From 8571d732179e23ae160d424a0dc8c2b1aeeed0d0 Mon Sep 17 00:00:00 2001
From: wangzhaohao <wangzhaohao@huawei.com>
Date: Tue, 27 May 2025 14:54:11 +0800
Subject: [PATCH] add dm_comm_tool.h fuzz

Signed-off-by: wangzhaohao <wangzhaohao@huawei.com>
---
 test/servicesfuzztest/BUILD.gn                |  1 +
 .../dmcommtooltwo_fuzzer/BUILD.gn             | 94 ++++++++++++++++++
 .../dmcommtooltwo_fuzzer/corpus/init          | 13 +++
 .../dm_comm_tool_two_fuzzer.cpp               | 98 +++++++++++++++++++
 .../dm_comm_tool_two_fuzzer.h                 | 21 ++++
 .../dmcommtooltwo_fuzzer/project.xml          | 25 +++++
 6 files changed, 252 insertions(+)
 create mode 100644 test/servicesfuzztest/dmcommtooltwo_fuzzer/BUILD.gn
 create mode 100644 test/servicesfuzztest/dmcommtooltwo_fuzzer/corpus/init
 create mode 100644 test/servicesfuzztest/dmcommtooltwo_fuzzer/dm_comm_tool_two_fuzzer.cpp
 create mode 100644 test/servicesfuzztest/dmcommtooltwo_fuzzer/dm_comm_tool_two_fuzzer.h
 create mode 100644 test/servicesfuzztest/dmcommtooltwo_fuzzer/project.xml

diff --git a/test/servicesfuzztest/BUILD.gn b/test/servicesfuzztest/BUILD.gn
index 078b76ddb..bfa3d6841 100644
--- a/test/servicesfuzztest/BUILD.gn
+++ b/test/servicesfuzztest/BUILD.gn
@@ -26,6 +26,7 @@ group("fuzztest") {
     "deviceprofileconnector_fuzzer:fuzztest",
     "devicepublish_fuzzer:fuzztest",
     "dmcommtool_fuzzer:fuzztest",
+    "dmcommtooltwo_fuzzer:fuzztest",
     "dmtransport_fuzzer:fuzztest",
     "dmtransportmsg_fuzzer:fuzztest",
     "dpinitcallback_fuzzer:fuzztest",
diff --git a/test/servicesfuzztest/dmcommtooltwo_fuzzer/BUILD.gn b/test/servicesfuzztest/dmcommtooltwo_fuzzer/BUILD.gn
new file mode 100644
index 000000000..0bd52b8c3
--- /dev/null
+++ b/test/servicesfuzztest/dmcommtooltwo_fuzzer/BUILD.gn
@@ -0,0 +1,94 @@
+# Copyright (c) 2025 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#####################hydra-fuzz###################
+import("//build/config/features.gni")
+import("//build/test.gni")
+import("//foundation/distributedhardware/device_manager/device_manager.gni")
+
+##############################fuzztest##########################################
+ohos_fuzztest("DmCommToolTwoFuzzTest") {
+  module_out_path = fuzz_test_output_path
+  fuzz_config_file =
+      "${devicemanager_path}/test/servicesfuzztest/dmcommtooltwo_fuzzer"
+
+  include_dirs = [
+    "${utils_path}/include",
+    "${innerkits_path}/native_cpp/include",
+    "${innerkits_path}/native_cpp/include/ipc/standard",
+    "${innerkits_path}/native_cpp/include/ipc",
+    "${innerkits_path}/native_cpp/include/notify",
+    "${common_path}/include",
+    "${common_path}/include/ipc",
+    "${common_path}/include/ipc/model",
+    "${utils_path}/include/ipc/standard",
+    "${servicesimpl_path}/include",
+    "${servicesimpl_path}/include/dependency/timer",
+    "${servicesimpl_path}/include/discovery",
+    "${servicesimpl_path}/include/dependency/softbus",
+    "${servicesimpl_path}/include/authentication",
+    "${servicesimpl_path}/include/adapter",
+    "${servicesimpl_path}/include/ipc/standard",
+    "${servicesimpl_path}/include/publish",
+    "${servicesimpl_path}/include/dependency/deviceprofile",
+    "${servicesimpl_path}/include/dependency/hichain",
+    "${servicesimpl_path}/include/devicestate",
+    "${devicemanager_path}/interfaces/kits/js/include",
+    "${devicemanager_path}/services/service/include/relationshipsyncmgr",
+    "${devicemanager_path}/test/unittest/mock",
+    "${servicesimpl_path}/include/ability",
+    "${servicesimpl_path}/include/config",
+  ]
+
+  cflags = [
+    "-g",
+    "-O0",
+    "-Dprivate=public",
+    "-Dprotected=public",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+
+  sources = [ "dm_comm_tool_two_fuzzer.cpp" ]
+
+  deps = [
+    "${json_path}:devicemanagerjson",
+    "${devicemanager_path}/services/service:devicemanagerservicetest",
+    "${utils_path}:devicemanagerutilstest",
+  ]
+
+  defines = [
+    "HI_LOG_ENABLE",
+    "DH_LOG_TAG=\"DmCommToolTwoFuzzTest\"",
+    "LOG_DOMAIN=0xD004110",
+  ]
+
+  external_deps = [
+    "cJSON:cjson",
+    "device_auth:deviceauth_sdk",
+    "dsoftbus:softbus_client",
+    "eventhandler:libeventhandler",
+    "ffrt:libffrt",
+    "ipc:ipc_single",
+    "napi:ace_napi",
+    "safwk:system_ability_fwk",
+  ]
+}
+
+###############################################################################
+group("fuzztest") {
+  testonly = true
+
+  deps = [ ":DmCommToolTwoFuzzTest" ]
+}
+###############################################################################
diff --git a/test/servicesfuzztest/dmcommtooltwo_fuzzer/corpus/init b/test/servicesfuzztest/dmcommtooltwo_fuzzer/corpus/init
new file mode 100644
index 000000000..9c560fe89
--- /dev/null
+++ b/test/servicesfuzztest/dmcommtooltwo_fuzzer/corpus/init
@@ -0,0 +1,13 @@
+# Copyright (c) 2025 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+FUZZ
diff --git a/test/servicesfuzztest/dmcommtooltwo_fuzzer/dm_comm_tool_two_fuzzer.cpp b/test/servicesfuzztest/dmcommtooltwo_fuzzer/dm_comm_tool_two_fuzzer.cpp
new file mode 100644
index 000000000..18652864e
--- /dev/null
+++ b/test/servicesfuzztest/dmcommtooltwo_fuzzer/dm_comm_tool_two_fuzzer.cpp
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <cstddef>
+#include <cstdint>
+#include <memory>
+#include <string>
+#include <unistd.h>
+#include <unordered_map>
+#include <fuzzer/FuzzedDataProvider.h>
+
+#include "dm_comm_tool_two_fuzzer.h"
+#include "dm_comm_tool.h"
+
+
+namespace OHOS {
+namespace DistributedHardware {
+
+std::shared_ptr<DMCommTool> dmCommToolPtr_ = std::make_shared<DMCommTool>();
+
+void GenerateUserIds(FuzzedDataProvider& fdp, std::vector<uint32_t>& outIds)
+{
+    outIds.clear();
+
+    auto count = fdp.ConsumeIntegralInRange<size_t>(0, 10);
+
+    while(count-- > 0 && fdp.remaining_bytes() >= sizeof(uint32_t)) {
+        outIds.push_back(fdp.ConsumeIntegral<uint32_t>());
+    }
+}
+
+void DmCommToolTwoFuzzTest(const uint8_t* data, size_t size)
+{
+    if ((data == nullptr) || (size < sizeof(int32_t))) {
+        return;
+    }
+    FuzzedDataProvider fdp(data, size);
+
+    int32_t commCode = fdp.ConsumeIntegral<int32_t>();
+    std::string commMsgStr = fdp.ConsumeRandomLengthString();
+    auto commMsgPtr = std::make_shared<CommMsg>(commCode, commMsgStr);
+
+    std::string networkId = fdp.ConsumeRandomLengthString();
+    int32_t socketId = fdp.ConsumeIntegral<int32_t>();
+    auto innerCommMsg = std::make_shared<InnerCommMsg>(networkId, commMsgPtr, socketId);
+
+    std::string accountId = fdp.ConsumeRandomLengthString();
+    int32_t userId = fdp.ConsumeIntegral<int32_t>();
+    
+    dmCommToolPtr_->ProcessReceiveUserIdsEvent(innerCommMsg);
+    dmCommToolPtr_->SendLogoutAccountInfo(networkId, accountId, userId);
+    dmCommToolPtr_->ProcessReceiveLogoutEvent(innerCommMsg);
+    dmCommToolPtr_->ProcessReceiveCommonEvent(innerCommMsg);
+
+    std::vector<uint32_t> foregroundIds;
+    std::vector<uint32_t> backgroundIds;
+
+    GenerateUserIds(fdp, foregroundIds);
+    GenerateUserIds(fdp, backgroundIds);
+
+    std::string msgStr = fdp.ConsumeRandomLengthString();
+    int32_t stopUserId = fdp.ConsumeIntegral<int32_t>();
+
+    dmCommToolPtr_->SendUserIds(networkId, foregroundIds, backgroundIds);
+    dmCommToolPtr_->RspLocalFrontOrBackUserIds(networkId, foregroundIds, backgroundIds, socketId);
+
+    dmCommToolPtr_->CreateUserStopMessage(stopUserId, msgStr);
+    dmCommToolPtr_->SendMsg(networkId, fdp.ConsumeIntegral<int32_t>(), msgStr);
+    dmCommToolPtr_->SendUserStop(networkId, stopUserId);
+
+    int32_t parsedUserId = fdp.ConsumeIntegral<int32_t>();
+    dmCommToolPtr_->ParseUserStopMessage(msgStr, parsedUserId);
+
+    dmCommToolPtr_->ProcessReceiveUserStopEvent(innerCommMsg);
+    dmCommToolPtr_->RspUserStop(networkId, socketId, stopUserId);
+}
+}
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::DistributedHardware::DmCommToolTwoFuzzTest(data, size);
+    return 0;
+}
diff --git a/test/servicesfuzztest/dmcommtooltwo_fuzzer/dm_comm_tool_two_fuzzer.h b/test/servicesfuzztest/dmcommtooltwo_fuzzer/dm_comm_tool_two_fuzzer.h
new file mode 100644
index 000000000..259795e80
--- /dev/null
+++ b/test/servicesfuzztest/dmcommtooltwo_fuzzer/dm_comm_tool_two_fuzzer.h
@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2025 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef DM_COMM_TOOL_TWO_FUZZER_TEST_H
+#define DM_COMM_TOOL_TWO_FUZZER_TEST_H
+
+#define FUZZ_PROJECT_NAME "dmcommtooltwo_fuzzer"
+
+#endif // DM_COMM_TOOL_TWO_FUZZER_TEST_H
diff --git a/test/servicesfuzztest/dmcommtooltwo_fuzzer/project.xml b/test/servicesfuzztest/dmcommtooltwo_fuzzer/project.xml
new file mode 100644
index 000000000..66e1dcac4
--- /dev/null
+++ b/test/servicesfuzztest/dmcommtooltwo_fuzzer/project.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2025 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>
-- 
Gitee