diff --git a/services/sandbox_manager/main/cpp/include/service/policy_info_manager.h b/services/sandbox_manager/main/cpp/include/service/policy_info_manager.h index 049710de5130c5fd0858b6b3a080943a66204de5..c87253eea2673739762d753eebdb0e92ceb4805d 100644 --- a/services/sandbox_manager/main/cpp/include/service/policy_info_manager.h +++ b/services/sandbox_manager/main/cpp/include/service/policy_info_manager.h @@ -63,22 +63,6 @@ public: * @return SANDBOX_MANAGER_DB_ERR / SANDBOX_MANAGER_OK */ int32_t MatchPolicy(const uint32_t tokenId, const std::vector &policy, std::vector &result); - /** - * @brief The mode of the same path policy performs or operations - * @param GenericValues vector - * @param dbResults size - */ - void RepeatsPathPolicyModeCal(std::vector &dbResults, - uint64_t dbResultsSize); - /** - * @brief Match one policy of a certain tokenId - * @param tokenId token id of the object - * @param policy PolicyInfo, see policy_info.h - * @param result match result of each policy - * @return INVALID_PARAMTER / SANDBOX_MANAGER_DB_ERR - * / SANDBOX_MANAGER_POLICY_NOT_MATCH / SANDBOX_MANAGER_OK - */ - int32_t MatchSinglePolicy(const uint32_t tokenId, const PolicyInfo &policy, uint32_t &result); /** * @brief remove policys of a certain tokenId * @param tokenId token id of the object diff --git a/services/sandbox_manager/main/cpp/src/service/policy_info_manager.cpp b/services/sandbox_manager/main/cpp/src/service/policy_info_manager.cpp index aa2c1714e5eb5778b51d4a5f19e737c5c3455f09..7533750b585ae8f9efa9e3299cccbbd0d2d1aaa9 100644 --- a/services/sandbox_manager/main/cpp/src/service/policy_info_manager.cpp +++ b/services/sandbox_manager/main/cpp/src/service/policy_info_manager.cpp @@ -307,76 +307,6 @@ int32_t PolicyInfoManager::AddToDatabaseIfNotDuplicate(const uint32_t tokenId, c return SANDBOX_MANAGER_OK; } -void PolicyInfoManager::RepeatsPathPolicyModeCal(std::vector &dbResults, uint64_t dbResultsSize) -{ - std::map dbResultsMap; - for (size_t i = 0; i < dbResultsSize; ++i) { - std::string currPath = dbResults[i].GetString(PolicyFiledConst::FIELD_PATH); - uint32_t currMode = static_cast(dbResults[i].GetInt(PolicyFiledConst::FIELD_MODE)); - if (dbResultsMap.find(currPath) != dbResultsMap.end()) { - dbResultsMap[currPath] |= currMode; - } else { - dbResultsMap.insert(std::make_pair(currPath, currMode)); - } - } - for (size_t i = 0; i < dbResultsSize; ++i) { - std::string polisyPath = dbResults[i].GetString(PolicyFiledConst::FIELD_PATH); - dbResults[i].Remove(PolicyFiledConst::FIELD_MODE); - dbResults[i].Put(PolicyFiledConst::FIELD_MODE, static_cast(dbResultsMap[polisyPath])); - } -} - -int32_t PolicyInfoManager::MatchSinglePolicy(const uint32_t tokenId, const PolicyInfo &policy, uint32_t &result) -{ - int32_t checkPolicyRet = CheckPolicyValidity(policy); - if (checkPolicyRet != SANDBOX_MANAGER_OK) { - result = static_cast(checkPolicyRet); - return INVALID_PARAMTER; - } - - // search records have same tokenId and depth <= input policy - GenericValues conditions; - GenericValues symbols; - uint64_t searchDepth = static_cast(GetDepth(policy.path)); - - conditions.Put(PolicyFiledConst::FIELD_TOKENID, static_cast(tokenId)); - symbols.Put(PolicyFiledConst::FIELD_TOKENID, std::string("=")); - - conditions.Put(PolicyFiledConst::FIELD_DEPTH, static_cast(searchDepth)); - symbols.Put(PolicyFiledConst::FIELD_DEPTH, std::string("<=")); - - std::vector dbResults; - int32_t ret = RangeFind(conditions, symbols, dbResults); - if (ret == SANDBOX_MANAGER_DB_ERR) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Database operate error"); - return SANDBOX_MANAGER_DB_ERR; - } - size_t dbResultsSize = dbResults.size(); - if (ret == SANDBOX_MANAGER_OK && dbResultsSize == 0) { - // find nothing, return not match - SANDBOXMANAGER_LOG_DEBUG(LABEL, "Database return empty"); - result = POLICY_HAS_NOT_BEEN_PERSISTED; - return SANDBOX_MANAGER_OK; - } - RepeatsPathPolicyModeCal(dbResults, dbResultsSize); - for (size_t i = 0; i < dbResultsSize; ++i) { - PolicyInfo referPolicy; - referPolicy.path = dbResults[i].GetString(PolicyFiledConst::FIELD_PATH); - referPolicy.mode = static_cast(dbResults[i].GetInt(PolicyFiledConst::FIELD_MODE)); - uint64_t referDepth = static_cast(dbResults[i].GetInt(PolicyFiledConst::FIELD_DEPTH)); - - PolicyInfo searchPolicy; - searchPolicy.mode = policy.mode; - searchPolicy.path = AdjustPath(policy.path); - if (IsPolicyMatch(searchPolicy, searchDepth, referPolicy, referDepth)) { - result = SandboxRetType::OPERATE_SUCCESSFULLY; - return SANDBOX_MANAGER_OK; - } - } - result = SandboxRetType::POLICY_HAS_NOT_BEEN_PERSISTED; - return SANDBOX_MANAGER_OK; -} - int32_t PolicyInfoManager::MatchNormalPolicy(const uint32_t tokenId, const std::vector &policy, std::vector &result) { diff --git a/services/sandbox_manager/test/unittest/policy_info_manager_test.cpp b/services/sandbox_manager/test/unittest/policy_info_manager_test.cpp index ed8acddb29dad6abf289e85e742164bd2531f156..35c27a49cbd37b9116b669798accb0f4cedb932b 100644 --- a/services/sandbox_manager/test/unittest/policy_info_manager_test.cpp +++ b/services/sandbox_manager/test/unittest/policy_info_manager_test.cpp @@ -255,7 +255,7 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest004, TestSize.Level0) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest006, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest006, TestSize.Level0) { EXPECT_EQ(true, PolicyInfoManager::GetInstance().RemoveBundlePolicy(selfTokenId_)); @@ -279,7 +279,7 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest007, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest007, TestSize.Level0) { PolicyInfo searchPolicy { .path = "/test/", @@ -303,7 +303,7 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest008, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest008, TestSize.Level0) { std::string path1 = "/storage/Users/currentUser/appdata"; std::string path2 = "/storage/Users/currentUser/appdata/el1"; @@ -326,11 +326,11 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest008, TestSize.Level1) /** * @tc.name: PolicyInfoManagerTest011 - * @tc.desc: Test MatchSinglePolicy + * @tc.desc: Test CheckPolicyValidity * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest011, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest011, TestSize.Level0) { PolicyInfo err1 { .path = "", @@ -360,7 +360,7 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, GenericValuesTest001, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, GenericValuesTest001, TestSize.Level0) { GenericValues conditions; int32_t result = -1; @@ -407,16 +407,18 @@ HWTEST_F(PolicyInfoManagerTest, CleanPersistPolicyByPathTest001, TestSize.Level0 EXPECT_EQ(sizeLimit, result11.size()); EXPECT_EQ(SandboxRetType::OPERATE_SUCCESSFULLY, result11[0]); - uint32_t matchResult; - EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().MatchSinglePolicy(selfTokenId_, info, matchResult)); - EXPECT_EQ(SandboxRetType::OPERATE_SUCCESSFULLY, matchResult); + std::vector result13; + EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().MatchPolicy(selfTokenId_, policy, result13)); + EXPECT_EQ(sizeLimit, result13.size()); + EXPECT_EQ(SandboxRetType::OPERATE_SUCCESSFULLY, result13[0]); std::vector paths; paths.emplace_back(info.path); EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().CleanPersistPolicyByPath(paths)); - EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().MatchSinglePolicy(selfTokenId_, info, matchResult)); - EXPECT_EQ(SandboxRetType::POLICY_HAS_NOT_BEEN_PERSISTED, matchResult); + EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().MatchPolicy(selfTokenId_, policy, result13)); + EXPECT_EQ(sizeLimit, result13.size()); + EXPECT_EQ(SandboxRetType::POLICY_HAS_NOT_BEEN_PERSISTED, result13[0]); } #endif @@ -426,7 +428,7 @@ HWTEST_F(PolicyInfoManagerTest, CleanPersistPolicyByPathTest001, TestSize.Level0 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MacAdapterTest001, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MacAdapterTest001, TestSize.Level0) { MacAdapter macAdapter; std::vector policy; @@ -591,7 +593,7 @@ HWTEST_F(PolicyInfoManagerTest, DenyTest010, TestSize.Level0) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath001, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath001, TestSize.Level0) { std::string input1 = "/aa/bb/cc/dd.txt"; std::string expect = "/a***/b***/c***/d***"; @@ -605,7 +607,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath002, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath002, TestSize.Level0) { std::string input1 = "/aa/bb/cc/d.txt"; std::string expect = "/a***/b***/c***/d***"; @@ -619,7 +621,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath003, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath003, TestSize.Level0) { std::string input1 = "/aa/dd.txt"; std::string expect = "/a***/d***"; @@ -633,7 +635,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath004, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath004, TestSize.Level0) { std::string input1 = "/aa/////bb/cc/dd.txt"; std::string expect = "/a***/////b***/c***/d***"; @@ -647,7 +649,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath005, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath005, TestSize.Level0) { std::string input1 = "aa/bb"; std::string expect = "a***/b***"; @@ -661,7 +663,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath006, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath006, TestSize.Level0) { std::string input1 = ""; std::string expect = "empty path"; @@ -675,7 +677,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath007, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath007, TestSize.Level0) { std::string input1 = "/"; std::string expect = "/"; @@ -689,7 +691,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath008, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath008, TestSize.Level0) { std::string input1 = "."; std::string expect = "."; @@ -703,7 +705,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath009, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath009, TestSize.Level0) { std::string input1 = "/./test"; std::string expect = "/./t***"; @@ -717,7 +719,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath010, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath010, TestSize.Level0) { std::string input1 = "/../test"; std::string expect = "/../t***"; @@ -731,7 +733,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath010, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath011, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath011, TestSize.Level0) { std::string input1 = "/aa/../d.txt"; std::string expect = "/a***/../d***"; @@ -745,7 +747,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath012, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath012, TestSize.Level0) { std::string input1 = "/aa/.././bb/cc/dd.txt"; std::string expect = "/a***/.././b***/c***/d***"; @@ -759,7 +761,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath012, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath013, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath013, TestSize.Level0) { std::string input1 = "/aa/.././cc/aa.bb.txt"; std::string expect = "/a***/.././c***/a***"; @@ -773,7 +775,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath013, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath014, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath014, TestSize.Level0) { std::string input1 = "/aa/.././cc/.aa.bb.txt"; std::string expect = "/a***/.././c***/.***"; @@ -787,7 +789,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath014, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath015, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath015, TestSize.Level0) { std::string input1 = "/aa/.././cc/"; std::string expect = "/a***/.././c***/"; @@ -801,7 +803,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath015, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath016, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath016, TestSize.Level0) { std::string input1 = "/aa/////"; std::string expect = "/a***/////"; @@ -815,7 +817,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath016, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest012, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest012, TestSize.Level0) { MacAdapter original = PolicyInfoManager::GetInstance().macAdapter_; MacAdapter mockMacAdapter; diff --git a/test/fuzztest/innerkits/sandbox_manager/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/BUILD.gn index 8f83517bcaefdbf390d39040a318222523f556ba..f532a811335232456b65a8b8d566d800199228d4 100644 --- a/test/fuzztest/innerkits/sandbox_manager/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/BUILD.gn @@ -35,5 +35,6 @@ group("fuzztest") { "unsetallpolicybytoken_fuzzer:UnsetAllPolicyByTokenFuzzTest", "unsetpolicy_fuzzer:UnsetPolicyFuzzTest", "unsetpolicyasync_fuzzer:UnsetPolicyAsyncFuzzTest", + "setpolicybybundlename_fuzzer:SetPolicyByBundleNameFuzzTest", ] } diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn index e85395e8cb3f7af12656a862645936294fde53d5..df63aea26bbf96a95be9818279cb952c0092a64a 100644 --- a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn @@ -36,6 +36,9 @@ ohos_fuzztest("CheckPolicyFuzzTest") { configs = [ "${sandbox_manager_path}/config:coverage_flags" ] external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", "c_utils:utils", "hilog:libhilog", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp index 085e1383fa9f039586f48bb1033de8d0b7a83b14..00d490c5bc2fe19e24f0eb682a2d3d4ba915bab1 100644 --- a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp @@ -20,6 +20,7 @@ #include #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -33,10 +34,9 @@ namespace OHOS { std::vector policyVec; std::vector result; PolicyInfoRandomGenerator gen(data, size); - uint32_t tokenId = gen.GetData(); gen.GeneratePolicyInfoVec(policyVec); - SandboxManagerKit::CheckPolicy(tokenId, policyVec, result); + SandboxManagerKit::CheckPolicy(GetSelfTokenID(), policyVec, result); return true; } } diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn index 6cf6d47ff915ab4840ef315d24dca8cd5c1df7ea..6d4a4e11a647cd5bef3044d31c7754e9042c5e03 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("PersistPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("PersistPolicyFuzzTest") { "persistpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp index 9470c3735ebcbd1859222f6da40b0d7ecdcbb85f..c3720c83ee41d8e2734cb43bfb69b1ea37efe9c9 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -44,6 +45,7 @@ namespace OHOS { bool PersistPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, PersistPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn index ed6f4000b3d2ef3179238b9937b319e41e2e7746..4d4e26b4046d2760918fca137e813a20ec657c27 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("PersistPolicyTokenFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("PersistPolicyTokenFuzzTest") { "persistpolicytoken_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp index 23a0c3c4677ed9519e5c3e28de6c16443023e0c2..c3144f69a57933601a141c0ef1c29c9128649aef 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -45,6 +46,7 @@ namespace OHOS { bool PersistPolicyTokenFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, PersistPolicyToken); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn index f4af6144f0977b27c107968365e85aa9ef56adbe..43269e1bf886fa52a1411e0bb6db68320c219c37 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("SetPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("SetPolicyFuzzTest") { "setpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp index efb73fc6200cd46014e175ce643b8d1f967b1d29..313ace389fc258d942e9002e3c2ff972c9c36e0e 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -47,6 +48,7 @@ namespace OHOS { bool SetPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, SetPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn index 6015da114d0951b463872edf83603152674172f1..7aad17720fcbe6d1140d509ef402e43def33045e 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("SetPolicyAsyncFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("SetPolicyAsyncFuzzTest") { "setpolicyasync_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp index 28d65a533ec6d3ec20e8f3e9d25c4de0eb69d0c7..3e40760ac888b3ce11f4ab7f97ac3647d104daa7 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -45,6 +46,7 @@ namespace OHOS { bool SetPolicyAsyncFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, SetPolicyAsync); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..9f6fa7306d7e90bae5d31f333420735e3dcc86ca --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/BUILD.gn @@ -0,0 +1,52 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("SetPolicyByBundleNameFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", + "setpolicybybundlename_fuzzer.cpp", + ] + + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..65af8ee8d11bf23407ea34d4de49f7cbb6a2b791 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..28d8a06b2d8aea07d6d5c36868564108b15159c8 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.cpp @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "setpolicybybundlename_fuzzer.h" + +#include +#include +#include +#include "alloc_token.h" +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" +#include "token_setproc.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { + bool SetPolicyByBundleNameTest(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + std::vector policyVec; + std::vector result; + std::string bundleName; + int32_t appCloneIndex; + PolicyInfoRandomGenerator gen(data, size); + gen.GenerateString(bundleName); + appCloneIndex = gen.GetData(); + gen.GeneratePolicyInfoVec(policyVec); + + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policyVec, 1, result); + SandboxManagerKit::SetPolicyByBundleName(bundleName, appCloneIndex, policyVec, 1, result); + return true; + } + + bool SetPolicyByBundleNameFuzzTest(const uint8_t *data, size_t size) + { + MockTokenId("foundation"); + return AllocTokenWithFuzz(data, size, SetPolicyByBundleNameTest); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::SetPolicyByBundleNameFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..c395f5c82df3af299d00902ba14e05285f2fabfd --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_SETPOLICYBYBUNDLENAME_H +#define TEST_FUZZTEST_SETPOLICYBYBUNDLENAME_H + +#define FUZZ_PROJECT_NAME "setpolicybybundlename_fuzzer" + +#endif // TEST_FUZZTEST_SETPOLICYBYBUNDLENAME_H diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn index 209dde66212b5ce69c0b579ae0bcc4b3c2e21f50..dc3587993ed151591d7da3215bca4a462b9a93c7 100644 --- a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("StartAccessingPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("StartAccessingPolicyFuzzTest") { "startaccessingpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp index 2a2bde3491dfe60216ca4ace08f0f3ffce38cca2..f283a8160611413d7af864d5181591784980c42d 100644 --- a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -45,6 +46,7 @@ namespace OHOS { bool StartAccessingPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, StartAccessingPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn index b0916fdbddf56866d7fd2cb11ff19bd0b8b23d42..061242560cabf0293842ecd9e16fbb2b8254238d 100644 --- a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("StopAccessingPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", @@ -33,7 +36,10 @@ ohos_fuzztest("StopAccessingPolicyFuzzTest") { "stopaccessingpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp index 3d8838da0993d2800156f9f36e0bc624c7cff7b5..642e9967cde6f3415d7750778eee4f4c7012b4bd 100644 --- a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -46,6 +47,7 @@ namespace OHOS { bool StopAccessingPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, StopAccessingPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn index 143481339e898f726ea0603085982a509f2a2afc..51ae4ded829b0435c0db9f099d0bef34cb47e296 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnPersistPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnPersistPolicyFuzzTest") { "unpersistpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp index 526f3f27fdef3f6f3432b90ccccbe04d447c18b3..acc7c5ebae166c91b30807d69ab142bd29e36479 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -46,6 +47,7 @@ namespace OHOS { bool UnpersistPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnpersistPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn index 9ba4aa44386943653bf1291f1ef54bdb0c69cffb..a71449cbe4e59982924201652d5352a0416b9d55 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnpersistPolicyTokenFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnpersistPolicyTokenFuzzTest") { "unpersistpolicytoken_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp index 85a349cc4b0bf75e150bc2fa08de61ee9b7bea24..0c8292fab5f56bc759586a255716d377786b845d 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" using namespace OHOS::AccessControl::SandboxManager; @@ -45,6 +46,7 @@ namespace OHOS { bool UnPersistPolicyTokenFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnPersistPolicyToken); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn index 70772d7fbb2c64c31e8b72dbcc6d826703d2ff58..2343e7493dfbc62ded2874bc885bff827f5f1fc0 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnsetAllPolicyByTokenFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnsetAllPolicyByTokenFuzzTest") { "unsetallpolicybytoken_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp index 2447ad56027d2cdc468bcc06d80881e19be996df..a94b949bb24b8c4cb201b5c9baeac54f5667b127 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -42,6 +43,7 @@ namespace OHOS { bool UnSetAllPolicyByTokenFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnSetAllPolicyByToken); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn index f5a5cb34b9315429ec40e2bbabf54bfb6a2caea7..3461a2b5864bf712be91a65cadcd06f0c121d855 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnsetPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnsetPolicyFuzzTest") { "unsetpolilcy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp index c2fdaff91a51e4cd405c2daf7838db25ce32cc96..7ec4f519a0a2831accfae8a99d3111c440e20023 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -47,6 +48,7 @@ namespace OHOS { bool UnSetPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnSetPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn index f0c165cfcfa1f70a2490493cecee9c5d6b0ecf08..a6e8f8fa506b1ba70a65f641f196b8ce47b060bc 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnsetPolicyAsyncFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnsetPolicyAsyncFuzzTest") { "unsetpolicyasync_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp index b9df4e676f93e570a09d27a7f1b1e4ed3da53037..70000abd88cc7e51b6304d179e9ccbe97efe342c 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -47,6 +48,7 @@ namespace OHOS { bool UnSetPolicyAsyncFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnSetPolicyAsync); } }