From 4550049281fcfb09cd0bfd04aef14806ec4194bb Mon Sep 17 00:00:00 2001
From: Emmanuel T Odeke <emmanuel@orijtech.com>
Date: Thu, 5 May 2022 19:43:14 -0700
Subject: [PATCH] fuzz: add ParsePubKey fuzzer

Courtesy of the Cosmos Network security team, this change
adds a fuzzer to ParsePubKey, given that Tendermint uses
this code.
---
 btcec/fuzz_test.go | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 btcec/fuzz_test.go

diff --git a/btcec/fuzz_test.go b/btcec/fuzz_test.go
new file mode 100644
index 0000000000..ebbbb4261e
--- /dev/null
+++ b/btcec/fuzz_test.go
@@ -0,0 +1,46 @@
+//go:build gofuzz || go1.18
+
+// Copyright (c) 2013-2017 The btcsuite developers
+// Copyright (c) 2015-2022 The Decred developers
+// Use of this source code is governed by an ISC
+// license that can be found in the LICENSE file.
+
+package btcec
+
+import (
+	"encoding/hex"
+	"testing"
+)
+
+func FuzzParsePubKey(f *testing.F) {
+	// 1. Seeds from pubkey tests.
+	for _, test := range pubKeyTests {
+		if test.isValid {
+			f.Add(test.key)
+		}
+	}
+
+	// 2. Seeds from recovery tests.
+	var recoveryTestPubKeys = []string{
+		"04E32DF42865E97135ACFB65F3BAE71BDC86F4D49150AD6A440B6F15878109880A0A2B2667F7E725CEEA70C673093BF67663E0312623C8E091B13CF2C0F11EF652",
+		"04A7640409AA2083FDAD38B2D8DE1263B2251799591D840653FB02DBBA503D7745FCB83D80E08A1E02896BE691EA6AFFB8A35939A646F1FC79052A744B1C82EDC3",
+	}
+	for _, pubKey := range recoveryTestPubKeys {
+		seed, err := hex.DecodeString(pubKey)
+		if err != nil {
+			f.Fatal(err)
+		}
+		f.Add(seed)
+	}
+
+	// Now run the fuzzer.
+	f.Fuzz(func(t *testing.T, input []byte) {
+		key, err := ParsePubKey(input)
+		if key == nil && err == nil {
+			panic("key==nil && err==nil")
+		}
+		if key != nil && err != nil {
+			panic("key!=nil yet err!=nil")
+		}
+	})
+}