From c09b5d01dcd7b187287ba2ed4aef0d3628932cd0 Mon Sep 17 00:00:00 2001 From: gecheng Date: Sat, 21 Jun 2025 14:36:51 +0800 Subject: [PATCH 1/4] =?UTF-8?q?object=5Fservice=5Fimpl=20fuzz=E8=A6=86?= =?UTF-8?q?=E7=9B=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../service/test/fuzztest/BUILD.gn | 5 +- .../fuzztest/objectserviceimp_fuzzer/BUILD.gn | 76 +++++++++ .../objectserviceimp_fuzzer/corpus/init | 16 ++ .../objectserviceimp_fuzzer.cpp | 152 ++++++++++++++++++ .../objectserviceimp_fuzzer.h | 21 +++ .../objectserviceimp_fuzzer/project.xml | 25 +++ 6 files changed, 294 insertions(+), 1 deletion(-) create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/BUILD.gn index f444f810b..55bc44ff0 100644 --- a/services/distributeddataservice/service/test/fuzztest/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/BUILD.gn @@ -28,7 +28,10 @@ group("fuzztest") { } if (datamgr_service_object) { - deps += [ "objectservicestub_fuzzer:fuzztest" ] + deps += [ + "objectservicestub_fuzzer:fuzztest", + "objectserviceimp_fuzzer:fuzztest", + ] } if (datamgr_service_rdb) { diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn new file mode 100644 index 000000000..64856ea85 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn @@ -0,0 +1,76 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("ObjectServiceImpFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/object/include", + ] + + fuzz_config_file = + "${data_service_path}/service/test/fuzztest/objectserviceimp_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + "-fno-access-control", + ] + + sources = [ + "objectserviceimp_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/communicator:distributeddata_communicator", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/object:distributeddata_object", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "ability_runtime:ability_manager", + "ability_runtime:dataobs_manager", + "access_token:libaccesstoken_sdk", + "access_token:libtokenid_sdk", + "data_object:data_object_inner", + "data_object:distributeddataobject_impl", + "device_manager:devicemanagersdk", + "dfs_service:cloudsync_asset_kit_inner", + "dfs_service:distributed_file_daemon_kit_inner", + "dmsfwk:distributed_sdk", + "hilog:libhilog", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":ObjectServiceImpFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/corpus/init new file mode 100644 index 000000000..7ade8a0fa --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.cpp new file mode 100644 index 000000000..857603cdf --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.cpp @@ -0,0 +1,152 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "objectserviceimp_fuzzer.h" +#include "object_service_impl.h" +#include "account/account_delegate.h" + +using namespace OHOS::DistributedObject; + +namespace OHOS { + +void ObjectStoreSaveFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + sptr callback; + std::string bundleName = provider.ConsumeRandomLengthString(); + std::string sessionId = provider.ConsumeRandomLengthString(); + std::string deviceId = provider.ConsumeRandomLengthString(); + std::map> data; + std::vector remainingData = provider.ConsumeRemainingBytes(); + data["key1"] = remainingData; + objectServiceImpl->ObjectStoreSave(bundleName, sessionId, deviceId, data, callback); +} + +void SaveMetaDataFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + StoreMetaData saveMeta; + objectServiceImpl->SaveMetaData(saveMeta); + auto &dmAdapter = DeviceManagerAdapter::GetInstance(); + std::string uuid = provider.ConsumeRandomLengthString(); + std::string udid = provider.ConsumeRandomLengthString(); + if (uuid.empty()) { + uuid = "123"; + } + if (udid.empty()) { + udid = "234"; + } + dmAdapter.localInfo_.uuid = uuid; + dmAdapter.localInfo_.udid = udid; + objectServiceImpl->SaveMetaData(saveMeta); +} + +void OnUserChangeFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + uint32_t code = static_cast(AccountStatus::DEVICE_ACCOUNT_SWITCHED); + std::string user = provider.ConsumeRandomLengthString(); + std::string account = provider.ConsumeRandomLengthString(); + objectServiceImpl->OnUserChange(code, user, account); +} + +void ObjectStoreRevokeSaveFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + sptr callback; + std::string bundleName = provider.ConsumeRandomLengthString(); + std::string sessionId = provider.ConsumeRandomLengthString(); + objectServiceImpl->ObjectStoreRevokeSave(bundleName, sessionId, callback); +} + +void ObjectStoreRetrieveFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + sptr callback; + std::string bundleName = provider.ConsumeRandomLengthString(); + std::string sessionId = provider.ConsumeRandomLengthString(); + objectServiceImpl->ObjectStoreRetrieve(bundleName, sessionId, callback); +} + +void RegisterDataObserverFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + sptr callback; + std::string bundleName = provider.ConsumeRandomLengthString(); + std::string sessionId = provider.ConsumeRandomLengthString(); + objectServiceImpl->RegisterDataObserver(bundleName, sessionId, callback); +} + +void OnAppUninstallFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + std::string bundleName = provider.ConsumeRandomLengthString(); + int32_t user = provider.ConsumeIntegral(); + int32_t index = provider.ConsumeIntegral(); + objectServiceImpl->OnAppUninstall(bundleName, user, index); +} + +void ResolveAutoLaunchFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + std::string identifier = provider.ConsumeRandomLengthString(); + DistributedDB::AutoLaunchParam param; + objectServiceImpl->ResolveAutoLaunch(identifier, param); +} + +void OnAppExitFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + pid_t uid = provider.ConsumeIntegral(); + pid_t pid = provider.ConsumeIntegral(); + uint32_t tokenId = provider.ConsumeIntegral(); + std::string bundleName = provider.ConsumeRandomLengthString(); + objectServiceImpl->OnAppExit(uid, pid, tokenId, bundleName); + objectServiceImpl->RegisterObjectServiceInfo(); + objectServiceImpl->RegisterHandler(); +} + +void DumpObjectServiceInfoFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + int fd = provider.ConsumeIntegral(); + std::string key = provider.ConsumeRandomLengthString(); + std::string value1 = provider.ConsumeRandomLengthString(); + std::string value2 = provider.ConsumeRandomLengthString(); + std::map> params; + std::vector value = {value1, value2}; + params.emplace(std::make_pair(key, value)); + objectServiceImpl->DumpObjectServiceInfo(fd, params); +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::ObjectStoreSaveFuzzTest(provider); + OHOS::OnUserChangeFuzzTest(provider); + OHOS::SaveMetaDataFuzzTest(provider); + OHOS::ObjectStoreRevokeSaveFuzzTest(provider); + OHOS::ObjectStoreRetrieveFuzzTest(provider); + OHOS::RegisterDataObserverFuzzTest(provider); + OHOS::OnAppUninstallFuzzTest(provider); + OHOS::ResolveAutoLaunchFuzzTest(provider); + OHOS::OnAppExitFuzzTest(provider); + OHOS::DumpObjectServiceInfoFuzzTest(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h new file mode 100644 index 000000000..45bbee04f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OBJECT_SERVICE_IMP_FUZZER_H +#define OBJECT_SERVICE_IMP_FUZZER_H + +#define FUZZ_PROJECT_NAME "objectserviceimp_fuzzer" + +#endif // OBJECT_SERVICE_IMP_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/project.xml new file mode 100644 index 000000000..a37a23b15 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 20cd8fe563b3ade1b8b2c53d1aff73443e2fd31a Mon Sep 17 00:00:00 2001 From: gecheng Date: Sat, 21 Jun 2025 14:44:19 +0800 Subject: [PATCH 2/4] =?UTF-8?q?object=5Fservice=5Fimpl=20fuzz=E8=A6=86?= =?UTF-8?q?=E7=9B=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../objectserviceimp_fuzzer/objectserviceimp_fuzzer.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h index 45bbee04f..8aa6bb0e2 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h @@ -15,7 +15,7 @@ #ifndef OBJECT_SERVICE_IMP_FUZZER_H #define OBJECT_SERVICE_IMP_FUZZER_H - + #define FUZZ_PROJECT_NAME "objectserviceimp_fuzzer" - + #endif // OBJECT_SERVICE_IMP_FUZZER_H \ No newline at end of file -- Gitee From b7baa920ca12b308f18329145cbd45ab02de53e8 Mon Sep 17 00:00:00 2001 From: gecheng Date: Mon, 23 Jun 2025 16:51:36 +0800 Subject: [PATCH 3/4] =?UTF-8?q?object=5Fservice=5Fimpl=20fuzz=E8=A6=86?= =?UTF-8?q?=E7=9B=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- services/distributeddataservice/service/test/fuzztest/BUILD.gn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/distributeddataservice/service/test/fuzztest/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/BUILD.gn index 55bc44ff0..e419c2c2d 100644 --- a/services/distributeddataservice/service/test/fuzztest/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/BUILD.gn @@ -31,7 +31,7 @@ group("fuzztest") { deps += [ "objectservicestub_fuzzer:fuzztest", "objectserviceimp_fuzzer:fuzztest", - ] + ] } if (datamgr_service_rdb) { -- Gitee From 09054f830f634d8cf23e5514e8353e6650e31cb1 Mon Sep 17 00:00:00 2001 From: gecheng Date: Mon, 23 Jun 2025 17:38:50 +0800 Subject: [PATCH 4/4] =?UTF-8?q?object=5Fservice=5Fimpl=20fuzz=E8=A6=86?= =?UTF-8?q?=E7=9B=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn | 2 -- 1 file changed, 2 deletions(-) diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn index 64856ea85..039f0bf8e 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn @@ -56,14 +56,12 @@ ohos_fuzztest("ObjectServiceImpFuzzTest") { "data_object:data_object_inner", "data_object:distributeddataobject_impl", "device_manager:devicemanagersdk", - "dfs_service:cloudsync_asset_kit_inner", "dfs_service:distributed_file_daemon_kit_inner", "dmsfwk:distributed_sdk", "hilog:libhilog", "kv_store:distributeddata_inner", "kv_store:distributeddata_mgr", "kv_store:distributeddb", - "relational_store:native_rdb", ] } -- Gitee