diff --git a/frameworks/sandbox_manager/BUILD.gn b/frameworks/sandbox_manager/BUILD.gn index 63949af860bb9072e887a77543aa6595acbe5c6f..a719fe6f1d1164a43513aa30b9093d45434100c9 100644 --- a/frameworks/sandbox_manager/BUILD.gn +++ b/frameworks/sandbox_manager/BUILD.gn @@ -51,8 +51,11 @@ ohos_shared_library("sandbox_manager_communication_adapter_cxx") { "src/sandbox_manager_dfx_helper.cpp", ] + cflags_cc = [ "-DHILOG_ENABLE" ] + external_deps = [ "c_utils:utils", + "hilog:libhilog", "hisysevent:libhisysevent", "ipc:ipc_core", ] diff --git a/frameworks/sandbox_manager/include/policy_info_vector_parcel.h b/frameworks/sandbox_manager/include/policy_info_vector_parcel.h index 2b4db8751d034ad2a038bddbbe5d9c2ded5d59ff..f6f7b434c7031ee1ff2797468df393bed154a5cf 100644 --- a/frameworks/sandbox_manager/include/policy_info_vector_parcel.h +++ b/frameworks/sandbox_manager/include/policy_info_vector_parcel.h @@ -16,18 +16,43 @@ #ifndef POLICY_INFO_PARCEL_VECTOR_H #define POLICY_INFO_PARCEL_VECTOR_H #include -#include "parcel.h" +#include "ashmem.h" +#include "message_parcel.h" #include "policy_info.h" namespace OHOS { namespace AccessControl { namespace SandboxManager { -struct PolicyInfoVectorParcel final : public Parcelable { - PolicyInfoVectorParcel() = default; - ~PolicyInfoVectorParcel() = default; - bool Marshalling(Parcel &out) const override; - static PolicyInfoVectorParcel* Unmarshalling(Parcel &in); +class PolicyInfoVectorWriter { +public: + PolicyInfoVectorWriter() = default; + PolicyInfoVectorWriter(const std::vector &policyVector) : policyVector(policyVector) {}; + int32_t WritePolicyInfoVector(MessageParcel &out) ; + bool GetAndConstructU32Results(MessageParcel &in); + bool GetAndConstructBoolResults(MessageParcel &in); + const std::vector policyVector; + std::vector u32Results; + std::vector boolResults; + void ClearAshmem(); + bool IsFilterEmpty(); +private: + bool WritePoliciesToAshmem(const std::vector &policies, + const std::vector &pathSizeVec); + bool FillInU32Results(const std::vector &serviceResults); + bool FillInBoolResults(const std::vector &serviceResults); + std::vector filterIndex_; + sptr ashmem_ = nullptr; +}; + +class PolicyInfoVectorReader { +public: + PolicyInfoVectorReader() = default; + int32_t ReadPolicyInfoVector(MessageParcel &in); + void ClearAshmem(); std::vector policyVector; +private: + bool ReadPolicyVectorFromAshmem(const std::vector &pathSizeVec); + sptr ashmem_ = nullptr; }; } // namespace SandboxManager } // namespace AccessControl diff --git a/frameworks/sandbox_manager/src/policy_info_vector_parcel.cpp b/frameworks/sandbox_manager/src/policy_info_vector_parcel.cpp index 3859c7c06327bcfbaa8b689cdadbeda51261a644..4c1c2e09930c0789240dfdbbb5f5ee4229298214 100644 --- a/frameworks/sandbox_manager/src/policy_info_vector_parcel.cpp +++ b/frameworks/sandbox_manager/src/policy_info_vector_parcel.cpp @@ -16,57 +16,344 @@ #include "policy_info_vector_parcel.h" #include #include "parcel_utils.h" -#include "policy_info_parcel.h" +#include "sandbox_manager_err_code.h" +#include "sandbox_manager_log.h" +#include "securec.h" namespace OHOS { namespace AccessControl { namespace SandboxManager { -bool PolicyInfoVectorParcel::Marshalling(Parcel &out) const +namespace { +static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { + LOG_CORE, ACCESSCONTROL_DOMAIN_SANDBOXMANAGER, "PolicyInfoVectorWriter"}; +constexpr const char *ASHMEM_NAME = "Sandboxmanager_SharedMemory"; +const size_t UI64_SIZE = sizeof(uint64_t); +const uint32_t INVALID_RESULT = 0xffff; +const uint32_t EMPTY_FILTERED_POLCY_FLAG = 0xffffffff; +}; + +static std::vector ValidPoliciesFilter( + const std::vector &policyVector, std::vector &u32Results, std::vector &filterIndex_) +{ + std::vector validPolicies; + size_t policiesSize = policyVector.size(); + u32Results.resize(policiesSize, INVALID_RESULT); + filterIndex_.resize(0); + for (size_t i = 0; i < policiesSize; ++i) { + uint32_t length = static_cast(policyVector[i].path.length()); + if ((length == 0) || (length > POLICY_PATH_LIMIT)) { + u32Results[i] = SandboxRetType::INVALID_PATH; + continue; + } + if ((policyVector[i].mode < OperateMode::READ_MODE) || + (policyVector[i].mode > OperateMode::WRITE_MODE + OperateMode::READ_MODE)) { + u32Results[i] = SandboxRetType::INVALID_MODE; + continue; + } + validPolicies.emplace_back(policyVector[i]); + filterIndex_.emplace_back(i); + } + return validPolicies; +} + +bool PolicyInfoVectorWriter::IsFilterEmpty() +{ + return filterIndex_.empty(); +} + +void PolicyInfoVectorWriter::ClearAshmem() +{ + if (ashmem_ != nullptr) { + ashmem_->UnmapAshmem(); + ashmem_->CloseAshmem(); + ashmem_ = nullptr; + } +} + +static bool WritePolicyInfoToAshmen( + sptr ashmem, const PolicyInfo &info, int32_t pathSize, int32_t &offset) { - const std::vector policy = this->policyVector; - const uint32_t POLICY_VECTOR_SIZE_LIMIT = 500; - uint32_t vecSize = policy.size(); - if (vecSize > POLICY_VECTOR_SIZE_LIMIT) { + if (!ashmem->WriteToAshmem(info.path.c_str(), pathSize, offset)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Write path to Ashmem failed."); return false; } - RETURN_IF_FALSE(out.WriteUint32(vecSize)); + offset += pathSize; + if (!ashmem->WriteToAshmem(&info.mode, UI64_SIZE, offset)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Write mode to Ashmem failed."); + return false; + } + offset += static_cast(UI64_SIZE); + return true; +} - for (uint32_t i = 0; i < vecSize; i++) { - sptr policyInfoParcel = new (std::nothrow) PolicyInfoParcel(); - if (policyInfoParcel == nullptr) { +bool PolicyInfoVectorWriter::WritePoliciesToAshmem(const std::vector &policies, + const std::vector &pathSizeVec) +{ + if (ashmem_ == nullptr) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Ashmem is nullptr."); + return false; + } + if (!ashmem_->MapReadAndWriteAshmem()) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "MapReadAndWriteAshmem failed."); + ClearAshmem(); + return false; + } + int32_t offset = 0; + size_t vecSize = pathSizeVec.size(); + if (vecSize != policies.size()) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "PathSizeVec size is not equal to filterIndex_ size, " \ + "pathSizeVec size = %{public}zu, filterIndex_ size = %{public}zu.", vecSize, filterIndex_.size()); + return false; + } + + for (size_t i = 0; i < vecSize; ++i) { + if (!WritePolicyInfoToAshmen(ashmem_, policies[i], pathSizeVec[i], offset)) { + ClearAshmem(); return false; } - policyInfoParcel->policyInfo = policy[i]; - if (!out.WriteParcelable(policyInfoParcel)) { + } + return true; +} + +int32_t PolicyInfoVectorWriter::WritePolicyInfoVector(MessageParcel &out) +{ + uint32_t vecSize = static_cast(this->policyVector.size()); + if ((vecSize > POLICY_VECTOR_SIZE_LIMIT) || (vecSize == 0)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Policy vector size is invalid, input = %{public}u.", vecSize); + return SandboxManagerErrCode::INVALID_PARAMTER; + } + std::vector pathSizeVec; + int32_t ashmemSize = 0; + std::vector filteredPolicy = ValidPoliciesFilter( + this->policyVector, this->u32Results, this->filterIndex_); + if (filteredPolicy.size() == 0) { + SANDBOXMANAGER_LOG_INFO(LABEL, "Filtered policy vector is empty, put flag to parcel."); + // put EMPTY_FILTERED_POLCY_FLAG to parcel + if (!out.WriteUint32(EMPTY_FILTERED_POLCY_FLAG)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Write filteredPolicy size to ipc failed."); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + return SandboxManagerErrCode::SANDBOX_MANAGER_OK; + } + for (const PolicyInfo &each : filteredPolicy) { + size_t length = each.path.length(); + pathSizeVec.emplace_back(static_cast(length)); + ashmemSize += static_cast(length); + ashmemSize += static_cast(UI64_SIZE); + } + // write policy vector size, aka pathSizeVec size + if (!out.WriteUint32(filteredPolicy.size())) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Write filteredPolicy size to ipc failed."); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + // write path length vec + if (!out.WriteUInt32Vector(pathSizeVec)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Write path size vector to ipc failed."); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + // write ashmem size + if (!out.WriteInt32(ashmemSize)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Write ashmen size to ipc failed"); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + // create ashmem + sptr tmpPtr = Ashmem::CreateAshmem(ASHMEM_NAME, ashmemSize); + ashmem_ = std::move(tmpPtr); + if (!WritePoliciesToAshmem(filteredPolicy, pathSizeVec)) { + ClearAshmem(); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + if (!out.WriteAshmem(ashmem_)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Write ashmem to ipc failed."); + ClearAshmem(); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + return SandboxManagerErrCode::SANDBOX_MANAGER_OK; +} + +static bool ReadPolicyInfoFromAshmen( + sptr ashmem, const int32_t pathSize, int32_t &offset, PolicyInfo &info) +{ + const void *pathContent = ashmem->ReadFromAshmem(pathSize, offset); + if (pathContent == nullptr) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Read nullptr from ashmen when read path"); + return false; + } + info.path = std::string(static_cast(pathContent), pathSize); + if (info.path.length() != static_cast(pathSize)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Read path size is not equal to path length."); + return false; + } + offset += pathSize; + + const void *modeContent = ashmem->ReadFromAshmem(UI64_SIZE, offset); + if (modeContent == nullptr) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Read nullptr from ashmen when read mode"); + return false; + } + errno_t ret = memcpy_s(&info.mode, UI64_SIZE, modeContent, UI64_SIZE); + if (ret != EOK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Memcpy_s failed when read mode, ret = %{public}d.", ret); + return false; + } + offset += static_cast(UI64_SIZE); + return true; +} + +bool PolicyInfoVectorReader::ReadPolicyVectorFromAshmem(const std::vector &pathSizeVec) +{ + if (!ashmem_->MapReadOnlyAshmem()) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "MapReadOnlyAshmem failed."); + return false; + } + size_t policySize = pathSizeVec.size(); + int32_t offset = 0; + for (size_t i = 0; i < policySize; ++i) { + if (pathSizeVec[i] > POLICY_PATH_LIMIT) { + SANDBOXMANAGER_LOG_ERROR(LABEL, + "Policy path is too long, refuse to read ipc, path size = %{public}u.", pathSizeVec[i]); return false; } + PolicyInfo info; + + if (!ReadPolicyInfoFromAshmen(ashmem_, static_cast(pathSizeVec[i]), offset, info)) { + return false; + } + policyVector.emplace_back(info); } + return true; +} +bool PolicyInfoVectorWriter::FillInU32Results(const std::vector &serviceResults) +{ + if (filterIndex_.size() != serviceResults.size()) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Server return u32 results not equal to input policy size, " \ + "want = %{public}zu, get = %{public}zu.", filterIndex_.size(), serviceResults.size()); + return false; + } + size_t resultsSize = filterIndex_.size(); + for (size_t i = 0; i < resultsSize; ++i) { + u32Results[filterIndex_[i]] = serviceResults[i]; + } + int32_t invalidCount = std::count(u32Results.begin(), u32Results.end(), INVALID_RESULT); + if (invalidCount != 0) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Not all results are filled."); + return false; + } return true; } -PolicyInfoVectorParcel* PolicyInfoVectorParcel::Unmarshalling(Parcel &in) +bool PolicyInfoVectorWriter::GetAndConstructU32Results(MessageParcel &in) { - PolicyInfoVectorParcel* policyInfoVectorParcel = new (std::nothrow) PolicyInfoVectorParcel(); - if (policyInfoVectorParcel == nullptr) { - return nullptr; + std::vector serviceResults; + if (!in.ReadUInt32Vector(&serviceResults)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "ReadUInt32Vector from server failed."); + return false; } - uint32_t vecSize; - const uint32_t POLICY_VECTOR_SIZE_LIMIT = 500; - RELEASE_IF_FALSE(in.ReadUint32(vecSize), policyInfoVectorParcel); - if (vecSize > POLICY_VECTOR_SIZE_LIMIT) { - delete policyInfoVectorParcel; - return nullptr; - } - for (uint32_t i = 0; i < vecSize; i++) { - sptr policyInfoParcel = in.ReadParcelable(); - if (policyInfoParcel == nullptr) { - delete policyInfoVectorParcel; - return nullptr; + if (!FillInU32Results(serviceResults)) { + return false; + } + return true; +} + +bool PolicyInfoVectorWriter::FillInBoolResults(const std::vector &serviceResults) +{ + if (filterIndex_.size() != serviceResults.size()) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Server return bool results not equal to input policy size."); + return false; + } + size_t resultsSize = filterIndex_.size(); + for (size_t i = 0; i < resultsSize; ++i) { + if (serviceResults[i]) { + u32Results[filterIndex_[i]] = SandboxRetType::OPERATE_SUCCESSFULLY; + } else { + // use this to mark false + u32Results[filterIndex_[i]] = SandboxRetType::FORBIDDEN_TO_BE_PERSISTED; } - policyInfoVectorParcel->policyVector.emplace_back(policyInfoParcel->policyInfo); } - return policyInfoVectorParcel; + int32_t invalidCount = std::count(u32Results.begin(), u32Results.end(), INVALID_RESULT); + if (invalidCount != 0) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Not all results are filled."); + return false; + } + size_t policySize = policyVector.size(); + boolResults.resize(policySize, false); + for (size_t i = 0; i < policySize; ++i) { + boolResults[i] = (u32Results[i] == SandboxRetType::OPERATE_SUCCESSFULLY); + } + return true; +} + +bool PolicyInfoVectorWriter::GetAndConstructBoolResults(MessageParcel &in) +{ + std::vector serviceResults; + if (!in.ReadBoolVector(&serviceResults)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "ReadBoolVector from server failed."); + return false; + } + if (!FillInBoolResults(serviceResults)) { + return false; + } + return true; +} + +int32_t PolicyInfoVectorReader::ReadPolicyInfoVector(MessageParcel &in) +{ + uint32_t vecSize; + if (!in.ReadUint32(vecSize)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Read vec size from ipc failed."); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + if (vecSize == EMPTY_FILTERED_POLCY_FLAG) { + SANDBOXMANAGER_LOG_INFO(LABEL, "Filtered policies result empty."); + return SandboxManagerErrCode::SANDBOX_MANAGER_POLICIES_FILTER_EMPTY; + } + if ((vecSize > POLICY_VECTOR_SIZE_LIMIT) || (vecSize == 0)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Read invalid vecSize, vecSize = %{public}u.", vecSize); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + std::vector pathSizeVec; + if (!in.ReadUInt32Vector(&pathSizeVec)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Read path size vec from ipc failed."); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + if (vecSize != pathSizeVec.size()) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Path size vec not equal to the size read from ipc, " \ + "vecSize = %{public}u, pathSizeVecLen = %{public}zu.", vecSize, pathSizeVec.size()); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + int32_t ashmemSize; + if (!in.ReadInt32(ashmemSize)) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Read ashmen size from ipc failed."); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + sptr ashmem = in.ReadAshmem(); + if (ashmem == nullptr) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Read ashmem from ipc failed."); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + ashmem_ = std::move(ashmem); + if (ashmemSize != ashmem_->GetAshmemSize()) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Ashmen size not equal to the size read from ipc, " \ + "want = %{public}d, actually = %{public}d.", ashmemSize, ashmem_->GetAshmemSize()); + ClearAshmem(); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + if (!ReadPolicyVectorFromAshmem(pathSizeVec)) { + ClearAshmem(); + return SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + } + ClearAshmem(); + return SandboxManagerErrCode::SANDBOX_MANAGER_OK; +} + +void PolicyInfoVectorReader::ClearAshmem() +{ + if (ashmem_ != nullptr) { + ashmem_->UnmapAshmem(); + ashmem_->CloseAshmem(); + ashmem_ = nullptr; + } } } // namespace SandboxManager } // namespace AccessControl diff --git a/frameworks/test/BUILD.gn b/frameworks/test/BUILD.gn index d51ea35ef3f2e1c4302f24f5ce20d303c1be652c..0426a2cdf1dca964a642551f95b764d72a080cf6 100644 --- a/frameworks/test/BUILD.gn +++ b/frameworks/test/BUILD.gn @@ -25,13 +25,23 @@ ohos_unittest("libsandbox_manager_communication_adapter_cxx_test") { debug = false } branch_protector_ret = "pac_ret" + include_dirs = [ + "${sandbox_manager_path}/frameworks/sandbox_manager/include", + "${sandbox_manager_path}/frameworks/common/include", + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + ] sources = [ "unittest/sandbox_manager_parcel_test.cpp" ] + sources += [ + "${sandbox_manager_path}/frameworks/sandbox_manager/src/policy_info_parcel.cpp", + "${sandbox_manager_path}/frameworks/sandbox_manager/src/policy_info_vector_parcel.cpp", + ] - deps = [ "${sandbox_manager_path}/frameworks/sandbox_manager:sandbox_manager_communication_adapter_cxx" ] + cflags_cc = [ "-DHILOG_ENABLE" ] external_deps = [ "c_utils:utils", + "hilog:libhilog", "ipc:ipc_single", ] configs = [ "${sandbox_manager_path}/config:coverage_flags" ] diff --git a/frameworks/test/unittest/sandbox_manager_parcel_test.cpp b/frameworks/test/unittest/sandbox_manager_parcel_test.cpp index 19eb8c3a5a83f0f08c5f170b6845472a31a7c55d..bc3eb9e6ae1504b15da3af6ae41d8b9d02c43340 100644 --- a/frameworks/test/unittest/sandbox_manager_parcel_test.cpp +++ b/frameworks/test/unittest/sandbox_manager_parcel_test.cpp @@ -14,13 +14,14 @@ */ #include +#include +#include #include "parcel.h" #include "parcel_utils.h" #include "policy_info.h" #include "policy_info_parcel.h" #include "policy_info_vector_parcel.h" -#include -#include +#include "sandbox_manager_err_code.h" using namespace testing::ext; @@ -92,64 +93,94 @@ HWTEST_F(SandboxManagerParcelTest, PolicyInfoParcel001, TestSize.Level1) */ HWTEST_F(SandboxManagerParcelTest, PolicyInfoParcel002, TestSize.Level1) { - PolicyInfoVectorParcel policyInfoVectorParcel; std::vector policyVector; policyVector.emplace_back(g_info1); policyVector.emplace_back(g_info2); policyVector.emplace_back(g_info3); - - policyInfoVectorParcel.policyVector = policyVector; - - Parcel parcel; - EXPECT_EQ(true, policyInfoVectorParcel.Marshalling(parcel)); - - std::shared_ptr readedData(PolicyInfoVectorParcel::Unmarshalling(parcel)); - ASSERT_NE(nullptr, readedData); - - EXPECT_EQ(g_info1.path, readedData->policyVector[0].path); - EXPECT_EQ(g_info1.mode, readedData->policyVector[0].mode); - EXPECT_EQ(g_info2.path, readedData->policyVector[1].path); - EXPECT_EQ(g_info2.mode, readedData->policyVector[1].mode); - EXPECT_EQ(g_info3.path, readedData->policyVector[2].path); - EXPECT_EQ(g_info3.mode, readedData->policyVector[2].mode); + PolicyInfoVectorWriter policyInfoVectorWriter(policyVector); + + MessageParcel parcel; + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(parcel); + EXPECT_EQ(ret, SandboxManagerErrCode::SANDBOX_MANAGER_OK); + + PolicyInfoVectorReader recv; + recv.ReadPolicyInfoVector(parcel); + std::vector recvPolicyVector = recv.policyVector; + + EXPECT_EQ(g_info1.path, recvPolicyVector[0].path); + EXPECT_EQ(g_info1.mode, recvPolicyVector[0].mode); + EXPECT_EQ(g_info2.path, recvPolicyVector[1].path); + EXPECT_EQ(g_info2.mode, recvPolicyVector[1].mode); + EXPECT_EQ(g_info3.path, recvPolicyVector[2].path); + EXPECT_EQ(g_info3.mode, recvPolicyVector[2].mode); } /** * @tc.name: PolicyInfoParcel003 - * @tc.desc: Test PolicyInfoVector Marshalling/Unmarshalling. + * @tc.desc: Test PolicyInfoVector Marshalling/Unmarshalling: illegal length * @tc.type: FUNC * @tc.require: */ HWTEST_F(SandboxManagerParcelTest, PolicyInfoParcel003, TestSize.Level1) { - PolicyInfoVectorParcel policyInfoVectorParcel; std::vector policyVector; for (int i = 0; i < 501; i++) { policyVector.emplace_back(g_info1); } - policyInfoVectorParcel.policyVector = policyVector; - Parcel parcel; - EXPECT_EQ(false, policyInfoVectorParcel.Marshalling(parcel)); + PolicyInfoVectorWriter policyInfoVectorWriter(policyVector); + MessageParcel parcel; + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(parcel); + EXPECT_EQ(ret, SandboxManagerErrCode::INVALID_PARAMTER); - parcel.WriteUint32(501); - std::shared_ptr readedData(PolicyInfoParcel::Unmarshalling(parcel)); - EXPECT_EQ(nullptr, readedData); + uint32_t maxSize = 500; // 500 is max + PolicyInfoVectorReader recv; + EXPECT_TRUE(parcel.WriteUint32(maxSize + 1)); + + EXPECT_EQ(SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR, recv.ReadPolicyInfoVector(parcel)); } /** * @tc.name: PolicyInfoParcel004 - * @tc.desc: Test PolicyInfoVector Marshalling/Unmarshalling, larger than max size + * @tc.desc: Test PolicyInfoVector Marshalling/Unmarshalling, read vector size error * @tc.type: FUNC * @tc.require: */ HWTEST_F(SandboxManagerParcelTest, PolicyInfoParcel004, TestSize.Level1) { - Parcel parcel; - uint32_t maxSize = 500; // 500 is max - EXPECT_EQ(true, parcel.WriteUint32(maxSize + 1)); + PolicyInfoVectorWriter PolicyInfoVectorWriter; + MessageParcel parcel; + parcel.WriteUint32(0); + std::vector tmp = {1}; + parcel.WriteUInt32Vector(tmp); + PolicyInfoVectorReader recv; + EXPECT_EQ(SandboxManagerErrCode::SANDBOX_MANAGER_SERVICE_PARCEL_ERR, recv.ReadPolicyInfoVector(parcel)); +} - std::shared_ptr readedData(PolicyInfoVectorParcel::Unmarshalling(parcel)); - ASSERT_EQ(nullptr, readedData); +/** + * @tc.name: PolicyInfoParcel005 + * @tc.desc: Test PolicyInfoVector Marshalling/Unmarshalling, read large amount data (>200KB) + * @tc.type: FUNC + * @tc.require: + */ +HWTEST_F(SandboxManagerParcelTest, PolicyInfoParcel005, TestSize.Level1) +{ + MessageParcel parcel; + PolicyInfo largePolicy; + largePolicy.path = std::string(POLICY_PATH_LIMIT, 'a'); + largePolicy.mode = OperateMode::READ_MODE; + + std::vector policies(POLICY_VECTOR_SIZE_LIMIT, largePolicy); + PolicyInfoVectorWriter policyInfoVectorWriter(policies); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(parcel); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); + + PolicyInfoVectorReader recv; + EXPECT_EQ(SandboxManagerErrCode::SANDBOX_MANAGER_OK, recv.ReadPolicyInfoVector(parcel)); + ASSERT_EQ(recv.policyVector.size(), POLICY_VECTOR_SIZE_LIMIT); + for (uint64_t i = 0; i < POLICY_VECTOR_SIZE_LIMIT; ++i) { + ASSERT_EQ(largePolicy.path, recv.policyVector[i].path); + ASSERT_EQ(OperateMode::READ_MODE, recv.policyVector[i].mode); + } } } // SandboxManager } // AccessControl diff --git a/interfaces/innerkits/sandbox_manager/include/policy_info.h b/interfaces/innerkits/sandbox_manager/include/policy_info.h index 9d56d354d5551d5c6bbc7d76c28cc36660f6be67..526cefc36f810f7d6c588c4b0b64ed92f6da2e42 100644 --- a/interfaces/innerkits/sandbox_manager/include/policy_info.h +++ b/interfaces/innerkits/sandbox_manager/include/policy_info.h @@ -43,6 +43,9 @@ typedef enum OperateMode { READ_MODE = 1 << 0, WRITE_MODE = 1 << 1, } OperateMode; + +const uint64_t POLICY_VECTOR_SIZE_LIMIT = 500; +const uint32_t POLICY_PATH_LIMIT = 4095; } // namespace SandboxManager } // namespace AccessControl } // namespace OHOS diff --git a/interfaces/innerkits/sandbox_manager/include/sandbox_manager_err_code.h b/interfaces/innerkits/sandbox_manager/include/sandbox_manager_err_code.h index 22d16e20ec6e99afb30a16326779e8230c232d08..a9881777c4e13ab75b5d5402c8eeb6f6fc5b5d89 100644 --- a/interfaces/innerkits/sandbox_manager/include/sandbox_manager_err_code.h +++ b/interfaces/innerkits/sandbox_manager/include/sandbox_manager_err_code.h @@ -33,6 +33,11 @@ enum SandboxManagerErrCode : int32_t { SANDBOX_MANAGER_MAC_NOT_INIT, SANDBOX_MANAGER_MAC_IOCTL_ERR, + + // This err code is used to check whether the policy after filtering is empty, + // if it is empty, the service would only check permission of caller. + // This code should not returned to caller. + SANDBOX_MANAGER_POLICIES_FILTER_EMPTY, }; } // SandboxManager } // AccessControl diff --git a/interfaces/innerkits/sandbox_manager/src/sandbox_manager_kit.cpp b/interfaces/innerkits/sandbox_manager/src/sandbox_manager_kit.cpp index 9080082713336e1db30bc17dee0e97bc2d4c862c..f1813f043bbc04e9eb1a1fea95a244b17de5bff9 100644 --- a/interfaces/innerkits/sandbox_manager/src/sandbox_manager_kit.cpp +++ b/interfaces/innerkits/sandbox_manager/src/sandbox_manager_kit.cpp @@ -28,8 +28,6 @@ namespace { static constexpr OHOS::HiviewDFX::HiLogLabel LABEL = { LOG_CORE, ACCESSCONTROL_DOMAIN_SANDBOXMANAGER, "SandboxManagerKit"}; } -const uint64_t POLICY_VECTOR_SIZE_LIMIT = 500; -const uint32_t POLICY_PATH_LIMIT = 4095; int32_t SandboxManagerKit::CleanPersistPolicyByPath(const std::vector& filePathList) { diff --git a/interfaces/innerkits/sandbox_manager/src/sandbox_manager_proxy.cpp b/interfaces/innerkits/sandbox_manager/src/sandbox_manager_proxy.cpp index 1e9f0a866cad4a78f2787094c10398fba232f62c..9beb983b2b13973644dea516de879cb7e7ea57df 100644 --- a/interfaces/innerkits/sandbox_manager/src/sandbox_manager_proxy.cpp +++ b/interfaces/innerkits/sandbox_manager/src/sandbox_manager_proxy.cpp @@ -72,15 +72,31 @@ int32_t SandboxManagerProxy::CleanPersistPolicyByPath(const std::vector policies; + for (std::string each : filePathList) { + PolicyInfo info { + .path = each, + // mode would be ignored in server + .mode = OperateMode::READ_MODE, + }; + policies.emplace_back(info); + } + PolicyInfoVectorWriter policyInfoVectorWriter(policies); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; } MessageParcel reply; MessageOption option(MessageOption::TF_ASYNC); - return SendRequest(SandboxManagerInterfaceCode::CLEAN_PERSIST_POLICY_BY_PATH, data, reply, option); + ret = SendRequest(SandboxManagerInterfaceCode::CLEAN_PERSIST_POLICY_BY_PATH, data, reply, option); + if (ret != SANDBOX_MANAGER_OK && ret != SANDBOX_MANAGER_POLICIES_FILTER_EMPTY) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Write PolicyInfoVectorWriter fail"); + policyInfoVectorWriter.ClearAshmem(); + return ret; + } + return SANDBOX_MANAGER_OK; } int32_t SandboxManagerProxy::PersistPolicy(const std::vector &policy, std::vector &result) @@ -91,17 +107,22 @@ int32_t SandboxManagerProxy::PersistPolicy(const std::vector &policy return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - if (!data.WriteParcelable(&policyInfoVectorParcel)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyInfoVectorParcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; } MessageParcel reply; int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::PERSIST_PERMISSION, data, reply); + if (requestRet == SANDBOX_MANAGER_POLICIES_FILTER_EMPTY) { + result = policyInfoVectorWriter.u32Results; + return SANDBOX_MANAGER_OK; + } if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "remote fail"); + policyInfoVectorWriter.ClearAshmem(); return requestRet; } @@ -111,10 +132,12 @@ int32_t SandboxManagerProxy::PersistPolicy(const std::vector &policy return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - if (remoteRet == SANDBOX_MANAGER_OK && !reply.ReadUInt32Vector(&result)) { + if (remoteRet == SANDBOX_MANAGER_OK && + !policyInfoVectorWriter.GetAndConstructU32Results(reply)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "read result fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } + result = policyInfoVectorWriter.u32Results; return remoteRet; } @@ -126,17 +149,22 @@ int32_t SandboxManagerProxy::UnPersistPolicy(const std::vector &poli return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - if (!data.WriteParcelable(&policyInfoVectorParcel)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyInfoVectorParcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; } MessageParcel reply; int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::UNPERSIST_PERMISSION, data, reply); + if (requestRet == SANDBOX_MANAGER_POLICIES_FILTER_EMPTY) { + result = policyInfoVectorWriter.u32Results; + return SANDBOX_MANAGER_OK; + } if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "remote fail"); + policyInfoVectorWriter.ClearAshmem(); return requestRet; } @@ -146,10 +174,12 @@ int32_t SandboxManagerProxy::UnPersistPolicy(const std::vector &poli return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - if (remoteRet == SANDBOX_MANAGER_OK && !reply.ReadUInt32Vector(&result)) { + if (remoteRet == SANDBOX_MANAGER_OK && + !policyInfoVectorWriter.GetAndConstructU32Results(reply)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "read result fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } + result = policyInfoVectorWriter.u32Results; return remoteRet; } @@ -166,17 +196,22 @@ int32_t SandboxManagerProxy::PersistPolicyByTokenId( return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - if (!data.WriteParcelable(&policyInfoVectorParcel)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyInfoVectorParcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; } MessageParcel reply; int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::PERSIST_PERMISSION_BY_TOKENID, data, reply); + if (requestRet == SANDBOX_MANAGER_POLICIES_FILTER_EMPTY) { + result = policyInfoVectorWriter.u32Results; + return SANDBOX_MANAGER_OK; + } if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "remote fail"); + policyInfoVectorWriter.ClearAshmem(); return requestRet; } @@ -186,10 +221,12 @@ int32_t SandboxManagerProxy::PersistPolicyByTokenId( return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - if (remoteRet == SANDBOX_MANAGER_OK && !reply.ReadUInt32Vector(&result)) { + if (remoteRet == SANDBOX_MANAGER_OK && + !policyInfoVectorWriter.GetAndConstructU32Results(reply)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "read result fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } + result = policyInfoVectorWriter.u32Results; return remoteRet; } @@ -205,17 +242,25 @@ int32_t SandboxManagerProxy::UnPersistPolicyByTokenId( SANDBOXMANAGER_LOG_ERROR(LABEL, "Write tokenId fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - if (!data.WriteParcelable(&policyInfoVectorParcel)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyInfoVectorParcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; + } + if (policyInfoVectorWriter.IsFilterEmpty()) { + SANDBOXMANAGER_LOG_INFO(LABEL, "No policies need to transfer."); } MessageParcel reply; int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::UNPERSIST_PERMISSION_BY_TOKENID, data, reply); + if (requestRet == SANDBOX_MANAGER_POLICIES_FILTER_EMPTY) { + result = policyInfoVectorWriter.u32Results; + return SANDBOX_MANAGER_OK; + } if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "remote fail"); + policyInfoVectorWriter.ClearAshmem(); return requestRet; } @@ -225,50 +270,59 @@ int32_t SandboxManagerProxy::UnPersistPolicyByTokenId( return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - if (remoteRet == SANDBOX_MANAGER_OK && !reply.ReadUInt32Vector(&result)) { + if (remoteRet == SANDBOX_MANAGER_OK && + !policyInfoVectorWriter.GetAndConstructU32Results(reply)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "read result fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } + result = policyInfoVectorWriter.u32Results; return remoteRet; } -static bool WriteSetPolicyParcel(MessageParcel &data, uint32_t tokenId, const std::vector &policy, - uint64_t policyFlag) +static int32_t WriteSetPolicyParcel(MessageParcel &data, uint32_t tokenId, + PolicyInfoVectorWriter &policyInfoVectorWriter, uint64_t policyFlag, std::vector &result) { if (!data.WriteInterfaceToken(ISandboxManager::GetDescriptor())) { SANDBOXMANAGER_LOG_ERROR(LABEL, "Write descriptor failed."); - return false; + return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } if (!data.WriteUint32(tokenId)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "Write tokenId failed."); - return false; + return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - if (!data.WriteParcelable(&policyInfoVectorParcel)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyInfoVectorParcel failed."); - return false; + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; } if (!data.WriteUint64(policyFlag)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyFlag failed."); - return false; + policyInfoVectorWriter.ClearAshmem(); + return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - return true; + return SANDBOX_MANAGER_OK; } int32_t SandboxManagerProxy::SetPolicy(uint32_t tokenId, const std::vector &policy, uint64_t policyFlag, std::vector &result) { MessageParcel data; - if (!WriteSetPolicyParcel(data, tokenId, policy, policyFlag)) { - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = WriteSetPolicyParcel(data, tokenId, policyInfoVectorWriter, policyFlag, result); + if (ret != SANDBOX_MANAGER_OK) { + return ret; } MessageParcel reply; int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::SET_POLICY, data, reply); + if (ret == SANDBOX_MANAGER_POLICIES_FILTER_EMPTY) { + result = policyInfoVectorWriter.u32Results; + return SANDBOX_MANAGER_OK; + } if (requestRet != SANDBOX_MANAGER_OK) { + policyInfoVectorWriter.ClearAshmem(); return requestRet; } @@ -281,10 +335,11 @@ int32_t SandboxManagerProxy::SetPolicy(uint32_t tokenId, const std::vector result; + int32_t ret = WriteSetPolicyParcel(data, tokenId, policyInfoVectorWriter, policyFlag, result); + if (ret != SANDBOX_MANAGER_OK) { + return ret; } MessageParcel reply; @@ -367,16 +425,22 @@ int32_t SandboxManagerProxy::CheckPolicy(uint32_t tokenId, const std::vector return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - if (!data.WriteParcelable(&policyInfoVectorParcel)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyInfoVectorParcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; } MessageParcel reply; int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::START_ACCESSING_URI, data, reply); + if (requestRet == SANDBOX_MANAGER_POLICIES_FILTER_EMPTY) { + result = policyInfoVectorWriter.u32Results; + return SANDBOX_MANAGER_OK; + } if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "remote fail"); + policyInfoVectorWriter.ClearAshmem(); return requestRet; } @@ -424,10 +493,12 @@ int32_t SandboxManagerProxy::StartAccessingPolicy(const std::vector return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - if (remoteRet == SANDBOX_MANAGER_OK && !reply.ReadUInt32Vector(&result)) { + if (remoteRet == SANDBOX_MANAGER_OK && + !policyInfoVectorWriter.GetAndConstructU32Results(reply)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "read result fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } + result = policyInfoVectorWriter.u32Results; return remoteRet; } @@ -439,17 +510,22 @@ int32_t SandboxManagerProxy::StopAccessingPolicy(const std::vector & return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - if (!data.WriteParcelable(&policyInfoVectorParcel)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyInfoVectorParcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; } MessageParcel reply; int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::STOP_ACCESSING_URI, data, reply); + if (requestRet == SANDBOX_MANAGER_POLICIES_FILTER_EMPTY) { + result = policyInfoVectorWriter.u32Results; + return SANDBOX_MANAGER_OK; + } if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "remote fail"); + policyInfoVectorWriter.ClearAshmem(); return requestRet; } @@ -459,10 +535,12 @@ int32_t SandboxManagerProxy::StopAccessingPolicy(const std::vector & return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - if (remoteRet == SANDBOX_MANAGER_OK && !reply.ReadUInt32Vector(&result)) { + if (remoteRet == SANDBOX_MANAGER_OK && + !policyInfoVectorWriter.GetAndConstructU32Results(reply)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "read result fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } + result = policyInfoVectorWriter.u32Results; return remoteRet; } @@ -479,17 +557,23 @@ int32_t SandboxManagerProxy::CheckPersistPolicy(uint32_t tokenId, const std::vec return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - if (!data.WriteParcelable(&policyInfoVectorParcel)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Write policyInfoVectorParcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + if (ret != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "WritePolicyInfoVector failed, ret = %{public}d", ret); + return ret; + } + if (policyInfoVectorWriter.IsFilterEmpty()) { + SANDBOXMANAGER_LOG_INFO(LABEL, "No policies need to transfer, return directly."); + result.resize(policy.size(), false); + return SANDBOX_MANAGER_OK; } MessageParcel reply; int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::CHECK_PERSIST_PERMISSION, data, reply); if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "remote fail"); + policyInfoVectorWriter.ClearAshmem(); return requestRet; } @@ -523,7 +607,7 @@ int32_t SandboxManagerProxy::StartAccessingByTokenId(uint32_t tokenId) int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::START_ACCESSING_BY_TOKEN, data, reply, option); if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "Remote fail, requestRet = %{public}d.", requestRet); - return SANDBOX_MANAGER_SERVICE_REMOTE_ERR; + return requestRet; } return SANDBOX_MANAGER_OK; } @@ -545,7 +629,7 @@ int32_t SandboxManagerProxy::UnSetAllPolicyByToken(uint32_t tokenId) int32_t requestRet = SendRequest(SandboxManagerInterfaceCode::UNSET_ALL_POLICY_BY_TOKEN, data, reply, option); if (requestRet != SANDBOX_MANAGER_OK) { SANDBOXMANAGER_LOG_ERROR(LABEL, "Remote fail, requestRet = %{public}d.", requestRet); - return SANDBOX_MANAGER_SERVICE_REMOTE_ERR; + return requestRet; } return SANDBOX_MANAGER_OK; } diff --git a/interfaces/innerkits/sandbox_manager/test/unittest/src/sandbox_manager_kit_test.cpp b/interfaces/innerkits/sandbox_manager/test/unittest/src/sandbox_manager_kit_test.cpp index 7eb64c7e55456fe41b832bd8845dab62e7f13dc7..42ecfb5f3e5b8da969380bb69f315f85e9b9df6b 100644 --- a/interfaces/innerkits/sandbox_manager/test/unittest/src/sandbox_manager_kit_test.cpp +++ b/interfaces/innerkits/sandbox_manager/test/unittest/src/sandbox_manager_kit_test.cpp @@ -47,7 +47,6 @@ namespace { const std::string SET_POLICY_PERMISSION = "ohos.permission.SET_SANDBOX_POLICY"; const std::string ACCESS_PERSIST_PERMISSION = "ohos.permission.FILE_ACCESS_PERSIST"; const Security::AccessToken::AccessTokenID INVALID_TOKENID = 0; -const uint64_t POLICY_VECTOR_SIZE_LIMIT = 500; #ifdef MAC_ENABLED const int32_t FOUNDATION_UID = 5523; #endif diff --git a/services/sandbox_manager/main/cpp/include/service/sandbox_manager_const.h b/services/sandbox_manager/main/cpp/include/service/sandbox_manager_const.h index 6a3e0a98df1970469d012b8d6e1d9dbaf3141fb3..8b3ff7f9e3352872231a65763c96f90c71096718 100644 --- a/services/sandbox_manager/main/cpp/include/service/sandbox_manager_const.h +++ b/services/sandbox_manager/main/cpp/include/service/sandbox_manager_const.h @@ -22,15 +22,12 @@ namespace AccessControl { namespace SandboxManager { #define SA_LIFE_TIME (1000 * 60 * 3) // 3 min -const uint32_t POLICY_PATH_LIMIT = 4095; - const uint64_t MODE_FILTER = 0b11; // 1bit-readbit 2bit- writebit, see OperateMode const std::string SET_POLICY_PERMISSION_NAME = "ohos.permission.SET_SANDBOX_POLICY"; const std::string ACCESS_PERSIST_PERMISSION_NAME = "ohos.permission.FILE_ACCESS_PERSIST"; -const uint32_t POLICY_VECTOR_SIZE_LIMIT = 500; const int32_t FOUNDATION_UID = 5523; } // namespace SandboxManager } // namespace AccessControl diff --git a/services/sandbox_manager/main/cpp/src/service/sandbox_manager_stub.cpp b/services/sandbox_manager/main/cpp/src/service/sandbox_manager_stub.cpp index f18f0c39f04f3b9f21882dbd685e40a39c93e908..068da0061223b9c47a820eb3897bc0586026541d 100644 --- a/services/sandbox_manager/main/cpp/src/service/sandbox_manager_stub.cpp +++ b/services/sandbox_manager/main/cpp/src/service/sandbox_manager_stub.cpp @@ -73,7 +73,6 @@ int32_t SandboxManagerStub::OnRemoteRequest( int32_t SandboxManagerStub::CleanPersistPolicyByPathInner(MessageParcel &data, MessageParcel &reply) { - SANDBOXMANAGER_LOG_INFO(LABEL, "Call CleanPersistPolicyByPathInner"); uint32_t callingTokenId = IPCSkeleton::GetCallingTokenID(); if (!IsFileManagerCalling(callingTokenId)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "Permission denied(tokenID=%{public}d)", callingTokenId); @@ -81,13 +80,19 @@ int32_t SandboxManagerStub::CleanPersistPolicyByPathInner(MessageParcel &data, M } std::vector filePathList; - if (!data.ReadStringVector(&filePathList)) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Read filePathList failed."); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; + } + + for (PolicyInfo &each : policyInfoVectorReader.policyVector) { + filePathList.emplace_back(each.path); } this->CleanPersistPolicyByPath(filePathList); - SANDBOXMANAGER_LOG_INFO(LABEL, "End CleanPersistPolicyByPathInner"); return SANDBOX_MANAGER_OK; } @@ -98,14 +103,15 @@ int32_t SandboxManagerStub::PersistPolicyInner(MessageParcel &data, MessageParce return PERMISSION_DENIED; } - sptr policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager data parcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } std::vector result; - int32_t ret = this->PersistPolicy(policyInfoVectorParcel->policyVector, result); + int32_t ret = this->PersistPolicy(policyInfoVectorReader.policyVector, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager ret parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; @@ -128,15 +134,16 @@ int32_t SandboxManagerStub::UnPersistPolicyInner(MessageParcel &data, MessagePar return PERMISSION_DENIED; } - sptr policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "read sandbox manager data parcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } std::vector result; - int32_t ret = this->UnPersistPolicy(policyInfoVectorParcel->policyVector, result); + int32_t ret = this->UnPersistPolicy(policyInfoVectorReader.policyVector, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager ret parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; @@ -163,14 +170,15 @@ int32_t SandboxManagerStub::PersistPolicyByTokenIdInner(MessageParcel &data, Mes SANDBOXMANAGER_LOG_ERROR(LABEL, "read tokenId parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - sptr policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "read sandbox manager data parcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } std::vector result; - int32_t ret = this->PersistPolicyByTokenId(tokenId, policyInfoVectorParcel->policyVector, result); + int32_t ret = this->PersistPolicyByTokenId(tokenId, policyInfoVectorReader.policyVector, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager ret parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; @@ -197,15 +205,16 @@ int32_t SandboxManagerStub::UnPersistPolicyByTokenIdInner(MessageParcel &data, M SANDBOXMANAGER_LOG_ERROR(LABEL, "reply tokenId parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - sptr policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager data parcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } std::vector result; - int32_t ret = this->UnPersistPolicyByTokenId(tokenId, policyInfoVectorParcel->policyVector, result); + int32_t ret = this->UnPersistPolicyByTokenId(tokenId, policyInfoVectorReader.policyVector, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager ret parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; @@ -222,7 +231,7 @@ int32_t SandboxManagerStub::UnPersistPolicyByTokenIdInner(MessageParcel &data, M } static int32_t ReadSetPolicyParcel(MessageParcel &data, uint32_t &tokenId, - sptr &policyInfoVectorParcel, uint64_t &policyFlag) + PolicyInfoVectorReader &policyInfoVectorReader, uint64_t &policyFlag) { uint64_t callingTokenId = IPCSkeleton::GetCallingTokenID(); if (!CheckPermission(callingTokenId, SET_POLICY_PERMISSION_NAME)) { @@ -234,10 +243,10 @@ static int32_t ReadSetPolicyParcel(MessageParcel &data, uint32_t &tokenId, return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Read policyInfoVectorParcel failed."); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } if (!data.ReadUint64(policyFlag)) { @@ -251,15 +260,15 @@ static int32_t ReadSetPolicyParcel(MessageParcel &data, uint32_t &tokenId, int32_t SandboxManagerStub::SetPolicyInner(MessageParcel &data, MessageParcel &reply) { uint32_t tokenId; - sptr policyInfoVectorParcel = nullptr; + PolicyInfoVectorReader policyInfoVectorReader; uint64_t policyFlag; - int32_t readRes = ReadSetPolicyParcel(data, tokenId, policyInfoVectorParcel, policyFlag); + int32_t readRes = ReadSetPolicyParcel(data, tokenId, policyInfoVectorReader, policyFlag); if (readRes != SANDBOX_MANAGER_OK) { return readRes; } std::vector result; - int32_t ret = this->SetPolicy(tokenId, policyInfoVectorParcel->policyVector, policyFlag, result); + int32_t ret = this->SetPolicy(tokenId, policyInfoVectorReader.policyVector, policyFlag, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "Write ret failed."); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; @@ -277,14 +286,14 @@ int32_t SandboxManagerStub::SetPolicyInner(MessageParcel &data, MessageParcel &r int32_t SandboxManagerStub::SetPolicyAsyncInner(MessageParcel &data, MessageParcel &reply) { uint32_t tokenId; - sptr policyInfoVectorParcel = nullptr; + PolicyInfoVectorReader policyInfoVectorReader; uint64_t policyFlag; - int32_t readRes = ReadSetPolicyParcel(data, tokenId, policyInfoVectorParcel, policyFlag); + int32_t readRes = ReadSetPolicyParcel(data, tokenId, policyInfoVectorReader, policyFlag); if (readRes != SANDBOX_MANAGER_OK) { return readRes; } - return this->SetPolicyAsync(tokenId, policyInfoVectorParcel->policyVector, policyFlag); + return this->SetPolicyAsync(tokenId, policyInfoVectorReader.policyVector, policyFlag); } static int32_t ReadUnSetPolicyParcel(MessageParcel &data, uint32_t &tokenId, @@ -346,13 +355,14 @@ int32_t SandboxManagerStub::CheckPolicyInner(MessageParcel &data, MessageParcel return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - sptr policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "Read policyInfoVectorParcel failed."); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } std::vector result; - int32_t ret = this->CheckPolicy(tokenId, policyInfoVectorParcel->policyVector, result); + int32_t ret = this->CheckPolicy(tokenId, policyInfoVectorReader.policyVector, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "Write ret failed."); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; @@ -374,14 +384,15 @@ int32_t SandboxManagerStub::StartAccessingPolicyInner(MessageParcel &data, Messa return PERMISSION_DENIED; } - sptr policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager data parcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } std::vector result; - int32_t ret = this->StartAccessingPolicy(policyInfoVectorParcel->policyVector, result); + int32_t ret = this->StartAccessingPolicy(policyInfoVectorReader.policyVector, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager ret parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; @@ -404,15 +415,16 @@ int32_t SandboxManagerStub::StopAccessingPolicyInner(MessageParcel &data, Messag return PERMISSION_DENIED; } - sptr policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager data parcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } std::vector result; - int32_t ret = this->StopAccessingPolicy(policyInfoVectorParcel->policyVector, result); + int32_t ret = this->StopAccessingPolicy(policyInfoVectorReader.policyVector, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager ret parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; @@ -436,14 +448,15 @@ int32_t SandboxManagerStub::CheckPersistPolicyInner(MessageParcel &data, Message return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; } - sptr policyInfoVectorParcel = data.ReadParcelable(); - if (policyInfoVectorParcel == nullptr) { - SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager data parcel fail"); - return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; + PolicyInfoVectorReader policyInfoVectorReader; + int32_t parcelRet = policyInfoVectorReader.ReadPolicyInfoVector(data); + if (parcelRet != SANDBOX_MANAGER_OK) { + SANDBOXMANAGER_LOG_ERROR(LABEL, "Unmarshalling failed"); + return parcelRet; } std::vector result; - int32_t ret = this->CheckPersistPolicy(tokenId, policyInfoVectorParcel->policyVector, result); + int32_t ret = this->CheckPersistPolicy(tokenId, policyInfoVectorReader.policyVector, result); if (!reply.WriteInt32(ret)) { SANDBOXMANAGER_LOG_ERROR(LABEL, "reply sandbox manager ret parcel fail"); return SANDBOX_MANAGER_SERVICE_PARCEL_ERR; diff --git a/services/sandbox_manager/test/unittest/sandbox_manager_service_test.cpp b/services/sandbox_manager/test/unittest/sandbox_manager_service_test.cpp index 8b05c9362288800accf2cd8c82509926bb30a13e..68becd9079e07a51233308d29b5a54531e0ea246 100644 --- a/services/sandbox_manager/test/unittest/sandbox_manager_service_test.cpp +++ b/services/sandbox_manager/test/unittest/sandbox_manager_service_test.cpp @@ -72,6 +72,13 @@ Security::AccessToken::HapPolicyParams g_testPolicyPrams = { .permList = {}, .permStateList = {g_testState1, g_testState2} }; + +PolicyInfo NORMAL_POLICY = { + .path = "/test/test1", + .mode = OperateMode::READ_MODE, +}; + +const uint32_t EMPTY_FILTERED_POLCY_FLAG = 0xffffffff; }; class SandboxManagerServiceTest : public testing::Test { @@ -393,14 +400,11 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub001, TestSize.Level1) EXPECT_NE(NO_ERROR, sandboxManagerService_->OnRemoteRequest(code, data, reply, option)); sandboxManagerService_->requestFuncMap_.erase(code); + data.WriteInterfaceToken(u"ohos.accesscontrol.sandbox_manager.ISandboxManager"); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->PersistPolicyInner(data, reply)); - sptr policyInfoVectorParcel; - data.WriteParcelable(policyInfoVectorParcel); - sandboxManagerService_->PersistPolicyInner(data, reply); + data.WriteInterfaceToken(u"ohos.accesscontrol.sandbox_manager.ISandboxManager"); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->UnPersistPolicyInner(data, reply)); - data.WriteParcelable(policyInfoVectorParcel); - sandboxManagerService_->UnPersistPolicyInner(data, reply); if (sandboxManagerService_->unloadRunner_ != nullptr) { sandboxManagerService_->unloadRunner_->queue_.reset(); @@ -428,17 +432,10 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub002, TestSize.Level1) EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->PersistPolicyByTokenIdInner(data, reply)); data.WriteUint32(1); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->PersistPolicyByTokenIdInner(data, reply)); - data.WriteUint32(1); - sptr policyInfoVectorParcel; - data.WriteParcelable(policyInfoVectorParcel); - EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->PersistPolicyByTokenIdInner(data, reply)); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->UnPersistPolicyByTokenIdInner(data, reply)); data.WriteUint32(1); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->UnPersistPolicyByTokenIdInner(data, reply)); - data.WriteUint32(1); - data.WriteParcelable(policyInfoVectorParcel); - EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->UnPersistPolicyByTokenIdInner(data, reply)); SetSelfTokenID(selfTokenId_); } @@ -457,30 +454,23 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub003, TestSize.Level1) data.WriteUint32(1); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->SetPolicyInner(data, reply)); data.WriteUint32(1); - sptr policyInfoVectorParcel; - data.WriteParcelable(policyInfoVectorParcel); + std::vector policy = {NORMAL_POLICY}; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->SetPolicyInner(data, reply)); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->CheckPersistPolicyInner(data, reply)); data.WriteUint32(1); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->CheckPersistPolicyInner(data, reply)); - data.WriteUint32(1); - data.WriteParcelable(policyInfoVectorParcel); - EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->CheckPersistPolicyInner(data, reply)); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->StartAccessingPolicyInner(data, reply)); data.WriteUint32(1); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->StartAccessingPolicyInner(data, reply)); - data.WriteUint32(1); - data.WriteParcelable(policyInfoVectorParcel); - EXPECT_EQ(INVALID_PARAMTER, sandboxManagerService_->StartAccessingPolicyInner(data, reply)); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->StopAccessingPolicyInner(data, reply)); data.WriteUint32(1); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->StopAccessingPolicyInner(data, reply)); - data.WriteUint32(1); - data.WriteParcelable(policyInfoVectorParcel); - EXPECT_EQ(INVALID_PARAMTER, sandboxManagerService_->StopAccessingPolicyInner(data, reply)); SetSelfTokenID(selfTokenId_); } @@ -498,13 +488,10 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub004, TestSize.Level1) EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->PersistPolicyInner(data, reply)); std::vector policy; - policy.emplace_back(PolicyInfo { - .path = "", - .mode = 0b01, - }); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); + policy.emplace_back(NORMAL_POLICY); + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->PersistPolicyInner(data, reply)); SetSelfTokenID(selfTokenId_); } @@ -525,13 +512,10 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub005, TestSize.Level1) EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->UnPersistPolicyInner(data, reply)); std::vector policy; - policy.emplace_back(PolicyInfo { - .path = "", - .mode = 0b01, - }); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); + policy.emplace_back(NORMAL_POLICY); + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->UnPersistPolicyInner(data, reply)); SetSelfTokenID(selfTokenId_); } @@ -552,25 +536,16 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub006, TestSize.Level1) data.WriteUint32(POLICY_VECTOR_SIZE_LIMIT + 1); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->PersistPolicyByTokenIdInner(data, reply)); - data.WriteUint32(0); std::vector policy; - policy.emplace_back(PolicyInfo { - .path = "", - .mode = 0b01, - }); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); - EXPECT_EQ(INVALID_PARAMTER, sandboxManagerService_->PersistPolicyByTokenIdInner(data, reply)); - data.WriteUint32(1); - policy.clear(); policy.emplace_back(PolicyInfo { .path = "test path", .mode = 0b01, }); - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->PersistPolicyByTokenIdInner(data, reply)); SetSelfTokenID(selfTokenId_); } @@ -590,26 +565,17 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub007, TestSize.Level1) data.WriteUint32(0); data.WriteUint32(POLICY_VECTOR_SIZE_LIMIT + 1); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->UnPersistPolicyByTokenIdInner(data, reply)); - - data.WriteUint32(0); std::vector policy; - policy.emplace_back(PolicyInfo { - .path = "", - .mode = 0b01, - }); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); - EXPECT_EQ(INVALID_PARAMTER, sandboxManagerService_->UnPersistPolicyByTokenIdInner(data, reply)); - data.WriteUint32(1); policy.clear(); policy.emplace_back(PolicyInfo { .path = "test path", .mode = 0b01, }); - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->PersistPolicyByTokenIdInner(data, reply)); SetSelfTokenID(selfTokenId_); } @@ -636,11 +602,12 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub008, TestSize.Level1) .path = "test path", .mode = 0b01, }); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); data.WriteUint32(0); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->SetPolicyInner(data, reply)); + policyInfoVectorWriter.ClearAshmem(); SetSelfTokenID(selfTokenId_); } @@ -658,14 +625,12 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub009, TestSize.Level1) EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->StartAccessingPolicyInner(data, reply)); std::vector policy; - policy.emplace_back(PolicyInfo { - .path = "", - .mode = 0b01, - }); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); + policy.emplace_back(NORMAL_POLICY); + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->StartAccessingPolicyInner(data, reply)); + policyInfoVectorWriter.ClearAshmem(); SetSelfTokenID(selfTokenId_); } @@ -683,13 +648,10 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub010, TestSize.Level1) EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->StopAccessingPolicyInner(data, reply)); std::vector policy; - policy.emplace_back(PolicyInfo { - .path = "", - .mode = 0b01, - }); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); + policy.emplace_back(NORMAL_POLICY); + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->StopAccessingPolicyInner(data, reply)); SetSelfTokenID(selfTokenId_); } @@ -718,14 +680,16 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub011, TestSize.Level1) .path = "test", .mode = 0b01, }); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; - data.WriteParcelable(&policyInfoVectorParcel); + PolicyInfoVectorWriter policyInfoVectorWriter(policy); + int32_t ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->UnPersistPolicyByTokenIdInner(data, reply3)); + policyInfoVectorWriter.ClearAshmem(); MessageParcel reply4; data.WriteUint32(1); - data.WriteParcelable(&policyInfoVectorParcel); + ret = policyInfoVectorWriter.WritePolicyInfoVector(data); + ASSERT_EQ(ret, SANDBOX_MANAGER_OK); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->CheckPersistPolicyInner(data, reply4)); SetSelfTokenID(selfTokenId_); @@ -741,22 +705,24 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub012, TestSize.Level1) { SetSelfTokenID(sysGrantToken_); std::vector policy; - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policy; + PolicyInfoVectorWriter policyInfoVectorWriter(policy); MessageParcel data, reply; - data.WriteParcelable(&policyInfoVectorParcel); - EXPECT_EQ(INVALID_PARAMTER, sandboxManagerService_->PersistPolicyInner(data, reply)); + data.WriteUint32(EMPTY_FILTERED_POLCY_FLAG); + EXPECT_EQ(SANDBOX_MANAGER_POLICIES_FILTER_EMPTY, sandboxManagerService_->PersistPolicyInner(data, reply)); + policyInfoVectorWriter.ClearAshmem(); - data.WriteParcelable(&policyInfoVectorParcel); - EXPECT_EQ(INVALID_PARAMTER, sandboxManagerService_->UnPersistPolicyInner(data, reply)); + data.WriteUint32(EMPTY_FILTERED_POLCY_FLAG); + EXPECT_EQ(SANDBOX_MANAGER_POLICIES_FILTER_EMPTY, sandboxManagerService_->UnPersistPolicyInner(data, reply)); + policyInfoVectorWriter.ClearAshmem(); - data.WriteParcelable(&policyInfoVectorParcel); - EXPECT_EQ(INVALID_PARAMTER, sandboxManagerService_->StartAccessingPolicyInner(data, reply)); + data.WriteUint32(EMPTY_FILTERED_POLCY_FLAG); + EXPECT_EQ(SANDBOX_MANAGER_POLICIES_FILTER_EMPTY, sandboxManagerService_->StartAccessingPolicyInner(data, reply)); + policyInfoVectorWriter.ClearAshmem(); - data.WriteParcelable(&policyInfoVectorParcel); - EXPECT_EQ(INVALID_PARAMTER, sandboxManagerService_->StopAccessingPolicyInner(data, reply)); - + data.WriteUint32(EMPTY_FILTERED_POLCY_FLAG); + EXPECT_EQ(SANDBOX_MANAGER_POLICIES_FILTER_EMPTY, sandboxManagerService_->StopAccessingPolicyInner(data, reply)); + policyInfoVectorWriter.ClearAshmem(); SetSelfTokenID(selfTokenId_); } @@ -778,9 +744,8 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub013, TestSize.Level1) MessageParcel data; MessageParcel reply; data.WriteUint32(GetSelfTokenID()); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policies; - data.WriteParcelable(&policyInfoVectorParcel); + PolicyInfoVectorWriter policyInfoVectorWriter(policies); + policyInfoVectorWriter.WritePolicyInfoVector(data); data.WriteUint64(0); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->SetPolicyInner(data, reply)); SetSelfTokenID(selfTokenId_); @@ -801,12 +766,18 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub014, TestSize.Level1) EXPECT_EQ(PERMISSION_DENIED, sandboxManagerService_->CleanPersistPolicyByPathInner(data, reply)); SetSelfTokenID(fileManagerToken); // read string vector error - data.WriteInt32(-1); + data.WriteUint32(0); EXPECT_EQ(SANDBOX_MANAGER_SERVICE_PARCEL_ERR, sandboxManagerService_->CleanPersistPolicyByPathInner(data, reply)); // success MessageParcel data2; - std::vector paths = {"/A/B" }; - data2.WriteStringVector(paths); + std::vector policies = { + PolicyInfo { + .mode = OperateMode::READ_MODE, + .path = "/test", + }, + }; + PolicyInfoVectorWriter policyInfoVectorWriter(policies); + policyInfoVectorWriter.WritePolicyInfoVector(data2); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->CleanPersistPolicyByPathInner(data2, reply)); SetSelfTokenID(selfTokenId_); } @@ -828,9 +799,8 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub015, TestSize.Level1) MessageParcel data; MessageParcel reply; data.WriteUint32(GetSelfTokenID()); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policies; - data.WriteParcelable(&policyInfoVectorParcel); + PolicyInfoVectorWriter policyInfoVectorWriter(policies); + policyInfoVectorWriter.WritePolicyInfoVector(data); data.WriteUint64(0); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->SetPolicyAsyncInner(data, reply)); SetSelfTokenID(selfTokenId_); @@ -898,9 +868,8 @@ HWTEST_F(SandboxManagerServiceTest, SandboxManagerStub018, TestSize.Level1) MessageParcel data; MessageParcel reply; data.WriteUint32(GetSelfTokenID()); - PolicyInfoVectorParcel policyInfoVectorParcel; - policyInfoVectorParcel.policyVector = policies; - data.WriteParcelable(&policyInfoVectorParcel); + PolicyInfoVectorWriter policyInfoVectorWriter(policies); + policyInfoVectorWriter.WritePolicyInfoVector(data); EXPECT_EQ(SANDBOX_MANAGER_OK, sandboxManagerService_->CheckPolicyInner(data, reply)); } diff --git a/test/fuzztest/common/fuzz_common.cpp b/test/fuzztest/common/fuzz_common.cpp index ce836c8a0f33b320bdcc3be79c2ed15ab434793c..8f95576065a5ee9e6de4f2af03dab8a601da7b34 100644 --- a/test/fuzztest/common/fuzz_common.cpp +++ b/test/fuzztest/common/fuzz_common.cpp @@ -18,10 +18,6 @@ namespace OHOS { namespace AccessControl { namespace SandboxManager { -namespace { -const uint32_t POLICY_PATH_LIMIT = 4095; -const uint64_t POLICY_VECTOR_SIZE_LIMIT = 50; -}; void PolicyInfoRandomGenerator::GeneratePolicyInfo(PolicyInfo &policyInfo) { policyInfo.mode = GetData() % 3 + 1; // 3 is RW diff --git a/test/fuzztest/services/sandbox_manager/checkpersistpolicystub_fuzzer/checkpersistpolicystub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/checkpersistpolicystub_fuzzer/checkpersistpolicystub_fuzzer.cpp index f1c83f917d017e71fb4333438b54e97545deece5..dc5fbc6a69293e6d67c9558699f65e93e1192cbd 100644 --- a/test/fuzztest/services/sandbox_manager/checkpersistpolicystub_fuzzer/checkpersistpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/checkpersistpolicystub_fuzzer/checkpersistpolicystub_fuzzer.cpp @@ -50,9 +50,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/checkpolicystub_fuzzer/checkpolicystub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/checkpolicystub_fuzzer/checkpolicystub_fuzzer.cpp index 58f99ca75e881395506a52eaa76462177974622b..c52fc42081924175c7978243d77e3e59a57cc61a 100644 --- a/test/fuzztest/services/sandbox_manager/checkpolicystub_fuzzer/checkpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/checkpolicystub_fuzzer/checkpolicystub_fuzzer.cpp @@ -49,9 +49,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/persistpolicystub_fuzzer/persistpolicystub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/persistpolicystub_fuzzer/persistpolicystub_fuzzer.cpp index 4f5d9462e04b01aa656acf2305d21987a2c04d09..3654bbe06f00a11343a81b06a769cffa0f287829 100644 --- a/test/fuzztest/services/sandbox_manager/persistpolicystub_fuzzer/persistpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/persistpolicystub_fuzzer/persistpolicystub_fuzzer.cpp @@ -47,9 +47,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/persistpolicytokenstub_fuzzer/persistpolicytokenstub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/persistpolicytokenstub_fuzzer/persistpolicytokenstub_fuzzer.cpp index 586a682710fd982ee555eda56b6173622f683ad5..0d3c04b6bfa4f06dce6205a00a3e51a9cd7fccc4 100644 --- a/test/fuzztest/services/sandbox_manager/persistpolicytokenstub_fuzzer/persistpolicytokenstub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/persistpolicytokenstub_fuzzer/persistpolicytokenstub_fuzzer.cpp @@ -52,9 +52,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/setpolicyasyncstub_fuzzer/setpolicyasyncstub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/setpolicyasyncstub_fuzzer/setpolicyasyncstub_fuzzer.cpp index 46a7debafd5bff2fba98e3cae7abd38a494652f4..fa4d21734e6b0ee1e760e7554984712f645b5649 100644 --- a/test/fuzztest/services/sandbox_manager/setpolicyasyncstub_fuzzer/setpolicyasyncstub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/setpolicyasyncstub_fuzzer/setpolicyasyncstub_fuzzer.cpp @@ -52,9 +52,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/setpolicystub_fuzzer/setpolicystub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/setpolicystub_fuzzer/setpolicystub_fuzzer.cpp index c98e09c30de5bead2e2f8378c0b490f5f89d0d1c..b7bedafa7ed37b9dd6867f6a797e1d7cb645a53a 100644 --- a/test/fuzztest/services/sandbox_manager/setpolicystub_fuzzer/setpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/setpolicystub_fuzzer/setpolicystub_fuzzer.cpp @@ -52,9 +52,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/startaccessingpolicystub_fuzzer/startaccessingpolicystub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/startaccessingpolicystub_fuzzer/startaccessingpolicystub_fuzzer.cpp index 6e9836cd76d5937350866b6cb895a7b994c337f2..4e1fc18d72df8686cda0cf940a8b89893e5dd3c4 100644 --- a/test/fuzztest/services/sandbox_manager/startaccessingpolicystub_fuzzer/startaccessingpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/startaccessingpolicystub_fuzzer/startaccessingpolicystub_fuzzer.cpp @@ -46,9 +46,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/stopaccessingpolicystub_fuzzer/stopaccessingpolicystub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/stopaccessingpolicystub_fuzzer/stopaccessingpolicystub_fuzzer.cpp index 6c7b25353194818a31cf24b6abb80a70f6f2b9ca..815ef63009e7fc5316ce387869d201d682943ba9 100644 --- a/test/fuzztest/services/sandbox_manager/stopaccessingpolicystub_fuzzer/stopaccessingpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/stopaccessingpolicystub_fuzzer/stopaccessingpolicystub_fuzzer.cpp @@ -46,9 +46,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/unpersistpolicystub_fuzzer/unpersistpolicystub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/unpersistpolicystub_fuzzer/unpersistpolicystub_fuzzer.cpp index 31c8006ac554627ab49990eb58b0ea0d8f75620d..01b8a715c6850a39d81b41273040842668130bdb 100644 --- a/test/fuzztest/services/sandbox_manager/unpersistpolicystub_fuzzer/unpersistpolicystub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/unpersistpolicystub_fuzzer/unpersistpolicystub_fuzzer.cpp @@ -46,9 +46,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; } diff --git a/test/fuzztest/services/sandbox_manager/unpersistpolicytokenstub_fuzzer/unpersistpolicytokenstub_fuzzer.cpp b/test/fuzztest/services/sandbox_manager/unpersistpolicytokenstub_fuzzer/unpersistpolicytokenstub_fuzzer.cpp index 71c41c9cd21e4be35b38be08d4b2fb4756076854..6f75bcafa5f397ae8351d01c2e5078a20f32d06f 100644 --- a/test/fuzztest/services/sandbox_manager/unpersistpolicytokenstub_fuzzer/unpersistpolicytokenstub_fuzzer.cpp +++ b/test/fuzztest/services/sandbox_manager/unpersistpolicytokenstub_fuzzer/unpersistpolicytokenstub_fuzzer.cpp @@ -51,9 +51,8 @@ namespace OHOS { return false; } - PolicyInfoVectorParcel policyInfoParcel; - policyInfoParcel.policyVector = policyVec; - if (!datas.WriteParcelable(&policyInfoParcel)) { + PolicyInfoVectorWriter policyInfoParcel(policyVec); + if (policyInfoParcel.WritePolicyInfoVector(datas) != 0) { return false; }