diff --git a/test/fuzztest/common/alloc_token.cpp b/test/fuzztest/common/alloc_token.cpp index 8a85484893f775df8f6311583bb2ffeea975021c..0112c529ecefc516496fd2c59ed78b0fa7c584b2 100644 --- a/test/fuzztest/common/alloc_token.cpp +++ b/test/fuzztest/common/alloc_token.cpp @@ -63,35 +63,8 @@ namespace OHOS { return ret; } - void NativeTokenGet() - { - uint64_t fullTokenId; - const char **perms = new const char *[1]; - perms[0] = "ohos.permission.DISTRIBUTED_DATASYNC"; - - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 1, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "TestCase"; - fullTokenId = GetAccessTokenId(&infoInstance); - SetSelfTokenID(fullTokenId); - Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); - delete[] perms; - } - void AllocToken() { - NativeTokenGet(); - Security::AccessToken::AccessTokenID tokenID = - Security::AccessToken::AccessTokenKit::GetNativeTokenId("foundation"); - SetSelfTokenID(tokenID); Security::AccessToken::AccessTokenIDEx tokenIdEx = {0}; tokenIdEx = Security::AccessToken::AccessTokenKit::AllocHapToken(g_testInfoParms, g_testPolicyPrams); g_mockToken = tokenIdEx.tokenIdExStruct.tokenID; diff --git a/test/fuzztest/common/alloc_token.h b/test/fuzztest/common/alloc_token.h index be6417b2d4f33eb27bb0ad8cdfced2c23db90a44..c6de793f7b71fa4cc544a478ccb7b257be46ebed 100644 --- a/test/fuzztest/common/alloc_token.h +++ b/test/fuzztest/common/alloc_token.h @@ -20,7 +20,6 @@ namespace OHOS { bool AllocTokenWithFuzz(const uint8_t *data, size_t size, bool(*func)(const uint8_t *, size_t)); -void NativeTokenGet(); void AllocToken(); void DeleteToken(); } // OHOS diff --git a/test/fuzztest/common/fuzz_common.cpp b/test/fuzztest/common/fuzz_common.cpp new file mode 100644 index 0000000000000000000000000000000000000000..ce836c8a0f33b320bdcc3be79c2ed15ab434793c --- /dev/null +++ b/test/fuzztest/common/fuzz_common.cpp @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "fuzz_common.h" + +namespace OHOS { +namespace AccessControl { +namespace SandboxManager { +namespace { +const uint32_t POLICY_PATH_LIMIT = 4095; +const uint64_t POLICY_VECTOR_SIZE_LIMIT = 50; +}; +void PolicyInfoRandomGenerator::GeneratePolicyInfo(PolicyInfo &policyInfo) +{ + policyInfo.mode = GetData() % 3 + 1; // 3 is RW + GenerateString(policyInfo.path); +} + +void PolicyInfoRandomGenerator::GeneratePolicyInfoVec(std::vector &policyInfoVec) +{ + uint32_t size = GetData() % POLICY_VECTOR_SIZE_LIMIT; + policyInfoVec.clear(); + for (uint32_t i = 0; i < size; ++i) { + PolicyInfo policyInfo; + GeneratePolicyInfo(policyInfo); + policyInfoVec.push_back(policyInfo); + } +} + +void PolicyInfoRandomGenerator::GenerateString(std::string &str) +{ + uint32_t length = GetData() % POLICY_PATH_LIMIT; + str = "/"; + for (uint32_t i = 1; i < length; ++i) { + str += GetData(); + } +} + +void PolicyInfoRandomGenerator::GenerateStringVec(std::vector &strVec) +{ + uint32_t size = GetData() % POLICY_VECTOR_SIZE_LIMIT; + strVec.clear(); + for (uint32_t i = 0; i < size; ++i) { + std::string str; + GenerateString(str); + strVec.push_back(str); + } +} +} +} +} \ No newline at end of file diff --git a/test/fuzztest/common/fuzz_common.h b/test/fuzztest/common/fuzz_common.h new file mode 100644 index 0000000000000000000000000000000000000000..0e7d796dc0e280ad94ffbb4dd3aa42208462f452 --- /dev/null +++ b/test/fuzztest/common/fuzz_common.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ACCESSCONTROL_SANDBOX_MANAGER_FUZZ_COMMON +#define ACCESSCONTROL_SANDBOX_MANAGER_FUZZ_COMMON +#include +#include "policy_info.h" +#include "securec.h" + +namespace OHOS { +namespace AccessControl { +namespace SandboxManager { +class PolicyInfoRandomGenerator { +public: + PolicyInfoRandomGenerator(const uint8_t *data, const size_t size) + : data_(data), dataLenth_(size) + {} + template T GetData() + { + T object{}; + size_t objectSize = sizeof(object); + if (data_ == nullptr || objectSize > dataLenth_ - basePos) { + basePos = 0; // reset read point + return object; // return empty obj + } + errno_t ret = memcpy_s(&object, objectSize, data_ + basePos, objectSize); + if (ret != EOK) { + return {}; + } + basePos += objectSize; + return object; + } + + void GeneratePolicyInfo(PolicyInfo &policyInfo); + void GeneratePolicyInfoVec(std::vector &policyInfoVec); + void GenerateString(std::string &str); + void GenerateStringVec(std::vector &strVec); +private: + const uint8_t *data_; + const size_t dataLenth_; + size_t basePos = 0; +}; +} +} +} +#endif \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/BUILD.gn index d94fcb667a44269400d52a566e2573c9b23d81ea..87f71d6198e2650de38bdc236f03755dad5ec73d 100644 --- a/test/fuzztest/innerkits/sandbox_manager/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/BUILD.gn @@ -20,12 +20,19 @@ group("fuzztest") { deps += [ # deps file "checkpersistpolicy_fuzzer:CheckPersistPolicyFuzzTest", + "checkpolicy_fuzzer:CheckPolicyFuzzTest", + "cleanpersistpolicybypath_fuzzer:CleanPersistPolicyByPathFuzzTest", "persistpolicy_fuzzer:PersistPolicyFuzzTest", "persistpolicytoken_fuzzer:PersistPolicyTokenFuzzTest", "setpolicy_fuzzer:SetPolicyFuzzTest", + "setpolicyasync_fuzzer:SetPolicyAsyncFuzzTest", + "startaccessingbytokenid_fuzzer:StartAccessingByTokenIdFuzzTest", "startaccessingpolicy_fuzzer:StartAccessingPolicyFuzzTest", "stopaccessingpolicy_fuzzer:StopAccessingPolicyFuzzTest", "unpersistpolicy_fuzzer:UnPersistPolicyFuzzTest", "unpersistpolicytoken_fuzzer:UnpersistPolicyTokenFuzzTest", + "unsetallpolicybytoken_fuzzer:UnsetAllPolicyByTokenFuzzTest", + "unsetpolicy_fuzzer:UnsetPolicyFuzzTest", + "unsetpolicyasync_fuzzer:UnsetPolicyAsyncFuzzTest", ] } diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpersistpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/checkpersistpolicy_fuzzer/BUILD.gn index fae27a323d02c62780914ce238e66becc90b72d9..b414d1f5a87dc3bff74d1c0538c514dff5329734 100644 --- a/test/fuzztest/innerkits/sandbox_manager/checkpersistpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/checkpersistpolicy_fuzzer/BUILD.gn @@ -19,15 +19,20 @@ ohos_fuzztest("CheckPersistPolicyFuzzTest") { module_out_path = module_output_path_interface_sandbox fuzz_config_file = "." - include_dirs = - [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include" ] + include_dirs = [ + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + "../../../common", + ] cflags = [ "-g", "-O0", "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "checkpersistpolicy_fuzzer.cpp" ] + sources = [ + "../../../common/fuzz_common.cpp", + "checkpersistpolicy_fuzzer.cpp", + ] deps = [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager:libsandbox_manager_sdk" ] diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpersistpolicy_fuzzer/checkpersistpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/checkpersistpolicy_fuzzer/checkpersistpolicy_fuzzer.cpp index 41a9409388547c200d0b481381e7abc1f0fc7d23..586d71196a9e1d6e87e9b173b46bb451589cbef8 100644 --- a/test/fuzztest/innerkits/sandbox_manager/checkpersistpolicy_fuzzer/checkpersistpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/checkpersistpolicy_fuzzer/checkpersistpolicy_fuzzer.cpp @@ -18,6 +18,7 @@ #include #include #include +#include "fuzz_common.h" #include "sandbox_manager_err_code.h" #include "sandbox_manager_kit.h" @@ -32,16 +33,12 @@ namespace OHOS { std::vector policyVec; std::vector result; - uint64_t tokenId = static_cast(size); - - PolicyInfo policy = { - .path = std::string(reinterpret_cast(data), size), - .mode = static_cast(size), - }; - policyVec.emplace_back(policy); - - int32_t ret = SandboxManagerKit::CheckPersistPolicy(tokenId, policyVec, result); - return ret == SandboxManagerErrCode::SANDBOX_MANAGER_OK; + PolicyInfoRandomGenerator gen(data, size); + uint32_t tokenId = gen.GetData(); + gen.GeneratePolicyInfoVec(policyVec); + + SandboxManagerKit::CheckPersistPolicy(tokenId, policyVec, result); + return true; } } diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..8e107a49e5a086cea7856f77e2b095b56ff496de --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/BUILD.gn @@ -0,0 +1,45 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("CheckPolicyFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + "../../../common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/fuzz_common.cpp", + "checkpolicy_fuzzer.cpp", + ] + + deps = [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager:libsandbox_manager_sdk" ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..085e1383fa9f039586f48bb1033de8d0b7a83b14 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.cpp @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "checkpolicy_fuzzer.h" + +#include +#include +#include +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { + bool CheckPersistPolicyFuzzTest(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + std::vector policyVec; + std::vector result; + PolicyInfoRandomGenerator gen(data, size); + uint32_t tokenId = gen.GetData(); + gen.GeneratePolicyInfoVec(policyVec); + + SandboxManagerKit::CheckPolicy(tokenId, policyVec, result); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::CheckPersistPolicyFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..68f6700f1d0702033eff9db8b771c656295363ac --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/checkpolicy_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_CHECKPOLICY_FUZZER_H +#define TEST_FUZZTEST_CHECKPOLICY_FUZZER_H + +#define FUZZ_PROJECT_NAME "checkpolicy_fuzzer" + +#endif // TEST_FUZZTEST_CHECKPOLICY_FUZZER_H diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..e7c3fecd8d4d4816e40088113a2316bb9eb2e13f --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..7133b2b92440904a5ed04b838733acea0f97486a --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/checkpolicy_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..752c89126cffcabc6ca465e76c50e083346edfab --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/BUILD.gn @@ -0,0 +1,50 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("CleanPersistPolicyByPathFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + "../../../common", + ] + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", + "cleanpersistpolicybypath_fuzzer.cpp", + ] + + deps = [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager:libsandbox_manager_sdk" ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/cleanpersistpolicybypath_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/cleanpersistpolicybypath_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..2921fa3e5ef2a863ef4a4482f1d1455f355a692d --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/cleanpersistpolicybypath_fuzzer.cpp @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cleanpersistpolicybypath_fuzzer.h" + +#include +#include +#include +#include "accesstoken_kit.h" +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" +#include "token_setproc.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { +namespace { +static uint32_t SELF_TOKEN = 0; +static uint32_t FILE_MANAGER_TOKEN = 0; +}; + bool CheckPersistPolicyFuzzTest(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + FILE_MANAGER_TOKEN = Security::AccessToken::AccessTokenKit::GetNativeTokenId( + "file_manager_service"); + SELF_TOKEN = GetSelfTokenID(); + SetSelfTokenID(FILE_MANAGER_TOKEN); + + std::vector pathList; + PolicyInfoRandomGenerator gen(data, size); + gen.GenerateStringVec(pathList); + + SandboxManagerKit::CleanPersistPolicyByPath(pathList); + SetSelfTokenID(SELF_TOKEN); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::CheckPersistPolicyFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/cleanpersistpolicybypath_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/cleanpersistpolicybypath_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..fc212f8574796e159939300a5b01e00144607991 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/cleanpersistpolicybypath_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_CLEANPERSISTPOLICYBYPATH_FUZZER_H +#define TEST_FUZZTEST_CLEANPERSISTPOLICYBYPATH_FUZZER_H + +#define FUZZ_PROJECT_NAME "cleanpersistpolicybypath_fuzzer" + +#endif // TEST_FUZZTEST_CLEANPERSISTPOLICYBYPATH_FUZZER_H diff --git a/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..e7c3fecd8d4d4816e40088113a2316bb9eb2e13f --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..7133b2b92440904a5ed04b838733acea0f97486a --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/cleanpersistpolicybypath_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn index 224a7234a5b22a311a3c50b369819c4e5c51dd7a..9ee3909c988d6885c0ac6e2455613473b9c1162c 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/BUILD.gn @@ -31,6 +31,7 @@ ohos_fuzztest("PersistPolicyFuzzTest") { ] sources = [ "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", "persistpolicy_fuzzer.cpp", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp index a5fbfae430b6919fe8908c06822b3b27dd0df2fb..9470c3735ebcbd1859222f6da40b0d7ecdcbb85f 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicy_fuzzer/persistpolicy_fuzzer.cpp @@ -19,8 +19,9 @@ #include #include #include "alloc_token.h" -#include "sandbox_manager_err_code.h" +#include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -33,16 +34,12 @@ namespace OHOS { std::vector policyVec; std::vector result; + PolicyInfoRandomGenerator gen(data, size); + gen.GeneratePolicyInfoVec(policyVec); - PolicyInfo policy = { - .path = std::string(reinterpret_cast(data), size), - .mode = static_cast(size), - }; - - policyVec.emplace_back(policy); - - int32_t ret = SandboxManagerKit::PersistPolicy(policyVec, result); - return ret == SandboxManagerErrCode::SANDBOX_MANAGER_OK; + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policyVec, 1, result); + SandboxManagerKit::PersistPolicy(policyVec, result); + return true; } bool PersistPolicyFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn index 11680a8a8652078891feef942b315dbef8633129..9f3efa22773eeb9b764f5cbdcf684204ce94e893 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/BUILD.gn @@ -31,6 +31,7 @@ ohos_fuzztest("PersistPolicyTokenFuzzTest") { ] sources = [ "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", "persistpolicytoken_fuzzer.cpp", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp index 0748714ac89b3e7043f42281415006e5de50a99a..23a0c3c4677ed9519e5c3e28de6c16443023e0c2 100644 --- a/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/persistpolicytoken_fuzzer/persistpolicytoken_fuzzer.cpp @@ -19,8 +19,9 @@ #include #include #include "alloc_token.h" -#include "sandbox_manager_err_code.h" +#include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -33,16 +34,13 @@ namespace OHOS { std::vector policyVec; std::vector result; - uint64_t tokenId = static_cast(size); + PolicyInfoRandomGenerator gen(data, size); + gen.GeneratePolicyInfoVec(policyVec); + uint32_t tokenId = gen.GetData(); - PolicyInfo policy = { - .path = std::string(reinterpret_cast(data), size), - .mode = static_cast(size), - }; - policyVec.emplace_back(policy); - - int32_t ret = SandboxManagerKit::PersistPolicy(tokenId, policyVec, result); - return ret == SandboxManagerErrCode::SANDBOX_MANAGER_OK; + SandboxManagerKit::SetPolicy(tokenId, policyVec, 1, result); + SandboxManagerKit::PersistPolicy(tokenId, policyVec, result); + return true; } bool PersistPolicyTokenFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn index b8affd7eed0a91c623ce525e6f359e8c613b5429..921958401183de73e16a25b6a6d6ed6587c557be 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/BUILD.gn @@ -31,6 +31,7 @@ ohos_fuzztest("SetPolicyFuzzTest") { ] sources = [ "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", "setpolicy_fuzzer.cpp", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp index 474d386a41c7baf772d6941c8b3d367e2b2c8753..efb73fc6200cd46014e175ce643b8d1f967b1d29 100644 --- a/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicy_fuzzer/setpolicy_fuzzer.cpp @@ -19,8 +19,9 @@ #include #include #include "alloc_token.h" -#include "sandbox_manager_err_code.h" +#include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -32,18 +33,16 @@ namespace OHOS { } std::vector policyVec; - uint32_t tokenId = static_cast(size); - uint64_t policyFlag = static_cast(size); - - PolicyInfo policy = { - .path = std::string(reinterpret_cast(data), size), - .mode = static_cast(size), - }; - policyVec.emplace_back(policy); + PolicyInfoRandomGenerator gen(data, size); + uint32_t tokenId = gen.GetData(); + // flag is between 0-1 + uint64_t policyFlag = gen.GetData() % 3; + gen.GeneratePolicyInfoVec(policyVec); + std::vector result; - int32_t ret = SandboxManagerKit::SetPolicy(tokenId, policyVec, policyFlag, result); - return ret == SandboxManagerErrCode::SANDBOX_MANAGER_OK; + SandboxManagerKit::SetPolicy(tokenId, policyVec, policyFlag, result); + return true; } bool SetPolicyFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..3ced07cbddc410edb5d4a3422019df9929d9c2b0 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("SetPolicyAsyncFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + "../../../common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", + "setpolicyasync_fuzzer.cpp", + ] + + deps = [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager:libsandbox_manager_sdk" ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..e7c3fecd8d4d4816e40088113a2316bb9eb2e13f --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..7133b2b92440904a5ed04b838733acea0f97486a --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..28d65a533ec6d3ec20e8f3e9d25c4de0eb69d0c7 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.cpp @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "setpolicyasync_fuzzer.h" + +#include +#include +#include +#include "alloc_token.h" +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" +#include "token_setproc.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { + bool SetPolicyAsync(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + std::vector policyVec; + PolicyInfoRandomGenerator gen(data, size); + uint32_t tokenId = gen.GetData(); + // flag is between 0-1 + uint64_t policyFlag = gen.GetData() % 3; + gen.GeneratePolicyInfoVec(policyVec); + + SandboxManagerKit::SetPolicyAsync(tokenId, policyVec, policyFlag); + return true; + } + + bool SetPolicyAsyncFuzzTest(const uint8_t *data, size_t size) + { + return AllocTokenWithFuzz(data, size, SetPolicyAsync); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::SetPolicyAsyncFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..3ddc18c47db3955b59769c2eca6ce4ffa7a07c2a --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/setpolicyasync_fuzzer/setpolicyasync_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_SETPOLICYASYNC_FUZZER_H +#define TEST_FUZZTEST_SETPOLICYASYNC_FUZZER_H + +#define FUZZ_PROJECT_NAME "setpolicyasync_fuzzer" + +#endif // TEST_FUZZTEST_SETPOLICYASYNC_FUZZER_H diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..2aff08874d7a652e8ce8fa7cc2e1ca13b100e36d --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("StartAccessingByTokenIdFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + "../../../common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", + "startaccessingbytokenid_fuzzer.cpp", + ] + + deps = [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager:libsandbox_manager_sdk" ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..e7c3fecd8d4d4816e40088113a2316bb9eb2e13f --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..7133b2b92440904a5ed04b838733acea0f97486a --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/startaccessingbytokenid_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/startaccessingbytokenid_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..6b3d25aeaa5bf39e4e90fea6d8d2424a1de39bc4 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/startaccessingbytokenid_fuzzer.cpp @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "startaccessingbytokenid_fuzzer.h" + +#include +#include +#include +#include +#include "alloc_token.h" +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" +#include "token_setproc.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { +namespace { +const int32_t FOUNDATION_UID = 5523; +}; + + bool StartAccessingByTokenIdFuzzTest(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + int32_t uid = getuid(); + setuid(FOUNDATION_UID); + std::vector result; + PolicyInfoRandomGenerator gen(data, size); + uint32_t tokenid = gen.GetData(); + + SandboxManagerKit::StartAccessingByTokenId(tokenid); + setuid(uid); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::StartAccessingByTokenIdFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/startaccessingbytokenid_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/startaccessingbytokenid_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..2f808647a81c602c73aaa234f7316d29bd06b488 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingbytokenid_fuzzer/startaccessingbytokenid_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_STARTACCESSINGBYTOKENID_FUZZER_H +#define TEST_FUZZTEST_STARTACCESSINGBYTOKENID_FUZZER_H + +#define FUZZ_PROJECT_NAME "startaccessingbytokenid_fuzzer" + +#endif // TEST_FUZZTEST_STARTACCESSINGBYTOKENID_FUZZER_H diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn index ec99d9f0a178c7b53acb42d76b4e67b88561d2b3..11c71af7df4061e506d3044fd6607b8a3a70ee7f 100644 --- a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/BUILD.gn @@ -31,6 +31,7 @@ ohos_fuzztest("StartAccessingPolicyFuzzTest") { ] sources = [ "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", "startaccessingpolicy_fuzzer.cpp", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp index e97c6752b3b6ad3c2b9c9a12e30afb88b8d54b76..2a2bde3491dfe60216ca4ace08f0f3ffce38cca2 100644 --- a/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/startaccessingpolicy_fuzzer/startaccessingpolicy_fuzzer.cpp @@ -19,8 +19,9 @@ #include #include #include "alloc_token.h" -#include "sandbox_manager_err_code.h" +#include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -33,15 +34,13 @@ namespace OHOS { std::vector policyVec; std::vector result; + PolicyInfoRandomGenerator gen(data, size); + gen.GeneratePolicyInfoVec(policyVec); - PolicyInfo policy = { - .path = std::string(reinterpret_cast(data), size), - .mode = static_cast(size), - }; - policyVec.emplace_back(policy); - - int32_t ret = SandboxManagerKit::StartAccessingPolicy(policyVec, result); - return ret == SandboxManagerErrCode::SANDBOX_MANAGER_OK; + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policyVec, 1, result); + SandboxManagerKit::PersistPolicy(policyVec, result); + SandboxManagerKit::StartAccessingPolicy(policyVec, result); + return true; } bool StartAccessingPolicyFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn index 74bb60831e811cceac12c1995f84304b6dbf4bb1..91cf560d14395af85fee9cf612e568f74dbb5871 100644 --- a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/BUILD.gn @@ -32,6 +32,7 @@ ohos_fuzztest("StopAccessingPolicyFuzzTest") { ] sources = [ "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", "stopaccessingpolicy_fuzzer.cpp", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp index 11e1301be597eb112d3e0dd4868d40bdeefacd51..3d8838da0993d2800156f9f36e0bc624c7cff7b5 100644 --- a/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/stopaccessingpolicy_fuzzer/stopaccessingpolicy_fuzzer.cpp @@ -19,8 +19,9 @@ #include #include #include "alloc_token.h" -#include "sandbox_manager_err_code.h" +#include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -33,15 +34,14 @@ namespace OHOS { std::vector policyVec; std::vector result; - - PolicyInfo policy = { - .path = std::string(reinterpret_cast(data), size), - .mode = static_cast(size), - }; - policyVec.emplace_back(policy); - - int32_t ret = SandboxManagerKit::StopAccessingPolicy(policyVec, result); - return ret == SandboxManagerErrCode::SANDBOX_MANAGER_OK; + PolicyInfoRandomGenerator gen(data, size); + gen.GeneratePolicyInfoVec(policyVec); + + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policyVec, 1, result); + SandboxManagerKit::PersistPolicy(policyVec, result); + SandboxManagerKit::StartAccessingPolicy(policyVec, result); + SandboxManagerKit::StopAccessingPolicy(policyVec, result); + return true; } bool StopAccessingPolicyFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn index 473a5bd19dce1011e4c754d7a4a6761467f4c97f..bdfd3d9215578e5b4cdd409c94c0b2d946c3a62d 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/BUILD.gn @@ -31,6 +31,7 @@ ohos_fuzztest("UnPersistPolicyFuzzTest") { ] sources = [ "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", "unpersistpolicy_fuzzer.cpp", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp index 897ad21fac467e7a4d0db9da462184988d4fbf2b..526f3f27fdef3f6f3432b90ccccbe04d447c18b3 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicy_fuzzer/unpersistpolicy_fuzzer.cpp @@ -19,8 +19,9 @@ #include #include #include "alloc_token.h" -#include "sandbox_manager_err_code.h" +#include "fuzz_common.h" #include "sandbox_manager_kit.h" +#include "token_setproc.h" using namespace OHOS::AccessControl::SandboxManager; @@ -34,14 +35,13 @@ namespace OHOS { std::vector policyVec; std::vector result; - PolicyInfo policy = { - .path = std::string(reinterpret_cast(data), size), - .mode = static_cast(size), - }; - policyVec.emplace_back(policy); + PolicyInfoRandomGenerator gen(data, size); + gen.GeneratePolicyInfoVec(policyVec); - int32_t ret = SandboxManagerKit::UnPersistPolicy(policyVec, result); - return ret == SandboxManagerErrCode::SANDBOX_MANAGER_OK; + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policyVec, 1, result); + SandboxManagerKit::PersistPolicy(policyVec, result); + SandboxManagerKit::UnPersistPolicy(policyVec, result); + return true; } bool UnpersistPolicyFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn index f0832d85a3baed01200c2f730683bffdc26d995b..111fada632f9e12ae33747b156b1e624a0815d5b 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/BUILD.gn @@ -31,6 +31,7 @@ ohos_fuzztest("UnpersistPolicyTokenFuzzTest") { ] sources = [ "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", "unpersistpolicytoken_fuzzer.cpp", ] diff --git a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp index 72eacab79584cdeb1aef07ffb965a7e10d67a7f8..85a349cc4b0bf75e150bc2fa08de61ee9b7bea24 100644 --- a/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp +++ b/test/fuzztest/innerkits/sandbox_manager/unpersistpolicytoken_fuzzer/unpersistpolicytoken_fuzzer.cpp @@ -19,7 +19,7 @@ #include #include #include "alloc_token.h" -#include "sandbox_manager_err_code.h" +#include "fuzz_common.h" #include "sandbox_manager_kit.h" using namespace OHOS::AccessControl::SandboxManager; @@ -33,16 +33,14 @@ namespace OHOS { std::vector policyVec; std::vector result; - uint64_t tokenId = static_cast(size); - - PolicyInfo policy = { - .path = std::string(reinterpret_cast(data), size), - .mode = static_cast(size), - }; - policyVec.emplace_back(policy); - - int32_t ret = SandboxManagerKit::UnPersistPolicy(tokenId, policyVec, result); - return ret == SandboxManagerErrCode::SANDBOX_MANAGER_OK; + PolicyInfoRandomGenerator gen(data, size); + gen.GeneratePolicyInfoVec(policyVec); + uint32_t tokenId = gen.GetData(); + + SandboxManagerKit::SetPolicy(tokenId, policyVec, 1, result); + SandboxManagerKit::PersistPolicy(tokenId, policyVec, result); + SandboxManagerKit::UnPersistPolicy(tokenId, policyVec, result); + return true; } bool UnPersistPolicyTokenFuzzTest(const uint8_t *data, size_t size) diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..1a029c95d6fc545beb920a112f4c0c536d66d094 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("UnsetAllPolicyByTokenFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + "../../../common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", + "unsetallpolicybytoken_fuzzer.cpp", + ] + + deps = [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager:libsandbox_manager_sdk" ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..e7c3fecd8d4d4816e40088113a2316bb9eb2e13f --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..7133b2b92440904a5ed04b838733acea0f97486a --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..2447ad56027d2cdc468bcc06d80881e19be996df --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.cpp @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "unsetallpolicybytoken_fuzzer.h" + +#include +#include +#include +#include "alloc_token.h" +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" +#include "token_setproc.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { + bool UnSetAllPolicyByToken(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + std::vector result; + PolicyInfoRandomGenerator gen(data, size); + uint32_t tokenid = gen.GetData(); + + SandboxManagerKit::UnSetAllPolicyByToken(tokenid); + return true; + } + + bool UnSetAllPolicyByTokenFuzzTest(const uint8_t *data, size_t size) + { + return AllocTokenWithFuzz(data, size, UnSetAllPolicyByToken); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::UnSetAllPolicyByTokenFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..51fda903f93fb12f4872b9079cf473a66e82fbcb --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetallpolicybytoken_fuzzer/unsetallpolicybytoken_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_UNSETALLPOLICYBYTOKEN_FUZZER_H +#define TEST_FUZZTEST_UNSETALLPOLICYBYTOKEN_FUZZER_H + +#define FUZZ_PROJECT_NAME "unsetallpolicybytoken_fuzzer" + +#endif // TEST_FUZZTEST_UNSETALLPOLICYBYTOKEN_FUZZER_H diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..49b016a4d478644a65b13ebad0e7c71b7e5676ea --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("UnsetPolicyFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + "../../../common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", + "unsetpolilcy_fuzzer.cpp", + ] + + deps = [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager:libsandbox_manager_sdk" ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..e7c3fecd8d4d4816e40088113a2316bb9eb2e13f --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..7133b2b92440904a5ed04b838733acea0f97486a --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..c2fdaff91a51e4cd405c2daf7838db25ce32cc96 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.cpp @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "unsetpolilcy_fuzzer.h" + +#include +#include +#include +#include "alloc_token.h" +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" +#include "token_setproc.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { + bool UnSetPolicy(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + std::vector policyVec; + PolicyInfo policy; + std::vector result; + + PolicyInfoRandomGenerator gen(data, size); + gen.GeneratePolicyInfo(policy); + policyVec.push_back(policy); + + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policyVec, 0, result); + SandboxManagerKit::UnSetPolicy(GetSelfTokenID(), policy); + return true; + } + + bool UnSetPolicyFuzzTest(const uint8_t *data, size_t size) + { + return AllocTokenWithFuzz(data, size, UnSetPolicy); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::UnSetPolicyFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..40e31986f2db74f80e5b25bd0a1c44df2db00a74 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicy_fuzzer/unsetpolilcy_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_UNSETPOLICY_FUZZER_H +#define TEST_FUZZTEST_UNSETPOLICY_FUZZER_H + +#define FUZZ_PROJECT_NAME "unsetpolilcy_fuzzer" + +#endif // TEST_FUZZTEST_UNSETPOLICY_FUZZER_H diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..43ad143049fabc25144592f7c23b2e03c232c208 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../sandbox_manager.gni") + +ohos_fuzztest("UnsetPolicyAsyncFuzzTest") { + module_out_path = module_output_path_interface_sandbox + fuzz_config_file = "." + + include_dirs = [ + "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager/include", + "../../../common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "../../../common/alloc_token.cpp", + "../../../common/fuzz_common.cpp", + "unsetpolicyasync_fuzzer.cpp", + ] + + deps = [ "${sandbox_manager_path}/interfaces/innerkits/sandbox_manager:libsandbox_manager_sdk" ] + + configs = [ "${sandbox_manager_path}/config:coverage_flags" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "hilog:libhilog", + ] +} diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/corpus/init b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..e7c3fecd8d4d4816e40088113a2316bb9eb2e13f --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/project.xml b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..7133b2b92440904a5ed04b838733acea0f97486a --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..b9df4e676f93e570a09d27a7f1b1e4ed3da53037 --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.cpp @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "unsetpolicyasync_fuzzer.h" + +#include +#include +#include +#include "alloc_token.h" +#include "fuzz_common.h" +#include "sandbox_manager_kit.h" +#include "token_setproc.h" + +using namespace OHOS::AccessControl::SandboxManager; + +namespace OHOS { + bool UnSetPolicyAsync(const uint8_t *data, size_t size) + { + if ((data == nullptr) || (size == 0)) { + return false; + } + + std::vector policyVec; + PolicyInfo policy; + std::vector result; + + PolicyInfoRandomGenerator gen(data, size); + gen.GeneratePolicyInfo(policy); + policyVec.push_back(policy); + + SandboxManagerKit::SetPolicy(GetSelfTokenID(), policyVec, 0, result); + SandboxManagerKit::UnSetPolicyAsync(GetSelfTokenID(), policy); + return true; + } + + bool UnSetPolicyAsyncFuzzTest(const uint8_t *data, size_t size) + { + return AllocTokenWithFuzz(data, size, UnSetPolicyAsync); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::UnSetPolicyAsyncFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.h b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..df4c08e7b2ff1db47a0ba8567a96c03d81551fff --- /dev/null +++ b/test/fuzztest/innerkits/sandbox_manager/unsetpolicyasync_fuzzer/unsetpolicyasync_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_UNSETPOLICYASYNC_FUZZER_H +#define TEST_FUZZTEST_UNSETPOLICYASYNC_FUZZER_H + +#define FUZZ_PROJECT_NAME "unsetpolicyasync_fuzzer" + +#endif // TEST_FUZZTEST_UNSETPOLICYASYNC_FUZZER_H