Commit graph

50 commits

Author SHA1 Message Date
Lee Clagett
61b6e4cc67 Add aggressive restrictions to pre-handshake p2p buffer limit 2020-12-17 00:36:10 +00:00
Lee Clagett
7414e2bac1 Change epee binary output from std::stringstream to byte_stream 2020-10-10 15:28:40 +00:00
mj-xmr
8a282f64c9 Add RELINK_TARGETS, monero_add_target_no_relink and use monero_add_executable/monero_add_library where possible (mj-xmr)
Add monero_add_minimal_executable and use in tests

This is done in order not to have to relink targets, when just an .so changed, but not its interface.
2020-10-28 20:08:26 +01:00
moneromooo-monero
6ee9f12607
fuzz_tests: fix build error in signature fuzz test 2020-09-24 15:17:57 +00:00
moneromooo-monero
743608ec16 wallet: allow signing a message with spend or view key 2020-08-28 19:25:17 -04:00
moneromooo-monero
7175dcb107
replace most boost serialization with existing monero serialization
This reduces the attack surface for data that can come from
malicious sources (exported output and key images, multisig
transactions...) since the monero serialization is already
exposed to the outside, and the boost lib we were using had
a few known crashers.

For interoperability, a new load-deprecated-formats wallet
setting is added (off by default). This allows loading boost
format data if there is no alternative. It will likely go
at some point, along with the ability to load those.

Notably, the peer lists file still uses the boost serialization
code, as the data it stores is define in epee, while the new
serialization code is in monero, and migrating it was fairly
hairy. Since this file is local and not obtained from anyone
else, the marginal risk is minimal, but it could be migrated
later if needed.

Some tests and tools also do, this will stay as is for now.
2020-08-17 16:23:58 +00:00
xiphon
76c16822d0 wallet2_api: implement runtime proxy configuration 2020-07-20 13:45:12 +00:00
Alexander Blair
a0d179e528
Merge pull request #6512
5ef0607da Update copyright year to 2020 (SomaticFanatic)
2020-07-19 03:32:59 -07:00
moneromooo-monero
bde7f1c5cc
fuzz_tests: fix init check in oss-fuzz mode 2020-06-14 16:10:49 +00:00
moneromooo-monero
c4df8b1390
fix leaks in fuzz tests 2020-06-14 12:54:13 +00:00
moneromooo-monero
38ca1bb389
fuzz_tests: add a tx extra fuzz test 2020-06-14 12:54:10 +00:00
moneromooo-monero
81773f55a4
fuzz_tests: refactor and add OSS-Fuzz compatibility 2020-05-15 17:18:27 +00:00
SomaticFanatic
5ef0607da6 Update copyright year to 2020
Update copyright year to 2020
2020-05-06 22:36:54 -04:00
woodser
87d75584e8 Allow wallet2.h to run in WebAssembly
- Add abstract_http_client.h which http_client.h extends.
- Replace simple_http_client with abstract_http_client in wallet2,
message_store, message_transporter, and node_rpc_proxy.
- Import and export wallet data in wallet2.
- Use #if defined __EMSCRIPTEN__ directives to skip incompatible code.
2020-04-15 13:22:46 -04:00
Lee Clagett
bdfc63ae4d Add ref-counted buffer byte_slice. Currently used for sending TCP data. 2019-07-16 16:30:35 +00:00
Lee Clagett
7acfa9f3cc Added socks proxy (tor/i2pd/kovri) support to wallet 2019-03-25 01:35:13 +00:00
Riccardo Spagni
37ee4acf48
Merge pull request #5274
dc0c0c91 tests: disable wallet SSL init for tests involving wallet2 (moneromooo-monero)
2019-03-24 19:35:11 +02:00
moneromooo-monero
dc0c0c91c5
tests: disable wallet SSL init for tests involving wallet2 2019-03-12 20:43:02 +00:00
binaryFate
1f2930ce0b Update 2019 copyright 2019-03-05 22:05:34 +01:00
moneromooo-monero
85665003a7
epee: better network buffer data structure
avoids pointless allocs and memcpy
2018-12-23 16:46:07 +00:00
moneromooo-monero
8d71b2b1b3
wallet2: only export necessary outputs and key images
and disable annoying test that requires ridiculous amounts
of skullduggery every time some format changes
2018-11-04 22:27:01 +00:00
moneromooo-monero
e5108a294a
Catch more exceptions in dtors
Misc coverity reports
2018-10-02 17:28:44 +00:00
Riccardo Spagni
effcbf2060
Merge pull request #4459
bcf3f6af fuzz_tests: catch unhandled exceptions (moneromooo-monero)
3ebd05d4 miner: restore stream flags after changing them (moneromooo-monero)
a093092e levin_protocol_handler_async: do not propagate exception through dtor (moneromooo-monero)
1eebb82b net_helper: do not propagate exceptions through dtor (moneromooo-monero)
fb6a3630 miner: do not propagate exceptions through dtor (moneromooo-monero)
2e2139ff epee: do not propagate exception through dtor (moneromooo-monero)
0749a8bd db_lmdb: do not propagate exceptions in dtor (moneromooo-monero)
1b0afeeb wallet_rpc_server: exit cleanly on unhandled exceptions (moneromooo-monero)
418a9936 unit_tests: catch unhandled exceptions (moneromooo-monero)
ea7f9543 threadpool: do not propagate exceptions through the dtor (moneromooo-monero)
6e855422 gen_multisig: nice exit on unhandled exception (moneromooo-monero)
53df2deb db_lmdb: catch error in mdb_stat calls during migration (moneromooo-monero)
e67016dd blockchain_blackball: catch failure to commit db transaction (moneromooo-monero)
661439f4 mlog: don't remove old logs if we failed to rename the current file (moneromooo-monero)
5fdcda50 easylogging++: test for NULL before dereference (moneromooo-monero)
7ece1550 performance_test: fix bad last argument calling add_arg (moneromooo-monero)
a085da32 unit_tests: add check for page size > 0 before dividing (moneromooo-monero)
d8b1ec8b unit_tests: use std::shared_ptr to shut coverity up about leaks (moneromooo-monero)
02563bf4 simplewallet: top level exception catcher to print nicer messages (moneromooo-monero)
c57a65b2 blockchain_blackball: fix shift range for 32 bit archs (moneromooo-monero)
2018-09-29 22:20:38 +02:00
Riccardo Spagni
885d3d5a99
Merge pull request #4254
de905d4b fuzz_tests: use __AFL_INIT when available (moneromooo-monero)
2018-09-14 12:44:47 +02:00
moneromooo-monero
0e6ed559c6
fuzz_tests: add a bulletproof fuzz test 2018-09-11 13:38:21 +00:00
stoffu
b21fdaa874
fuzz: set address properly 2018-08-14 20:17:51 +09:00
moneromooo-monero
de905d4b48
fuzz_tests: use __AFL_INIT when available
alleged to speed things up
2018-08-13 22:13:56 +00:00
moneromooo-monero
55c7fb87a9
epee: adaptive connection timeout system
a connection's timeout is halved for every extra connection
from the same host.

Also keep track of when we don't need to use a connection
anymore, so we can close it and free the resource for another
connection.

Also use the longer timeout for non routable local addresses.
2018-06-10 19:39:38 +01:00
moneromooo-monero
91d97dd4ab
fuzz_tests: set small subaddress lookahead for speed 2018-03-14 11:34:09 +00:00
stoffu
af773211cb
Stagenet 2018-03-05 11:55:05 +09:00
cslashm
e745c1e38d Code modifications to integrate Ledger HW device into monero-wallet-cli.
The basic approach it to delegate all sensitive data (master key, secret
ephemeral key, key derivation, ....) and related operations to the device.
As device has low memory, it does not keep itself the values
(except for view/spend keys) but once computed there are encrypted (with AES
are equivalent) and return back to monero-wallet-cli. When they need to be
manipulated by the device, they are decrypted on receive.

Moreover, using the client for storing the value in encrypted form limits
the modification in the client code. Those values are transfered from one
C-structure to another one as previously.

The code modification has been done with the wishes to be open to any
other hardware wallet. To achieve that a C++ class hw::Device has been
introduced. Two initial implementations are provided: the "default", which
remaps all calls to initial Monero code, and  the "Ledger", which delegates
all calls to Ledger device.
2018-03-04 12:54:53 +01:00
moneromooo-monero
fa6b45665d
fuzz_tests: fix an uninitialized var in setup
and comment it out, it's only used to generate a starting test case

Coverity 182506
2018-02-02 15:56:44 +00:00
iDunk5400
1c99a628e3
Tests: Fix building of two fuzz tests on Windows 2018-01-28 14:51:02 +01:00
xmr-eric
84a7f6a482 Readd copyright starting date 2018-01-26 10:03:20 -05:00
xmr-eric
18216f19dd Update 2018 copyright 2018-01-26 10:03:20 -05:00
Riccardo Spagni
753215b9c6
Merge pull request #2963
0e19a394 tests: test wallets don't need a dummy temp file anymore (moneromooo-monero)
2018-01-02 00:30:33 +02:00
moneromooo-monero
ec724eb64a
tests: add levin fuzz test 2017-12-23 11:29:55 +00:00
moneromooo-monero
f1bdc9a42a
tests: add http client fuzz test 2017-12-23 11:29:52 +00:00
moneromooo-monero
0272df9e61
add parse_url fuzz test 2017-12-23 11:29:49 +00:00
moneromooo-monero
261b0dd0e0
tests: add base58 fuzz test 2017-12-23 11:27:45 +00:00
moneromooo-monero
c80bb0eb6f
tests: don't init stuff we don't need in fuzz tests - faster 2017-12-23 11:27:40 +00:00
moneromooo-monero
95aa0bf79b
add load_from_binary/load_from_json fuzzers 2017-12-23 11:27:25 +00:00
moneromooo-monero
0e19a39469
tests: test wallets don't need a dummy temp file anymore 2017-12-19 12:56:21 +00:00
moneromooo-monero
09ce03d612
move includes around to lessen overall load 2017-12-16 22:46:38 +00:00
moneromooo-monero
082db75f28
move cryptonote command line options to cryptonote_core
Those have no reason to be in a generic module
2017-11-14 17:06:19 +00:00
moneromooo-monero
937e7f8aa6
Initialize openssl on startup 2017-10-21 10:17:18 +01:00
kenshi84
53ad5a0f42
Subaddresses 2017-10-07 13:06:21 +09:00
Howard Chu
3d19ab7067 Revert "Cleanup test impact of moving blockchain_db_types()"
This reverts commit 3dd34a49ef.
2017-08-29 13:28:16 +01:00
Howard Chu
3dd34a49ef
Cleanup test impact of moving blockchain_db_types() 2017-08-22 15:11:28 +01:00
moneromooo-monero
841231e5bd
Add fuzz testing using american fuzzy lop
Existing tests: block, transaction, signature, cold outputs,
cold transaction.

Data for these is in tests/data/fuzz.

A convenience shell script is in contrib/fuzz_testing/fuzz.sh, eg:

contrib/fuzz_testing/fuzz.sh signature

The fuzzer will run indefinitely, ^C to stop.

Fuzzing is currently supported for GCC only. I can't get CLANG
to build Monero here as it dies on some system headers, so if
someone wants to make it work on both, that'd be great.
In particular, the __AFL_LOOP construct should be made to work
so that a given run can fuzz multiple inputs, as the C++ load
time is substantial.
2017-06-24 16:46:18 +01:00