From 96d23a220ab90d74fb772d773bea8b2990d06909 Mon Sep 17 00:00:00 2001 From: wangchen Date: Fri, 29 Aug 2025 17:24:36 +0800 Subject: [PATCH] =?UTF-8?q?FUZZ=E9=97=AE=E9=A2=98=E6=95=B4=E6=94=B9=20clos?= =?UTF-8?q?e=20#ICVH0X=20Signed-off-by:=20wangchen=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- test/fuzztest/common/alloc_token.cpp | 10 +++++++++- .../checkpersistpolicystub_fuzzer.cpp | 10 ++++++++++ .../cleanpersistpolicybypathstub_fuzzer.cpp | 15 +++++++++++++++ .../cleanpolicybyuseridstub_fuzzer.cpp | 15 +++++++++++++++ 4 files changed, 49 insertions(+), 1 deletion(-) diff --git a/test/fuzztest/common/alloc_token.cpp b/test/fuzztest/common/alloc_token.cpp index 0112c52..ff84831 100644 --- a/test/fuzztest/common/alloc_token.cpp +++ b/test/fuzztest/common/alloc_token.cpp @@ -26,6 +26,7 @@ namespace OHOS { const std::string SET_POLICY_PERMISSION = "ohos.permission.SET_SANDBOX_POLICY"; const std::string ACCESS_PERSIST_PERMISSION = "ohos.permission.FILE_ACCESS_PERSIST"; + const std::string FILE_ACCESS_PERMISSION_NAME = "ohos.permission.FILE_ACCESS_MANAGER"; uint64_t g_mockToken; Security::AccessToken::PermissionStateFull g_testState1 = { .permissionName = SET_POLICY_PERMISSION, @@ -41,6 +42,13 @@ namespace OHOS { .grantStatus = {0}, .grantFlags = {0}, }; + Security::AccessToken::PermissionStateFull g_testState3 = { + .permissionName = FILE_ACCESS_PERMISSION_NAME, + .isGeneral = true, + .resDeviceID = {"1"}, + .grantStatus = {0}, + .grantFlags = {0}, + }; Security::AccessToken::HapInfoParams g_testInfoParms = { .userID = 1, .bundleName = "sandbox_manager_test", @@ -52,7 +60,7 @@ namespace OHOS { .apl = Security::AccessToken::APL_NORMAL, .domain = "test.domain", .permList = {}, - .permStateList = {g_testState1, g_testState2} + .permStateList = {g_testState1, g_testState2, g_testState3} }; bool AllocTokenWithFuzz(const uint8_t *data, size_t size, bool(*func)(const uint8_t *, size_t)) diff --git a/test/fuzztest/services/sandbox_manager/checkpersistpolicystub_fuzzer/checkpersistpolicystub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/checkpersistpolicystub_fuzzer/checkpersistpolicystub_fuzzer.cpp index 8c860a8..b44c58c 100644 --- a/test/fuzztest/services/sandbox_manager/checkpersistpolicystub_fuzzer/checkpersistpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/checkpersistpolicystub_fuzzer/checkpersistpolicystub_fuzzer.cpp @@ -25,6 +25,7 @@ #include "sandbox_manager_service.h" #undef private #include "accesstoken_kit.h" +#include "sandbox_manager_kit.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -61,6 +62,15 @@ namespace OHOS { return false; } + // for test all branch, need write something in rdb + uint8_t isWriteRdb = gen.GetData(); + if (isWriteRdb & 1) { + uint64_t policyFlag = 1; + std::vector policyResult; + SandboxManagerKit::SetPolicy(tokenId, policyVec, policyFlag, policyResult); + SandboxManagerKit::PersistPolicy(policyVec, policyResult); + } + uint32_t code = static_cast(ISandboxManagerIpcCode::COMMAND_CHECK_PERSIST_POLICY); MessageParcel reply; diff --git a/test/fuzztest/services/sandbox_manager/cleanpersistpolicybypathstub_fuzzer/cleanpersistpolicybypathstub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/cleanpersistpolicybypathstub_fuzzer/cleanpersistpolicybypathstub_fuzzer.cpp index 8937ae7..36007b0 100644 --- a/test/fuzztest/services/sandbox_manager/cleanpersistpolicybypathstub_fuzzer/cleanpersistpolicybypathstub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/cleanpersistpolicybypathstub_fuzzer/cleanpersistpolicybypathstub_fuzzer.cpp @@ -25,6 +25,7 @@ #define private public #include "sandbox_manager_service.h" #undef private +#include "sandbox_manager_kit.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -57,6 +58,20 @@ static uint32_t FILE_MANAGER_TOKEN = 0; return false; } + // for test all branch, need write something in rdb + uint8_t isWriteRdb = gen.GetData(); + if (isWriteRdb & 1) { + std::vector policy; + uint64_t policyFlag = 1; + std::vector policyResult; + PolicyInfo infoParent = { + .path = "/A/B", + .mode = OperateMode::READ_MODE + }; + policy.emplace_back(infoParent); + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policy, policyFlag, policyResult); + SandboxManagerKit::PersistPolicy(policy, policyResult); + } uint32_t code = static_cast(ISandboxManagerIpcCode::COMMAND_CLEAN_PERSIST_POLICY_BY_PATH); MessageParcel reply; diff --git a/test/fuzztest/services/sandbox_manager/cleanpolicybyuseridstub_fuzzer/cleanpolicybyuseridstub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/cleanpolicybyuseridstub_fuzzer/cleanpolicybyuseridstub_fuzzer.cpp index a0174ca..8a8292e 100644 --- a/test/fuzztest/services/sandbox_manager/cleanpolicybyuseridstub_fuzzer/cleanpolicybyuseridstub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/cleanpolicybyuseridstub_fuzzer/cleanpolicybyuseridstub_fuzzer.cpp @@ -25,6 +25,7 @@ #define private public #include "sandbox_manager_service.h" #undef private +#include "sandbox_manager_kit.h" #include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -62,6 +63,20 @@ static uint32_t FILE_MANAGER_TOKEN = 0; return false; } + // for test all branch, need write something in rdb + uint8_t isWriteRdb = gen.GetData(); + if (isWriteRdb & 1) { + std::vector policy; + uint64_t policyFlag = 1; + std::vector policyResult; + PolicyInfo infoParent = { + .path = "/A/B", + .mode = OperateMode::READ_MODE + }; + policy.emplace_back(infoParent); + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policy, policyFlag, policyResult); + SandboxManagerKit::PersistPolicy(policy, policyResult); + } uint32_t code = static_cast(ISandboxManagerIpcCode::COMMAND_CLEAN_POLICY_BY_USER_ID); MessageParcel reply; -- Gitee