test(x/tx/decode): add fuzzers for Decode + rejectNonADR027TxRaw (#16678)

Co-authored-by: Marko <marbar3778@yahoo.com>

x/tx/decode/fuzz_test.go

@@ -0,0 +1,144 @@
+package decode
+
+import (
+	"encoding/hex"
+	"testing"
+
+	"github.com/cosmos/cosmos-proto/anyutil"
+	fuzz "github.com/google/gofuzz"
+	"google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/types/known/anypb"
+
+	bankv1beta1 "cosmossdk.io/api/cosmos/bank/v1beta1"
+	basev1beta1 "cosmossdk.io/api/cosmos/base/v1beta1"
+	"cosmossdk.io/api/cosmos/crypto/secp256k1"
+	signingv1beta1 "cosmossdk.io/api/cosmos/tx/signing/v1beta1"
+	txv1beta1 "cosmossdk.io/api/cosmos/tx/v1beta1"
+	"cosmossdk.io/x/tx/signing"
+)
+
+var (
+	accSeq = uint64(2)
+
+	signerInfo = []*txv1beta1.SignerInfo{
+		{
+			PublicKey: pkAny,
+			ModeInfo: &txv1beta1.ModeInfo{
+				Sum: &txv1beta1.ModeInfo_Single_{
+					Single: &txv1beta1.ModeInfo_Single{
+						Mode: signingv1beta1.SignMode_SIGN_MODE_DIRECT,
+					},
+				},
+			},
+			Sequence: accSeq,
+		},
+	}
+
+	anyMsg, _ = anyutil.New(&bankv1beta1.MsgSend{})
+
+	pkAny, _ = anyutil.New(&secp256k1.PubKey{Key: []byte("foo")})
+)
+
+func generateAndAddSeedsFromTx(f *testing.F) {
+	f.Helper()
+	// 1. Add some seeds.
+	tx := &txv1beta1.Tx{
+		Body: &txv1beta1.TxBody{
+			Messages:      []*anypb.Any{anyMsg},
+			Memo:          "memo",
+			TimeoutHeight: 0,
+		},
+		AuthInfo: &txv1beta1.AuthInfo{
+			SignerInfos: signerInfo,
+			Fee: &txv1beta1.Fee{
+				Amount:   []*basev1beta1.Coin{{Amount: "100", Denom: "denom"}},
+				GasLimit: 100,
+				Payer:    "payer",
+				Granter:  "",
+			},
+			Tip: &txv1beta1.Tip{
+				Amount: []*basev1beta1.Coin{{Amount: "100", Denom: "denom"}},
+				Tipper: "tipper",
+			},
+		},
+		Signatures: nil,
+	}
+	f.Add(mustMarshal(f, tx))
+	fz := fuzz.New()
+	// 1.1. Mutate tx as much and add those as seeds.
+	for i := 0; i < 1e4; i++ {
+		func() {
+			defer func() {
+				_ = recover() // Catch any panics and continue
+			}()
+			fz.Fuzz(tx)
+			f.Add(mustMarshal(f, tx))
+		}()
+	}
+}
+
+func FuzzInternal_rejectNonADR027TxRaw(f *testing.F) {
+	if testing.Short() {
+		f.Skip("Skipping in -short mode")
+	}
+
+	// 1. Add some seeds.
+	generateAndAddSeedsFromTx(f)
+
+	// 2. Now run the fuzzer.
+	f.Fuzz(func(t *testing.T, in []byte) {
+		// Just ensure it doesn't crash.
+		_ = rejectNonADR027TxRaw(in)
+	})
+}
+
+func FuzzDecode(f *testing.F) {
+	if testing.Short() {
+		f.Skip("Skipping in -short mode")
+	}
+
+	// 1. Add some seeds.
+	generateAndAddSeedsFromTx(f)
+
+	// 2. Now fuzz it.
+	cdc := new(asHexCodec)
+	signingCtx, err := signing.NewContext(signing.Options{
+		AddressCodec:          cdc,
+		ValidatorAddressCodec: cdc,
+	})
+	if err != nil {
+		return
+	}
+	dec, err := NewDecoder(Options{
+		SigningContext: signingCtx,
+	})
+	if err != nil {
+		return
+	}
+
+	f.Fuzz(func(t *testing.T, in []byte) {
+		txr, err := dec.Decode(in)
+		if err == nil && txr == nil {
+			t.Fatal("inconsistency: err==nil yet tx==nil")
+		}
+	})
+}
+
+func mustMarshal(f *testing.F, m proto.Message) []byte {
+	f.Helper()
+	blob, err := proto.Marshal(m)
+	if err != nil {
+		f.Fatal(err)
+	}
+	return blob
+}
+
+type asHexCodec int
+
+func (d asHexCodec) StringToBytes(text string) ([]byte, error) {
+	return hex.DecodeString(text)
+}
+
+func (d asHexCodec) BytesToString(bz []byte) (string, error) {
+	return hex.EncodeToString(bz), nil
+}

x/tx/go.mod

@@ -9,6 +9,7 @@ require (
 	cosmossdk.io/math v1.0.1
 	github.com/cosmos/cosmos-proto v1.0.0-beta.3
 	github.com/google/go-cmp v0.5.9
+	github.com/google/gofuzz v1.2.0
 	github.com/iancoleman/strcase v0.3.0
 	github.com/pkg/errors v0.9.1
 	github.com/stretchr/testify v1.8.4
@@ -22,7 +23,6 @@ require (
 	github.com/cosmos/gogoproto v1.4.10 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 // indirect
 	golang.org/x/net v0.12.0 // indirect