diff --git a/services/distributeddataservice/service/test/BUILD.gn b/services/distributeddataservice/service/test/BUILD.gn index 7c20c4aa2ad038db6804228edef4467b3de9a991..f8c218af243e1a7a0ee5beec869d871f4cf7b84d 100644 --- a/services/distributeddataservice/service/test/BUILD.gn +++ b/services/distributeddataservice/service/test/BUILD.gn @@ -1007,6 +1007,7 @@ ohos_unittest("DataShareServiceImplTest") { cfi = true cfi_cross_dso = true debug = false + blocklist = "${datamgr_service_path}/cfi_blocklist.txt" } module_out_path = module_output_path diff --git a/services/distributeddataservice/service/test/fuzztest/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/BUILD.gn index e419c2c2d3c632ab11c51b0bdf73fa76d5e6117e..9e801a6adebfab38c8898add34d65fb1f4f5a629 100644 --- a/services/distributeddataservice/service/test/fuzztest/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/BUILD.gn @@ -46,7 +46,10 @@ group("fuzztest") { } if (datamgr_service_data_share) { - deps += [ "datashareservicestub_fuzzer:fuzztest" ] + deps += [ + "datashareservicestub_fuzzer:fuzztest", + "datashareserviceimpl_fuzzer:fuzztest", + ] } if (datamgr_service_udmf) { diff --git a/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..17ca41e7ea604699c00f5b3795e897e9942db54f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/BUILD.gn @@ -0,0 +1,151 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("DataShareServiceImplFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/adapter/include", + "${data_service_path}/app/src", + "${data_service_path}/framework/include", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/data_share/common", + "${data_service_path}/service/data_share/data", + "${data_service_path}/service/data_share/dfx", + "${data_service_path}/service/data_share/strategies", + "${data_service_path}/service/data_share/subscriber_managers", + "${data_service_path}/service/data_share", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/permission/include", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = + "${data_service_path}/service/test/fuzztest/datashareserviceimpl_fuzzer" + + cflags = [ + "-Dprivate=public", + "-Dprotected=public", + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/service/common/xcollie.cpp", + "${data_service_path}/service/data_share/common/app_connect_manager.cpp", + "${data_service_path}/service/data_share/common/bundle_mgr_proxy.cpp", + "${data_service_path}/service/data_share/common/common_utils.cpp", + "${data_service_path}/service/data_share/common/db_delegate.cpp", + "${data_service_path}/service/data_share/common/div_strategy.cpp", + "${data_service_path}/service/data_share/common/extension_ability_manager.cpp", + "${data_service_path}/service/data_share/common/extension_connect_adaptor.cpp", + "${data_service_path}/service/data_share/common/extension_mgr_proxy.cpp", + "${data_service_path}/service/data_share/common/kv_delegate.cpp", + "${data_service_path}/service/data_share/common/proxy_data_manager.cpp", + "${data_service_path}/service/data_share/common/rdb_delegate.cpp", + "${data_service_path}/service/data_share/common/scheduler_manager.cpp", + "${data_service_path}/service/data_share/common/seq_strategy.cpp", + "${data_service_path}/service/data_share/common/uri_utils.cpp", + "${data_service_path}/service/data_share/data/published_data.cpp", + "${data_service_path}/service/data_share/data/resultset_json_formatter.cpp", + "${data_service_path}/service/data_share/data/template_data.cpp", + "${data_service_path}/service/data_share/data_provider_config.cpp", + "${data_service_path}/service/data_share/data_share_db_config.cpp", + "${data_service_path}/service/data_share/data_share_obs_proxy.cpp", + "${data_service_path}/service/data_share/data_share_profile_config.cpp", + "${data_service_path}/service/data_share/data_share_service_impl.cpp", + "${data_service_path}/service/data_share/data_share_service_stub.cpp", + "${data_service_path}/service/data_share/data_share_silent_config.cpp", + "${data_service_path}/service/data_share/data_share_types_util.cpp", + "${data_service_path}/service/data_share/dfx/hiview_adapter.cpp", + "${data_service_path}/service/data_share/dfx/hiview_fault_adapter.cpp", + "${data_service_path}/service/data_share/strategies/data_proxy/load_config_from_data_proxy_node_strategy.cpp", + "${data_service_path}/service/data_share/strategies/data_share/load_config_from_data_share_bundle_info_strategy.cpp", + "${data_service_path}/service/data_share/strategies/general/check_is_data_proxy_strategy.cpp", + "${data_service_path}/service/data_share/strategies/general/check_is_single_app_strategy.cpp", + "${data_service_path}/service/data_share/strategies/general/cross_permission_strategy.cpp", + "${data_service_path}/service/data_share/strategies/general/load_config_common_strategy.cpp", + "${data_service_path}/service/data_share/strategies/general/load_config_data_info_strategy.cpp", + "${data_service_path}/service/data_share/strategies/general/load_config_from_bundle_info_strategy.cpp", + "${data_service_path}/service/data_share/strategies/general/permission_strategy.cpp", + "${data_service_path}/service/data_share/strategies/get_data_strategy.cpp", + "${data_service_path}/service/data_share/strategies/publish_strategy.cpp", + "${data_service_path}/service/data_share/strategies/rdb_notify_strategy.cpp", + "${data_service_path}/service/data_share/strategies/subscribe_strategy.cpp", + "${data_service_path}/service/data_share/strategies/template_strategy.cpp", + "${data_service_path}/service/data_share/subscriber_managers/proxy_data_subscriber_manager.cpp", + "${data_service_path}/service/data_share/subscriber_managers/published_data_subscriber_manager.cpp", + "${data_service_path}/service/data_share/subscriber_managers/rdb_subscriber_manager.cpp", + "${data_service_path}/service/data_share/sys_event_subscriber.cpp", + "${data_service_path}/service/kvdb/user_delegate.cpp", + "${data_service_path}/service/permission/src/permit_delegate.cpp", + "datashareserviceimpl_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/communicator:distributeddata_communicator", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + ] + + external_deps = [ + "ability_base:base", + "ability_base:want", + "ability_base:zuri", + "ability_runtime:dataobs_manager", + "ability_runtime:extension_manager", + "ability_runtime:wantagent_innerkits", + "access_token:libaccesstoken_sdk", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "common_event_service:cesfwk_innerkits", + "data_share:datashare_common", + "data_share:datashare_consumer", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "init:libbegetutil", + "ipc:ipc_core", + "kv_store:distributeddata_inner", + "kv_store:distributeddb", + "qos_manager:concurrent_task_client", + "qos_manager:qos", + "relational_store:native_rdb", + "relational_store:rdb_data_share_adapter", + "resource_management:global_resmgr", + "samgr:samgr_proxy", + "time_service:time_client", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":DataShareServiceImplFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..7ade8a0faafeaedba7241e7d4a97b8e1f9691932 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/datashareserviceimpl_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/datashareserviceimpl_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..9e337613795eb47d9300df57dc86a08a6577f95f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/datashareserviceimpl_fuzzer.cpp @@ -0,0 +1,201 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "datashareserviceimpl_fuzzer.h" + +#include +#include + +#include "data_share_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" + +using namespace OHOS::DataShare; +namespace OHOS { + +void NotifyChangeFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + std::string uri = provider.ConsumeRandomLengthString(); + int32_t userId = provider.ConsumeIntegral(); + dataShareServiceImpl->NotifyChange(uri, userId); +} + +void GetCallerInfoFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + std::string bundleName = "bundlename"; + int32_t appIndex = provider.ConsumeIntegral(); + dataShareServiceImpl->GetCallerInfo(bundleName, appIndex); +} + +void MakeMetaDataFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + std::string bundleName = provider.ConsumeRandomLengthString(); + std::string userId = provider.ConsumeRandomLengthString(); + std::string deviceId = provider.ConsumeRandomLengthString(); + std::string storeId = provider.ConsumeRandomLengthString(); + dataShareServiceImpl->MakeMetaData(bundleName, userId, deviceId, storeId); +} + +void OnAppUninstallFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + std::string bundleName = provider.ConsumeRandomLengthString(); + int32_t userId = provider.ConsumeIntegral(); + int32_t index = provider.ConsumeIntegral(); + dataShareServiceImpl->OnAppUninstall(bundleName, userId, index); +} + +void OnAppUpdateFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + std::string bundleName = provider.ConsumeRandomLengthString(); + int32_t userId = provider.ConsumeIntegral(); + int32_t index = provider.ConsumeIntegral(); + dataShareServiceImpl->OnAppUpdate(bundleName, userId, index); +} + +void RegisterObserverFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + std::string uri = provider.ConsumeRandomLengthString(); + sptr remoteObj = nullptr; + dataShareServiceImpl->RegisterObserver(uri, remoteObj); +} + +void UnregisterObserverFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + std::string uri = provider.ConsumeRandomLengthString(); + sptr remoteObj = nullptr; + dataShareServiceImpl->UnregisterObserver(uri, remoteObj); +} + +void VerifyAcrossAccountsPermissionFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + int32_t curId = provider.ConsumeIntegral(); + int32_t visId = provider.ConsumeIntegral(); + std::string permission = provider.ConsumeRandomLengthString(); + uint32_t tokenId = provider.ConsumeIntegral(); + dataShareServiceImpl->VerifyAcrossAccountsPermission(curId, visId, permission, tokenId); +} + +void CheckAllowListFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + uint32_t currentUserId = provider.ConsumeIntegral(); + uint32_t callerTokenId = provider.ConsumeIntegral(); + std::vector allowLists; + AllowList list1; + list1.appIdentifier = provider.ConsumeRandomLengthString(); + list1.onlyMain = provider.ConsumeBool(); + AllowList list2; + list2.appIdentifier = provider.ConsumeRandomLengthString(); + list2.onlyMain = provider.ConsumeBool(); + allowLists.push_back(list1); + allowLists.push_back(list2); + dataShareServiceImpl->CheckAllowList(currentUserId, callerTokenId, allowLists); +} + +void ReportExcuteFaultFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + uint32_t callingTokenId = provider.ConsumeIntegral(); + int32_t errCode = provider.ConsumeIntegral(); + std::string func = provider.ConsumeRandomLengthString(); + DataProviderConfig::ProviderInfo providerInfo; + providerInfo.moduleName = provider.ConsumeRandomLengthString(); + providerInfo.bundleName = provider.ConsumeRandomLengthString(); + providerInfo.storeName = provider.ConsumeRandomLengthString(); + dataShareServiceImpl->ReportExcuteFault(callingTokenId, providerInfo, errCode, func); +} + +void VerifyPermissionFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + std::string bundleName = provider.ConsumeRandomLengthString(); + std::string permission = provider.ConsumeRandomLengthString(); + bool isFromExtension = provider.ConsumeBool(); + int32_t tokenId = provider.ConsumeIntegral(); + dataShareServiceImpl->VerifyPermission(bundleName, permission, isFromExtension, tokenId); +} + +void OnAppExitFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + pid_t uid = provider.ConsumeIntegral(); + pid_t pid = provider.ConsumeIntegral(); + uint32_t tokenId = provider.ConsumeIntegral(); + std::string bundleName = provider.ConsumeRandomLengthString(); + dataShareServiceImpl->OnAppExit(uid, pid, tokenId, bundleName); +} + +void DumpDataShareServiceInfoFuzz(FuzzedDataProvider &provider) +{ + std::shared_ptr dataShareServiceImpl = std::make_shared(); + int fd = provider.ConsumeIntegral(); + std::map> params; + params["key1"] = {"value1", "value2"}; + params["key2"] = {"val_b1", "val_b2", "val_b3"}; + dataShareServiceImpl->DumpDataShareServiceInfo(fd, params); +} + +void DataShareStaticOnClearAppStorageFuzz(FuzzedDataProvider &provider) +{ + DataShareServiceImpl::DataShareStatic dataShareStatic; + std::string bundleName = provider.ConsumeRandomLengthString(); + int32_t userId = provider.ConsumeIntegral(); + int32_t index = provider.ConsumeIntegral(); + int32_t tokenId = provider.ConsumeIntegral(); + dataShareStatic.OnClearAppStorage(bundleName, userId, index, tokenId); +} + +void TimerReceiverOnReceiveEventFuzz(FuzzedDataProvider &provider) +{ + DataShareServiceImpl::TimerReceiver tmerReceiver; + EventFwk::Want want; + EventFwk::CommonEventData commonEventData(want); + commonEventData.SetWant(want); + tmerReceiver.OnReceiveEvent(commonEventData); +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::NotifyChangeFuzz(provider); + OHOS::GetCallerInfoFuzz(provider); + OHOS::MakeMetaDataFuzz(provider); + OHOS::OnAppUninstallFuzz(provider); + OHOS::OnAppUpdateFuzz(provider); + OHOS::RegisterObserverFuzz(provider); + OHOS::UnregisterObserverFuzz(provider); + OHOS::VerifyAcrossAccountsPermissionFuzz(provider); + OHOS::CheckAllowListFuzz(provider); + OHOS::ReportExcuteFaultFuzz(provider); + OHOS::VerifyPermissionFuzz(provider); + OHOS::OnAppExitFuzz(provider); + OHOS::DumpDataShareServiceInfoFuzz(provider); + OHOS::DataShareStaticOnClearAppStorageFuzz(provider); + OHOS::TimerReceiverOnReceiveEventFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/datashareserviceimpl_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/datashareserviceimpl_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..24a855ff54a48dd0943d597808d19212c1357065 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/datashareserviceimpl_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_DATA_SHARE_SERVICE_IMPL_FUZZER_H +#define DATAMGR_SERVICE_DATA_SHARE_SERVICE_IMPL_FUZZER_H + +#define FUZZ_PROJECT_NAME "datashareserviceimpl_fuzzer" + +#endif // DATAMGR_SERVICE_DATA_SHARE_SERVICE_IMPL_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..a37a23b1533f07ab59744732b0f46b2b5fd958d8 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/datashareserviceimpl_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file