From 7a097bf5bb38b5e4a6559083019883daa85e5546 Mon Sep 17 00:00:00 2001 From: gecheng Date: Mon, 25 Aug 2025 20:30:13 +0800 Subject: [PATCH 01/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../framework/screen/screen_manager.cpp | 2 + .../object/src/object_service_impl.cpp | 3 +- .../BUILD.gn | 4 +- .../objectserviceimp1_fuzzer}/corpus/init | 0 .../objectserviceimp1_fuzzer.cpp | 76 +++++++++++++++ .../objectserviceimp1_fuzzer.h} | 8 +- .../objectserviceimp1_fuzzer}/project.xml | 0 .../objectserviceimp2_fuzzer}/BUILD.gn | 37 ++++++-- .../corpus/init | 0 .../objectserviceimp2_fuzzer.cpp | 75 +++++++++++++++ .../objectserviceimp2_fuzzer.h} | 27 +----- .../project.xml | 0 .../objectserviceimp3_fuzzer/BUILD.gn | 74 +++++++++++++++ .../objectserviceimp3_fuzzer/corpus/init} | 7 +- .../objectserviceimp3_fuzzer.cpp} | 93 +------------------ .../objectserviceimp3_fuzzer.h | 21 +++++ .../objectserviceimp3_fuzzer/project.xml | 25 +++++ 17 files changed, 316 insertions(+), 136 deletions(-) rename services/distributeddataservice/service/test/fuzztest/{objectserviceimp_fuzzer => objectserviceimp1_fuzzer}/BUILD.gn (98%) rename services/distributeddataservice/{framework/test/fuzztest/screenmanager_fuzzer => service/test/fuzztest/objectserviceimp1_fuzzer}/corpus/init (100%) create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/objectserviceimp1_fuzzer.cpp rename services/distributeddataservice/service/test/fuzztest/{objectserviceimp_fuzzer/objectserviceimp_fuzzer.h => objectserviceimp1_fuzzer/objectserviceimp1_fuzzer.h} (78%) rename services/distributeddataservice/{framework/test/fuzztest/screenmanager_fuzzer => service/test/fuzztest/objectserviceimp1_fuzzer}/project.xml (100%) rename services/distributeddataservice/{framework/test/fuzztest/screenmanager_fuzzer => service/test/fuzztest/objectserviceimp2_fuzzer}/BUILD.gn (56%) rename services/distributeddataservice/service/test/fuzztest/{objectserviceimp_fuzzer => objectserviceimp2_fuzzer}/corpus/init (100%) create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp rename services/distributeddataservice/{framework/test/fuzztest/screenmanager_fuzzer/screenmanager_fuzzer.cpp => service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.h} (45%) rename services/distributeddataservice/service/test/fuzztest/{objectserviceimp_fuzzer => objectserviceimp2_fuzzer}/project.xml (100%) create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn rename services/distributeddataservice/{framework/test/fuzztest/screenmanager_fuzzer/screenmanager_fuzzer.h => service/test/fuzztest/objectserviceimp3_fuzzer/corpus/init} (80%) rename services/distributeddataservice/service/test/fuzztest/{objectserviceimp_fuzzer/objectserviceimp_fuzzer.cpp => objectserviceimp3_fuzzer/objectserviceimp3_fuzzer.cpp} (44%) create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/objectserviceimp3_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/project.xml diff --git a/services/distributeddataservice/framework/screen/screen_manager.cpp b/services/distributeddataservice/framework/screen/screen_manager.cpp index 6b939376e..1131fa821 100644 --- a/services/distributeddataservice/framework/screen/screen_manager.cpp +++ b/services/distributeddataservice/framework/screen/screen_manager.cpp @@ -39,6 +39,7 @@ bool ScreenManager::RegisterInstance(std::shared_ptr instance) return true; } +// LCOV_EXCL_START void ScreenManager::Subscribe(std::shared_ptr observer) { return; @@ -68,4 +69,5 @@ bool ScreenManager::IsLocked() { return false; } +// LCOV_EXCL_STOP } // namespace OHOS::DistributedData \ No newline at end of file diff --git a/services/distributeddataservice/service/object/src/object_service_impl.cpp b/services/distributeddataservice/service/object/src/object_service_impl.cpp index ff6d5ee3a..288d0dc43 100644 --- a/services/distributeddataservice/service/object/src/object_service_impl.cpp +++ b/services/distributeddataservice/service/object/src/object_service_impl.cpp @@ -414,6 +414,7 @@ ObjectServiceImpl::ObjectServiceImpl() EventCenter::GetInstance().Subscribe(BindEvent::BIND_SNAPSHOT, process); } +// LCOV_EXCL_START void ObjectServiceImpl::RegisterObjectServiceInfo() { DumpManager::Config serviceInfoConfig; @@ -431,7 +432,7 @@ void ObjectServiceImpl::RegisterHandler() }; DumpManager::GetInstance().AddHandler("FEATURE_INFO", uintptr_t(this), handler); } - +// LCOV_EXCL_STOP void ObjectServiceImpl::DumpObjectServiceInfo(int fd, std::map> ¶ms) { (void)params; diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/BUILD.gn similarity index 98% rename from services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/BUILD.gn index 039f0bf8e..989ef9128 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/BUILD.gn @@ -24,7 +24,7 @@ ohos_fuzztest("ObjectServiceImpFuzzTest") { ] fuzz_config_file = - "${data_service_path}/service/test/fuzztest/objectserviceimp_fuzzer" + "${data_service_path}/service/test/fuzztest/objectserviceimp1_fuzzer" cflags = [ "-g", @@ -35,7 +35,7 @@ ohos_fuzztest("ObjectServiceImpFuzzTest") { ] sources = [ - "objectserviceimp_fuzzer.cpp", + "objectserviceimp1_fuzzer.cpp", ] deps = [ diff --git a/services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/corpus/init similarity index 100% rename from services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/corpus/init rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/corpus/init diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/objectserviceimp1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/objectserviceimp1_fuzzer.cpp new file mode 100644 index 000000000..000754166 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/objectserviceimp1_fuzzer.cpp @@ -0,0 +1,76 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "objectserviceimp1_fuzzer.h" +#include "object_service_impl.h" +#include "account/account_delegate.h" + +using namespace OHOS::DistributedObject; + +namespace OHOS { + +void ObjectStoreSaveFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + sptr callback; + std::string bundleName = provider.ConsumeRandomLengthString(100); + std::string sessionId = provider.ConsumeRandomLengthString(100); + std::string deviceId = provider.ConsumeRandomLengthString(100); + std::map> data; + std::vector remainingData = provider.ConsumeRemainingBytes(); + data["key1"] = remainingData; + objectServiceImpl->ObjectStoreSave(bundleName, sessionId, deviceId, data, callback); +} + +void OnUserChangeFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + uint32_t code = static_cast(AccountStatus::DEVICE_ACCOUNT_SWITCHED); + std::string user = provider.ConsumeRandomLengthString(100); + std::string account = provider.ConsumeRandomLengthString(100); + objectServiceImpl->OnUserChange(code, user, account); +} + +void ObjectStoreRevokeSaveFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + sptr callback; + std::string bundleName = provider.ConsumeRandomLengthString(100); + std::string sessionId = provider.ConsumeRandomLengthString(100); + objectServiceImpl->ObjectStoreRevokeSave(bundleName, sessionId, callback); +} + +void ObjectStoreRetrieveFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + sptr callback; + std::string bundleName = provider.ConsumeRandomLengthString(100); + std::string sessionId = provider.ConsumeRandomLengthString(100); + objectServiceImpl->ObjectStoreRetrieve(bundleName, sessionId, callback); +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::ObjectStoreSaveFuzzTest(provider); + OHOS::OnUserChangeFuzzTest(provider); + OHOS::ObjectStoreRevokeSaveFuzzTest(provider); + OHOS::ObjectStoreRetrieveFuzzTest(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/objectserviceimp1_fuzzer.h similarity index 78% rename from services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/objectserviceimp1_fuzzer.h index 8aa6bb0e2..9969aa5a5 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.h +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/objectserviceimp1_fuzzer.h @@ -13,9 +13,9 @@ * limitations under the License. */ -#ifndef OBJECT_SERVICE_IMP_FUZZER_H -#define OBJECT_SERVICE_IMP_FUZZER_H +#ifndef OBJECT_SERVICE_IMP1_FUZZER_H +#define OBJECT_SERVICE_IMP1_FUZZER_H -#define FUZZ_PROJECT_NAME "objectserviceimp_fuzzer" +#define FUZZ_PROJECT_NAME "objectserviceimp1_fuzzer" -#endif // OBJECT_SERVICE_IMP_FUZZER_H \ No newline at end of file +#endif // OBJECT_SERVICE_IMP1_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/project.xml similarity index 100% rename from services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/project.xml rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/project.xml diff --git a/services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/BUILD.gn similarity index 56% rename from services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/BUILD.gn rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/BUILD.gn index f063faa15..fe5037836 100644 --- a/services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/BUILD.gn @@ -16,33 +16,52 @@ import("//build/test.gni") import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") ##############################fuzztest########################################## -ohos_fuzztest("ScreenManagerFuzzTest") { +ohos_fuzztest("ObjectServiceImpFuzzTest") { module_out_path = "datamgr_service/datamgr_service" include_dirs = [ - "${data_service_path}/framework/include", + "${data_service_path}/service/object/include", ] fuzz_config_file = - "${data_service_path}/framework/test/fuzztest/screenmanager_fuzzer" - - sources = [ "screenmanager_fuzzer.cpp" ] + "${data_service_path}/service/test/fuzztest/objectserviceimp2_fuzzer" cflags = [ "-g", "-O0", "-Wno-unused-variable", "-fno-omit-frame-pointer", + "-fno-access-control", + ] + + sources = [ + "objectserviceimp2_fuzzer.cpp", ] deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/communicator:distributeddata_communicator", "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/object:distributeddata_object", ] external_deps = [ - "c_utils:utils", + "ability_base:want", + "ability_base:zuri", + "ability_runtime:ability_manager", + "ability_runtime:dataobs_manager", + "access_token:libaccesstoken_sdk", + "access_token:libtokenid_sdk", + "data_object:data_object_inner", + "data_object:distributeddataobject_impl", + "device_manager:devicemanagersdk", + "dfs_service:distributed_file_daemon_kit_inner", + "dmsfwk:distributed_sdk", "hilog:libhilog", - "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", ] } @@ -50,6 +69,6 @@ ohos_fuzztest("ScreenManagerFuzzTest") { group("fuzztest") { testonly = true - deps = [ ":ScreenManagerFuzzTest" ] + deps = [ ":ObjectServiceImpFuzzTest" ] } -############################################################################### \ No newline at end of file +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/corpus/init similarity index 100% rename from services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/corpus/init rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/corpus/init diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp new file mode 100644 index 000000000..43c578288 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "objectserviceimp2_fuzzer.h" +#include "object_service_impl.h" +#include "account/account_delegate.h" + +using namespace OHOS::DistributedObject; + +namespace OHOS { + +void RegisterDataObserverFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + sptr callback; + std::string bundleName = provider.ConsumeRandomLengthString(100); + std::string sessionId = provider.ConsumeRandomLengthString(100); + objectServiceImpl->RegisterDataObserver(bundleName, sessionId, callback); +} + +void OnAppUninstallFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + if (objectServiceImpl->factory_.staticActs_ == nullptr) { + return; + } + std::string bundleName = provider.ConsumeRandomLengthString(100); + int32_t user = provider.ConsumeIntegral(); + int32_t index = provider.ConsumeIntegral(); + objectServiceImpl->factory_.staticActs_->OnAppUninstall(bundleName, user, index); +} + +void ResolveAutoLaunchFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + std::string identifier = provider.ConsumeRandomLengthString(100); + DistributedDB::AutoLaunchParam param; + objectServiceImpl->ResolveAutoLaunch(identifier, param); +} + +void OnAppExitFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr objectServiceImpl = std::make_shared(); + pid_t uid = provider.ConsumeIntegral(); + pid_t pid = provider.ConsumeIntegral(); + uint32_t tokenId = provider.ConsumeIntegral(); + std::string bundleName = provider.ConsumeRandomLengthString(100); + objectServiceImpl->OnAppExit(uid, pid, tokenId, bundleName); +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::RegisterDataObserverFuzzTest(provider); + OHOS::OnAppUninstallFuzzTest(provider); + OHOS::ResolveAutoLaunchFuzzTest(provider); + OHOS::OnAppExitFuzzTest(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/screenmanager_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.h similarity index 45% rename from services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/screenmanager_fuzzer.cpp rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.h index d944f95c3..0e38d64c0 100644 --- a/services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/screenmanager_fuzzer.cpp +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.h @@ -13,28 +13,9 @@ * limitations under the License. */ -#include -#include "screenmanager_fuzzer.h" -#include "screen/screen_manager.h" +#ifndef OBJECT_SERVICE_IMP2_FUZZER_H +#define OBJECT_SERVICE_IMP2_FUZZER_H -using namespace OHOS::DistributedData; +#define FUZZ_PROJECT_NAME "objectserviceimp2_fuzzer" -namespace OHOS { -void TestScreenManager(FuzzedDataProvider &provider) -{ - ScreenManager::GetInstance()->Subscribe(nullptr); - ScreenManager::GetInstance()->Unsubscribe(nullptr); - ScreenManager::GetInstance()->BindExecutor(nullptr); - ScreenManager::GetInstance()->SubscribeScreenEvent(); - ScreenManager::GetInstance()->UnsubscribeScreenEvent(); -} - -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::TestScreenManager(provider); - return 0; -} \ No newline at end of file +#endif // OBJECT_SERVICE_IMP2_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/project.xml similarity index 100% rename from services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/project.xml rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn new file mode 100644 index 000000000..5a8871a0d --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn @@ -0,0 +1,74 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("ObjectServiceImpFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/object/include", + ] + + fuzz_config_file = + "${data_service_path}/service/test/fuzztest/objectserviceimp3_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + "-fno-access-control", + ] + + sources = [ + "objectserviceimp3_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/communicator:distributeddata_communicator", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/object:distributeddata_object", + ] + + external_deps = [ + "ability_base:want", + "ability_base:zuri", + "ability_runtime:ability_manager", + "ability_runtime:dataobs_manager", + "access_token:libaccesstoken_sdk", + "access_token:libtokenid_sdk", + "data_object:data_object_inner", + "data_object:distributeddataobject_impl", + "device_manager:devicemanagersdk", + "dfs_service:distributed_file_daemon_kit_inner", + "dmsfwk:distributed_sdk", + "hilog:libhilog", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":ObjectServiceImpFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/screenmanager_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/corpus/init similarity index 80% rename from services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/screenmanager_fuzzer.h rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/corpus/init index ab2fe6fe3..7ade8a0fa 100644 --- a/services/distributeddataservice/framework/test/fuzztest/screenmanager_fuzzer/screenmanager_fuzzer.h +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/corpus/init @@ -13,9 +13,4 @@ * limitations under the License. */ -#ifndef SCREENMANAGER_FUZZER_H -#define SCREENMANAGER_FUZZER_H - -#define FUZZ_PROJECT_NAME "screenmanager_fuzzer" - -#endif // SCREENMANAGER_FUZZER_H +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/objectserviceimp3_fuzzer.cpp similarity index 44% rename from services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.cpp rename to services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/objectserviceimp3_fuzzer.cpp index de7adc4e9..fceecb58d 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp_fuzzer/objectserviceimp_fuzzer.cpp +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/objectserviceimp3_fuzzer.cpp @@ -15,95 +15,14 @@ #include -#include "objectserviceimp_fuzzer.h" +#include "objectserviceimp3_fuzzer.h" #include "object_service_impl.h" #include "account/account_delegate.h" using namespace OHOS::DistributedObject; namespace OHOS { - -void ObjectStoreSaveFuzzTest(FuzzedDataProvider &provider) -{ - std::shared_ptr objectServiceImpl = std::make_shared(); - sptr callback; - std::string bundleName = provider.ConsumeRandomLengthString(100); - std::string sessionId = provider.ConsumeRandomLengthString(100); - std::string deviceId = provider.ConsumeRandomLengthString(100); - std::map> data; - std::vector remainingData = provider.ConsumeRemainingBytes(); - data["key1"] = remainingData; - objectServiceImpl->ObjectStoreSave(bundleName, sessionId, deviceId, data, callback); -} - -void OnUserChangeFuzzTest(FuzzedDataProvider &provider) -{ - std::shared_ptr objectServiceImpl = std::make_shared(); - uint32_t code = static_cast(AccountStatus::DEVICE_ACCOUNT_SWITCHED); - std::string user = provider.ConsumeRandomLengthString(100); - std::string account = provider.ConsumeRandomLengthString(100); - objectServiceImpl->OnUserChange(code, user, account); -} - -void ObjectStoreRevokeSaveFuzzTest(FuzzedDataProvider &provider) -{ - std::shared_ptr objectServiceImpl = std::make_shared(); - sptr callback; - std::string bundleName = provider.ConsumeRandomLengthString(100); - std::string sessionId = provider.ConsumeRandomLengthString(100); - objectServiceImpl->ObjectStoreRevokeSave(bundleName, sessionId, callback); -} - -void ObjectStoreRetrieveFuzzTest(FuzzedDataProvider &provider) -{ - std::shared_ptr objectServiceImpl = std::make_shared(); - sptr callback; - std::string bundleName = provider.ConsumeRandomLengthString(100); - std::string sessionId = provider.ConsumeRandomLengthString(100); - objectServiceImpl->ObjectStoreRetrieve(bundleName, sessionId, callback); -} - -void RegisterDataObserverFuzzTest(FuzzedDataProvider &provider) -{ - std::shared_ptr objectServiceImpl = std::make_shared(); - sptr callback; - std::string bundleName = provider.ConsumeRandomLengthString(100); - std::string sessionId = provider.ConsumeRandomLengthString(100); - objectServiceImpl->RegisterDataObserver(bundleName, sessionId, callback); -} - -void OnAppUninstallFuzzTest(FuzzedDataProvider &provider) -{ - std::shared_ptr objectServiceImpl = std::make_shared(); - if (objectServiceImpl->factory_.staticActs_ == nullptr) { - return; - } - std::string bundleName = provider.ConsumeRandomLengthString(100); - int32_t user = provider.ConsumeIntegral(); - int32_t index = provider.ConsumeIntegral(); - objectServiceImpl->factory_.staticActs_->OnAppUninstall(bundleName, user, index); -} - -void ResolveAutoLaunchFuzzTest(FuzzedDataProvider &provider) -{ - std::shared_ptr objectServiceImpl = std::make_shared(); - std::string identifier = provider.ConsumeRandomLengthString(100); - DistributedDB::AutoLaunchParam param; - objectServiceImpl->ResolveAutoLaunch(identifier, param); -} - -void OnAppExitFuzzTest(FuzzedDataProvider &provider) -{ - std::shared_ptr objectServiceImpl = std::make_shared(); - pid_t uid = provider.ConsumeIntegral(); - pid_t pid = provider.ConsumeIntegral(); - uint32_t tokenId = provider.ConsumeIntegral(); - std::string bundleName = provider.ConsumeRandomLengthString(100); - objectServiceImpl->OnAppExit(uid, pid, tokenId, bundleName); - objectServiceImpl->RegisterObjectServiceInfo(); - objectServiceImpl->RegisterHandler(); -} - + void DumpObjectServiceInfoFuzzTest(FuzzedDataProvider &provider) { std::shared_ptr objectServiceImpl = std::make_shared(); @@ -156,14 +75,6 @@ void BindAssetStoreFuzzTest(FuzzedDataProvider &provider) extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { FuzzedDataProvider provider(data, size); - OHOS::ObjectStoreSaveFuzzTest(provider); - OHOS::OnUserChangeFuzzTest(provider); - OHOS::ObjectStoreRevokeSaveFuzzTest(provider); - OHOS::ObjectStoreRetrieveFuzzTest(provider); - OHOS::RegisterDataObserverFuzzTest(provider); - OHOS::OnAppUninstallFuzzTest(provider); - OHOS::ResolveAutoLaunchFuzzTest(provider); - OHOS::OnAppExitFuzzTest(provider); OHOS::DumpObjectServiceInfoFuzzTest(provider); OHOS::SaveMetaDataFuzzTest(provider); OHOS::BindAssetStoreFuzzTest(provider); diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/objectserviceimp3_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/objectserviceimp3_fuzzer.h new file mode 100644 index 000000000..a68ec2fe1 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/objectserviceimp3_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef OBJECT_SERVICE_IMP3_FUZZER_H +#define OBJECT_SERVICE_IMP3_FUZZER_H + +#define FUZZ_PROJECT_NAME "objectserviceimp3_fuzzer" + +#endif // OBJECT_SERVICE_IMP3_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/project.xml new file mode 100644 index 000000000..a37a23b15 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 21ff840153d95f46be502b8db1406aa639842507 Mon Sep 17 00:00:00 2001 From: gecheng Date: Mon, 25 Aug 2025 21:48:22 +0800 Subject: [PATCH 02/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../distributeddataservice/framework/test/fuzztest/BUILD.gn | 5 +---- .../service/object/src/object_service_impl.cpp | 1 + .../distributeddataservice/service/test/fuzztest/BUILD.gn | 4 +++- .../service/test/fuzztest/objectserviceimp1_fuzzer/BUILD.gn | 4 ++-- .../service/test/fuzztest/objectserviceimp2_fuzzer/BUILD.gn | 4 ++-- .../service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn | 4 ++-- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/services/distributeddataservice/framework/test/fuzztest/BUILD.gn b/services/distributeddataservice/framework/test/fuzztest/BUILD.gn index b35cb67af..e54fc7ba3 100644 --- a/services/distributeddataservice/framework/test/fuzztest/BUILD.gn +++ b/services/distributeddataservice/framework/test/fuzztest/BUILD.gn @@ -18,8 +18,5 @@ import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") group("fuzztest") { testonly = true - deps = [ - "storedebuginfo_fuzzer:fuzztest", - "screenmanager_fuzzer:fuzztest", - ] + deps = [ "storedebuginfo_fuzzer:fuzztest" ] } \ No newline at end of file diff --git a/services/distributeddataservice/service/object/src/object_service_impl.cpp b/services/distributeddataservice/service/object/src/object_service_impl.cpp index 288d0dc43..257502c07 100644 --- a/services/distributeddataservice/service/object/src/object_service_impl.cpp +++ b/services/distributeddataservice/service/object/src/object_service_impl.cpp @@ -433,6 +433,7 @@ void ObjectServiceImpl::RegisterHandler() DumpManager::GetInstance().AddHandler("FEATURE_INFO", uintptr_t(this), handler); } // LCOV_EXCL_STOP + void ObjectServiceImpl::DumpObjectServiceInfo(int fd, std::map> ¶ms) { (void)params; diff --git a/services/distributeddataservice/service/test/fuzztest/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/BUILD.gn index 107fde072..6dd680bdd 100644 --- a/services/distributeddataservice/service/test/fuzztest/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/BUILD.gn @@ -30,7 +30,9 @@ group("fuzztest") { if (datamgr_service_object) { deps += [ "objectservicestub_fuzzer:fuzztest", - "objectserviceimp_fuzzer:fuzztest", + "objectserviceimp1_fuzzer:fuzztest", + "objectserviceimp2_fuzzer:fuzztest", + "objectserviceimp3_fuzzer:fuzztest", "objectservicelistener_fuzzer:fuzztest", ] } diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/BUILD.gn index 989ef9128..8d654ce30 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp1_fuzzer/BUILD.gn @@ -16,7 +16,7 @@ import("//build/test.gni") import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") ##############################fuzztest########################################## -ohos_fuzztest("ObjectServiceImpFuzzTest") { +ohos_fuzztest("ObjectServiceImp1FuzzTest") { module_out_path = "datamgr_service/datamgr_service" include_dirs = [ @@ -69,6 +69,6 @@ ohos_fuzztest("ObjectServiceImpFuzzTest") { group("fuzztest") { testonly = true - deps = [ ":ObjectServiceImpFuzzTest" ] + deps = [ ":ObjectServiceImp1FuzzTest" ] } ############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/BUILD.gn index fe5037836..57ebaece8 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/BUILD.gn @@ -16,7 +16,7 @@ import("//build/test.gni") import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") ##############################fuzztest########################################## -ohos_fuzztest("ObjectServiceImpFuzzTest") { +ohos_fuzztest("ObjectServiceImp2FuzzTest") { module_out_path = "datamgr_service/datamgr_service" include_dirs = [ @@ -69,6 +69,6 @@ ohos_fuzztest("ObjectServiceImpFuzzTest") { group("fuzztest") { testonly = true - deps = [ ":ObjectServiceImpFuzzTest" ] + deps = [ ":ObjectServiceImp2FuzzTest" ] } ############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn index 5a8871a0d..46a6be379 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp3_fuzzer/BUILD.gn @@ -16,7 +16,7 @@ import("//build/test.gni") import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") ##############################fuzztest########################################## -ohos_fuzztest("ObjectServiceImpFuzzTest") { +ohos_fuzztest("ObjectServiceImp3FuzzTest") { module_out_path = "datamgr_service/datamgr_service" include_dirs = [ @@ -69,6 +69,6 @@ ohos_fuzztest("ObjectServiceImpFuzzTest") { group("fuzztest") { testonly = true - deps = [ ":ObjectServiceImpFuzzTest" ] + deps = [ ":ObjectServiceImp3FuzzTest" ] } ############################################################################### -- Gitee From 6e1be6025f2e0beefe9600d57fcb9d7114031d22 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 14:51:59 +0800 Subject: [PATCH 03/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub2_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub1_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub2_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub2_fuzzer/corpus/init | 16 + .../cloudservicestub2_fuzzer/project.xml | 25 + 7 files changed, 1538 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub2_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub2_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub2_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 465fe4d472137685162ec795c36360b6d241e11d Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 14:54:38 +0800 Subject: [PATCH 04/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub2_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 460 ------------------ .../cloudservicestub2_fuzzer.cpp | 460 ------------------ .../cloudservicestub_fuzzer.cpp | 460 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub2_fuzzer/corpus/init | 16 - .../cloudservicestub2_fuzzer/project.xml | 25 - 7 files changed, 1538 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 9993a96f8520aeb3a90a378c01a2686a948d95e7 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 14:57:44 +0800 Subject: [PATCH 05/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub1_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub2_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub1_fuzzer/corpus/init | 16 + .../cloudservicestub1_fuzzer/project.xml | 25 + 7 files changed, 1538 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 8c23f025fa3c3d0eb1bb3550e2ae08bd805d8701 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 14:59:14 +0800 Subject: [PATCH 06/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 460 ------------------ .../cloudservicestub2_fuzzer.cpp | 460 ------------------ .../cloudservicestub_fuzzer.cpp | 460 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub1_fuzzer/corpus/init | 16 - .../cloudservicestub1_fuzzer/project.xml | 25 - 7 files changed, 1538 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 8b3e94a31183ea4d2b04bfd7c7092349057a38d5 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:01:33 +0800 Subject: [PATCH 07/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub1_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub2_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub_fuzzer.cpp | 460 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub1_fuzzer/corpus/init | 16 + .../cloudservicestub1_fuzzer/project.xml | 25 + 7 files changed, 1538 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..b056cd107 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,460 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} + +int32_t CloudServiceImpl::OnInitialize() +{ + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + return E_OK; +} + +bool CloudServiceImpl::CleanWaterVersion(int32_t user) +{ + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + } + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 2952f1634cf77bc3c122175c173ef1576edd865c Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:02:18 +0800 Subject: [PATCH 08/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 460 ------------------ .../cloudservicestub2_fuzzer.cpp | 460 ------------------ .../cloudservicestub_fuzzer.cpp | 460 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub1_fuzzer/corpus/init | 16 - .../cloudservicestub1_fuzzer/project.xml | 25 - 7 files changed, 1538 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index b056cd107..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,460 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } - - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} - -int32_t CloudServiceImpl::OnInitialize() -{ - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - return E_OK; -} - -bool CloudServiceImpl::CleanWaterVersion(int32_t user) -{ - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - } - return true; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 8182c6acdf01c8a435725c6cfd8bdae04852c0ee Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:06:49 +0800 Subject: [PATCH 09/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub_fuzzer.cpp | 495 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub1_fuzzer/corpus/init | 16 + .../cloudservicestub1_fuzzer/project.xml | 25 + 5 files changed, 653 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..f79d6ef60 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,495 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 5c44d31327a9c7ac612d3adbfb066c14890df857 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:07:49 +0800 Subject: [PATCH 10/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer.cpp | 495 ++++++++++++++++++ .../cloudservicestub2_fuzzer.cpp | 495 ++++++++++++++++++ 2 files changed, 990 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..f79d6ef60 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,495 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp new file mode 100644 index 000000000..f79d6ef60 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp @@ -0,0 +1,495 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file -- Gitee From 225126e4f604f135bcc0f56e9c371e2e4e14b430 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:08:50 +0800 Subject: [PATCH 11/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 495 ------------------ .../cloudservicestub2_fuzzer.cpp | 495 ------------------ .../cloudservicestub_fuzzer.cpp | 495 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub1_fuzzer/corpus/init | 16 - .../cloudservicestub1_fuzzer/project.xml | 25 - 7 files changed, 1643 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index f79d6ef60..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,495 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index f79d6ef60..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,495 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index f79d6ef60..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,495 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 0281d9aa60912087c484157e5bef8b26993e0683 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:11:45 +0800 Subject: [PATCH 12/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub_fuzzer.cpp | 495 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub1_fuzzer/corpus/init | 16 + .../cloudservicestub1_fuzzer/project.xml | 25 + .../cloudservicestub2_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub1_fuzzer.cpp | 472 +++++++++++++++++ .../cloudservicestub_fuzzer.cpp | 495 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub2_fuzzer/corpus/init | 16 + .../cloudservicestub2_fuzzer/project.xml | 25 + 11 files changed, 1778 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..f79d6ef60 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,495 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..2c45cd78e --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,472 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..f79d6ef60 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,495 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } + auto stores = CheckerManager::GetInstance().GetDynamicStores(); + auto staticStores = CheckerManager::GetInstance().GetStaticStores(); + stores.insert(stores.end(), staticStores.begin(), staticStores.end()); + auto keys = cloudInfo.GetSchemaKey(); + for (const auto &[bundle, key] : keys) { + SchemaMeta schemaMeta; + if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && + schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { + bool found = std::any_of(stores.begin(), stores.end(), + [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { + return storeInfo.bundleName == schemaMeta.bundleName; + }); + if (!found) { + continue; + } + DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); + schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; + } + MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); + auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); + ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, + Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), + static_cast(lastSyncInfos.size())); + if (lastSyncInfos.empty()) { + return { ret, results }; + } + return { ret, AssembleLastResults(databases, lastSyncInfos) }; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 631a1bc152bfd1bdfddb190a4931e25586987284 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:13:34 +0800 Subject: [PATCH 13/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer.cpp} | 0 .../cloudservicestub2_fuzzer.cpp} | 6 +- .../cloudservicestub2_fuzzer/BUILD.gn | 96 ------------------- .../cloudservicestub_fuzzer.h | 21 ---- .../cloudservicestub2_fuzzer/corpus/init | 16 ---- .../cloudservicestub2_fuzzer/project.xml | 25 ----- 6 files changed, 1 insertion(+), 163 deletions(-) rename services/distributeddataservice/service/test/fuzztest/{cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp => cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp} (100%) rename services/distributeddataservice/service/test/fuzztest/{cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp => cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp} (98%) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp similarity index 100% rename from services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.cpp rename to services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp similarity index 98% rename from services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp rename to services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp index 2c45cd78e..1bee9999f 100644 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub1_fuzzer.cpp +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp @@ -424,7 +424,7 @@ bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) return { INVALID_ARGUMENT, results }; } } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); std::vector users; Account::GetInstance()->QueryUsers(users); @@ -451,10 +451,6 @@ bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) if (status != SUCCESS) { return false; } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); } } // namespace OHOS diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub2_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 3bb21335d7a9766a7f0b396002bdab6971cab390 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:14:48 +0800 Subject: [PATCH 14/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 495 ------------------ .../cloudservicestub2_fuzzer.cpp | 468 ----------------- .../cloudservicestub_fuzzer.cpp | 495 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub1_fuzzer/corpus/init | 16 - .../cloudservicestub1_fuzzer/project.xml | 25 - 7 files changed, 1616 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index f79d6ef60..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,495 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index f79d6ef60..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,495 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } - auto stores = CheckerManager::GetInstance().GetDynamicStores(); - auto staticStores = CheckerManager::GetInstance().GetStaticStores(); - stores.insert(stores.end(), staticStores.begin(), staticStores.end()); - auto keys = cloudInfo.GetSchemaKey(); - for (const auto &[bundle, key] : keys) { - SchemaMeta schemaMeta; - if (MetaDataManager::GetInstance().LoadMeta(key, schemaMeta, true) && - schemaMeta.metaVersion < SchemaMeta::CLEAN_WATER_VERSION) { - bool found = std::any_of(stores.begin(), stores.end(), - [&schemaMeta](const CheckerManager::StoreInfo &storeInfo) { - return storeInfo.bundleName == schemaMeta.bundleName; - }); - if (!found) { - continue; - } - DoClean(user, schemaMeta, GeneralStore::CleanMode::CLEAN_WATER); - schemaMeta.metaVersion = SchemaMeta::CLEAN_WATER_VERSION; - } - MetaDataManager::GetInstance().SaveMeta(key, schemaMeta, true); - auto [ret, lastSyncInfos] = syncManager_.QueryLastSyncInfo(queryKeys); - ZLOGI("code:%{public}d, id:%{public}s, bundleName:%{public}s, storeId:%{public}s, size:%{public}d", ret, - Anonymous::Change(id).c_str(), bundleName.c_str(), Anonymous::Change(storeId).c_str(), - static_cast(lastSyncInfos.size())); - if (lastSyncInfos.empty()) { - return { ret, results }; - } - return { ret, AssembleLastResults(databases, lastSyncInfos) }; -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 943f36f1734745695fbccd1fec743f7ed53e29ba Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:15:51 +0800 Subject: [PATCH 15/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub1_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub2_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub1_fuzzer/corpus/init | 16 + .../cloudservicestub1_fuzzer/project.xml | 25 + 7 files changed, 1562 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From a089eb148218b8d659e9934a675aadd93dc9bf60 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:16:43 +0800 Subject: [PATCH 16/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 468 ------------------ .../cloudservicestub2_fuzzer.cpp | 468 ------------------ .../cloudservicestub_fuzzer.cpp | 468 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub1_fuzzer/corpus/init | 16 - .../cloudservicestub1_fuzzer/project.xml | 25 - 7 files changed, 1562 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 9fc18d1dc5c4d6965196dc523f96d4ac2336611e Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:18:03 +0800 Subject: [PATCH 17/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub1_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub2_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub1_fuzzer/corpus/init | 16 + .../cloudservicestub1_fuzzer/project.xml | 25 + 7 files changed, 1562 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 8a7786645f1b6849fb2662d85565c48b9ea092a2 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:18:22 +0800 Subject: [PATCH 18/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 468 ------------------ .../cloudservicestub2_fuzzer.cpp | 468 ------------------ .../cloudservicestub_fuzzer.cpp | 468 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub1_fuzzer/corpus/init | 16 - .../cloudservicestub1_fuzzer/project.xml | 25 - 7 files changed, 1562 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 76cf0bebca45428f91b774478ccf70c70e201960 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:19:19 +0800 Subject: [PATCH 19/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub1_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub2_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub1_fuzzer/corpus/init | 16 + .../cloudservicestub1_fuzzer/project.xml | 25 + 7 files changed, 1562 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From 6b458ccbcdf27e1a35e179cb875647902caed0b1 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:19:33 +0800 Subject: [PATCH 20/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 468 ------------------ .../cloudservicestub2_fuzzer.cpp | 468 ------------------ .../cloudservicestub_fuzzer.cpp | 468 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub1_fuzzer/corpus/init | 16 - .../cloudservicestub1_fuzzer/project.xml | 25 - 7 files changed, 1562 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From 00fab3a61c7dd06dec54e90ebb0d234cecbc3e42 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:44:24 +0800 Subject: [PATCH 21/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ++++ .../cloudservicestub1_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub2_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub_fuzzer.cpp | 468 ++++++++++++++++++ .../cloudservicestub_fuzzer.h | 21 + .../cloudservicestub1_fuzzer/corpus/init | 16 + .../cloudservicestub1_fuzzer/project.xml | 25 + 7 files changed, 1562 insertions(+) create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init create mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn new file mode 100644 index 000000000..2618103ac --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn @@ -0,0 +1,96 @@ +# Copyright (c) 2023 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +##############################hydra-fuzz######################################## +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") + +##############################fuzztest########################################## +ohos_fuzztest("CloudServiceStubFuzzTest") { + module_out_path = "datamgr_service/datamgr_service" + + include_dirs = [ + "${data_service_path}/service/cloud", + "${data_service_path}/service/common", + "${data_service_path}/service/config/include", + "${data_service_path}/service/crypto/include", + "${data_service_path}/service/kvdb", + "${data_service_path}/service/matrix/include", + "${data_service_path}/service/network", + "${data_service_path}/service/object", + "${data_service_path}/service/permission/include", + "${data_service_path}/service/rdb", + "${data_service_path}/adapter/include/communicator", + ] + + fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "${data_service_path}/app/src/checker/bundle_checker.cpp", + "${data_service_path}/app/src/checker/system_checker.cpp", + "cloudservicestub_fuzzer.cpp", + ] + + deps = [ + "${data_service_path}/adapter/account:distributeddata_account", + "${data_service_path}/adapter/dfx:distributeddata_dfx", + "${data_service_path}/adapter/network:distributeddata_network", + "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", + "${data_service_path}/adapter/utils:distributeddata_utils", + "${data_service_path}/framework:distributeddatasvcfwk", + "${data_service_path}/service:distributeddatasvc", + "${data_service_path}/service/bootstrap:distributeddata_bootstrap", + "${data_service_path}/service/cloud:distributeddata_cloud", + "${data_service_path}/service/common:distributeddata_common", + "${data_service_path}/service/rdb:distributeddata_rdb", + ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libtoken_setproc", + "access_token:libtokenid_sdk", + "bundle_framework:appexecfwk_base", + "bundle_framework:appexecfwk_core", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_manager:devicemanagersdk", + "hicollie:libhicollie", + "hilog:libhilog", + "hisysevent:libhisysevent", + "huks:libhukssdk", + "ipc:ipc_core", + "kv_store:datamgr_common", + "kv_store:distributeddata_inner", + "kv_store:distributeddata_mgr", + "kv_store:distributeddb", + "relational_store:native_rdb", + "resource_management:global_resmgr", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":CloudServiceStubFuzzTest" ] +} +############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp new file mode 100644 index 000000000..1bee9999f --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp @@ -0,0 +1,468 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include "cloudservicestub_fuzzer.h" + +#include +#include + +#include "accesstoken_kit.h" +#include "cloud_service_impl.h" +#include "ipc_skeleton.h" +#include "message_parcel.h" +#include "securec.h" +#include "token_setproc.h" + +using namespace OHOS::CloudData; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +constexpr int USER_ID = 100; +constexpr int INST_INDEX = 0; +const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; +constexpr uint32_t CODE_MIN = 0; +constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; +constexpr size_t NUM_MIN = 5; +constexpr size_t NUM_MAX = 12; + +void AllocAndSetHapToken() +{ + HapInfoParams info = { + .userID = USER_ID, + .bundleName = "ohos.test.demo", + .instIndex = INST_INDEX, + .appIDDesc = "ohos.test.demo", + .isSystemApp = true + }; + + HapPolicyParams policy = { + .apl = APL_NORMAL, + .domain = "test.domain", + .permList = {}, + .permStateList = { + { + .permissionName = "ohos.permission.CLOUDDATA_CONFIG", + .isGeneral = true, + .resDeviceID = { "local" }, + .grantStatus = { PermissionState::PERMISSION_GRANTED }, + .grantFlags = { 1 } + } + } + }; + auto tokenID = AccessTokenKit::AllocHapToken(info, policy); + SetSelfTokenID(tokenID.tokenIDEx); +} + +bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnRemoteRequest(code, request, reply); + return true; +} + +bool OnEnableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnEnableCloud(code, request, reply); + XCollie xcollie( + __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); + return status; + } + cloudInfo.enableCloud = true; + for (const auto &[bundle, value] : switches) { + if (!cloudInfo.Exist(bundle)) { + continue; + } + cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); + ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); + } + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); + return true; +} + +bool OnDisableCloudFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnDisableCloud(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), + Anonymous::Change(cloudInfo.id).c_str()); + return INVALID_ARGUMENT; + } + cloudInfo.enableCloud = false; + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + StoreMetaMapping meta(storeInfo); + meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; + if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { + ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && + !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { + ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), + meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); + if (store == nullptr) { + ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); + return { GeneralError::E_ERROR, nullptr }; + } + return store->PreSharing(query); + Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); + ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); + return true; +} + +bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnChangeAppSwitch(code, request, reply); + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + CloudSyncScene scene; + if (appSwitch == SWITCH_ON) { + scene = CloudSyncScene::SWITCH_ON; + } else { + scene = CloudSyncScene::SWITCH_OFF; + } + std::lock_guard lock(rwMetaMutex_); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS || !cloudInfo.enableCloud) { + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret = " + std::to_string(status)); + return status; + } + if (cloudInfo.id != id) { + ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, + WORK_DO_CLOUD_SYNC })); + return INVALID_ARGUMENT; + } + if (!cloudInfo.Exist(bundleName)) { + std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); + if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { + ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," + "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, + Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); + Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, + "ChangeAppSwitch ret=" + std::to_string(status)); + return INVALID_ARGUMENT; + } + ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); + } + cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); + if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { + return ERROR; + } + Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); + if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { + SyncManager::SyncInfo info(cloudInfo.user, bundleName); + syncManager_.DoCloudSync(info); + } + ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), + bundleName.c_str(), appSwitch); + return true; +} + +bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnNotifyDataChange(code, request, reply); + auto tokenId = IPCSkeleton::GetCallingTokenID(); + auto user = Account::GetInstance()->GetUserByToken(tokenId); + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { + return INVALID_ARGUMENT; + } + XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + ExtraData exData; + if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { + ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), + userId, extraData.empty() ? "empty" : "not empty"); + return INVALID_ARGUMENT; + } + std::vector users; + if (userId != INVALID_USER_ID) { + users.emplace_back(userId); + } else { + Account::GetInstance()->QueryForegroundUsers(users); + } + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + auto &bundleName = exData.info.bundleName; + auto &prepareTraceId = exData.info.context.prepareTraceId; + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { + ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); + SchemaMeta schemaMeta; + if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { + ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); + if (dbInfos.empty()) { + ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); + syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); + return INVALID_ARGUMENT; + } + for (const auto &dbInfo : dbInfos) { + syncManager_.DoCloudSync(SyncManager::SyncInfo( + { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); + } + } + auto [status, cloudInfo] = GetCloudInfoFromServer(user); + if (status != SUCCESS) { + ZLOGE("user:%{public}d, status:%{public}d", user, status); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); + return false; + } + ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", + Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); + CloudInfo oldInfo; + if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + return true; + } + MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); + if (oldInfo.id != cloudInfo.id) { + ReleaseUserInfo(user, scene); + ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), + Anonymous::Change(oldInfo.id).c_str()); + MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); + std::map actions; + for (auto &[bundle, app] : cloudInfo.apps) { + MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); + actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; + } + DoClean(oldInfo, actions); + Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", + "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); + } + return true; +} + +bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) +{ + static std::shared_ptr cloudServiceImpl = std::make_shared(); + static std::once_flag onceFlag; + std::call_once(onceFlag, [&]() { + std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); + cloudServiceImpl->OnBind( + { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); + AllocAndSetHapToken(); + }); + + uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); + std::vector remainingData = provider.ConsumeRemainingBytes(); + MessageParcel request; + request.WriteInterfaceToken(INTERFACE_TOKEN); + request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); + request.RewindRead(0); + MessageParcel reply; + std::shared_ptr cloudServiceStub = cloudServiceImpl; + cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); + QueryLastResults results; + auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); + auto [status, cloudInfo] = GetCloudInfo(user); + if (status != SUCCESS) { + Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, + "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); + return { ERROR, results }; + } + if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { + ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); + return { INVALID_ARGUMENT, results }; + } + std::vector schemas; + auto key = cloudInfo.GetSchemaPrefix(bundleName); + if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { + return { ERROR, results }; + } + + std::vector queryKeys; + std::vector databases; + for (const auto &schema : schemas) { + if (schema.bundleName != bundleName) { + continue; + } + databases = schema.databases; + for (const auto &database : schema.databases) { + if (storeId.empty() || database.alias == storeId) { + queryKeys.push_back({ user, id, bundleName, database.name }); + } + } + if (queryKeys.empty()) { + ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); + return { INVALID_ARGUMENT, results }; + } + } +XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); + DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); + std::vector users; + Account::GetInstance()->QueryUsers(users); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + CleanWaterVersion(user); + } + Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, + { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); + for (auto user : users) { + if (user == DEFAULT_USER) { + continue; + } + Subscription sub; + sub.userId = user; + if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { + continue; + } + InitSubTask(sub); + } + auto [status, cloudInfo] = GetCloudInfoFromMeta(user); + if (status != SUCCESS) { + return false; + } +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + FuzzedDataProvider provider(data, size); + OHOS::OnRemoteRequestFuzz(provider); + OHOS::OnEnableCloudFuzz(provider); + OHOS::OnDisableCloudFuzz(provider); + OHOS::OnChangeAppSwitchFuzz(provider); + OHOS::OnNotifyDataChangeFuzz(provider); + OHOS::OnQueryLastSyncInfoFuzz(provider); + return 0; +} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h new file mode 100644 index 000000000..c007ebba5 --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H +#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" + +#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init new file mode 100644 index 000000000..2b595da0c --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml new file mode 100644 index 000000000..3fdba3e8b --- /dev/null +++ b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From efefd1082cfb5eb5854b61a361865c3f54438aa8 Mon Sep 17 00:00:00 2001 From: gecheng Date: Tue, 26 Aug 2025 15:46:08 +0800 Subject: [PATCH 22/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../cloudservicestub1_fuzzer/BUILD.gn | 96 ---- .../cloudservicestub1_fuzzer.cpp | 468 ------------------ .../cloudservicestub2_fuzzer.cpp | 468 ------------------ .../cloudservicestub_fuzzer.cpp | 468 ------------------ .../cloudservicestub_fuzzer.h | 21 - .../cloudservicestub1_fuzzer/corpus/init | 16 - .../cloudservicestub1_fuzzer/project.xml | 25 - 7 files changed, 1562 deletions(-) delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init delete mode 100644 services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn deleted file mode 100644 index 2618103ac..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/BUILD.gn +++ /dev/null @@ -1,96 +0,0 @@ -# Copyright (c) 2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -##############################hydra-fuzz######################################## -import("//build/config/features.gni") -import("//build/test.gni") -import("//foundation/distributeddatamgr/datamgr_service/datamgr_service.gni") - -##############################fuzztest########################################## -ohos_fuzztest("CloudServiceStubFuzzTest") { - module_out_path = "datamgr_service/datamgr_service" - - include_dirs = [ - "${data_service_path}/service/cloud", - "${data_service_path}/service/common", - "${data_service_path}/service/config/include", - "${data_service_path}/service/crypto/include", - "${data_service_path}/service/kvdb", - "${data_service_path}/service/matrix/include", - "${data_service_path}/service/network", - "${data_service_path}/service/object", - "${data_service_path}/service/permission/include", - "${data_service_path}/service/rdb", - "${data_service_path}/adapter/include/communicator", - ] - - fuzz_config_file = "${data_service_path}/service/test/fuzztest/cloudservicestub_fuzzer" - - cflags = [ - "-g", - "-O0", - "-Wno-unused-variable", - "-fno-omit-frame-pointer", - ] - - sources = [ - "${data_service_path}/app/src/checker/bundle_checker.cpp", - "${data_service_path}/app/src/checker/system_checker.cpp", - "cloudservicestub_fuzzer.cpp", - ] - - deps = [ - "${data_service_path}/adapter/account:distributeddata_account", - "${data_service_path}/adapter/dfx:distributeddata_dfx", - "${data_service_path}/adapter/network:distributeddata_network", - "${data_service_path}/adapter/schema_helper:distributeddata_schema_helper", - "${data_service_path}/adapter/utils:distributeddata_utils", - "${data_service_path}/framework:distributeddatasvcfwk", - "${data_service_path}/service:distributeddatasvc", - "${data_service_path}/service/bootstrap:distributeddata_bootstrap", - "${data_service_path}/service/cloud:distributeddata_cloud", - "${data_service_path}/service/common:distributeddata_common", - "${data_service_path}/service/rdb:distributeddata_rdb", - ] - - external_deps = [ - "access_token:libaccesstoken_sdk", - "access_token:libtoken_setproc", - "access_token:libtokenid_sdk", - "bundle_framework:appexecfwk_base", - "bundle_framework:appexecfwk_core", - "c_utils:utils", - "device_auth:deviceauth_sdk", - "device_manager:devicemanagersdk", - "hicollie:libhicollie", - "hilog:libhilog", - "hisysevent:libhisysevent", - "huks:libhukssdk", - "ipc:ipc_core", - "kv_store:datamgr_common", - "kv_store:distributeddata_inner", - "kv_store:distributeddata_mgr", - "kv_store:distributeddb", - "relational_store:native_rdb", - "resource_management:global_resmgr", - "safwk:system_ability_fwk", - "samgr:samgr_proxy", - ] -} - -############################################################################### -group("fuzztest") { - testonly = true - - deps = [ ":CloudServiceStubFuzzTest" ] -} -############################################################################### diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub1_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub2_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp deleted file mode 100644 index 1bee9999f..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.cpp +++ /dev/null @@ -1,468 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include "cloudservicestub_fuzzer.h" - -#include -#include - -#include "accesstoken_kit.h" -#include "cloud_service_impl.h" -#include "ipc_skeleton.h" -#include "message_parcel.h" -#include "securec.h" -#include "token_setproc.h" - -using namespace OHOS::CloudData; -using namespace OHOS::Security::AccessToken; - -namespace OHOS { -constexpr int USER_ID = 100; -constexpr int INST_INDEX = 0; -const std::u16string INTERFACE_TOKEN = u"OHOS.CloudData.CloudServer"; -constexpr uint32_t CODE_MIN = 0; -constexpr uint32_t CODE_MAX = CloudService::TransId::TRANS_BUTT + 1; -constexpr size_t NUM_MIN = 5; -constexpr size_t NUM_MAX = 12; - -void AllocAndSetHapToken() -{ - HapInfoParams info = { - .userID = USER_ID, - .bundleName = "ohos.test.demo", - .instIndex = INST_INDEX, - .appIDDesc = "ohos.test.demo", - .isSystemApp = true - }; - - HapPolicyParams policy = { - .apl = APL_NORMAL, - .domain = "test.domain", - .permList = {}, - .permStateList = { - { - .permissionName = "ohos.permission.CLOUDDATA_CONFIG", - .isGeneral = true, - .resDeviceID = { "local" }, - .grantStatus = { PermissionState::PERMISSION_GRANTED }, - .grantFlags = { 1 } - } - } - }; - auto tokenID = AccessTokenKit::AllocHapToken(info, policy); - SetSelfTokenID(tokenID.tokenIDEx); -} - -bool OnRemoteRequestFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnRemoteRequest(code, request, reply); - return true; -} - -bool OnEnableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnEnableCloud(code, request, reply); - XCollie xcollie( - __FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY, RESTART_SERVICE_TIME_THRESHOLD); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_ENABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "EnableCloud ret=" + std::to_string(status)); - return status; - } - cloudInfo.enableCloud = true; - for (const auto &[bundle, value] : switches) { - if (!cloudInfo.Exist(bundle)) { - continue; - } - cloudInfo.apps[bundle].cloudSwitch = (value == SWITCH_ON); - ZLOGI("EnableCloud: change app[%{public}s] switch to %{public}d", bundle.c_str(), value); - } - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::ENABLE_CLOUD, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - ZLOGI("EnableCloud success, id:%{public}s, count:%{public}zu", Anonymous::Change(id).c_str(), switches.size()); - return true; -} - -bool OnDisableCloudFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnDisableCloud(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - ReleaseUserInfo(user, CloudSyncScene::DISABLE_CLOUD); - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_DISABLE_CLOUD, Fault::CSF_CLOUD_INFO, "", "DisableCloud ret=" + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGE("invalid args, [input] id:%{public}s, [exist] id:%{public}s", Anonymous::Change(id).c_str(), - Anonymous::Change(cloudInfo.id).c_str()); - return INVALID_ARGUMENT; - } - cloudInfo.enableCloud = false; - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - StoreMetaMapping meta(storeInfo); - meta.deviceId = DmAdapter::GetInstance().GetLocalDevice().uuid; - if (!MetaDataManager::GetInstance().LoadMeta(meta.GetKey(), meta, true)) { - ZLOGE("failed, no store mapping bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - if (!meta.cloudPath.empty() && meta.dataDir != meta.cloudPath && - !MetaDataManager::GetInstance().LoadMeta(meta.GetCloudStoreMetaKey(), meta, true)) { - ZLOGE("failed, no store meta bundleName:%{public}s, storeId:%{public}s", meta.bundleName.c_str(), - meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - auto [status, store] = SyncManager::GetStore(meta, storeInfo.user, true); - if (store == nullptr) { - ZLOGE("store null, storeId:%{public}s", meta.GetStoreAlias().c_str()); - return { GeneralError::E_ERROR, nullptr }; - } - return store->PreSharing(query); - Execute(GenTask(0, cloudInfo.user, CloudSyncScene::DISABLE_CLOUD, { WORK_STOP_CLOUD_SYNC, WORK_SUB })); - ZLOGI("DisableCloud success, id:%{public}s", Anonymous::Change(id).c_str()); - return true; -} - -bool OnChangeAppSwitchFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnChangeAppSwitch(code, request, reply); - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - CloudSyncScene scene; - if (appSwitch == SWITCH_ON) { - scene = CloudSyncScene::SWITCH_ON; - } else { - scene = CloudSyncScene::SWITCH_OFF; - } - std::lock_guard lock(rwMetaMutex_); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS || !cloudInfo.enableCloud) { - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret = " + std::to_string(status)); - return status; - } - if (cloudInfo.id != id) { - ZLOGW("invalid args, [input] id:%{public}s, [exist] id:%{public}s, bundleName:%{public}s", - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB, - WORK_DO_CLOUD_SYNC })); - return INVALID_ARGUMENT; - } - if (!cloudInfo.Exist(bundleName)) { - std::tie(status, cloudInfo) = GetCloudInfoFromServer(user); - if (status != SUCCESS || !cloudInfo.enableCloud || cloudInfo.id != id || !cloudInfo.Exist(bundleName)) { - ZLOGE("invalid args, status:%{public}d, enableCloud:%{public}d, [input] id:%{public}s," - "[exist] id:%{public}s, bundleName:%{public}s", status, cloudInfo.enableCloud, - Anonymous::Change(id).c_str(), Anonymous::Change(cloudInfo.id).c_str(), bundleName.c_str()); - Report(appSwitch == SWITCH_ON ? FT_SWITCH_ON : FT_SWITCH_OFF, Fault::CSF_CLOUD_INFO, bundleName, - "ChangeAppSwitch ret=" + std::to_string(status)); - return INVALID_ARGUMENT; - } - ZLOGI("add app switch, bundleName:%{public}s", bundleName.c_str()); - } - cloudInfo.apps[bundleName].cloudSwitch = (appSwitch == SWITCH_ON); - if (!MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true)) { - return ERROR; - } - Execute(GenTask(0, cloudInfo.user, scene, { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_SUB })); - if (cloudInfo.enableCloud && appSwitch == SWITCH_ON) { - SyncManager::SyncInfo info(cloudInfo.user, bundleName); - syncManager_.DoCloudSync(info); - } - ZLOGI("ChangeAppSwitch success, id:%{public}s app:%{public}s, switch:%{public}d", Anonymous::Change(id).c_str(), - bundleName.c_str(), appSwitch); - return true; -} - -bool OnNotifyDataChangeFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnNotifyDataChange(code, request, reply); - auto tokenId = IPCSkeleton::GetCallingTokenID(); - auto user = Account::GetInstance()->GetUserByToken(tokenId); - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(id, bundleName, cloudInfo) != E_OK) { - return INVALID_ARGUMENT; - } - XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - ExtraData exData; - if (eventId != DATA_CHANGE_EVENT_ID || extraData.empty() || !exData.Unmarshall(extraData)) { - ZLOGE("invalid args, eventId:%{public}s, user:%{public}d, extraData is %{public}s", eventId.c_str(), - userId, extraData.empty() ? "empty" : "not empty"); - return INVALID_ARGUMENT; - } - std::vector users; - if (userId != INVALID_USER_ID) { - users.emplace_back(userId); - } else { - Account::GetInstance()->QueryForegroundUsers(users); - } - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - auto &bundleName = exData.info.bundleName; - auto &prepareTraceId = exData.info.context.prepareTraceId; - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (CheckNotifyConditions(exData.info.accountId, bundleName, cloudInfo) != E_OK) { - ZLOGD("invalid user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto schemaKey = CloudInfo::GetSchemaKey(user, bundleName); - SchemaMeta schemaMeta; - if (!MetaDataManager::GetInstance().LoadMeta(schemaKey, schemaMeta, true)) { - ZLOGE("no exist meta, user:%{public}d, traceId:%{public}s", user, prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - auto dbInfos = GetDbInfoFromExtraData(exData, schemaMeta); - if (dbInfos.empty()) { - ZLOGE("GetDbInfoFromExtraData failed, empty database info. traceId:%{public}s.", prepareTraceId.c_str()); - syncManager_.Report({ user, bundleName, prepareTraceId, SyncStage::END, INVALID_ARGUMENT }); - return INVALID_ARGUMENT; - } - for (const auto &dbInfo : dbInfos) { - syncManager_.DoCloudSync(SyncManager::SyncInfo( - { cloudInfo.user, bundleName, dbInfo.first, dbInfo.second, MODE_PUSH, prepareTraceId })); - } - } - auto [status, cloudInfo] = GetCloudInfoFromServer(user); - if (status != SUCCESS) { - ZLOGE("user:%{public}d, status:%{public}d", user, status); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", "UpdateCloudInfo ret=" + std::to_string(status)); - return false; - } - ZLOGI("[server] id:%{public}s, enableCloud:%{public}d, user:%{public}d, app size:%{public}zu", - Anonymous::Change(cloudInfo.id).c_str(), cloudInfo.enableCloud, cloudInfo.user, cloudInfo.apps.size()); - CloudInfo oldInfo; - if (!MetaDataManager::GetInstance().LoadMeta(cloudInfo.GetKey(), oldInfo, true)) { - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - return true; - } - MetaDataManager::GetInstance().SaveMeta(cloudInfo.GetKey(), cloudInfo, true); - if (oldInfo.id != cloudInfo.id) { - ReleaseUserInfo(user, scene); - ZLOGE("different id, [server] id:%{public}s, [meta] id:%{public}s", Anonymous::Change(cloudInfo.id).c_str(), - Anonymous::Change(oldInfo.id).c_str()); - MetaDataManager::GetInstance().DelMeta(Subscription::GetKey(user), true); - std::map actions; - for (auto &[bundle, app] : cloudInfo.apps) { - MetaDataManager::GetInstance().DelMeta(Subscription::GetRelationKey(user, bundle), true); - actions[bundle] = GeneralStore::CleanMode::CLOUD_INFO; - } - DoClean(oldInfo, actions); - Report(GetDfxFaultType(scene), Fault::CSF_CLOUD_INFO, "", - "Clean: different id, new:" + Anonymous::Change(cloudInfo.id) + ", old:" + Anonymous::Change(oldInfo.id)); - } - return true; -} - -bool OnQueryLastSyncInfoFuzz(FuzzedDataProvider &provider) -{ - static std::shared_ptr cloudServiceImpl = std::make_shared(); - static std::once_flag onceFlag; - std::call_once(onceFlag, [&]() { - std::shared_ptr executor = std::make_shared(NUM_MAX, NUM_MIN); - cloudServiceImpl->OnBind( - { "CloudServiceStubFuzz", static_cast(IPCSkeleton::GetSelfTokenID()), std::move(executor) }); - AllocAndSetHapToken(); - }); - - uint32_t code = provider.ConsumeIntegralInRange(CODE_MIN, CODE_MAX); - std::vector remainingData = provider.ConsumeRemainingBytes(); - MessageParcel request; - request.WriteInterfaceToken(INTERFACE_TOKEN); - request.WriteBuffer(static_cast(remainingData.data()), remainingData.size()); - request.RewindRead(0); - MessageParcel reply; - std::shared_ptr cloudServiceStub = cloudServiceImpl; - cloudServiceStub->OnQueryLastSyncInfo(code, request, reply); - QueryLastResults results; - auto user = Account::GetInstance()->GetUserByToken(IPCSkeleton::GetCallingTokenID()); - auto [status, cloudInfo] = GetCloudInfo(user); - if (status != SUCCESS) { - Report(FT_QUERY_INFO, Fault::CSF_CLOUD_INFO, bundleName, - "QueryLastSyncInfo ret=" + std::to_string(status) + ",storeId=" + storeId); - return { ERROR, results }; - } - if (cloudInfo.apps.find(bundleName) == cloudInfo.apps.end()) { - ZLOGE("Invalid bundleName: %{public}s", bundleName.c_str()); - return { INVALID_ARGUMENT, results }; - } - std::vector schemas; - auto key = cloudInfo.GetSchemaPrefix(bundleName); - if (!MetaDataManager::GetInstance().LoadMeta(key, schemas, true) || schemas.empty()) { - return { ERROR, results }; - } - - std::vector queryKeys; - std::vector databases; - for (const auto &schema : schemas) { - if (schema.bundleName != bundleName) { - continue; - } - databases = schema.databases; - for (const auto &database : schema.databases) { - if (storeId.empty() || database.alias == storeId) { - queryKeys.push_back({ user, id, bundleName, database.name }); - } - } - if (queryKeys.empty()) { - ZLOGE("Invalid storeId: %{public}s", Anonymous::Change(storeId).c_str()); - return { INVALID_ARGUMENT, results }; - } - } -XCollie xcollie(__FUNCTION__, XCollie::XCOLLIE_LOG | XCollie::XCOLLIE_RECOVERY); - DistributedDB::RuntimeConfig::SetCloudTranslate(std::make_shared()); - std::vector users; - Account::GetInstance()->QueryUsers(users); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - CleanWaterVersion(user); - } - Execute(GenTask(0, 0, CloudSyncScene::SERVICE_INIT, - { WORK_CLOUD_INFO_UPDATE, WORK_SCHEMA_UPDATE, WORK_DO_CLOUD_SYNC, WORK_SUB })); - for (auto user : users) { - if (user == DEFAULT_USER) { - continue; - } - Subscription sub; - sub.userId = user; - if (!MetaDataManager::GetInstance().LoadMeta(sub.GetKey(), sub, true)) { - continue; - } - InitSubTask(sub); - } - auto [status, cloudInfo] = GetCloudInfoFromMeta(user); - if (status != SUCCESS) { - return false; - } -} -} // namespace OHOS - -/* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) -{ - FuzzedDataProvider provider(data, size); - OHOS::OnRemoteRequestFuzz(provider); - OHOS::OnEnableCloudFuzz(provider); - OHOS::OnDisableCloudFuzz(provider); - OHOS::OnChangeAppSwitchFuzz(provider); - OHOS::OnNotifyDataChangeFuzz(provider); - OHOS::OnQueryLastSyncInfoFuzz(provider); - return 0; -} \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h deleted file mode 100644 index c007ebba5..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/cloudservicestub_fuzzer.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H -#define DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H - -#define FUZZ_PROJECT_NAME "cloudservicestub_fuzzer" - -#endif // DATAMGR_SERVICE_CLOUD_SERVICE_STUB_FUZZER_H \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init deleted file mode 100644 index 2b595da0c..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/corpus/init +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright (c) 2023 Huawei Device Co., Ltd. - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -FUZZ \ No newline at end of file diff --git a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml b/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml deleted file mode 100644 index 3fdba3e8b..000000000 --- a/services/distributeddataservice/service/test/fuzztest/cloudservicestub1_fuzzer/project.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - 1000 - - 300 - - 4096 - - \ No newline at end of file -- Gitee From f65f483b635a9121ac23bb30509c60832a4e1ebd Mon Sep 17 00:00:00 2001 From: gecheng Date: Wed, 27 Aug 2025 11:03:28 +0800 Subject: [PATCH 23/23] =?UTF-8?q?=E5=8D=95=E4=B8=AAFUZZ=E7=94=A8=E4=BE=8B?= =?UTF-8?q?=E8=B0=83=E7=94=A8=E5=A4=AA=E5=A4=9Aapi?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: gecheng --- .../framework/screen/screen_manager.cpp | 3 +-- .../service/object/src/object_service_impl.cpp | 6 ++++-- .../objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp | 3 --- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/services/distributeddataservice/framework/screen/screen_manager.cpp b/services/distributeddataservice/framework/screen/screen_manager.cpp index 1131fa821..c2f7d5d3a 100644 --- a/services/distributeddataservice/framework/screen/screen_manager.cpp +++ b/services/distributeddataservice/framework/screen/screen_manager.cpp @@ -64,10 +64,9 @@ void ScreenManager::UnsubscribeScreenEvent() { return; } - +// LCOV_EXCL_STOP bool ScreenManager::IsLocked() { return false; } -// LCOV_EXCL_STOP } // namespace OHOS::DistributedData \ No newline at end of file diff --git a/services/distributeddataservice/service/object/src/object_service_impl.cpp b/services/distributeddataservice/service/object/src/object_service_impl.cpp index 257502c07..12346d892 100644 --- a/services/distributeddataservice/service/object/src/object_service_impl.cpp +++ b/services/distributeddataservice/service/object/src/object_service_impl.cpp @@ -414,25 +414,27 @@ ObjectServiceImpl::ObjectServiceImpl() EventCenter::GetInstance().Subscribe(BindEvent::BIND_SNAPSHOT, process); } -// LCOV_EXCL_START void ObjectServiceImpl::RegisterObjectServiceInfo() { + // LCOV_EXCL_START DumpManager::Config serviceInfoConfig; serviceInfoConfig.fullCmd = "--feature-info"; serviceInfoConfig.abbrCmd = "-f"; serviceInfoConfig.dumpName = "FEATURE_INFO"; serviceInfoConfig.dumpCaption = { "| Display all the service statistics" }; DumpManager::GetInstance().AddConfig("FEATURE_INFO", serviceInfoConfig); + // LCOV_EXCL_STOP } void ObjectServiceImpl::RegisterHandler() { + // LCOV_EXCL_START Handler handler = [this](int fd, std::map> ¶ms) { DumpObjectServiceInfo(fd, params); }; DumpManager::GetInstance().AddHandler("FEATURE_INFO", uintptr_t(this), handler); + // LCOV_EXCL_STOP } -// LCOV_EXCL_STOP void ObjectServiceImpl::DumpObjectServiceInfo(int fd, std::map> ¶ms) { diff --git a/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp index 43c578288..19775458e 100644 --- a/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp +++ b/services/distributeddataservice/service/test/fuzztest/objectserviceimp2_fuzzer/objectserviceimp2_fuzzer.cpp @@ -35,9 +35,6 @@ void RegisterDataObserverFuzzTest(FuzzedDataProvider &provider) void OnAppUninstallFuzzTest(FuzzedDataProvider &provider) { std::shared_ptr objectServiceImpl = std::make_shared(); - if (objectServiceImpl->factory_.staticActs_ == nullptr) { - return; - } std::string bundleName = provider.ConsumeRandomLengthString(100); int32_t user = provider.ConsumeIntegral(); int32_t index = provider.ConsumeIntegral(); -- Gitee