From 64a68d329115245599461b1d9548a863e768aa01 Mon Sep 17 00:00:00 2001 From: zhouliting Date: Tue, 17 Jun 2025 14:46:47 +0800 Subject: [PATCH] Xadd fuzz. Signed-off-by: zhouliting --- .../cpp/include/service/policy_info_manager.h | 16 ----- .../cpp/src/service/policy_info_manager.cpp | 70 ------------------- .../unittest/policy_info_manager_test.cpp | 60 ++++++++-------- .../innerkits/sandbox_manager/BUILD.gn | 1 + .../checkpolicy_fuzzer/BUILD.gn | 3 + .../checkpolicy_fuzzer/checkpolicy_fuzzer.cpp | 4 +- .../persistpolicy_fuzzer/BUILD.gn | 10 ++- .../persistpolicy_fuzzer.cpp | 2 + .../persistpolicytoken_fuzzer/BUILD.gn | 10 ++- .../persistpolicytoken_fuzzer.cpp | 2 + .../sandbox_manager/setpolicy_fuzzer/BUILD.gn | 10 ++- .../setpolicy_fuzzer/setpolicy_fuzzer.cpp | 2 + .../setpolicyasync_fuzzer/BUILD.gn | 10 ++- .../setpolicyasync_fuzzer.cpp | 2 + .../setpolicybybundlename_fuzzer/BUILD.gn | 52 ++++++++++++++ .../setpolicybybundlename_fuzzer/corpus/init | 14 ++++ .../setpolicybybundlename_fuzzer/project.xml | 25 +++++++ .../setpolicybybundlename_fuzzer.cpp | 63 +++++++++++++++++ .../setpolicybybundlename_fuzzer.h | 21 ++++++ .../startaccessingpolicy_fuzzer/BUILD.gn | 10 ++- .../startaccessingpolicy_fuzzer.cpp | 2 + .../stopaccessingpolicy_fuzzer/BUILD.gn | 10 ++- .../stopaccessingpolicy_fuzzer.cpp | 2 + .../unpersistpolicy_fuzzer/BUILD.gn | 10 ++- .../unpersistpolicy_fuzzer.cpp | 2 + .../unpersistpolicytoken_fuzzer/BUILD.gn | 10 ++- .../unpersistpolicytoken_fuzzer.cpp | 2 + .../unsetallpolicybytoken_fuzzer/BUILD.gn | 10 ++- .../unsetallpolicybytoken_fuzzer.cpp | 2 + .../unsetpolicy_fuzzer/BUILD.gn | 10 ++- .../unsetpolilcy_fuzzer.cpp | 2 + .../unsetpolicyasync_fuzzer/BUILD.gn | 10 ++- .../unsetpolicyasync_fuzzer.cpp | 2 + 33 files changed, 322 insertions(+), 139 deletions(-) create mode 100644 test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/BUILD.gn create mode 100644 test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/corpus/init create mode 100644 test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/project.xml create mode 100644 test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.cpp create mode 100644 test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.h diff --git a/services/sandbox_manager/main/cpp/include/service/policy_info_manager.h b/services/sandbox_manager/main/cpp/include/service/policy_info_manager.h index 049710d..c87253e 100644 --- a/services/sandbox_manager/main/cpp/include/service/policy_info_manager.h +++ b/services/sandbox_manager/main/cpp/include/service/policy_info_manager.h @@ -63,22 +63,6 @@ public: * @return SANDBOX_MANAGER_DB_ERR / SANDBOX_MANAGER_OK */ int32_t MatchPolicy(const uint32_t tokenId, const std::vector &policy, std::vector &result); - /** - * @brief The mode of the same path policy performs or operations - * @param GenericValues vector - * @param dbResults size - */ - void RepeatsPathPolicyModeCal(std::vector &dbResults, - uint64_t dbResultsSize); - /** - * @brief Match one policy of a certain tokenId - * @param tokenId token id of the object - * @param policy PolicyInfo, see policy_info.h - * @param result match result of each policy - * @return INVALID_PARAMTER / SANDBOX_MANAGER_DB_ERR - * / SANDBOX_MANAGER_POLICY_NOT_MATCH / SANDBOX_MANAGER_OK - */ - int32_t MatchSinglePolicy(const uint32_t tokenId, const PolicyInfo &policy, uint32_t &result); /** * @brief remove policys of a certain tokenId * @param tokenId token id of the object diff --git a/services/sandbox_manager/main/cpp/src/service/policy_info_manager.cpp b/services/sandbox_manager/main/cpp/src/service/policy_info_manager.cpp index aa2c171..7533750 100644 --- a/services/sandbox_manager/main/cpp/src/service/policy_info_manager.cpp +++ b/services/sandbox_manager/main/cpp/src/service/policy_info_manager.cpp @@ -307,76 +307,6 @@ int32_t PolicyInfoManager::AddToDatabaseIfNotDuplicate(const uint32_t tokenId, c return SANDBOX_MANAGER_OK; } -void PolicyInfoManager::RepeatsPathPolicyModeCal(std::vector &dbResults, uint64_t dbResultsSize) -{ - std::map dbResultsMap; - for (size_t i = 0; i < dbResultsSize; ++i) { - std::string currPath = dbResults[i].GetString(PolicyFiledConst::FIELD_PATH); - uint32_t currMode = static_cast(dbResults[i].GetInt(PolicyFiledConst::FIELD_MODE)); - if (dbResultsMap.find(currPath) != dbResultsMap.end()) { - dbResultsMap[currPath] |= currMode; - } else { - dbResultsMap.insert(std::make_pair(currPath, currMode)); - } - } - for (size_t i = 0; i < dbResultsSize; ++i) { - std::string polisyPath = dbResults[i].GetString(PolicyFiledConst::FIELD_PATH); - dbResults[i].Remove(PolicyFiledConst::FIELD_MODE); - dbResults[i].Put(PolicyFiledConst::FIELD_MODE, static_cast(dbResultsMap[polisyPath])); - } -} - -int32_t PolicyInfoManager::MatchSinglePolicy(const uint32_t tokenId, const PolicyInfo &policy, uint32_t &result) -{ - int32_t checkPolicyRet = CheckPolicyValidity(policy); - if (checkPolicyRet != SANDBOX_MANAGER_OK) { - result = static_cast(checkPolicyRet); - return INVALID_PARAMTER; - } - - // search records have same tokenId and depth <= input policy - GenericValues conditions; - GenericValues symbols; - uint64_t searchDepth = static_cast(GetDepth(policy.path)); - - conditions.Put(PolicyFiledConst::FIELD_TOKENID, static_cast(tokenId)); - symbols.Put(PolicyFiledConst::FIELD_TOKENID, std::string("=")); - - conditions.Put(PolicyFiledConst::FIELD_DEPTH, static_cast(searchDepth)); - symbols.Put(PolicyFiledConst::FIELD_DEPTH, std::string("<=")); - - std::vector dbResults; - int32_t ret = RangeFind(conditions, symbols, dbResults); - if (ret == SANDBOX_MANAGER_DB_ERR) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Database operate error"); - return SANDBOX_MANAGER_DB_ERR; - } - size_t dbResultsSize = dbResults.size(); - if (ret == SANDBOX_MANAGER_OK && dbResultsSize == 0) { - // find nothing, return not match - SANDBOXMANAGER_LOG_DEBUG(LABEL, "Database return empty"); - result = POLICY_HAS_NOT_BEEN_PERSISTED; - return SANDBOX_MANAGER_OK; - } - RepeatsPathPolicyModeCal(dbResults, dbResultsSize); - for (size_t i = 0; i < dbResultsSize; ++i) { - PolicyInfo referPolicy; - referPolicy.path = dbResults[i].GetString(PolicyFiledConst::FIELD_PATH); - referPolicy.mode = static_cast(dbResults[i].GetInt(PolicyFiledConst::FIELD_MODE)); - uint64_t referDepth = static_cast(dbResults[i].GetInt(PolicyFiledConst::FIELD_DEPTH)); - - PolicyInfo searchPolicy; - searchPolicy.mode = policy.mode; - searchPolicy.path = AdjustPath(policy.path); - if (IsPolicyMatch(searchPolicy, searchDepth, referPolicy, referDepth)) { - result = SandboxRetType::OPERATE_SUCCESSFULLY; - return SANDBOX_MANAGER_OK; - } - } - result = SandboxRetType::POLICY_HAS_NOT_BEEN_PERSISTED; - return SANDBOX_MANAGER_OK; -} - int32_t PolicyInfoManager::MatchNormalPolicy(const uint32_t tokenId, const std::vector &policy, std::vector &result) { diff --git a/services/sandbox_manager/test/unittest/policy_info_manager_test.cpp b/services/sandbox_manager/test/unittest/policy_info_manager_test.cpp index ed8acdd..35c27a4 100644 --- a/services/sandbox_manager/test/unittest/policy_info_manager_test.cpp +++ b/services/sandbox_manager/test/unittest/policy_info_manager_test.cpp @@ -255,7 +255,7 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest004, TestSize.Level0) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest006, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest006, TestSize.Level0) { EXPECT_EQ(true, PolicyInfoManager::GetInstance().RemoveBundlePolicy(selfTokenId_)); @@ -279,7 +279,7 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest007, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest007, TestSize.Level0) { PolicyInfo searchPolicy { .path = "/test/", @@ -303,7 +303,7 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest008, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest008, TestSize.Level0) { std::string path1 = "/storage/Users/currentUser/appdata"; std::string path2 = "/storage/Users/currentUser/appdata/el1"; @@ -326,11 +326,11 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest008, TestSize.Level1) /** * @tc.name: PolicyInfoManagerTest011 - * @tc.desc: Test MatchSinglePolicy + * @tc.desc: Test CheckPolicyValidity * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest011, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest011, TestSize.Level0) { PolicyInfo err1 { .path = "", @@ -360,7 +360,7 @@ HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, GenericValuesTest001, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, GenericValuesTest001, TestSize.Level0) { GenericValues conditions; int32_t result = -1; @@ -407,16 +407,18 @@ HWTEST_F(PolicyInfoManagerTest, CleanPersistPolicyByPathTest001, TestSize.Level0 EXPECT_EQ(sizeLimit, result11.size()); EXPECT_EQ(SandboxRetType::OPERATE_SUCCESSFULLY, result11[0]); - uint32_t matchResult; - EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().MatchSinglePolicy(selfTokenId_, info, matchResult)); - EXPECT_EQ(SandboxRetType::OPERATE_SUCCESSFULLY, matchResult); + std::vector result13; + EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().MatchPolicy(selfTokenId_, policy, result13)); + EXPECT_EQ(sizeLimit, result13.size()); + EXPECT_EQ(SandboxRetType::OPERATE_SUCCESSFULLY, result13[0]); std::vector paths; paths.emplace_back(info.path); EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().CleanPersistPolicyByPath(paths)); - EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().MatchSinglePolicy(selfTokenId_, info, matchResult)); - EXPECT_EQ(SandboxRetType::POLICY_HAS_NOT_BEEN_PERSISTED, matchResult); + EXPECT_EQ(SANDBOX_MANAGER_OK, PolicyInfoManager::GetInstance().MatchPolicy(selfTokenId_, policy, result13)); + EXPECT_EQ(sizeLimit, result13.size()); + EXPECT_EQ(SandboxRetType::POLICY_HAS_NOT_BEEN_PERSISTED, result13[0]); } #endif @@ -426,7 +428,7 @@ HWTEST_F(PolicyInfoManagerTest, CleanPersistPolicyByPathTest001, TestSize.Level0 * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MacAdapterTest001, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MacAdapterTest001, TestSize.Level0) { MacAdapter macAdapter; std::vector policy; @@ -591,7 +593,7 @@ HWTEST_F(PolicyInfoManagerTest, DenyTest010, TestSize.Level0) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath001, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath001, TestSize.Level0) { std::string input1 = "/aa/bb/cc/dd.txt"; std::string expect = "/a***/b***/c***/d***"; @@ -605,7 +607,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath001, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath002, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath002, TestSize.Level0) { std::string input1 = "/aa/bb/cc/d.txt"; std::string expect = "/a***/b***/c***/d***"; @@ -619,7 +621,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath002, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath003, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath003, TestSize.Level0) { std::string input1 = "/aa/dd.txt"; std::string expect = "/a***/d***"; @@ -633,7 +635,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath003, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath004, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath004, TestSize.Level0) { std::string input1 = "/aa/////bb/cc/dd.txt"; std::string expect = "/a***/////b***/c***/d***"; @@ -647,7 +649,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath004, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath005, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath005, TestSize.Level0) { std::string input1 = "aa/bb"; std::string expect = "a***/b***"; @@ -661,7 +663,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath005, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath006, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath006, TestSize.Level0) { std::string input1 = ""; std::string expect = "empty path"; @@ -675,7 +677,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath006, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath007, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath007, TestSize.Level0) { std::string input1 = "/"; std::string expect = "/"; @@ -689,7 +691,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath007, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath008, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath008, TestSize.Level0) { std::string input1 = "."; std::string expect = "."; @@ -703,7 +705,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath008, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath009, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath009, TestSize.Level0) { std::string input1 = "/./test"; std::string expect = "/./t***"; @@ -717,7 +719,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath009, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath010, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath010, TestSize.Level0) { std::string input1 = "/../test"; std::string expect = "/../t***"; @@ -731,7 +733,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath010, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath011, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath011, TestSize.Level0) { std::string input1 = "/aa/../d.txt"; std::string expect = "/a***/../d***"; @@ -745,7 +747,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath011, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath012, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath012, TestSize.Level0) { std::string input1 = "/aa/.././bb/cc/dd.txt"; std::string expect = "/a***/.././b***/c***/d***"; @@ -759,7 +761,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath012, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath013, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath013, TestSize.Level0) { std::string input1 = "/aa/.././cc/aa.bb.txt"; std::string expect = "/a***/.././c***/a***"; @@ -773,7 +775,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath013, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath014, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath014, TestSize.Level0) { std::string input1 = "/aa/.././cc/.aa.bb.txt"; std::string expect = "/a***/.././c***/.***"; @@ -787,7 +789,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath014, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath015, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath015, TestSize.Level0) { std::string input1 = "/aa/.././cc/"; std::string expect = "/a***/.././c***/"; @@ -801,7 +803,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath015, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, MaskRealPath016, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, MaskRealPath016, TestSize.Level0) { std::string input1 = "/aa/////"; std::string expect = "/a***/////"; @@ -815,7 +817,7 @@ HWTEST_F(PolicyInfoManagerTest, MaskRealPath016, TestSize.Level1) * @tc.type: FUNC * @tc.require: */ -HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest012, TestSize.Level1) +HWTEST_F(PolicyInfoManagerTest, PolicyInfoManagerTest012, TestSize.Level0) { MacAdapter original = PolicyInfoManager::GetInstance().macAdapter_; MacAdapter mockMacAdapter; diff --git a/test/fuzztest/innerkits/sandbox_manager/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/BUILD.gn index 8f83517..f532a81 100644 --- a/test/fuzztest/innerkits/sandbox_manager/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/BUILD.gn @@ -35,5 +35,6 @@ group("fuzztest") { "unsetallpolicybytoken_fuzzer:UnsetAllPolicyByTokenFuzzTest", "unsetpolicy_fuzzer:UnsetPolicyFuzzTest", "unsetpolicyasync_fuzzer:UnsetPolicyAsyncFuzzTest", + "setpolicybybundlename_fuzzer:SetPolicyByBundleNameFuzzTest", ] } diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn index e85395e..df63aea 100644 --- a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn @@ -36,6 +36,9 @@ ohos_fuzztest("CheckPolicyFuzzTest") { configs = [ "${sandbox_manager_path}/config:coverage_flags" ] external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", "c_utils:utils", "hilog:libhilog", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp index 085e138..00d490c 100644 --- a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp @@ -20,6 +20,7 @@ #include #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -33,10 +34,9 @@ namespace OHOS { std::vector policyVec; std::vector result; PolicyInfoRandomGenerator gen(data, size); - uint32_t tokenId = gen.GetData(); gen.GeneratePolicyInfoVec(policyVec); - SandboxManagerKit::CheckPolicy(tokenId, policyVec, result); + SandboxManagerKit::CheckPolicy(GetSelfTokenID(), policyVec, result); return true; } } diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn index 6cf6d47..6d4a4e1 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("PersistPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("PersistPolicyFuzzTest") { "persistpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp index 9470c37..c3720c8 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -44,6 +45,7 @@ namespace OHOS { bool PersistPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, PersistPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn index ed6f400..4d4e26b 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("PersistPolicyTokenFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("PersistPolicyTokenFuzzTest") { "persistpolicytoken_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp index 23a0c3c..c3144f6 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -45,6 +46,7 @@ namespace OHOS { bool PersistPolicyTokenFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, PersistPolicyToken); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn index f4af614..43269e1 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("SetPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("SetPolicyFuzzTest") { "setpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp index efb73fc..313ace3 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -47,6 +48,7 @@ namespace OHOS { bool SetPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, SetPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn index 6015da1..7aad177 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("SetPolicyAsyncFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("SetPolicyAsyncFuzzTest") { "setpolicyasync_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp index 28d65a5..3e40760 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -45,6 +46,7 @@ namespace OHOS { bool SetPolicyAsyncFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, SetPolicyAsync); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/BUILD.gn new file mode 100644 index 0000000..9f6fa73 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/BUILD.gn @@ -0,0 +1,52 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("SetPolicyByBundleNameFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", + "setpolicybybundlename_fuzzer.cpp", + ] + + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/corpus/init new file mode 100644 index 0000000..65af8ee --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/project.xml new file mode 100644 index 0000000..66e1dca --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.cpp new file mode 100644 index 0000000..28d8a06 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.cpp @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "setpolicybybundlename_fuzzer.h" + +#include +#include +#include +#include "alloc_token.h" +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" +#include "token_setproc.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { + bool SetPolicyByBundleNameTest(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + std::vector policyVec; + std::vector result; + std::string bundleName; + int32_t appCloneIndex; + PolicyInfoRandomGenerator gen(data, size); + gen.GenerateString(bundleName); + appCloneIndex = gen.GetData(); + gen.GeneratePolicyInfoVec(policyVec); + + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policyVec, 1, result); + SandboxManagerKit::SetPolicyByBundleName(bundleName, appCloneIndex, policyVec, 1, result); + return true; + } + + bool SetPolicyByBundleNameFuzzTest(const uint8_t *data, size_t size) + { + MockTokenId("foundation"); + return AllocTokenWithFuzz(data, size, SetPolicyByBundleNameTest); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::SetPolicyByBundleNameFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.h new file mode 100644 index 0000000..c395f5c --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicybybundlename_fuzzer/setpolicybybundlename_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_SETPOLICYBYBUNDLENAME_H +#define TEST_FUZZTEST_SETPOLICYBYBUNDLENAME_H + +#define FUZZ_PROJECT_NAME "setpolicybybundlename_fuzzer" + +#endif // TEST_FUZZTEST_SETPOLICYBYBUNDLENAME_H diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn index 209dde6..dc35879 100644 --- a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("StartAccessingPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("StartAccessingPolicyFuzzTest") { "startaccessingpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp index 2a2bde3..f283a81 100644 --- a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -45,6 +46,7 @@ namespace OHOS { bool StartAccessingPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, StartAccessingPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn index b0916fd..0612425 100644 --- a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("StopAccessingPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", @@ -33,7 +36,10 @@ ohos_fuzztest("StopAccessingPolicyFuzzTest") { "stopaccessingpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp index 3d8838d..642e996 100644 --- a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -46,6 +47,7 @@ namespace OHOS { bool StopAccessingPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, StopAccessingPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn index 1434813..51ae4de 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnPersistPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnPersistPolicyFuzzTest") { "unpersistpolicy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp index 526f3f2..acc7c5e 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -46,6 +47,7 @@ namespace OHOS { bool UnpersistPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnpersistPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn index 9ba4aa4..a71449c 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnpersistPolicyTokenFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnpersistPolicyTokenFuzzTest") { "unpersistpolicytoken_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp index 85a349c..0c8292f 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" using namespace OHOS::AccessControl::SandboxManager; @@ -45,6 +46,7 @@ namespace OHOS { bool UnPersistPolicyTokenFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnPersistPolicyToken); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn index 70772d7..2343e74 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnsetAllPolicyByTokenFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnsetAllPolicyByTokenFuzzTest") { "unsetallpolicybytoken_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp index 2447ad5..a94b949 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -42,6 +43,7 @@ namespace OHOS { bool UnSetAllPolicyByTokenFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnSetAllPolicyByToken); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn index f5a5cb3..3461a2b 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnsetPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnsetPolicyFuzzTest") { "unsetpolilcy_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp index c2fdaff..7ec4f51 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -47,6 +48,7 @@ namespace OHOS { bool UnSetPolicyFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnSetPolicy); } } diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn index f0c165c..a6e8f8f 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn @@ -19,7 +19,10 @@ ohos_fuzztest("UnsetPolicyAsyncFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = [ "../../../common" ] + include_dirs = [ + "../../../common", + "${sandbox_manager_path}/frameworks/sandbox_test_common/include", + ] cflags = [ "-g", "-O0", @@ -32,7 +35,10 @@ ohos_fuzztest("UnsetPolicyAsyncFuzzTest") { "unsetpolicyasync_fuzzer.cpp", ] - deps = [ "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk" ] + deps = [ + "${sandbox_manager_path}/frameworks/inner_api/sandbox_manager:libsandbox_manager_sdk", + "${sandbox_manager_path}/frameworks/sandbox_test_common:sandbox_test_common_source_set", + ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp index b9df4e6..70000ab 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp @@ -21,6 +21,7 @@ #include "alloc_token.h" #include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "sandbox_test_common.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -47,6 +48,7 @@ namespace OHOS { bool UnSetPolicyAsyncFuzzTest(const uint8_t *data, size_t size) { + MockTokenId("foundation"); return AllocTokenWithFuzz(data, size, UnSetPolicyAsync); } } -- Gitee