-
Notifications
You must be signed in to change notification settings - Fork 52
Fuzz Trophies
practicalswift edited this page Mar 15, 2021
·
14 revisions
A best-effort collection of all vulns found exclusively via fuzzing. That is, the unit and functional tests passed.
This includes vulns found on pull requests. Vulns found on released versions are tracked on https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures.
Unique Id is:
- pull-nnnn for vulns that exist(ed) on the pull request with given id
- master-ffff for vulns that exist on the master branch as of the given commit id
- undisclosed-yyyy-mm-dd for undisclosed vulns that have been reported on that day
Discovery is:
-
qa-assetsmeans the vuln was triggered by one of the inputs in https://github.com/bitcoin-core/qa-assets -
dynamicmeans the vuln was triggered by none of the fuzz inputs in qa-assets, but can be found with an existing fuzz target and enough CPU time -
modmeans the vuln was triggered by a fuzz target that isn't publicly available or a fuzz target that is locally modified.
The remaining columns follow the definitions from https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures
| Unique ID | Discovery | Severity | Attack is... | Found by | Flaw |
|---|---|---|---|---|---|
| pull-18808 | qa-assets | DoS | easy | MarcoFalke | Missing nullptr check (details) |
| master-9efd86a | mod | DoS | easy | practicalswift | Assert on untrusted input (details, details) |
| undisclosed-2020-10-09 | mod | Netsplit | Very hard | practicalswift | Undisclosed flaw |
Issues without Severity
| Unique ID | Discovery | Found by | Flaw |
|---|---|---|---|
| pull-20867 | qa-assets | darosior | implicit-integer-sign-change in multisig policy (details) |
| pull-21043 | mod | Crypt-iQ | signed integer overflow in version message processing (details) |
| pull-19237 | qa-assets | practicalswift | CPubKey deserialization reads uninitialized memory (details) |
| pull-18162 | qa-assets | practicalswift | Uninitialized read in FormatISO8601DateTime (details) |