Files
davide cdede17683 feat(fuzz): add SharpFuzz-based fuzzing for untrusted-input parsers
New tests/PalladiumWallet.Fuzz project: one target per parser that
consumes untrusted input (block headers, Merkle proofs, peer lists,
wallet files, user-pasted mnemonics/keys/addresses/amounts), each
encoding the parser's documented error contract - any exception beyond
that contract is a finding, reported as a crash.

Three ways to run: the seed corpus (with regression inputs for every
crash found so far, including the two fixed in prior commits) replays
automatically inside dotnet test via FuzzCorpusTests, so a fixed
contract violation can't silently return; a built-in random-mutation
mode needs no external tooling (dotnet run -- <target> --random N);
and fuzz.sh drives real coverage-guided campaigns via afl++ +
SharpFuzz instrumentation for pre-release or post-parser-change runs.
2026-07-07 22:05:38 +02:00

100 lines
1.0 KiB
Plaintext

# Build output
bin/
obj/
artifacts/
publish/
dist/
out/
# .NET / NuGet
*.user
*.rsuser
*.suo
*.userosscache
*.sln.docstates
*.nupkg
*.snupkg
project.assets.json
project.nuget.cache
*.nuget.props
*.nuget.targets
packages/
# Test and coverage output
TestResults/
coverage/
coverage.*
*.coverage
*.coveragexml
*.trx
*.vsp
*.vspx
*.psess
# Avalonia / desktop packaging
*.appimage
*.AppImage
*.deb
*.rpm
*.msi
*.exe
*.pdb
*.dll
*.dmg
# IDE and editor state
.vs/
.vscode/*
!.vscode/extensions.json
!.vscode/launch.json
!.vscode/tasks.json
.idea/
*.swp
*.swo
*~
# OS files
.DS_Store
Thumbs.db
Desktop.ini
# Logs and temporary files
*.log
logs/
tmp/
temp/
*.tmp
*.bak
# Local environment and secrets
.env
.env.*
!.env.example
*.pem
*.key
*.pfx
*.p12
*.keystore
*.jks
secrets/
# Wallet data and local runtime state
*.wallet
*.wallet.json
*.wallet.enc
wallets/
data/
chainstate/
headers/
utxos/
config.local.json
settings.local.json
# Local agent/tooling metadata
.agents/
.codex/
# Fuzzing artifacts (tests/PalladiumWallet.Fuzz)
findings/
crash-*.bin