Commit graph

19 commits

Author SHA1 Message Date
moneromooo-monero
7175dcb107
replace most boost serialization with existing monero serialization
This reduces the attack surface for data that can come from
malicious sources (exported output and key images, multisig
transactions...) since the monero serialization is already
exposed to the outside, and the boost lib we were using had
a few known crashers.

For interoperability, a new load-deprecated-formats wallet
setting is added (off by default). This allows loading boost
format data if there is no alternative. It will likely go
at some point, along with the ability to load those.

Notably, the peer lists file still uses the boost serialization
code, as the data it stores is define in epee, while the new
serialization code is in monero, and migrating it was fairly
hairy. Since this file is local and not obtained from anyone
else, the marginal risk is minimal, but it could be migrated
later if needed.

Some tests and tools also do, this will stay as is for now.
2020-08-17 16:23:58 +00:00
xiphon
76c16822d0 wallet2_api: implement runtime proxy configuration 2020-07-20 13:45:12 +00:00
Alexander Blair
a0d179e528
Merge pull request #6512
5ef0607da Update copyright year to 2020 (SomaticFanatic)
2020-07-19 03:32:59 -07:00
moneromooo-monero
c4df8b1390
fix leaks in fuzz tests 2020-06-14 12:54:13 +00:00
moneromooo-monero
81773f55a4
fuzz_tests: refactor and add OSS-Fuzz compatibility 2020-05-15 17:18:27 +00:00
SomaticFanatic
5ef0607da6 Update copyright year to 2020
Update copyright year to 2020
2020-05-06 22:36:54 -04:00
Lee Clagett
7acfa9f3cc Added socks proxy (tor/i2pd/kovri) support to wallet 2019-03-25 01:35:13 +00:00
Riccardo Spagni
37ee4acf48
Merge pull request #5274
dc0c0c91 tests: disable wallet SSL init for tests involving wallet2 (moneromooo-monero)
2019-03-24 19:35:11 +02:00
moneromooo-monero
dc0c0c91c5
tests: disable wallet SSL init for tests involving wallet2 2019-03-12 20:43:02 +00:00
binaryFate
1f2930ce0b Update 2019 copyright 2019-03-05 22:05:34 +01:00
moneromooo-monero
e5108a294a
Catch more exceptions in dtors
Misc coverity reports
2018-10-02 17:28:44 +00:00
moneromooo-monero
91d97dd4ab
fuzz_tests: set small subaddress lookahead for speed 2018-03-14 11:34:09 +00:00
stoffu
af773211cb
Stagenet 2018-03-05 11:55:05 +09:00
xmr-eric
84a7f6a482 Readd copyright starting date 2018-01-26 10:03:20 -05:00
xmr-eric
18216f19dd Update 2018 copyright 2018-01-26 10:03:20 -05:00
moneromooo-monero
0e19a39469
tests: test wallets don't need a dummy temp file anymore 2017-12-19 12:56:21 +00:00
moneromooo-monero
09ce03d612
move includes around to lessen overall load 2017-12-16 22:46:38 +00:00
moneromooo-monero
082db75f28
move cryptonote command line options to cryptonote_core
Those have no reason to be in a generic module
2017-11-14 17:06:19 +00:00
moneromooo-monero
841231e5bd
Add fuzz testing using american fuzzy lop
Existing tests: block, transaction, signature, cold outputs,
cold transaction.

Data for these is in tests/data/fuzz.

A convenience shell script is in contrib/fuzz_testing/fuzz.sh, eg:

contrib/fuzz_testing/fuzz.sh signature

The fuzzer will run indefinitely, ^C to stop.

Fuzzing is currently supported for GCC only. I can't get CLANG
to build Monero here as it dies on some system headers, so if
someone wants to make it work on both, that'd be great.
In particular, the __AFL_LOOP construct should be made to work
so that a given run can fuzz multiple inputs, as the C++ load
time is substantial.
2017-06-24 16:46:18 +01:00