diff --git a/interfaces/common/include/sandbox_helper.h b/interfaces/common/include/sandbox_helper.h index cf2d1c4af8580bb4edb421591eef6ac67ff924b5..ce5fcefd6abcae4314a8c39a586259584660c87a 100644 --- a/interfaces/common/include/sandbox_helper.h +++ b/interfaces/common/include/sandbox_helper.h @@ -44,6 +44,7 @@ public: static void GetNetworkIdFromUri(const std::string &fileUri, std::string &networkId); static std::string GetLowerDir(std::string &lowerPathHead, const std::string &userId, const std::string &bundleName, const std::string &networkId); + static void ClearBackupSandboxPathMap(); }; } // namespace AppFileService } // namespace OHOS diff --git a/interfaces/common/src/sandbox_helper.cpp b/interfaces/common/src/sandbox_helper.cpp index 8c00e7f4a08e9c02cbd2275aa3eed6bbc84d82f8..0536ab7fd729e4ca3e676bca00facf242b255920 100644 --- a/interfaces/common/src/sandbox_helper.cpp +++ b/interfaces/common/src/sandbox_helper.cpp @@ -552,6 +552,12 @@ bool SandboxHelper::CheckValidPath(const std::string &filePath) return true; } + +void SandboxHelper::ClearBackupSandboxPathMap() +{ + lock_guard lock(mapMutex_); + backupSandboxPathMap_.clear(); +} } // namespace AppFileService } // namespace OHOS diff --git a/test/fuzztest/backupext_fuzzer/backupext_fuzzer.cpp b/test/fuzztest/backupext_fuzzer/backupext_fuzzer.cpp index 2d7559fca2bf59e42dea1d54e50b73999d55dbc5..a100e64faaa04738df7be32ed49a042aa5605b7a 100644 --- a/test/fuzztest/backupext_fuzzer/backupext_fuzzer.cpp +++ b/test/fuzztest/backupext_fuzzer/backupext_fuzzer.cpp @@ -138,40 +138,49 @@ bool SetCreatorFuzzTest(shared_ptr backup, const uint8_t *data, size_ return true; } -bool CmdGetFileHandleFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdGetFileHandleFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { MessageParcel msg; MessageParcel reply; MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_GET_FILE_HANDLE_WITH_UNIQUE_FD); msg.WriteString(string(reinterpret_cast(data), size)); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdHandleClearFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdHandleClearFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { MessageParcel msg; MessageParcel reply; MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_HANDLE_CLEAR); msg.WriteBuffer(data, size); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdHandleUser0BackupFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdHandleUser0BackupFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { MessageParcel msg; MessageParcel reply; MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_USER0_ON_BACKUP); msg.WriteBuffer(data, size); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdHandleBackupFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdHandleBackupFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { if (data == nullptr || size < sizeof(bool)) { return true; @@ -182,22 +191,28 @@ bool CmdHandleBackupFuzzTest(shared_ptr extension, const uin MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_HANDLE_BACKUP); msg.WriteBool(*reinterpret_cast(data)); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdPublishFileFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdPublishFileFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { MessageParcel msg; MessageParcel reply; MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_PUBLISH_FILE); msg.WriteString(string(reinterpret_cast(data), size)); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdHandleRestoreFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdHandleRestoreFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { if (data == nullptr || size < sizeof(bool)) { return true; @@ -208,33 +223,42 @@ bool CmdHandleRestoreFuzzTest(shared_ptr extension, const ui MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_HANDLE_RESTORE); msg.WriteBool(*reinterpret_cast(data)); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdGetIncrementalFileHandleFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdGetIncrementalFileHandleFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { MessageParcel msg; MessageParcel reply; MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_GET_INCREMENTAL_FILE_HANDLE); msg.WriteString(string(reinterpret_cast(data), size)); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdPublishIncrementalFileFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdPublishIncrementalFileFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { MessageParcel msg; MessageParcel reply; MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_PUBLISH_INCREMENTAL_FILE); msg.WriteString(string(reinterpret_cast(data), size)); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdHandleIncrementalBackupFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdHandleIncrementalBackupFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { if (data == nullptr || size < sizeof(int) + sizeof(int)) { return true; @@ -249,11 +273,14 @@ bool CmdHandleIncrementalBackupFuzzTest(shared_ptr extension uint32_t code = static_cast(IExtensionIpcCode::COMMAND_HANDLE_INCREMENTAL_BACKUP); msg.WriteFileDescriptor(incrementalFd); msg.WriteFileDescriptor(manifestFd); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdIncrementalOnBackupFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool CmdIncrementalOnBackupFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { if (data == nullptr || size < sizeof(bool)) { return true; @@ -264,11 +291,14 @@ bool CmdIncrementalOnBackupFuzzTest(shared_ptr extension, co MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_INCREMENTAL_ON_BACKUP); msg.WriteBool(*reinterpret_cast(data)); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool CmdGetIncrementalBackupFileHandleFuzzTest(shared_ptr extension, +bool CmdGetIncrementalBackupFileHandleFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { @@ -277,13 +307,16 @@ bool CmdGetIncrementalBackupFileHandleFuzzTest(shared_ptr ex MessageOption option; uint32_t code = static_cast(IExtensionIpcCode::COMMAND_GET_INCREMENTAL_BACKUP_FILE_HANDLE); msg.WriteBuffer(data, size); + if (extension == nullptr) { + return false; + } extension->OnRemoteRequest(code, msg, reply, option); return true; } -bool OnRemoteRequestFuzzTest(shared_ptr extension, const uint8_t *data, size_t size) +bool OnRemoteRequestFuzzTest(OHOS::sptr extension, const uint8_t *data, size_t size) { - uint32_t codeMax = 15; + uint32_t codeMax = 17; for (uint32_t code = 1; code < codeMax; code++) { MessageParcel datas; MessageParcel reply; @@ -292,7 +325,16 @@ bool OnRemoteRequestFuzzTest(shared_ptr extension, const ui datas.WriteInterfaceToken(ExtensionStub::GetDescriptor()); datas.WriteBuffer(reinterpret_cast(data), size); datas.RewindRead(0); - extension->OnRemoteRequest(code, datas, reply, option); + if (extension == nullptr) { + return false; + } + try { + extension->OnRemoteRequest(code, datas, reply, option); + } catch (OHOS::FileManagement::Backup::BError &err) { + // filter Backup error + } catch (...) { + // filter other error + } } return true; } @@ -303,7 +345,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { /* Run your code on data */ auto extBackup = std::make_shared(); - auto extension = std::make_shared(extBackup, ""); + auto extension = OHOS::sptr( + new OHOS::FileManagement::Backup::BackupExtExtension(extBackup, "")); OHOS::InitFuzzTest(extBackup, data, size); OHOS::OnCommandFuzzTest(extBackup, data, size); diff --git a/test/fuzztest/backupsaanother_fuzzer/BUILD.gn b/test/fuzztest/backupsaanother_fuzzer/BUILD.gn index 764660d8d3b3117a2d690dafd64805838e79c25a..36412f43bd770ce6008cb96cf1806a78a79128f8 100644 --- a/test/fuzztest/backupsaanother_fuzzer/BUILD.gn +++ b/test/fuzztest/backupsaanother_fuzzer/BUILD.gn @@ -39,6 +39,7 @@ ohos_fuzztest("BackupSaAnotherFuzzTest") { deps = [ "${app_file_service_path}/services/backup_sa:backup_sa", "${path_backup}/interfaces/inner_api/native/backup_kit_inner:backup_kit_inner", + "${path_backup}/interfaces/innerkits/native:sandbox_helper_native", "${path_backup}/utils:backup_utils", ] @@ -59,5 +60,7 @@ ohos_fuzztest("BackupSaAnotherFuzzTest") { "LOG_TAG=\"app_file_service\"", "LOG_DOMAIN=0xD004303", ] + + use_exceptions = true } ############################################################################### diff --git a/test/fuzztest/backupsaanother_fuzzer/backupsaanother_fuzzer.cpp b/test/fuzztest/backupsaanother_fuzzer/backupsaanother_fuzzer.cpp index a202ce4b6ba5ecb982e38a3eae7206439d60de42..8c3ae92d8cd04655bea0f5e016cb2c184f7ce5a8 100644 --- a/test/fuzztest/backupsaanother_fuzzer/backupsaanother_fuzzer.cpp +++ b/test/fuzztest/backupsaanother_fuzzer/backupsaanother_fuzzer.cpp @@ -23,6 +23,7 @@ #include #include "message_parcel.h" +#include "sandbox_helper.h" #include "service.h" #include "service_proxy.h" #include "service_reverse.h" @@ -160,6 +161,7 @@ bool CmdGetLocalCapabilitiesIncrementalFuzzTest(const uint8_t *data, size_t size sptr service(new Service(SERVICE_ID)); uint32_t code = static_cast(IServiceIpcCode::COMMAND_GET_LOCAL_CAPABILITIES_INCREMENTAL); service->OnRemoteRequest(code, datas, reply, option); + OHOS::AppFileService::SandboxHelper::ClearBackupSandboxPathMap(); service = nullptr; return true; }