend is a test-backend, so it's only a very small layer of handler-code that we'll fuzz. It's better than nothing, so I guess it's worth it. We might be hit with false positives if the testBackend is not quite stable, but I guess that's a passing phase. So LGTM

holiman avatar Sep 13 '24 09:09 holiman

  • valid RLP which makes it harder to reach certain states

Yeah that's a big hurdle for the fuzzer. Sure, with some help (seeding) it might stumble upon valid rlp once in a while, but it'll make for very inefficient fuzzing.

holiman avatar Sep 13 '24 09:09 holiman