tests: Add fuzzing harnesses for various JSON/univalue parsing functions

src/Makefile.test.include

@@ -40,6 +40,7 @@ FUZZ_TARGETS = \
   test/fuzz/prefilled_transaction_deserialize \
   test/fuzz/parse_numbers \
   test/fuzz/parse_script \
+  test/fuzz/parse_univalue \
   test/fuzz/psbt \
   test/fuzz/psbt_input_deserialize \
   test/fuzz/psbt_output_deserialize \
@@ -97,6 +98,7 @@ FUZZ_SUITE_LD_COMMON = \
  $(LIBTEST_UTIL) \
  $(LIBBITCOIN_CONSENSUS) \
  $(LIBBITCOIN_CRYPTO) \
+ $(LIBBITCOIN_CLI) \
  $(LIBUNIVALUE) \
  $(LIBLEVELDB) \
  $(LIBLEVELDB_SSE42) \
@@ -539,6 +541,12 @@ test_fuzz_parse_numbers_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
 test_fuzz_parse_numbers_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
 test_fuzz_parse_numbers_LDADD = $(FUZZ_SUITE_LD_COMMON)
 
+test_fuzz_parse_univalue_SOURCES = $(FUZZ_SUITE) test/fuzz/parse_univalue.cpp
+test_fuzz_parse_univalue_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
+test_fuzz_parse_univalue_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
+test_fuzz_parse_univalue_LDFLAGS = $(RELDFLAGS) $(AM_LDFLAGS) $(LIBTOOL_APP_LDFLAGS)
+test_fuzz_parse_univalue_LDADD = $(FUZZ_SUITE_LD_COMMON)
+
 endif # ENABLE_FUZZ
 
 nodist_test_test_bitcoin_SOURCES = $(GENERATED_TEST_FILES)

src/test/fuzz/parse_univalue.cpp

@@ -0,0 +1,91 @@
+// Copyright (c) 2009-2019 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <chainparams.h>
+#include <core_io.h>
+#include <rpc/client.h>
+#include <rpc/util.h>
+#include <test/fuzz/fuzz.h>
+#include <util/memory.h>
+
+#include <limits>
+#include <string>
+
+void initialize()
+{
+    static const auto verify_handle = MakeUnique<ECCVerifyHandle>();
+    SelectParams(CBaseChainParams::REGTEST);
+}
+
+void test_one_input(const std::vector<uint8_t>& buffer)
+{
+    const std::string random_string(buffer.begin(), buffer.end());
+    bool valid = true;
+    const UniValue univalue = [&] {
+        try {
+            return ParseNonRFCJSONValue(random_string);
+        } catch (const std::runtime_error&) {
+            valid = false;
+            return NullUniValue;
+        }
+    }();
+    if (!valid) {
+        return;
+    }
+    try {
+        (void)ParseHashO(univalue, "A");
+        (void)ParseHashO(univalue, random_string);
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        (void)ParseHashV(univalue, "A");
+        (void)ParseHashV(univalue, random_string);
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        (void)ParseHexO(univalue, "A");
+        (void)ParseHexO(univalue, random_string);
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        (void)ParseHexUV(univalue, "A");
+        (void)ParseHexUV(univalue, random_string);
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        (void)ParseHexV(univalue, "A");
+        (void)ParseHexV(univalue, random_string);
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        (void)ParseSighashString(univalue);
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        (void)AmountFromValue(univalue);
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        FlatSigningProvider provider;
+        (void)EvalDescriptorStringOrObject(univalue, provider);
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        (void)ParseConfirmTarget(univalue, std::numeric_limits<unsigned int>::max());
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+    try {
+        (void)ParseDescriptorRange(univalue);
+    } catch (const UniValue&) {
+    } catch (const std::runtime_error&) {
+    }
+}