diff --git a/test/fuzztest/BUILD.gn b/test/fuzztest/BUILD.gn index fcc4906cafc06ef699f5618d1b0cf291dcc62c5b..24ec8146aa64513bddce4d16effd15ff5c47397d 100644 --- a/test/fuzztest/BUILD.gn +++ b/test/fuzztest/BUILD.gn @@ -117,10 +117,12 @@ group("fuzztest") { "abilitystubacquiredataability_fuzzer:fuzztest", "abilitystubacquiresharedata_fuzzer:fuzztest", "abilitystubaddfreeinstallobserver_fuzzer:fuzztest", + "abilitystubaddwindowinfodone_fuzzer:fuzztest", "abilitystubattachabilitythread_fuzzer:fuzztest", "abilitystubcallrequestdone_fuzzer:fuzztest", "abilitystubcalluiabilitybyscb_fuzzer:fuzztest", "abilitystubcancelwantsender_fuzzer:fuzztest", + "abilitystubchangefocusabilitydone_fuzzer:fuzztest", "abilitystubcheckuiextensionisfocused_fuzzer:fuzztest", "abilitystubcleanallmissions_fuzzer:fuzztest", "abilitystubcleanmission_fuzzer:fuzztest", @@ -165,6 +167,7 @@ group("fuzztest") { "abilitystubgetpendingwantuid_fuzzer:fuzztest", "abilitystubgetpendingwantuserid_fuzzer:fuzztest", "abilitystubgetprocessrunninginfo_fuzzer:fuzztest", + "abilitystubgetrecentmissiondone_fuzzer:fuzztest", "abilitystubgettopability_fuzzer:fuzztest", "abilitystubgettopabilitytoken_fuzzer:fuzztest", "abilitystubgetwantsender_fuzzer:fuzztest", @@ -173,6 +176,7 @@ group("fuzztest") { "abilitystubisramconstraineddevice_fuzzer:fuzztest", "abilitystubisrunninginstabilitytest_fuzzer:fuzztest", "abilitystubkillprocess_fuzzer:fuzztest", + "abilitystubliststackinfodone_fuzzer:fuzztest", "abilitystublockmissionforcleanup_fuzzer:fuzztest", "abilitystubminimizeability_fuzzer:fuzztest", "abilitystubminimizeuiabilitybyscb_fuzzer:fuzztest", @@ -182,6 +186,8 @@ group("fuzztest") { "abilitystubmovemissionstoforeground_fuzzer:fuzztest", "abilitystubmovemissiontofront_fuzzer:fuzztest", "abilitystubmovemissiontofrontbyoptions_fuzzer:fuzztest", + "abilitystubmovemissiontosplitscreenstackdone_fuzzer:fuzztest", + "abilitystubmovemissiontotopdone_fuzzer:fuzztest", "abilitystubnotifycompletecontinuation_fuzzer:fuzztest", "abilitystubnotifycontinuationresult_fuzzer:fuzztest", "abilitystubnotifysaveasresult_fuzzer:fuzztest", @@ -198,6 +204,8 @@ group("fuzztest") { "abilitystubregisterwmshandler_fuzzer:fuzztest", "abilitystubreleasecallability_fuzzer:fuzztest", "abilitystubreleasedataability_fuzzer:fuzztest", + "abilitystubremovemissiondone_fuzzer:fuzztest", + "abilitystubremovestackdone_fuzzer:fuzztest", "abilitystubreportdrawncompleted_fuzzer:fuzztest", "abilitystubrequestdialogservice_fuzzer:fuzztest", "abilitystubsendresulttoability_fuzzer:fuzztest", diff --git a/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/BUILD.gn b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..b7c44151d5e45d7939dd8ffd942e0b42b51496f5 --- /dev/null +++ b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("//foundation/ability/ability_runtime/ability_runtime.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AbilityStubAddWindowInfoDoneFuzzTest") { + module_out_path = fuzz_test_output_path + + fuzz_config_file = "${ability_runtime_test_path}/fuzztest/abilitystubaddwindowinfodone_fuzzer" + include_dirs = [ "${ability_runtime_innerkits_path}/ability_manager/include" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "abilitystubaddwindowinfodone_fuzzer.cpp" ] + + configs = [ "${ability_runtime_innerkits_path}/ability_manager:ability_manager_public_config" ] + + deps = [ + "${ability_runtime_innerkits_path}/ability_manager:ability_manager", + "${ability_runtime_innerkits_path}/ability_manager:ability_start_options", + "${ability_runtime_native_path}/ability/native:abilitykit_native", + "${ability_runtime_services_path}/abilitymgr:abilityms", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "ffrt:libffrt", + "hilog:libhilog", + "hisysevent:libhisysevent", + "ipc:ipc_core", + "napi:ace_napi", + "safwk:api_cache_manager", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (ability_runtime_graphics) { + external_deps += [ + "input:libmmi-client", + "window_manager:libwm", + ] + } +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":AbilityStubAddWindowInfoDoneFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/abilitystubaddwindowinfodone_fuzzer.cpp b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/abilitystubaddwindowinfodone_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..cc0246eff52641b9f0dc7de7e58b90d483764b05 --- /dev/null +++ b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/abilitystubaddwindowinfodone_fuzzer.cpp @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abilitystubaddwindowinfodone_fuzzer.h" + +#include +#include + +#define private public +#include "ability_manager_service.h" +#undef private +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::AAFwk; + +namespace OHOS { +namespace { +constexpr size_t U32_AT_SIZE = 4; +} +const std::u16string ABILITYMGR_INTERFACE_TOKEN = u"ohos.aafwk.AbilityManager"; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t code = static_cast(AbilityManagerInterfaceCode::ADD_WINDOW_INFO); + + MessageParcel parcel; + parcel.WriteInterfaceToken(ABILITYMGR_INTERFACE_TOKEN); + parcel.WriteBuffer(data, size); + parcel.RewindRead(0); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->subManagersHelper_ = + std::make_shared(nullptr, nullptr); + DelayedSingleton::GetInstance()->subManagersHelper_->currentUIAbilityManager_ = + std::make_shared(); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, parcel, reply, option); + + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + std::cout << "invalid data" << std::endl; + return 0; + } + + /* Validate the length of size */ + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = static_cast(malloc(size + 1)); + if (ch == nullptr) { + std::cout << "malloc failed." << std::endl; + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + std::cout << "copy failed." << std::endl; + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} + diff --git a/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/abilitystubaddwindowinfodone_fuzzer.h b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/abilitystubaddwindowinfodone_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..aed9f95b0f08a4bc15a0656096cafdd74a65de7f --- /dev/null +++ b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/abilitystubaddwindowinfodone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBADDWINDOWINFODONE_FUZZER_H +#define FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBADDWINDOWINFODONE_FUZZER_H + +#define FUZZ_PROJECT_NAME "abilitystubaddwindowinfodone_fuzzer" + +#endif // FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBADDWINDOWINFODONE_FUZZER_H diff --git a/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/corpus/init b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..8eb5a7d6eb6b7d71f0c70c244e5768d62bee6ac5 --- /dev/null +++ b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/project.xml b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/abilitystubaddwindowinfodone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/BUILD.gn b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..65ab8fa2272317ca019ce1de53ede5f81c6b4dc7 --- /dev/null +++ b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("//foundation/ability/ability_runtime/ability_runtime.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AbilityStubChangeFocusAbilityDoneFuzzTest") { + module_out_path = fuzz_test_output_path + + fuzz_config_file = "${ability_runtime_test_path}/fuzztest/abilitystubchangefocusabilitydone_fuzzer" + include_dirs = [ "${ability_runtime_innerkits_path}/ability_manager/include" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "abilitystubchangefocusabilitydone_fuzzer.cpp" ] + + configs = [ "${ability_runtime_innerkits_path}/ability_manager:ability_manager_public_config" ] + + deps = [ + "${ability_runtime_innerkits_path}/ability_manager:ability_manager", + "${ability_runtime_innerkits_path}/ability_manager:ability_start_options", + "${ability_runtime_native_path}/ability/native:abilitykit_native", + "${ability_runtime_services_path}/abilitymgr:abilityms", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "ffrt:libffrt", + "hilog:libhilog", + "hisysevent:libhisysevent", + "ipc:ipc_core", + "napi:ace_napi", + "safwk:api_cache_manager", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (ability_runtime_graphics) { + external_deps += [ + "input:libmmi-client", + "window_manager:libwm", + ] + } +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":AbilityStubChangeFocusAbilityDoneFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/abilitystubchangefocusabilitydone_fuzzer.cpp b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/abilitystubchangefocusabilitydone_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..af93f66a79c497bc014ed2cd7eacf7219d95b8be --- /dev/null +++ b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/abilitystubchangefocusabilitydone_fuzzer.cpp @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abilitystubchangefocusabilitydone_fuzzer.h" + +#include +#include + +#define private public +#include "ability_manager_service.h" +#undef private +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::AAFwk; + +namespace OHOS { +namespace { +constexpr size_t U32_AT_SIZE = 4; +} +const std::u16string ABILITYMGR_INTERFACE_TOKEN = u"ohos.aafwk.AbilityManager"; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t code = static_cast(AbilityManagerInterfaceCode::CHANGE_FOCUS_ABILITY); + + MessageParcel parcel; + parcel.WriteInterfaceToken(ABILITYMGR_INTERFACE_TOKEN); + parcel.WriteBuffer(data, size); + parcel.RewindRead(0); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->subManagersHelper_ = + std::make_shared(nullptr, nullptr); + DelayedSingleton::GetInstance()->subManagersHelper_->currentUIAbilityManager_ = + std::make_shared(); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, parcel, reply, option); + + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + std::cout << "invalid data" << std::endl; + return 0; + } + + /* Validate the length of size */ + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = static_cast(malloc(size + 1)); + if (ch == nullptr) { + std::cout << "malloc failed." << std::endl; + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + std::cout << "copy failed." << std::endl; + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} + diff --git a/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/abilitystubchangefocusabilitydone_fuzzer.h b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/abilitystubchangefocusabilitydone_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..190d39a432adfe7c53eb342bb60250469d89c274 --- /dev/null +++ b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/abilitystubchangefocusabilitydone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBCHANGEFOCUSABILITYYDONE_FUZZER_H +#define FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBCHANGEFOCUSABILITYYDONE_FUZZER_H + +#define FUZZ_PROJECT_NAME "abilitystubchangefocusabilitydone_fuzzer" + +#endif // FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBCHANGEFOCUSABILITYYDONE_FUZZER_H diff --git a/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/corpus/init b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..7ade8a0faafeaedba7241e7d4a97b8e1f9691932 --- /dev/null +++ b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/project.xml b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/abilitystubchangefocusabilitydone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/BUILD.gn b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..3d58d265aa3ed42c7d2ca48ba162c37e27b1fc45 --- /dev/null +++ b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("//foundation/ability/ability_runtime/ability_runtime.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AbilityStubGetRecentMissionDoneFuzzTest") { + module_out_path = fuzz_test_output_path + + fuzz_config_file = "${ability_runtime_test_path}/fuzztest/abilitystubgetrecentmissiondone_fuzzer" + include_dirs = [ "${ability_runtime_innerkits_path}/ability_manager/include" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "abilitystubgetrecentmissiondone_fuzzer.cpp" ] + + configs = [ "${ability_runtime_innerkits_path}/ability_manager:ability_manager_public_config" ] + + deps = [ + "${ability_runtime_innerkits_path}/ability_manager:ability_manager", + "${ability_runtime_innerkits_path}/ability_manager:ability_start_options", + "${ability_runtime_native_path}/ability/native:abilitykit_native", + "${ability_runtime_services_path}/abilitymgr:abilityms", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "ffrt:libffrt", + "hilog:libhilog", + "hisysevent:libhisysevent", + "ipc:ipc_core", + "napi:ace_napi", + "safwk:api_cache_manager", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (ability_runtime_graphics) { + external_deps += [ + "input:libmmi-client", + "window_manager:libwm", + ] + } +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":AbilityStubGetRecentMissionDoneFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/abilitystubgetrecentmissiondone_fuzzer.cpp b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/abilitystubgetrecentmissiondone_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..8157a4df86b9a87cec7df1eb933983643c8f7a02 --- /dev/null +++ b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/abilitystubgetrecentmissiondone_fuzzer.cpp @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abilitystubgetrecentmissiondone_fuzzer.h" + +#include +#include + +#define private public +#include "ability_manager_service.h" +#undef private +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::AAFwk; + +namespace OHOS { +namespace { +constexpr size_t U32_AT_SIZE = 4; +} +const std::u16string ABILITYMGR_INTERFACE_TOKEN = u"ohos.aafwk.AbilityManager"; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t code = static_cast(AbilityManagerInterfaceCode::GET_RECENT_MISSION); + + MessageParcel parcel; + parcel.WriteInterfaceToken(ABILITYMGR_INTERFACE_TOKEN); + parcel.WriteBuffer(data, size); + parcel.RewindRead(0); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->subManagersHelper_ = + std::make_shared(nullptr, nullptr); + DelayedSingleton::GetInstance()->subManagersHelper_->currentUIAbilityManager_ = + std::make_shared(); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, parcel, reply, option); + + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + std::cout << "invalid data" << std::endl; + return 0; + } + + /* Validate the length of size */ + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = static_cast(malloc(size + 1)); + if (ch == nullptr) { + std::cout << "malloc failed." << std::endl; + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + std::cout << "copy failed." << std::endl; + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} + diff --git a/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/abilitystubgetrecentmissiondone_fuzzer.h b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/abilitystubgetrecentmissiondone_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..267c6b1de02587ceec63e7221485c401a8df2a68 --- /dev/null +++ b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/abilitystubgetrecentmissiondone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBGETRECENTMISSION_FUZZER_H +#define FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBGETRECENTMISSION_FUZZER_H + +#define FUZZ_PROJECT_NAME "abilitystubdgetrecentmissionone_fuzzer" + +#endif // FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBGETRECENTMISSION_FUZZER_H diff --git a/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/corpus/init b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..7ade8a0faafeaedba7241e7d4a97b8e1f9691932 --- /dev/null +++ b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/project.xml b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/abilitystubgetrecentmissiondone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/abilitystubliststackinfodone_fuzzer/BUILD.gn b/test/fuzztest/abilitystubliststackinfodone_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..8a0641a8859d49657cae60b9168a809334f7abfa --- /dev/null +++ b/test/fuzztest/abilitystubliststackinfodone_fuzzer/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("//foundation/ability/ability_runtime/ability_runtime.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AbilityStubListStackInfoDoneFuzzTest") { + module_out_path = fuzz_test_output_path + + fuzz_config_file = "${ability_runtime_test_path}/fuzztest/abilitystubliststackinfodone_fuzzer" + include_dirs = [ "${ability_runtime_innerkits_path}/ability_manager/include" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "abilitystubliststackinfodone_fuzzer.cpp" ] + + configs = [ "${ability_runtime_innerkits_path}/ability_manager:ability_manager_public_config" ] + + deps = [ + "${ability_runtime_innerkits_path}/ability_manager:ability_manager", + "${ability_runtime_innerkits_path}/ability_manager:ability_start_options", + "${ability_runtime_native_path}/ability/native:abilitykit_native", + "${ability_runtime_services_path}/abilitymgr:abilityms", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "ffrt:libffrt", + "hilog:libhilog", + "hisysevent:libhisysevent", + "ipc:ipc_core", + "napi:ace_napi", + "safwk:api_cache_manager", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (ability_runtime_graphics) { + external_deps += [ + "input:libmmi-client", + "window_manager:libwm", + ] + } +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":AbilityStubListStackInfoDoneFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzztest/abilitystubliststackinfodone_fuzzer/abilitystubliststackinfodone_fuzzer.cpp b/test/fuzztest/abilitystubliststackinfodone_fuzzer/abilitystubliststackinfodone_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..b4483d543b769bde3df941a6db9423fd2f11f7cb --- /dev/null +++ b/test/fuzztest/abilitystubliststackinfodone_fuzzer/abilitystubliststackinfodone_fuzzer.cpp @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abilitystubliststackinfodone_fuzzer.h" + +#include +#include + +#define private public +#include "ability_manager_service.h" +#undef private +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::AAFwk; + +namespace OHOS { +namespace { +constexpr size_t U32_AT_SIZE = 4; +} +const std::u16string ABILITYMGR_INTERFACE_TOKEN = u"ohos.aafwk.AbilityManager"; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t code = static_cast(AbilityManagerInterfaceCode::LIST_STACK_INFO); + + MessageParcel parcel; + parcel.WriteInterfaceToken(ABILITYMGR_INTERFACE_TOKEN); + parcel.WriteBuffer(data, size); + parcel.RewindRead(0); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->subManagersHelper_ = + std::make_shared(nullptr, nullptr); + DelayedSingleton::GetInstance()->subManagersHelper_->currentUIAbilityManager_ = + std::make_shared(); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, parcel, reply, option); + + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + std::cout << "invalid data" << std::endl; + return 0; + } + + /* Validate the length of size */ + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = static_cast(malloc(size + 1)); + if (ch == nullptr) { + std::cout << "malloc failed." << std::endl; + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + std::cout << "copy failed." << std::endl; + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} + diff --git a/test/fuzztest/abilitystubliststackinfodone_fuzzer/abilitystubliststackinfodone_fuzzer.h b/test/fuzztest/abilitystubliststackinfodone_fuzzer/abilitystubliststackinfodone_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..3bdbb38188b396b8647bd6607833d02e29c3c481 --- /dev/null +++ b/test/fuzztest/abilitystubliststackinfodone_fuzzer/abilitystubliststackinfodone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBLISTSTACKINFODONE_FUZZER_H +#define FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBLISTSTACKINFODONE_FUZZER_H + +#define FUZZ_PROJECT_NAME "abilitystubliststackinfodone_fuzzer" + +#endif // FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBLISTSTACKINFODONE_FUZZER_H diff --git a/test/fuzztest/abilitystubliststackinfodone_fuzzer/corpus/init b/test/fuzztest/abilitystubliststackinfodone_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..8eb5a7d6eb6b7d71f0c70c244e5768d62bee6ac5 --- /dev/null +++ b/test/fuzztest/abilitystubliststackinfodone_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/abilitystubliststackinfodone_fuzzer/project.xml b/test/fuzztest/abilitystubliststackinfodone_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/abilitystubliststackinfodone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/BUILD.gn b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..b57a839bacb14cb0d3c890eb7a84e797a08c1064 --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("//foundation/ability/ability_runtime/ability_runtime.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AbilityStubMoveMissionToSplitScreenStackDoneFuzzTest") { + module_out_path = fuzz_test_output_path + + fuzz_config_file = "${ability_runtime_test_path}/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer" + include_dirs = [ "${ability_runtime_innerkits_path}/ability_manager/include" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "abilitystubmovemissiontosplitscreenstackdone_fuzzer.cpp" ] + + configs = [ "${ability_runtime_innerkits_path}/ability_manager:ability_manager_public_config" ] + + deps = [ + "${ability_runtime_innerkits_path}/ability_manager:ability_manager", + "${ability_runtime_innerkits_path}/ability_manager:ability_start_options", + "${ability_runtime_native_path}/ability/native:abilitykit_native", + "${ability_runtime_services_path}/abilitymgr:abilityms", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "ffrt:libffrt", + "hilog:libhilog", + "hisysevent:libhisysevent", + "ipc:ipc_core", + "napi:ace_napi", + "safwk:api_cache_manager", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (ability_runtime_graphics) { + external_deps += [ + "input:libmmi-client", + "window_manager:libwm", + ] + } +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":AbilityStubMoveMissionToSplitScreenStackDoneFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/abilitystubmovemissiontosplitscreenstackdone_fuzzer.cpp b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/abilitystubmovemissiontosplitscreenstackdone_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..3e13e918db61017805e77555a6b654e3073b3088 --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/abilitystubmovemissiontosplitscreenstackdone_fuzzer.cpp @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abilitystubmovemissiontosplitscreenstackdone_fuzzer.h" + +#include +#include + +#define private public +#include "ability_manager_service.h" +#undef private +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::AAFwk; + +namespace OHOS { +namespace { +constexpr size_t U32_AT_SIZE = 4; +} +const std::u16string ABILITYMGR_INTERFACE_TOKEN = u"ohos.aafwk.AbilityManager"; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t code = static_cast(AbilityManagerInterfaceCode::MOVE_MISSION_TO_FLOATING_STACK); + + MessageParcel parcel; + parcel.WriteInterfaceToken(ABILITYMGR_INTERFACE_TOKEN); + parcel.WriteBuffer(data, size); + parcel.RewindRead(0); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->subManagersHelper_ = + std::make_shared(nullptr, nullptr); + DelayedSingleton::GetInstance()->subManagersHelper_->currentUIAbilityManager_ = + std::make_shared(); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, parcel, reply, option); + + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + std::cout << "invalid data" << std::endl; + return 0; + } + + /* Validate the length of size */ + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = static_cast(malloc(size + 1)); + if (ch == nullptr) { + std::cout << "malloc failed." << std::endl; + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + std::cout << "copy failed." << std::endl; + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} + diff --git a/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/abilitystubmovemissiontosplitscreenstackdone_fuzzer.h b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/abilitystubmovemissiontosplitscreenstackdone_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..d447cf00ca4e8b42fa03a3e06cac92fe99967128 --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/abilitystubmovemissiontosplitscreenstackdone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBMOVEMISSIONTOSPLITSCRRESTACKDONE_FUZZER_H +#define FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBMOVEMISSIONTOSPLITSCRRESTACKDONE_FUZZER_H + +#define FUZZ_PROJECT_NAME "abilitystubmovemissiontosplitscreenstackdone_fuzzer" + +#endif // FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBMOVEMISSIONTOSPLITSCRRESTACKDONE_FUZZER_H diff --git a/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/corpus/init b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..8eb5a7d6eb6b7d71f0c70c244e5768d62bee6ac5 --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/project.xml b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontosplitscreenstackdone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/BUILD.gn b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..ea65e675ac9ef1628e6a5564561808ecdd98dbaf --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("//foundation/ability/ability_runtime/ability_runtime.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AbilityStubMoveMissionToTopDoneFuzzTest") { + module_out_path = fuzz_test_output_path + + fuzz_config_file = "${ability_runtime_test_path}/fuzztest/abilitystubmovemissiontotopdone_fuzzer" + include_dirs = [ "${ability_runtime_innerkits_path}/ability_manager/include" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "abilitystubmovemissiontotopdone_fuzzer.cpp" ] + + configs = [ "${ability_runtime_innerkits_path}/ability_manager:ability_manager_public_config" ] + + deps = [ + "${ability_runtime_innerkits_path}/ability_manager:ability_manager", + "${ability_runtime_innerkits_path}/ability_manager:ability_start_options", + "${ability_runtime_native_path}/ability/native:abilitykit_native", + "${ability_runtime_services_path}/abilitymgr:abilityms", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "ffrt:libffrt", + "hilog:libhilog", + "hisysevent:libhisysevent", + "ipc:ipc_core", + "napi:ace_napi", + "safwk:api_cache_manager", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (ability_runtime_graphics) { + external_deps += [ + "input:libmmi-client", + "window_manager:libwm", + ] + } +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":AbilityStubMoveMissionToTopDoneFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/abilitystubmovemissiontotopdone_fuzzer.cpp b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/abilitystubmovemissiontotopdone_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..3372b2820a9242b37e69bb0722f77be072df5dae --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/abilitystubmovemissiontotopdone_fuzzer.cpp @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abilitystubmovemissiontotopdone_fuzzer.h" + +#include +#include + +#define private public +#include "ability_manager_service.h" +#undef private +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::AAFwk; + +namespace OHOS { +namespace { +constexpr size_t U32_AT_SIZE = 4; +} +const std::u16string ABILITYMGR_INTERFACE_TOKEN = u"ohos.aafwk.AbilityManager"; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t code = static_cast(AbilityManagerInterfaceCode::MOVE_MISSION_TO_TOP); + + MessageParcel parcel; + parcel.WriteInterfaceToken(ABILITYMGR_INTERFACE_TOKEN); + parcel.WriteBuffer(data, size); + parcel.RewindRead(0); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->subManagersHelper_ = + std::make_shared(nullptr, nullptr); + DelayedSingleton::GetInstance()->subManagersHelper_->currentUIAbilityManager_ = + std::make_shared(); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, parcel, reply, option); + + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + std::cout << "invalid data" << std::endl; + return 0; + } + + /* Validate the length of size */ + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = static_cast(malloc(size + 1)); + if (ch == nullptr) { + std::cout << "malloc failed." << std::endl; + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + std::cout << "copy failed." << std::endl; + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} + diff --git a/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/abilitystubmovemissiontotopdone_fuzzer.h b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/abilitystubmovemissiontotopdone_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..756864eb523dbe9749eb9658fed0c9e1b089fec4 --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/abilitystubmovemissiontotopdone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBMOVEMISSIONTOTOPDONE_FUZZER_H +#define FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBMOVEMISSIONTOTOPDONE_FUZZER_H + +#define FUZZ_PROJECT_NAME "abilitystubmovemissiontotopdone_fuzzer" + +#endif // FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBMOVEMISSIONTOTOPDONE_FUZZER_H diff --git a/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/corpus/init b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..7ade8a0faafeaedba7241e7d4a97b8e1f9691932 --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/project.xml b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/abilitystubmovemissiontotopdone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/abilitystubremovemissiondone_fuzzer/BUILD.gn b/test/fuzztest/abilitystubremovemissiondone_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..87769837c3936d842428ee7aad7c0bc1e4eda58e --- /dev/null +++ b/test/fuzztest/abilitystubremovemissiondone_fuzzer/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("//foundation/ability/ability_runtime/ability_runtime.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AbilityStubRemoveMissionDoneFuzzTest") { + module_out_path = fuzz_test_output_path + + fuzz_config_file = "${ability_runtime_test_path}/fuzztest/abilitystubremovemissiondone_fuzzer" + include_dirs = [ "${ability_runtime_innerkits_path}/ability_manager/include" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "abilitystubremovemissiondone_fuzzer.cpp" ] + + configs = [ "${ability_runtime_innerkits_path}/ability_manager:ability_manager_public_config" ] + + deps = [ + "${ability_runtime_innerkits_path}/ability_manager:ability_manager", + "${ability_runtime_innerkits_path}/ability_manager:ability_start_options", + "${ability_runtime_native_path}/ability/native:abilitykit_native", + "${ability_runtime_services_path}/abilitymgr:abilityms", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "ffrt:libffrt", + "hilog:libhilog", + "hisysevent:libhisysevent", + "ipc:ipc_core", + "napi:ace_napi", + "safwk:api_cache_manager", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (ability_runtime_graphics) { + external_deps += [ + "input:libmmi-client", + "window_manager:libwm", + ] + } +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":AbilityStubRemoveMissionDoneFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzztest/abilitystubremovemissiondone_fuzzer/abilitystubremovemissiondone_fuzzer.cpp b/test/fuzztest/abilitystubremovemissiondone_fuzzer/abilitystubremovemissiondone_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..0eae20bbca019fb3a9858323e63fc708aec8f56b --- /dev/null +++ b/test/fuzztest/abilitystubremovemissiondone_fuzzer/abilitystubremovemissiondone_fuzzer.cpp @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abilitystubremovemissiondone_fuzzer.h" + +#include +#include + +#define private public +#include "ability_manager_service.h" +#undef private +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::AAFwk; + +namespace OHOS { +namespace { +constexpr size_t U32_AT_SIZE = 4; +} +const std::u16string ABILITYMGR_INTERFACE_TOKEN = u"ohos.aafwk.AbilityManager"; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t code = static_cast(AbilityManagerInterfaceCode::REMOVE_MISSION); + + MessageParcel parcel; + parcel.WriteInterfaceToken(ABILITYMGR_INTERFACE_TOKEN); + parcel.WriteBuffer(data, size); + parcel.RewindRead(0); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->subManagersHelper_ = + std::make_shared(nullptr, nullptr); + DelayedSingleton::GetInstance()->subManagersHelper_->currentUIAbilityManager_ = + std::make_shared(); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, parcel, reply, option); + + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + std::cout << "invalid data" << std::endl; + return 0; + } + + /* Validate the length of size */ + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = static_cast(malloc(size + 1)); + if (ch == nullptr) { + std::cout << "malloc failed." << std::endl; + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + std::cout << "copy failed." << std::endl; + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} + diff --git a/test/fuzztest/abilitystubremovemissiondone_fuzzer/abilitystubremovemissiondone_fuzzer.h b/test/fuzztest/abilitystubremovemissiondone_fuzzer/abilitystubremovemissiondone_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..09f0f61309a84fec16f25598a41665e2d85232a3 --- /dev/null +++ b/test/fuzztest/abilitystubremovemissiondone_fuzzer/abilitystubremovemissiondone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBREMOVEMISSIONDONE_FUZZER_H +#define FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBREMOVEMISSIONDONE_FUZZER_H + +#define FUZZ_PROJECT_NAME "abilitystubremovemissiondone_fuzzer" + +#endif // FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBREMOVEMISSIONDONE_FUZZER_H diff --git a/test/fuzztest/abilitystubremovemissiondone_fuzzer/corpus/init b/test/fuzztest/abilitystubremovemissiondone_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..7ade8a0faafeaedba7241e7d4a97b8e1f9691932 --- /dev/null +++ b/test/fuzztest/abilitystubremovemissiondone_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/abilitystubremovemissiondone_fuzzer/project.xml b/test/fuzztest/abilitystubremovemissiondone_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..6e8ad2cfde8f8bda4beb6cabbe7efd8bc3c54eec --- /dev/null +++ b/test/fuzztest/abilitystubremovemissiondone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/abilitystubremovestackdone_fuzzer/BUILD.gn b/test/fuzztest/abilitystubremovestackdone_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..760979467de107ace2fce652040d6cd32620ba10 --- /dev/null +++ b/test/fuzztest/abilitystubremovestackdone_fuzzer/BUILD.gn @@ -0,0 +1,78 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("//foundation/ability/ability_runtime/ability_runtime.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AbilityStubRemoveStackDoneFuzzTest") { + module_out_path = fuzz_test_output_path + + fuzz_config_file = "${ability_runtime_test_path}/fuzztest/abilitystubremovestackdone_fuzzer" + include_dirs = [ "${ability_runtime_innerkits_path}/ability_manager/include" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "abilitystubremovestackdone_fuzzer.cpp" ] + + configs = [ "${ability_runtime_innerkits_path}/ability_manager:ability_manager_public_config" ] + + deps = [ + "${ability_runtime_innerkits_path}/ability_manager:ability_manager", + "${ability_runtime_innerkits_path}/ability_manager:ability_start_options", + "${ability_runtime_native_path}/ability/native:abilitykit_native", + "${ability_runtime_services_path}/abilitymgr:abilityms", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "ffrt:libffrt", + "hilog:libhilog", + "hisysevent:libhisysevent", + "ipc:ipc_core", + "napi:ace_napi", + "safwk:api_cache_manager", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + if (ability_runtime_graphics) { + external_deps += [ + "input:libmmi-client", + "window_manager:libwm", + ] + } +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":AbilityStubRemoveStackDoneFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzztest/abilitystubremovestackdone_fuzzer/abilitystubremovestackdone_fuzzer.cpp b/test/fuzztest/abilitystubremovestackdone_fuzzer/abilitystubremovestackdone_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..0ff495b21bc5994a96da7d5b13efdf6cd798bfb8 --- /dev/null +++ b/test/fuzztest/abilitystubremovestackdone_fuzzer/abilitystubremovestackdone_fuzzer.cpp @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "abilitystubremovestackdone_fuzzer.h" + +#include +#include + +#define private public +#include "ability_manager_service.h" +#undef private +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::AAFwk; + +namespace OHOS { +namespace { +constexpr size_t U32_AT_SIZE = 4; +} +const std::u16string ABILITYMGR_INTERFACE_TOKEN = u"ohos.aafwk.AbilityManager"; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t code = static_cast(AbilityManagerInterfaceCode::REMOVE_STACK); + + MessageParcel parcel; + parcel.WriteInterfaceToken(ABILITYMGR_INTERFACE_TOKEN); + parcel.WriteBuffer(data, size); + parcel.RewindRead(0); + MessageParcel reply; + MessageOption option; + DelayedSingleton::GetInstance()->subManagersHelper_ = + std::make_shared(nullptr, nullptr); + DelayedSingleton::GetInstance()->subManagersHelper_->currentUIAbilityManager_ = + std::make_shared(); + DelayedSingleton::GetInstance()->OnRemoteRequest(code, parcel, reply, option); + + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + std::cout << "invalid data" << std::endl; + return 0; + } + + /* Validate the length of size */ + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = static_cast(malloc(size + 1)); + if (ch == nullptr) { + std::cout << "malloc failed." << std::endl; + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + std::cout << "copy failed." << std::endl; + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} + diff --git a/test/fuzztest/abilitystubremovestackdone_fuzzer/abilitystubremovestackdone_fuzzer.h b/test/fuzztest/abilitystubremovestackdone_fuzzer/abilitystubremovestackdone_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..2d3af720e34602932e4d37c02d6fdc1d1a9e4bdb --- /dev/null +++ b/test/fuzztest/abilitystubremovestackdone_fuzzer/abilitystubremovestackdone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBREMOVESTACKDONE_FUZZER_H +#define FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBREMOVESTACKDONE_FUZZER_H + +#define FUZZ_PROJECT_NAME "abilitystubremovestackdone_fuzzer" + +#endif // FUZZTEST_OHOS_ABILITY_RUNTIME_ABILITYSTUBREMOVESTACKDONE_FUZZER_H diff --git a/test/fuzztest/abilitystubremovestackdone_fuzzer/corpus/init b/test/fuzztest/abilitystubremovestackdone_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..7ade8a0faafeaedba7241e7d4a97b8e1f9691932 --- /dev/null +++ b/test/fuzztest/abilitystubremovestackdone_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/abilitystubremovestackdone_fuzzer/project.xml b/test/fuzztest/abilitystubremovestackdone_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/abilitystubremovestackdone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + +