From 3ce3efd193396c9b06fec454a0d4f3ae62a78da2 Mon Sep 17 00:00:00 2001 From: cc_ggboy Date: Wed, 7 Sep 2022 11:34:50 +0800 Subject: [PATCH] =?UTF-8?q?=E7=A8=8B=E5=BA=8F=E8=AE=BF=E9=97=AE=E6=8E=A7?= =?UTF-8?q?=E5=88=B6=E6=96=B0=E5=A2=9Efuzz=E6=B5=8B=E8=AF=95=E7=94=A8?= =?UTF-8?q?=E4=BE=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: cc_ggboy --- test/fuzztest/access_token/BUILD.gn | 3 + .../onremoterequest001_fuzzer/BUILD.gn | 45 ++++ .../onremoterequest001_fuzzer/corpus/init | 14 ++ .../onremoterequest001_fuzzer.cpp | 70 +++++++ .../onremoterequest001_fuzzer.h | 21 ++ .../onremoterequest001_fuzzer/project.xml | 25 +++ .../onremoterequest002_fuzzer/BUILD.gn | 48 +++++ .../onremoterequest002_fuzzer/corpus/init | 14 ++ .../onremoterequest002_fuzzer.cpp | 192 ++++++++++++++++++ .../onremoterequest002_fuzzer.h | 21 ++ .../onremoterequest002_fuzzer/project.xml | 25 +++ .../onremoterequest003_fuzzer/BUILD.gn | 50 +++++ .../onremoterequest003_fuzzer/corpus/init | 14 ++ .../onremoterequest003_fuzzer.cpp | 78 +++++++ .../onremoterequest003_fuzzer.h | 21 ++ .../onremoterequest003_fuzzer/project.xml | 25 +++ 16 files changed, 666 insertions(+) create mode 100644 test/fuzztest/access_token/onremoterequest001_fuzzer/BUILD.gn create mode 100644 test/fuzztest/access_token/onremoterequest001_fuzzer/corpus/init create mode 100644 test/fuzztest/access_token/onremoterequest001_fuzzer/onremoterequest001_fuzzer.cpp create mode 100644 test/fuzztest/access_token/onremoterequest001_fuzzer/onremoterequest001_fuzzer.h create mode 100644 test/fuzztest/access_token/onremoterequest001_fuzzer/project.xml create mode 100644 test/fuzztest/access_token/onremoterequest002_fuzzer/BUILD.gn create mode 100644 test/fuzztest/access_token/onremoterequest002_fuzzer/corpus/init create mode 100644 test/fuzztest/access_token/onremoterequest002_fuzzer/onremoterequest002_fuzzer.cpp create mode 100644 test/fuzztest/access_token/onremoterequest002_fuzzer/onremoterequest002_fuzzer.h create mode 100644 test/fuzztest/access_token/onremoterequest002_fuzzer/project.xml create mode 100644 test/fuzztest/access_token/onremoterequest003_fuzzer/BUILD.gn create mode 100644 test/fuzztest/access_token/onremoterequest003_fuzzer/corpus/init create mode 100644 test/fuzztest/access_token/onremoterequest003_fuzzer/onremoterequest003_fuzzer.cpp create mode 100644 test/fuzztest/access_token/onremoterequest003_fuzzer/onremoterequest003_fuzzer.h create mode 100644 test/fuzztest/access_token/onremoterequest003_fuzzer/project.xml diff --git a/test/fuzztest/access_token/BUILD.gn b/test/fuzztest/access_token/BUILD.gn index e37d93e7f..623ad73c1 100644 --- a/test/fuzztest/access_token/BUILD.gn +++ b/test/fuzztest/access_token/BUILD.gn @@ -27,6 +27,9 @@ group("fuzztest") { "getdefpermission_fuzzer:GetDefPermissionFuzzTest", "getpermissionflags_fuzzer:GetPermissionFlagsFuzzTest", "grantpermission_fuzzer:GrantPermissionFuzzTest", + "onremoterequest001_fuzzer:OnRemoteRequest001FuzzTest", + "onremoterequest002_fuzzer:OnRemoteRequest002FuzzTest", + "onremoterequest003_fuzzer:OnRemoteRequest003FuzzTest", "revokeusergrantedpermission_fuzzer:RevokeUserGrantedPermissionFuzzTest", "setremotehaptokeninfo_fuzzer:SetRemoteHapTokenInfoFuzzTest", "setremotenativetokeninfo_fuzzer:SetRemoteNativeTokenInfoFuzzTest", diff --git a/test/fuzztest/access_token/onremoterequest001_fuzzer/BUILD.gn b/test/fuzztest/access_token/onremoterequest001_fuzzer/BUILD.gn new file mode 100644 index 000000000..a019765ef --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest001_fuzzer/BUILD.gn @@ -0,0 +1,45 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") + +module_output_path = "access_token/access_token" + +ohos_fuzztest("OnRemoteRequest001FuzzTest") { + module_out_path = module_output_path + fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/onremoterequest001_fuzzer" + + include_dirs = [ + "//commonlibrary/c_utils/base/include", + "//third_party/googletest/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/src", + "//base/security/access_token/frameworks/accesstoken/include", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "onremoterequest001_fuzzer.cpp" ] + + deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk" ] + + configs = [ "//base/security/access_token/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "ipc:ipc_single", + ] +} diff --git a/test/fuzztest/access_token/onremoterequest001_fuzzer/corpus/init b/test/fuzztest/access_token/onremoterequest001_fuzzer/corpus/init new file mode 100644 index 000000000..bc977bd97 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest001_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/access_token/onremoterequest001_fuzzer/onremoterequest001_fuzzer.cpp b/test/fuzztest/access_token/onremoterequest001_fuzzer/onremoterequest001_fuzzer.cpp new file mode 100644 index 000000000..6a52b7b16 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest001_fuzzer/onremoterequest001_fuzzer.cpp @@ -0,0 +1,70 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "onremoterequest001_fuzzer.h" + +#include +#include +#include +#include +#include + +#include "permission_state_change_callback_stub.h" + +using namespace std; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + +class TestPermStateChangeCallbackStubFuzz : public PermissionStateChangeCallbackStub { +public: + TestPermStateChangeCallbackStubFuzz() = default; + virtual ~TestPermStateChangeCallbackStubFuzz() = default; + + void PermStateChangeCallback(PermStateChangeInfo& result) + { + } +}; + + bool OnRemoteRequestFuzzTest(const uint8_t* data, size_t size) + { + bool result = false; + if ((data == nullptr) || (size <= 0)) { + return result; + } + if (size > 0) { + TestPermStateChangeCallbackStubFuzz callback; + MessageParcel mess; + MessageParcel reply; + mess.WriteInterfaceToken(PermissionStateChangeCallbackStub::GetDescriptor()); + std::string testName(reinterpret_cast(data), size); + uint32_t grant = static_cast(size); + MessageOption option(grant); + mess.WriteUint32(grant); + mess.WriteString16(Str8ToStr16(testName)); + + result = callback.OnRemoteRequest(grant, mess, reply, option); + } + return (result != 0); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::OnRemoteRequestFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/access_token/onremoterequest001_fuzzer/onremoterequest001_fuzzer.h b/test/fuzztest/access_token/onremoterequest001_fuzzer/onremoterequest001_fuzzer.h new file mode 100644 index 000000000..5b698e374 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest001_fuzzer/onremoterequest001_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_ONREMOTEREQUEST001_FUZZER_H +#define TEST_FUZZTEST_ONREMOTEREQUEST001_FUZZER_H + +#define FUZZ_PROJECT_NAME "onremoterequest001_fuzzer" + +#endif // TEST_FUZZTEST_ONREMOTEREQUEST001_FUZZER_H diff --git a/test/fuzztest/access_token/onremoterequest001_fuzzer/project.xml b/test/fuzztest/access_token/onremoterequest001_fuzzer/project.xml new file mode 100644 index 000000000..8d00dddb5 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest001_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 60 + + 4096 + + diff --git a/test/fuzztest/access_token/onremoterequest002_fuzzer/BUILD.gn b/test/fuzztest/access_token/onremoterequest002_fuzzer/BUILD.gn new file mode 100644 index 000000000..2ec3f3fac --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest002_fuzzer/BUILD.gn @@ -0,0 +1,48 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") + +module_output_path = "access_token/access_token" + +ohos_fuzztest("OnRemoteRequest002FuzzTest") { + module_out_path = module_output_path + fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/onremoterequest002_fuzzer" + + include_dirs = [ + "//third_party/googletest:gtest_main", + "//commonlibrary/c_utils/base/include", + "//base/security/access_token/services/accesstokenmanager/main/cpp/include/service", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "onremoterequest002_fuzzer.cpp" ] + + deps = [ + "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/services/accesstokenmanager/:accesstoken_manager_service", + ] + + configs = [ "//base/security/access_token/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "ipc:ipc_single", + ] +} diff --git a/test/fuzztest/access_token/onremoterequest002_fuzzer/corpus/init b/test/fuzztest/access_token/onremoterequest002_fuzzer/corpus/init new file mode 100644 index 000000000..bc977bd97 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest002_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/access_token/onremoterequest002_fuzzer/onremoterequest002_fuzzer.cpp b/test/fuzztest/access_token/onremoterequest002_fuzzer/onremoterequest002_fuzzer.cpp new file mode 100644 index 000000000..efb722906 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest002_fuzzer/onremoterequest002_fuzzer.cpp @@ -0,0 +1,192 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "onremoterequest002_fuzzer.h" + +#include +#include +#include +#include +#include + +#include "accesstoken_manager_stub.h" + +using namespace std; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + +class TestAccessTokenManagerStubFuzz : public AccessTokenManagerStub { +public: + TestAccessTokenManagerStubFuzz() = default; + virtual ~TestAccessTokenManagerStubFuzz() = default; + + int VerifyAccessToken(AccessTokenID tokenID, const std::string& permissionName) + { + return 0; + } + int GetDefPermission(const std::string& permissionName, PermissionDefParcel& permissionDefResult) + { + return 0; + } + int GetDefPermissions(AccessTokenID tokenID, std::vector& permList) + { + return 0; + } + int GetReqPermissions( + AccessTokenID tokenID, std::vector& reqPermList, bool isSystemGrant) + { + return 0; + } + int GetPermissionFlag(AccessTokenID tokenID, const std::string& permissionName) + { + return 0; + } + PermissionOper GetSelfPermissionsState( + std::vector& permListParcel) + { + return INVALID_OPER; + } + int GrantPermission(AccessTokenID tokenID, const std::string& permissionName, int flag) + { + return 0; + } + int RevokePermission(AccessTokenID tokenID, const std::string& permissionName, int flag) + { + return 0; + } + int ClearUserGrantedPermissionState(AccessTokenID tokenID) + { + return 0; + } + AccessTokenIDEx AllocHapToken(const HapInfoParcel& hapInfo, const HapPolicyParcel& policyParcel) + { + AccessTokenIDEx a; + return a; + } + int DeleteToken(AccessTokenID tokenID) + { + return 0; + } + int GetTokenType(AccessTokenID tokenID) + { + return 0; + } + int CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) + { + return 0; + } + AccessTokenID GetHapTokenID(int userID, const std::string& bundleName, int instIndex) + { + return 0; + } + AccessTokenID AllocLocalTokenID(const std::string& remoteDeviceID, AccessTokenID remoteTokenID) + { + return 0; + } + int GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfoParcel& nativeTokenInfoRes) + { + return 0; + } + int GetHapTokenInfo(AccessTokenID tokenID, HapTokenInfoParcel& hapTokenInfoRes) + { + return 0; + } + int UpdateHapToken(AccessTokenID tokenID, const std::string& appIDDesc, int32_t apiVersion, + const HapPolicyParcel& policyParcel) + { + return 0; + } + int32_t RegisterPermStateChangeCallback( + const PermStateChangeScopeParcel& scope, const sptr& callback) + { + return 0; + } + int32_t UnRegisterPermStateChangeCallback(const sptr& callback) + { + return 0; + } + int32_t ReloadNativeTokenInfo() { + return 0; + } + +#ifdef TOKEN_SYNC_ENABLE + int GetHapTokenInfoFromRemote(AccessTokenID tokenID, + HapTokenInfoForSyncParcel& hapSyncParcel) + { + return 0; + } + int GetAllNativeTokenInfo(std::vector& nativeTokenInfoRes) + { + return 0; + } + int SetRemoteHapTokenInfo(const std::string& deviceID, + HapTokenInfoForSyncParcel& hapSyncParcel) + { + return 0; + } + int SetRemoteNativeTokenInfo(const std::string& deviceID, + std::vector& nativeTokenInfoForSyncParcel) + { + return 0; + } + int DeleteRemoteToken(const std::string& deviceID, AccessTokenID tokenID) + { + return 0; + } + AccessTokenID GetRemoteNativeTokenID(const std::string& deviceID, AccessTokenID tokenID) + { + return 0; + } + int DeleteRemoteDeviceTokens(const std::string& deviceID) + { + return 0; + } +#endif + + void DumpTokenInfo(AccessTokenID tokenID, std::string& tokenInfo) + { + } +}; + + bool OnRemoteRequestFuzzTest(const uint8_t* data, size_t size) + { + bool result = false; + if ((data == nullptr) || (size <= 0)) { + return result; + } + if (size > 0) { + TestAccessTokenManagerStubFuzz callback; + MessageParcel mess; + MessageParcel reply; + mess.WriteInterfaceToken(IAccessTokenManager::GetDescriptor()); + std::string testName(reinterpret_cast(data), size); + uint32_t grant = static_cast(size); + MessageOption option(grant); + mess.WriteUint32(grant); + mess.WriteString16(Str8ToStr16(testName)); + result = callback.OnRemoteRequest(grant, mess, reply, option); + } + return (result != 0); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::OnRemoteRequestFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/access_token/onremoterequest002_fuzzer/onremoterequest002_fuzzer.h b/test/fuzztest/access_token/onremoterequest002_fuzzer/onremoterequest002_fuzzer.h new file mode 100644 index 000000000..0bbd19a89 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest002_fuzzer/onremoterequest002_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_ONREMOTEREQUEST002_FUZZER_H +#define TEST_FUZZTEST_ONREMOTEREQUEST002_FUZZER_H + +#define FUZZ_PROJECT_NAME "onremoterequest002_fuzzer" + +#endif // TEST_FUZZTEST_ONREMOTEREQUEST002_FUZZER_H diff --git a/test/fuzztest/access_token/onremoterequest002_fuzzer/project.xml b/test/fuzztest/access_token/onremoterequest002_fuzzer/project.xml new file mode 100644 index 000000000..8d00dddb5 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest002_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 60 + + 4096 + + diff --git a/test/fuzztest/access_token/onremoterequest003_fuzzer/BUILD.gn b/test/fuzztest/access_token/onremoterequest003_fuzzer/BUILD.gn new file mode 100644 index 000000000..1a128622c --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest003_fuzzer/BUILD.gn @@ -0,0 +1,50 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") + +module_output_path = "access_token/access_token" + +ohos_fuzztest("OnRemoteRequest003FuzzTest") { + module_out_path = module_output_path + fuzz_config_file = "//base/security/access_token/test/fuzztest/access_token/onremoterequest003_fuzzer" + + include_dirs = [ + "//third_party/sqlite/include/", + "//third_party/json/include", + "//base/security/access_token/services/tokensyncmanager/include/service", + "//base/security/access_token/frameworks/tokensync/include", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "onremoterequest003_fuzzer.cpp" ] + + deps = [ + "//base/security/access_token/frameworks/accesstoken:accesstoken_communication_adapter_cxx", + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/interfaces/innerkits/tokensync:libtokensync_sdk", + "//base/security/access_token/services/tokensyncmanager:tokensyncmanager", + ] + + configs = [ "//base/security/access_token/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "ipc:ipc_single", + ] +} diff --git a/test/fuzztest/access_token/onremoterequest003_fuzzer/corpus/init b/test/fuzztest/access_token/onremoterequest003_fuzzer/corpus/init new file mode 100644 index 000000000..bc977bd97 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest003_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/access_token/onremoterequest003_fuzzer/onremoterequest003_fuzzer.cpp b/test/fuzztest/access_token/onremoterequest003_fuzzer/onremoterequest003_fuzzer.cpp new file mode 100644 index 000000000..f81ee8204 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest003_fuzzer/onremoterequest003_fuzzer.cpp @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "onremoterequest003_fuzzer.h" + +#include +#include +#include +#include +#include + +#include "token_sync_manager_stub.h" + +using namespace std; +using namespace OHOS::Security::AccessToken; + +namespace OHOS { + +class TestTokenSyncManagerStubFuzz : public TokenSyncManagerStub { +public: +TestTokenSyncManagerStubFuzz() = default; + virtual ~TestTokenSyncManagerStubFuzz() = default; + + int GetRemoteHapTokenInfo(const std::string& deviceID, AccessTokenID tokenID) + { + return 0; + } + int DeleteRemoteHapTokenInfo(AccessTokenID tokenID) + { + return 0; + } + int UpdateRemoteHapTokenInfo(const HapTokenInfoForSync& tokenInfo) + { + return 0; + } +}; + + bool OnRemoteRequestFuzzTest(const uint8_t* data, size_t size) + { + bool result = false; + if ((data == nullptr) || (size <= 0)) { + return result; + } + if (size > 0) { + TestTokenSyncManagerStubFuzz callback; + MessageParcel mess; + MessageParcel reply; + mess.WriteInterfaceToken(ITokenSyncManager::GetDescriptor()); + std::string testName(reinterpret_cast(data), size); + uint32_t grant = static_cast(size); + MessageOption option(grant); + mess.WriteUint32(grant); + mess.WriteString16(Str8ToStr16(testName)); + result = callback.OnRemoteRequest(grant, mess, reply, option); + } + return (result != 0); + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::OnRemoteRequestFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/access_token/onremoterequest003_fuzzer/onremoterequest003_fuzzer.h b/test/fuzztest/access_token/onremoterequest003_fuzzer/onremoterequest003_fuzzer.h new file mode 100644 index 000000000..e8f513de8 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest003_fuzzer/onremoterequest003_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_ONREMOTEREQUEST003_FUZZER_H +#define TEST_FUZZTEST_ONREMOTEREQUEST003_FUZZER_H + +#define FUZZ_PROJECT_NAME "onremoterequest003_fuzzer" + +#endif // TEST_FUZZTEST_ONREMOTEREQUEST007_FUZZER_H diff --git a/test/fuzztest/access_token/onremoterequest003_fuzzer/project.xml b/test/fuzztest/access_token/onremoterequest003_fuzzer/project.xml new file mode 100644 index 000000000..8d00dddb5 --- /dev/null +++ b/test/fuzztest/access_token/onremoterequest003_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 60 + + 4096 + + -- Gitee