Merge bitcoin#28931: fuzz: Limit fuzz buffer size in script_flags target

faf1fb2 Fix IWYU for the script_flags fuzz target (MarcoFalke) fa71285 fuzz: Limit fuzz buffer size in script_flags target (MarcoFalke) fa6b87b fuzz: CDataStream -> DataStream in script_flags (MarcoFalke) Pull request description: Most fuzz targets have an upper limit on the buffer size to avoid excessive runtime. Do the same for `script_flags` to avoid timeouts such as bitcoin#28812 (comment) Also, fix iwyu. Also, remove legacy `CDataStream`. ACKs for top commit: dergoegge: ACK faf1fb2 brunoerg: utACK faf1fb2 Tree-SHA512: 9301917b353f7409e448b6fd3635de19330856e0742431db5ef04e62873501b5b4cd6cb78ad81ada2747fa2bdae033115b5951d10489dd5d0d320426c8b96bee
ch4ns1q1 · Nov 26, 2023 · 5f9fd11 · 5f9fd11
2 parents b5a2713 + faf1fb2
commit 5f9fd11
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 19 deletions.
diff --git a/src/script/interpreter.h b/src/script/interpreter.h
@@ -6,21 +6,23 @@
 #ifndef BITCOIN_SCRIPT_INTERPRETER_H
 #define BITCOIN_SCRIPT_INTERPRETER_H
 
+#include <consensus/amount.h>
 #include <hash.h>
-#include <script/script_error.h>
-#include <span.h>
 #include <primitives/transaction.h>
+#include <script/script_error.h> // IWYU pragma: export
+#include <span.h>
+#include <uint256.h>
 
+#include <cstddef>
+#include <cstdint>
 #include <optional>
 #include <vector>
-#include <stdint.h>
 
 class CPubKey;
-class XOnlyPubKey;
 class CScript;
-class CTransaction;
-class CTxOut;
-class uint256;
+class CScriptNum;
+class XOnlyPubKey;
+struct CScriptWitness;
 
 /** Signature hash types/flags */
 enum

diff --git a/src/test/fuzz/script_flags.cpp b/src/test/fuzz/script_flags.cpp
@@ -3,25 +3,22 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <consensus/amount.h>
-#include <pubkey.h>
+#include <primitives/transaction.h>
 #include <script/interpreter.h>
+#include <serialize.h>
 #include <streams.h>
+#include <test/fuzz/fuzz.h>
 #include <test/util/script.h>
-#include <version.h>
 
-#include <test/fuzz/fuzz.h>
+#include <cassert>
+#include <ios>
+#include <utility>
+#include <vector>
 
 FUZZ_TARGET(script_flags)
 {
-    CDataStream ds(buffer, SER_NETWORK, INIT_PROTO_VERSION);
-    try {
-        int nVersion;
-        ds >> nVersion;
-        ds.SetVersion(nVersion);
-    } catch (const std::ios_base::failure&) {
-        return;
-    }
-
+    if (buffer.size() > 100'000) return;
+    DataStream ds{buffer};
     try {
         const CTransaction tx(deserialize, TX_WITH_WITNESS, ds);