From 9be3eeea349e2df0b386300381e01b7805119325 Mon Sep 17 00:00:00 2001 From: Chandra Pratap Date: Mon, 10 Nov 2025 16:34:46 +1030 Subject: [PATCH] fuzz-tests: get rid of magic numbers in `fuzz-hsm_encryption.c` Changelog-None: `fuzz-hsm_encryption.c` hard codes the lengths sizeof(struct secret) as 32 and crypto_pwhash_argon2id_PASSWD_MAX as 4294967295. Replace the latter with the former to improve readability and maintainability. While at it, replace the `tal_free()` call on our secret key with `discard_key()`. This has the benefit of testing `discard_key()`. [ Changed from fuzz-hsm_encryption to fuzz-hsm_secret --RR ] --- tests/fuzz/fuzz-hsm_secret.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/tests/fuzz/fuzz-hsm_secret.c b/tests/fuzz/fuzz-hsm_secret.c index 8c5ccc8bf..cedaf0d7e 100644 --- a/tests/fuzz/fuzz-hsm_secret.c +++ b/tests/fuzz/fuzz-hsm_secret.c @@ -20,9 +20,9 @@ void init(int *argc, char ***argv) void run(const uint8_t *data, size_t size) { - /* 4294967295 is crypto_pwhash_argon2id_PASSWD_MAX. libfuzzer won't - * generate inputs that large in practice, but hey. */ - if (size > 32 && size < 4294967295) { + /* LibFuzzer won't generate inputs larger than + * crypto_pwhash_argon2id_PASSWD_MAX in practice, but hey. */ + if (size > sizeof(struct secret) && size < crypto_pwhash_argon2id_PASSWD_MAX) { struct secret *hsm_secret, *encryption_key; char *passphrase; u8 encrypted_data[ENCRYPTED_HSM_SECRET_LEN]; @@ -31,8 +31,9 @@ void run(const uint8_t *data, size_t size) /* Take the first 32 bytes as the plaintext hsm_secret seed, * and the remaining ones as the passphrase. */ - hsm_secret = (struct secret *)tal_dup_arr(NULL, u8, data, 32, 0); - passphrase = to_string(NULL, data + 32, size - 32); + hsm_secret = (struct secret *)tal_dup_arr(NULL, u8, data, sizeof(struct secret), 0); + mlock_tal_memory(hsm_secret); + passphrase = to_string(NULL, data + sizeof(struct secret), size - sizeof(struct secret)); /* A valid seed, a valid passphrase. This should not fail. */ encryption_key = get_encryption_key(NULL, passphrase);