From 1e46ecb488d0b2caedf20652d1f78a3c109963a7 Mon Sep 17 00:00:00 2001 From: huyx Date: Sat, 20 Jul 2024 21:37:32 +0800 Subject: [PATCH 1/3] fuzz Signed-off-by: huyx --- .../devsvcmanagerstub_fuzzer.cpp | 1 - .../utils_fuzzer/utils_fuzzer.cpp | 40 ++++--------------- 2 files changed, 8 insertions(+), 33 deletions(-) diff --git a/framework/test/fuzztest/devsvcmanagerstub_fuzzer/devsvcmanagerstub_fuzzer.cpp b/framework/test/fuzztest/devsvcmanagerstub_fuzzer/devsvcmanagerstub_fuzzer.cpp index 2c4699816..9b9553d10 100644 --- a/framework/test/fuzztest/devsvcmanagerstub_fuzzer/devsvcmanagerstub_fuzzer.cpp +++ b/framework/test/fuzztest/devsvcmanagerstub_fuzzer/devsvcmanagerstub_fuzzer.cpp @@ -68,7 +68,6 @@ static bool DevsvcManagerFuzzTest(int32_t code, const uint8_t *data, size_t size HDF_LOGE("%{public}s:%{public}d: failed to get DevSvcManagerStub object", __func__, __LINE__); return false; } - instance->recipient.OnRemoteDied(nullptr, nullptr); struct HdfSBuf *dataBuf = HdfSbufTypedObtain(SBUF_IPC); if (dataBuf == nullptr) { diff --git a/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp b/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp index 8570964ec..ddafced8d 100644 --- a/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp +++ b/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp @@ -21,48 +21,22 @@ #include "osal_message.h" namespace OHOS { - const int NUM = 23; - const static char *g_hdfSecStrArray[NUM] = { - "i2c", - "spi", - "gpio", - "pinctl", - "clock", - "regulator", - "mipi", - "uart", - "sdio", - "mdio", - "apb", - "pcie", - "pcm", - "i2s", - "pwm", - "dma", - "efuse", - "flash", - "emmc", - "rtc", - "adc", - "wdt", - "i3c", - }; static void HdfUtilsFuzzTest(const uint8_t *data, size_t size) { if (data == nullptr) { HDF_LOGE("%{public}s: data is nullptr!", __func__); } - Parcel parcel; - parcel.WriteBuffer(data, size); - const std::u16string INTERFACE_NAME = OHOS::Str8ToStr16(parcel.ReadString()); Map testMap; Map testMap1; MapInit(&testMap); + MapInit(&testMap1); MapDelete(&testMap); - for (int i = 0; i < NUM; ++i) { - MapSet(&testMap1, g_hdfSecStrArray[i], &i, sizeof(int *)); - } + int NUM = 0; + int NUM_NEXT = 1; const char *name = "i2c"; + const char *name1 = "rtc"; + MapSet(&testMap1, name, &NUM, sizeof(int *)); + MapSet(&testMap1, name1, &NUM_NEXT, sizeof(int *)); MapGet(&testMap1, ""); MapGet(&testMap1, name); MapErase(&testMap1, ""); @@ -94,6 +68,8 @@ static void HdfUtilsFuzzTest(const uint8_t *data, size_t size) HdfSbufGetCapacity(copy); HdfSbufRecycle(sbuf); HdfSbufRecycle(copy); + sbuf = nullptr; + copy = nullptr; } } -- Gitee From 50c35cc954dac01ec93eb9ee2ae7e2fd2740555d Mon Sep 17 00:00:00 2001 From: huyx Date: Sat, 20 Jul 2024 22:00:03 +0800 Subject: [PATCH 2/3] fuzz Signed-off-by: huyx --- .../framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp b/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp index ddafced8d..6e5bd1926 100644 --- a/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp +++ b/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp @@ -31,12 +31,12 @@ static void HdfUtilsFuzzTest(const uint8_t *data, size_t size) MapInit(&testMap); MapInit(&testMap1); MapDelete(&testMap); - int NUM = 0; - int NUM_NEXT = 1; + int num = 0; + int num1 = 1; const char *name = "i2c"; const char *name1 = "rtc"; - MapSet(&testMap1, name, &NUM, sizeof(int *)); - MapSet(&testMap1, name1, &NUM_NEXT, sizeof(int *)); + MapSet(&testMap1, name, &num, sizeof(int *)); + MapSet(&testMap1, name1, &num1, sizeof(int *)); MapGet(&testMap1, ""); MapGet(&testMap1, name); MapErase(&testMap1, ""); -- Gitee From b8f476b090ba6b525f78a341a0b0a745013cc4fd Mon Sep 17 00:00:00 2001 From: huyx Date: Sat, 20 Jul 2024 23:23:22 +0800 Subject: [PATCH 3/3] fuzz Signed-off-by: huyx --- .../framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp b/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp index 6e5bd1926..81a77affa 100644 --- a/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp +++ b/framework/test/fuzztest/framework_utils_fuzzer/utils_fuzzer/utils_fuzzer.cpp @@ -61,13 +61,15 @@ static void HdfUtilsFuzzTest(const uint8_t *data, size_t size) if (impl == nullptr) { impl = (struct HdfSBufImpl *)OsalMemCalloc(sizeof(struct HdfSBufImpl)); } - HdfSbufMove(copy); + struct HdfSBuf *newCopy = HdfSbufMove(copy); HdfSbufTransDataOwnership(copy); HdfSbufTypedObtainInplace(static_cast(size), impl); + impl->recycle(impl); HdfSbufFlush(copy); HdfSbufGetCapacity(copy); HdfSbufRecycle(sbuf); HdfSbufRecycle(copy); + HdfSbufRecycle(newCopy); sbuf = nullptr; copy = nullptr; } -- Gitee