diff --git a/fuzzing/CMakeLists.txt b/fuzzing/CMakeLists.txt index 412c51bc..673e1cfe 100644 --- a/fuzzing/CMakeLists.txt +++ b/fuzzing/CMakeLists.txt @@ -77,6 +77,7 @@ add_executable(fuzz_proto_full ../tests/unit/mock/putchar.c ../tests/unit/mock/staking_mock.c ../tests/unit/mock/token_lookup_mock.c + ../src/hedera_format_amount.c ) target_compile_definitions(fuzz_proto_full PRIVATE NO_BOLOS_SDK=1) target_compile_definitions(fuzz_proto_full PRIVATE PB_SYSTEM_HEADER="nanopb_system.h") @@ -89,4 +90,11 @@ add_executable(fuzz_evm_payload ../src/evm_parser.c ) target_compile_definitions(fuzz_evm_payload PRIVATE NO_BOLOS_SDK=1) -target_link_libraries(fuzz_evm_payload mock_bolos) \ No newline at end of file +target_link_libraries(fuzz_evm_payload mock_bolos) + +add_executable(fuzz_hedera_format_amount + fuzzer_hedera_format_amount.c + ../src/hedera_format_amount.c +) +target_compile_definitions(fuzz_hedera_format_amount PRIVATE NO_BOLOS_SDK=1) +target_link_libraries(fuzz_hedera_format_amount mock_bolos) \ No newline at end of file diff --git a/fuzzing/corpus/hedera_format_amount/1ea2fd93a856f4eba868a855307371bf9155c545 b/fuzzing/corpus/hedera_format_amount/1ea2fd93a856f4eba868a855307371bf9155c545 new file mode 100644 index 00000000..c078ab72 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/1ea2fd93a856f4eba868a855307371bf9155c545 differ diff --git a/fuzzing/corpus/hedera_format_amount/29e24643a6328cb4ea893738b89c63b842ce24e7 b/fuzzing/corpus/hedera_format_amount/29e24643a6328cb4ea893738b89c63b842ce24e7 new file mode 100644 index 00000000..5142c798 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/29e24643a6328cb4ea893738b89c63b842ce24e7 differ diff --git a/fuzzing/corpus/hedera_format_amount/3350e3f4b98a70ac012622f12b19f03edb099688 b/fuzzing/corpus/hedera_format_amount/3350e3f4b98a70ac012622f12b19f03edb099688 new file mode 100644 index 00000000..2869725a Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/3350e3f4b98a70ac012622f12b19f03edb099688 differ diff --git a/fuzzing/corpus/hedera_format_amount/33a9ec1437ff27c8a33afb7266c659f80eecdb64 b/fuzzing/corpus/hedera_format_amount/33a9ec1437ff27c8a33afb7266c659f80eecdb64 new file mode 100644 index 00000000..71660bed Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/33a9ec1437ff27c8a33afb7266c659f80eecdb64 differ diff --git a/fuzzing/corpus/hedera_format_amount/3fdd6b611c43d851d86ba27b09cfcd0dffe0b847 b/fuzzing/corpus/hedera_format_amount/3fdd6b611c43d851d86ba27b09cfcd0dffe0b847 new file mode 100644 index 00000000..40b9b046 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/3fdd6b611c43d851d86ba27b09cfcd0dffe0b847 differ diff --git a/fuzzing/corpus/hedera_format_amount/419ccdb422d4cbdc95522e49874137439a905bd3 b/fuzzing/corpus/hedera_format_amount/419ccdb422d4cbdc95522e49874137439a905bd3 new file mode 100644 index 00000000..32d4ed2d Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/419ccdb422d4cbdc95522e49874137439a905bd3 differ diff --git a/fuzzing/corpus/hedera_format_amount/45c5dc55d8f328988f198d5b49ab603c82487694 b/fuzzing/corpus/hedera_format_amount/45c5dc55d8f328988f198d5b49ab603c82487694 new file mode 100644 index 00000000..4e387219 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/45c5dc55d8f328988f198d5b49ab603c82487694 differ diff --git a/fuzzing/corpus/hedera_format_amount/45db28616f269c8f5c6c27a2e26cdff8a86005cd b/fuzzing/corpus/hedera_format_amount/45db28616f269c8f5c6c27a2e26cdff8a86005cd new file mode 100644 index 00000000..cf93935c Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/45db28616f269c8f5c6c27a2e26cdff8a86005cd differ diff --git a/fuzzing/corpus/hedera_format_amount/4a277da8619417c7666f4e90039083a4c7052d13 b/fuzzing/corpus/hedera_format_amount/4a277da8619417c7666f4e90039083a4c7052d13 new file mode 100644 index 00000000..5d087605 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/4a277da8619417c7666f4e90039083a4c7052d13 differ diff --git a/fuzzing/corpus/hedera_format_amount/52a719f9d01e6a1882f97bc011e52c80f807e955 b/fuzzing/corpus/hedera_format_amount/52a719f9d01e6a1882f97bc011e52c80f807e955 new file mode 100644 index 00000000..df3d2135 --- /dev/null +++ b/fuzzing/corpus/hedera_format_amount/52a719f9d01e6a1882f97bc011e52c80f807e955 @@ -0,0 +1 @@ +˜ \ No newline at end of file diff --git a/fuzzing/corpus/hedera_format_amount/5df46b520e98fd320df253c3de2b6d773a13dd5f b/fuzzing/corpus/hedera_format_amount/5df46b520e98fd320df253c3de2b6d773a13dd5f new file mode 100644 index 00000000..83a2e6bd Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/5df46b520e98fd320df253c3de2b6d773a13dd5f differ diff --git a/fuzzing/corpus/hedera_format_amount/611076e0b00ec8ac376d8e8c956fef85014b5f13 b/fuzzing/corpus/hedera_format_amount/611076e0b00ec8ac376d8e8c956fef85014b5f13 new file mode 100644 index 00000000..912a12ba Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/611076e0b00ec8ac376d8e8c956fef85014b5f13 differ diff --git a/fuzzing/corpus/hedera_format_amount/61c655709afa77141c37568f29b9b6894f9ef091 b/fuzzing/corpus/hedera_format_amount/61c655709afa77141c37568f29b9b6894f9ef091 new file mode 100644 index 00000000..5101f49e Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/61c655709afa77141c37568f29b9b6894f9ef091 differ diff --git a/fuzzing/corpus/hedera_format_amount/62399d6d1e18ce79ab91c1a3475f2b49be33500d b/fuzzing/corpus/hedera_format_amount/62399d6d1e18ce79ab91c1a3475f2b49be33500d new file mode 100644 index 00000000..5bdc69e9 --- /dev/null +++ b/fuzzing/corpus/hedera_format_amount/62399d6d1e18ce79ab91c1a3475f2b49be33500d @@ -0,0 +1,2 @@ + +џџџџџkџ \ No newline at end of file diff --git a/fuzzing/corpus/hedera_format_amount/6448dcc065b65939aa646b6a9104eefdb3cf2e92 b/fuzzing/corpus/hedera_format_amount/6448dcc065b65939aa646b6a9104eefdb3cf2e92 new file mode 100644 index 00000000..2162fd08 --- /dev/null +++ b/fuzzing/corpus/hedera_format_amount/6448dcc065b65939aa646b6a9104eefdb3cf2e92 @@ -0,0 +1 @@ +џџџџџџџџџ \ No newline at end of file diff --git a/fuzzing/corpus/hedera_format_amount/699d813f549a03aad9c1c93588eb86310ad10848 b/fuzzing/corpus/hedera_format_amount/699d813f549a03aad9c1c93588eb86310ad10848 new file mode 100644 index 00000000..8a07eefb Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/699d813f549a03aad9c1c93588eb86310ad10848 differ diff --git a/fuzzing/corpus/hedera_format_amount/71aa908aff1548c8c6cdecf63545261584738a25 b/fuzzing/corpus/hedera_format_amount/71aa908aff1548c8c6cdecf63545261584738a25 new file mode 100644 index 00000000..5de48411 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/71aa908aff1548c8c6cdecf63545261584738a25 differ diff --git a/fuzzing/corpus/hedera_format_amount/7c157bb9a75e088b023868dca7174b04b683b761 b/fuzzing/corpus/hedera_format_amount/7c157bb9a75e088b023868dca7174b04b683b761 new file mode 100644 index 00000000..b8fce39f Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/7c157bb9a75e088b023868dca7174b04b683b761 differ diff --git a/fuzzing/corpus/hedera_format_amount/7de8afb88739af6d5d814e6c0749412b30bbf2aa b/fuzzing/corpus/hedera_format_amount/7de8afb88739af6d5d814e6c0749412b30bbf2aa new file mode 100644 index 00000000..ae8aef6e Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/7de8afb88739af6d5d814e6c0749412b30bbf2aa differ diff --git a/fuzzing/corpus/hedera_format_amount/8aee5665b6c681e8ede2a9a736777fba7581b6f0 b/fuzzing/corpus/hedera_format_amount/8aee5665b6c681e8ede2a9a736777fba7581b6f0 new file mode 100644 index 00000000..8d05d02b Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/8aee5665b6c681e8ede2a9a736777fba7581b6f0 differ diff --git a/fuzzing/corpus/hedera_format_amount/97af31a2a1f06ef650b21ab5e3d62c0c2b7770db b/fuzzing/corpus/hedera_format_amount/97af31a2a1f06ef650b21ab5e3d62c0c2b7770db new file mode 100644 index 00000000..90de193f Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/97af31a2a1f06ef650b21ab5e3d62c0c2b7770db differ diff --git a/fuzzing/corpus/hedera_format_amount/a1d83033b232221ab32f5ffe8c9775ecbb6c9cb8 b/fuzzing/corpus/hedera_format_amount/a1d83033b232221ab32f5ffe8c9775ecbb6c9cb8 new file mode 100644 index 00000000..b34ced38 --- /dev/null +++ b/fuzzing/corpus/hedera_format_amount/a1d83033b232221ab32f5ffe8c9775ecbb6c9cb8 @@ -0,0 +1,2 @@ +ииииии +1 \ No newline at end of file diff --git a/fuzzing/corpus/hedera_format_amount/ad82f98fc58b9a00ca9ce8bf3fcb81108769f9ce b/fuzzing/corpus/hedera_format_amount/ad82f98fc58b9a00ca9ce8bf3fcb81108769f9ce new file mode 100644 index 00000000..8c4605b6 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/ad82f98fc58b9a00ca9ce8bf3fcb81108769f9ce differ diff --git a/fuzzing/corpus/hedera_format_amount/b79efe44558fb3286f6fde16d7faa398bac7c37c b/fuzzing/corpus/hedera_format_amount/b79efe44558fb3286f6fde16d7faa398bac7c37c new file mode 100644 index 00000000..08e7d71c Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/b79efe44558fb3286f6fde16d7faa398bac7c37c differ diff --git a/fuzzing/corpus/hedera_format_amount/bf22e24b6819e76b39e8a458fde6ff453d8c11eb b/fuzzing/corpus/hedera_format_amount/bf22e24b6819e76b39e8a458fde6ff453d8c11eb new file mode 100644 index 00000000..9a372d48 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/bf22e24b6819e76b39e8a458fde6ff453d8c11eb differ diff --git a/fuzzing/corpus/hedera_format_amount/c38bec1f1d89357a06ffe7f6559594e5ea31182c b/fuzzing/corpus/hedera_format_amount/c38bec1f1d89357a06ffe7f6559594e5ea31182c new file mode 100644 index 00000000..d2df14d6 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/c38bec1f1d89357a06ffe7f6559594e5ea31182c differ diff --git a/fuzzing/corpus/hedera_format_amount/dabe30a519cb3bf7788cd93aee70282a29d96ee7 b/fuzzing/corpus/hedera_format_amount/dabe30a519cb3bf7788cd93aee70282a29d96ee7 new file mode 100644 index 00000000..d75f06ad --- /dev/null +++ b/fuzzing/corpus/hedera_format_amount/dabe30a519cb3bf7788cd93aee70282a29d96ee7 @@ -0,0 +1,2 @@ +ии +иии1и \ No newline at end of file diff --git a/fuzzing/corpus/hedera_format_amount/e6c2f557ada3359a285ed34fc816958f8113396b b/fuzzing/corpus/hedera_format_amount/e6c2f557ada3359a285ed34fc816958f8113396b new file mode 100644 index 00000000..888cfc3d Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/e6c2f557ada3359a285ed34fc816958f8113396b differ diff --git a/fuzzing/corpus/hedera_format_amount/f42016a2b1457b1bf73aa97d7536f631237a5476 b/fuzzing/corpus/hedera_format_amount/f42016a2b1457b1bf73aa97d7536f631237a5476 new file mode 100644 index 00000000..eb564a13 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/f42016a2b1457b1bf73aa97d7536f631237a5476 differ diff --git a/fuzzing/corpus/hedera_format_amount/f55870793d86b146f367f0896d0366426b115089 b/fuzzing/corpus/hedera_format_amount/f55870793d86b146f367f0896d0366426b115089 new file mode 100644 index 00000000..ccf9bb72 Binary files /dev/null and b/fuzzing/corpus/hedera_format_amount/f55870793d86b146f367f0896d0366426b115089 differ diff --git a/fuzzing/fuzzer_hedera_format_amount.c b/fuzzing/fuzzer_hedera_format_amount.c new file mode 100644 index 00000000..0ffeff1d --- /dev/null +++ b/fuzzing/fuzzer_hedera_format_amount.c @@ -0,0 +1,20 @@ +#include +#include +#include + +#include "hedera_format_amount.h" + +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + if (!data || size == 0) return 0; + + uint64_t amount = 0; + uint8_t decimals = 0; + + if (size >= 8) memcpy(&amount, data, 8); + if (size >= 9) decimals = data[8]; + + (void)hedera_format_amount(amount, decimals); + (void)hedera_format_amount(amount, (uint8_t)(decimals % 32)); + + return 0; +} diff --git a/fuzzing/run_fuzzing.sh b/fuzzing/run_fuzzing.sh index ea55c275..21817ef2 100755 --- a/fuzzing/run_fuzzing.sh +++ b/fuzzing/run_fuzzing.sh @@ -61,6 +61,7 @@ setup_directories() { # Create corpus directories for each fuzzer mkdir -p "$CORPUS_DIR/proto_varlen_parser" mkdir -p "$CORPUS_DIR/evm_payload" + mkdir -p "$CORPUS_DIR/hedera_format_amount" print_status "Directories created" } @@ -89,7 +90,9 @@ generate_corpus() { printf "\\xFF\\xFF\\xFF\\xFF\\x0F\\x0A\\x05Hello" > "$CORPUS_DIR/proto_varlen_parser/large_field.bin" printf "\\x00\\x01" > "$CORPUS_DIR/proto_varlen_parser/invalid_field.bin" printf "\\x0F\\x01" > "$CORPUS_DIR/proto_varlen_parser/unknown_wire.bin" - + # hedera_format_amount seeds + printf "\x01\x00\x00\x00\x00\x00\x00\x00\x08" > "$CORPUS_DIR/hedera_format_amount/one_dec8.bin" + printf "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\x13" > "$CORPUS_DIR/hedera_format_amount/max_dec19.bin" # EVM payload seeds # ERC20 transfer selector only printf "\xA9\x05\x9C\xBB" > "$CORPUS_DIR/evm_payload/selector.bin" @@ -156,7 +159,7 @@ run_fuzzer() { run_all_fuzzers() { print_status "Starting fuzzing campaign..." - local fuzzers=("proto_varlen_parser" "evm_payload") + local fuzzers=("proto_varlen_parser" "evm_payload" "hedera_format_amount") for fuzzer in "${fuzzers[@]}"; do run_fuzzer "$fuzzer" "$FUZZ_TIME" diff --git a/src/hedera_format.c b/src/hedera_format.c index a6b13bc9..6958be68 100644 --- a/src/hedera_format.c +++ b/src/hedera_format.c @@ -1,79 +1,12 @@ #include "hedera_format.h" +#include "hedera_format_amount.h" #include "staking.h" #include "time_format.h" #define BUF_SIZE 32 -static char *hedera_format_amount(uint64_t amount, uint8_t decimals) { - static char buf[BUF_SIZE]; - - // NOTE: format of amounts are not sensitive - memset(buf, 0, BUF_SIZE); - - // Quick shortcut if the amount is zero - // Regardless of decimals, the output is always "0" - if (amount == 0) { - buf[0] = '0'; - buf[1] = '\0'; - - return buf; - } - - // NOTE: we silently fail with a decimal value > 20 - // this function shuold only be called on decimal values smaller than 20 - if (decimals >= 20) return buf; - - int i = 0; - - while (i < (BUF_SIZE - 1) && (amount > 0 || i < decimals)) { - int digit = amount % 10; - amount /= 10; - - buf[i++] = '0' + digit; - - if (i == decimals) { - buf[i++] = '.'; - } - } - - if (buf[i - 1] == '.') { - buf[i++] = '0'; - } - - int size = i; - int j = 0; - char tmp; - - while (j < i) { - i -= 1; - - tmp = buf[j]; - buf[j] = buf[i]; - buf[i] = tmp; - - j += 1; - } - - for (j = size - 1; j > 0; j--) { - if (buf[j] == '0') { - continue; - } else if (buf[j] == '.') { - break; - } else { - j += 1; - break; - } - } - - if (j < size - 1) { - buf[j] = '\0'; - } - - return buf; -} - -static char *hedera_format_tinybar(uint64_t tinybar) { +static const char *hedera_format_tinybar(uint64_t tinybar) { return hedera_format_amount(tinybar, 8); } diff --git a/src/hedera_format_amount.c b/src/hedera_format_amount.c new file mode 100644 index 00000000..6b75576b --- /dev/null +++ b/src/hedera_format_amount.c @@ -0,0 +1,66 @@ +#include +#include "hedera_format_amount.h" + +#define BUF_SIZE 32 + +const char *hedera_format_amount(uint64_t amount, uint8_t decimals) { + static char buf[BUF_SIZE]; + + memset(buf, 0, BUF_SIZE); + + if (amount == 0) { + buf[0] = '0'; + buf[1] = '\0'; + return buf; + } + + if (decimals >= 20) return buf; + + int i = 0; + + while (i < (BUF_SIZE - 1) && (amount > 0 || i < decimals)) { + int digit = amount % 10; + amount /= 10; + + buf[i++] = '0' + digit; + + if (i == decimals) { + buf[i++] = '.'; + } + } + + if (buf[i - 1] == '.') { + buf[i++] = '0'; + } + + int size = i; + int j = 0; + char tmp; + + while (j < i) { + i -= 1; + + tmp = buf[j]; + buf[j] = buf[i]; + buf[i] = tmp; + + j += 1; + } + + for (j = size - 1; j > 0; j--) { + if (buf[j] == '0') { + continue; + } else if (buf[j] == '.') { + break; + } else { + j += 1; + break; + } + } + + if (j < size - 1) { + buf[j] = '\0'; + } + + return buf; +} diff --git a/src/hedera_format_amount.h b/src/hedera_format_amount.h new file mode 100644 index 00000000..d2368519 --- /dev/null +++ b/src/hedera_format_amount.h @@ -0,0 +1,4 @@ +#pragma once +#include + +const char *hedera_format_amount(uint64_t amount, uint8_t decimals); diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt index 7daf9fde..f673a2e9 100644 --- a/tests/unit/CMakeLists.txt +++ b/tests/unit/CMakeLists.txt @@ -84,6 +84,7 @@ add_executable(test_sign_contract_call ../../src/printf.c ../../src/time_format.c ../../src/hedera_format.c + ../../src/hedera_format_amount.c ../../proto/timestamp.pb.c ../../proto/wrappers.pb.c ../../proto/contract_call.pb.c @@ -140,6 +141,7 @@ add_executable(test_pb_decode_erc20 ../../src/sign_contract_call.c ../../src/evm_parser.c ../../src/hedera_format.c + ../../src/hedera_format_amount.c ../../src/time_format.c ../../src/printf.c ../../src/ui/app_globals.h