From 7cd98c359c840e1e4b063f4eb113c2d18cd076e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=88=98=E7=AB=8B=E5=89=91?= Date: Mon, 6 May 2024 21:53:38 +0800 Subject: [PATCH] add fuzz test MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 刘立剑 --- BUILD.gn | 6 +- bundle.json | 7 +- test/BUILD.gn | 28 ++++ .../datatransmitmgr_fuzzer/BUILD.gn | 6 +- .../datatransmitmgr_fuzzer.cpp | 4 +- .../devslinfoadpt_fuzzer/BUILD.gn | 48 ++++++ .../devslinfoadpt_fuzzer/corpus/init | 14 ++ .../devslinfoadpt_fuzzer.cpp | 149 ++++++++++++++++++ .../devslinfoadpt_fuzzer.h | 28 ++++ .../devslinfoadpt_fuzzer/project.xml | 25 +++ .../gethighestseclevel_fuzzer/BUILD.gn | 48 ++++++ .../gethighestseclevel_fuzzer/corpus/init | 14 ++ .../gethighestseclevel_fuzzer.cpp | 117 ++++++++++++++ .../gethighestseclevel_fuzzer.h | 28 ++++ .../gethighestseclevel_fuzzer/project.xml | 25 +++ .../gethighestseclevelasync_fuzzer/BUILD.gn | 48 ++++++ .../corpus/init | 14 ++ .../gethighestseclevelasync_fuzzer.cpp | 106 +++++++++++++ .../gethighestseclevelasync_fuzzer.h | 28 ++++ .../project.xml | 25 +++ 20 files changed, 758 insertions(+), 10 deletions(-) create mode 100644 test/BUILD.gn create mode 100644 test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/BUILD.gn create mode 100644 test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/corpus/init create mode 100644 test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/devslinfoadpt_fuzzer.cpp create mode 100644 test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/devslinfoadpt_fuzzer.h create mode 100644 test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/project.xml create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/BUILD.gn create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/corpus/init create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/gethighestseclevel_fuzzer.cpp create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/gethighestseclevel_fuzzer.h create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/project.xml create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/BUILD.gn create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/corpus/init create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/gethighestseclevelasync_fuzzer.cpp create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/gethighestseclevelasync_fuzzer.h create mode 100644 test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/project.xml diff --git a/BUILD.gn b/BUILD.gn index e084987..f26cc11 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (C) 2021-2022 Huawei Device Co., Ltd. +# Copyright (C) 2021-2024 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,5 +13,7 @@ import("//build/ohos.gni") group("dataclassification_build_module") { - deps = [ "interfaces/innerkits/datatransmitmgr:data_transit_mgr" ] + if (os_level == "standard") { + deps = [ "interfaces/innerkits/datatransmitmgr:data_transit_mgr" ] + } } diff --git a/bundle.json b/bundle.json index d00cd50..d2e1ae7 100644 --- a/bundle.json +++ b/bundle.json @@ -19,7 +19,9 @@ "dataclassification_feature_enabled" ], "adapted_system_type": [ - "standard" + "standard", + "small", + "mini" ], "rom": "30KB", "ram": " ", @@ -47,8 +49,7 @@ } ], "test": [ - "//base/security/dataclassification/test/unittest/datatransmitmgr:DevSLMgrTest", - "//base/security/dataclassification/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer:DataTransmitMgrFuzzTest" + "//base/security/dataclassification/test:dataclassification_test_build" ] } } diff --git a/test/BUILD.gn b/test/BUILD.gn new file mode 100644 index 0000000..61ed662 --- /dev/null +++ b/test/BUILD.gn @@ -0,0 +1,28 @@ +# Copyright (C) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +group("dataclassification_test_build") { + deps = [] + if (os_level == "standard") { + testonly = true + deps += [ + "fuzztest/datatransmitmgr/datatransmitmgr_fuzzer:DataTransmitMgrFuzzTest", + "fuzztest/datatransmitmgr/devslinfoadpt_fuzzer:DevSlinfoAdptFuzzTest", + "fuzztest/datatransmitmgr/gethighestseclevel_fuzzer:GetHighestSecLevelFuzzTest", + "fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer:GetHighestSecLevelAsyncFuzzTest", + "unittest/datatransmitmgr:DevSLMgrTest", + ] + } +} diff --git a/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer/BUILD.gn b/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer/BUILD.gn index 8709293..6ecedb2 100644 --- a/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer/BUILD.gn +++ b/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer/BUILD.gn @@ -16,7 +16,7 @@ import("//build/test.gni") ohos_fuzztest("DataTransmitMgrFuzzTest") { module_out_path = "security/dataclassification" - fuzz_config_file = "//base/security/dataclassification/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer" + fuzz_config_file = "." cflags = [ "-g", @@ -26,8 +26,8 @@ ohos_fuzztest("DataTransmitMgrFuzzTest") { ] include_dirs = [ - "//base/security/dataclassification/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer", - "//base/security/dataclassification/interfaces/innerkits/datatransmitmgr/include", + "./", + "../../../../interfaces/innerkits/datatransmitmgr/include", ] sources = [ "datatransmitmgr_fuzzer.cpp" ] diff --git a/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer/datatransmitmgr_fuzzer.cpp b/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer/datatransmitmgr_fuzzer.cpp index c3fca28..901152c 100644 --- a/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer/datatransmitmgr_fuzzer.cpp +++ b/test/fuzztest/datatransmitmgr/datatransmitmgr_fuzzer/datatransmitmgr_fuzzer.cpp @@ -27,7 +27,7 @@ namespace OHOS { return; } - void FuzzDoDataTransmitMgr(const uint8_t* data, size_t size) + void FuzzDoDataTransmitMgr(const uint8_t *data, size_t size) { if (data == nullptr || size <= MAX_UDID_LENGTH) { return; @@ -47,7 +47,7 @@ namespace OHOS { } /* Fuzzer entry point */ -extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { /* Run your code on data */ OHOS::FuzzDoDataTransmitMgr(data, size); diff --git a/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/BUILD.gn b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/BUILD.gn new file mode 100644 index 0000000..1f9379f --- /dev/null +++ b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/BUILD.gn @@ -0,0 +1,48 @@ +# Copyright (C) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") +import("//build/test.gni") + +ohos_fuzztest("DevSlinfoAdptFuzzTest") { + module_out_path = "security/dataclassification" + fuzz_config_file = "." + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + include_dirs = [ + "./", + "../../../../interfaces/innerkits/datatransmitmgr/include", + ] + + sources = [ "devslinfoadpt_fuzzer.cpp" ] + + deps = [ "../../../../interfaces/innerkits/datatransmitmgr:data_transit_mgr" ] + + defines = [ "HILOG_ENABLE" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "device_security_level:dslm_sdk", + "hilog:libhilog", + "init:libbegetutil", + ] +} diff --git a/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/corpus/init b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/corpus/init new file mode 100644 index 0000000..900e36d --- /dev/null +++ b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (C) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1111111111111111111111111111111111111111111111111111111111111111 \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/devslinfoadpt_fuzzer.cpp b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/devslinfoadpt_fuzzer.cpp new file mode 100644 index 0000000..b53c2c7 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/devslinfoadpt_fuzzer.cpp @@ -0,0 +1,149 @@ +/* + * Copyright (C) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "devslinfoadpt_fuzzer.h" + +#include +#include + +#include "file_ex.h" +#include "securec.h" +#include "parameter.h" +#include "nativetoken_kit.h" +#include "token_setproc.h" +#include "accesstoken_kit.h" + +#include "dev_slinfo_adpt.h" +#include "dev_slinfo_mgr.h" + +namespace OHOS { +static bool g_isForcingFuzz3 = false; + +static uint8_t g_udidInvalid[MAX_UDID_LENGTH + 1] = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"; + +struct DeviceSecurityInfo { + uint32_t magicNum {0}; + uint32_t result {0}; + uint32_t level {0}; +}; + +extern "C" { + extern void OnApiDeviceSecInfoCallback(const DeviceIdentify *identify, struct DeviceSecurityInfo *info); +} + +static void NativeTokenGetFuzz3(void) +{ + uint64_t tokenId3; + const char **permsFuzz3 = new const char *[1]; + permsFuzz3[0] = "ohos.permission.DISTRIBUTED_DATASYNC"; + NativeTokenInfoParams infoInstanceFuzz1 = { + .dcapsNum = 0, + .permsNum = 1, + .aclsNum = 0, + .dcaps = nullptr, + .perms = permsFuzz3, + .acls = nullptr, + .aplStr = "system_basic", + }; + + infoInstanceFuzz1.processName = "DevSLMgrTest"; + tokenId3 = GetAccessTokenId(&infoInstanceFuzz1); + SetSelfTokenID(tokenId3); + OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); + delete[] permsFuzz3; +} + +static void BeginFuzzCase3(void) +{ + std::string isEnforcing; + OHOS::LoadStringFromFile("/sys/fs/selinux/enforce", isEnforcing); + if (isEnforcing.compare("1") == 0) { + g_isForcingFuzz3 = true; + OHOS::SaveStringToFile("/sys/fs/selinux/enforce", "0"); + } + NativeTokenGetFuzz3(); +} + +static void EndFuzzCase3(void) +{ + if (g_isForcingFuzz3) { + OHOS::SaveStringToFile("/sys/fs/selinux/enforce", "1"); + } +} + +static int32_t GetLocalUdidFuzz3(DEVSLQueryParams *queryParams) +{ + char udid[MAX_UDID_LENGTH + 1] = {0}; + int32_t ret = GetDevUdid(udid, MAX_UDID_LENGTH + 1); + if (ret != DEVSL_SUCCESS) { + return DEVSL_ERROR; + } + + (void)memcpy_s(queryParams->udid, MAX_UDID_LENGTH, udid, MAX_UDID_LENGTH); + queryParams->udidLen = MAX_UDID_LENGTH; + return ret; +} + +void FuzzDoDevSlinfoAdpt(const uint8_t* data, size_t size) +{ + if (data == nullptr || size <= MAX_UDID_LENGTH) { + return; + } + OnApiDeviceSecInfoCallback(nullptr, nullptr); + (void)GetDeviceSecLevelByUdidAsync(nullptr, 0); + + DEVSLQueryParams queryParams; + (void)memset_s(&queryParams, sizeof(DEVSLQueryParams), 0, sizeof(DEVSLQueryParams)); + queryParams.udidLen = MAX_UDID_LENGTH; + (void)memcpy_s(queryParams.udid, MAX_UDID_LENGTH, data, MAX_UDID_LENGTH); + BeginFuzzCase3(); + int32_t ret; + uint32_t levelInfo = 0; + int32_t devLevel = 0; + DeviceIdentify devId; + DeviceSecurityInfo devInfo; + (void)DATASL_OnStart(); + + do { + ret = GetLocalUdidFuzz3(&queryParams); + if (ret != DEVSL_SUCCESS) { + break; + } + ret = GetDeviceSecLevelByUdid(static_cast(g_udidInvalid), MAX_UDID_LENGTH + 1, &devLevel); + if (ret == DEVSL_SUCCESS) { + break; + } + (void)GetDeviceSecLevelByUdid(static_cast(queryParams.udid), queryParams.udidLen, &devLevel); + (void)DATASL_GetHighestSecLevel(&queryParams, &levelInfo); + + (void)memset_s(&devId, sizeof(devId), 0, sizeof(devId)); + (void)memcpy_s(devId.identity, MAX_UDID_LENGTH, queryParams.udid, queryParams.udidLen); + devId.length = queryParams.udidLen; + + OnApiDeviceSecInfoCallback(&devId, nullptr); + OnApiDeviceSecInfoCallback(&devId, &devInfo); + } while (0); + DATASL_OnStop(); + EndFuzzCase3(); +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + /* Run your code on data */ + OHOS::FuzzDoDevSlinfoAdpt(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/devslinfoadpt_fuzzer.h b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/devslinfoadpt_fuzzer.h new file mode 100644 index 0000000..5bab274 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/devslinfoadpt_fuzzer.h @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DEVSLINFOADPT_FUZZER_H +#define DEVSLINFOADPT_FUZZER_H + +#include +#include +#include +#include +#include +#include + +#define FUZZ_PROJECT_NAME "devslinfoadpt_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/project.xml b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/project.xml new file mode 100644 index 0000000..5d5ba32 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/devslinfoadpt_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 30 + + 4096 + + diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/BUILD.gn b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/BUILD.gn new file mode 100644 index 0000000..b987c22 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/BUILD.gn @@ -0,0 +1,48 @@ +# Copyright (C) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") +import("//build/test.gni") + +ohos_fuzztest("GetHighestSecLevelFuzzTest") { + module_out_path = "security/dataclassification" + fuzz_config_file = "." + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + include_dirs = [ + "./", + "../../../../interfaces/innerkits/datatransmitmgr/include", + ] + + sources = [ "gethighestseclevel_fuzzer.cpp" ] + + deps = [ "../../../../interfaces/innerkits/datatransmitmgr:data_transit_mgr" ] + + defines = [ "HILOG_ENABLE" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "device_security_level:dslm_sdk", + "hilog:libhilog", + "init:libbegetutil", + ] +} diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/corpus/init b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/corpus/init new file mode 100644 index 0000000..900e36d --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (C) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1111111111111111111111111111111111111111111111111111111111111111 \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/gethighestseclevel_fuzzer.cpp b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/gethighestseclevel_fuzzer.cpp new file mode 100644 index 0000000..339c178 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/gethighestseclevel_fuzzer.cpp @@ -0,0 +1,117 @@ +/* + * Copyright (C) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "gethighestseclevel_fuzzer.h" + +#include +#include + +#include "file_ex.h" +#include "securec.h" +#include "parameter.h" +#include "nativetoken_kit.h" +#include "token_setproc.h" +#include "accesstoken_kit.h" + +#include "dev_slinfo_mgr.h" + +namespace OHOS { +static bool g_isForcingFuzz2 = false; + +static void NativeTokenGetFuzz2(void) +{ + uint64_t tokenId2; + const char **permsFuzz2 = new const char *[1]; + permsFuzz2[0] = "ohos.permission.DISTRIBUTED_DATASYNC"; + NativeTokenInfoParams infoInstanceFuzz1 = { + .dcapsNum = 0, + .permsNum = 1, + .aclsNum = 0, + .dcaps = nullptr, + .perms = permsFuzz2, + .acls = nullptr, + .aplStr = "system_basic", + }; + + infoInstanceFuzz1.processName = "DevSLMgrTest"; + tokenId2 = GetAccessTokenId(&infoInstanceFuzz1); + SetSelfTokenID(tokenId2); + OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); + delete[] permsFuzz2; +} + +static void BeginFuzzCase2(void) +{ + std::string isEnforcing; + OHOS::LoadStringFromFile("/sys/fs/selinux/enforce", isEnforcing); + if (isEnforcing.compare("1") == 0) { + g_isForcingFuzz2 = true; + OHOS::SaveStringToFile("/sys/fs/selinux/enforce", "0"); + } + NativeTokenGetFuzz2(); +} + +static void EndFuzzCase2(void) +{ + if (g_isForcingFuzz2) { + OHOS::SaveStringToFile("/sys/fs/selinux/enforce", "1"); + } +} + +static int32_t GetLocalUdidFuzz2(DEVSLQueryParams *queryParams) +{ + char udid[MAX_UDID_LENGTH + 1] = {0}; + int32_t ret = GetDevUdid(udid, MAX_UDID_LENGTH + 1); + if (ret != DEVSL_SUCCESS) { + return DEVSL_ERROR; + } + + (void)memcpy_s(queryParams->udid, MAX_UDID_LENGTH, udid, MAX_UDID_LENGTH); + queryParams->udidLen = MAX_UDID_LENGTH; + return ret; +} + +void FuzzDoGetHighestSecLevel(const uint8_t *data, size_t size) +{ + if (data == nullptr || size <= MAX_UDID_LENGTH) { + return; + } + + uint32_t levelInfo = 0; + DEVSLQueryParams queryParams; + (void)memset_s(&queryParams, sizeof(DEVSLQueryParams), 0, sizeof(DEVSLQueryParams)); + queryParams.udidLen = MAX_UDID_LENGTH; + (void)memcpy_s(queryParams.udid, MAX_UDID_LENGTH, data, MAX_UDID_LENGTH); + BeginFuzzCase2(); + (void)DATASL_OnStart(); + (void)DATASL_GetHighestSecLevel(&queryParams, &levelInfo); + (void)DATASL_GetHighestSecLevel(nullptr, &levelInfo); + (void)DATASL_GetHighestSecLevel(&queryParams, nullptr); + + (void)GetLocalUdidFuzz2(&queryParams); + + (void)DATASL_GetHighestSecLevel(&queryParams, &levelInfo); + DATASL_OnStop(); + EndFuzzCase2(); +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + /* Run your code on data */ + OHOS::FuzzDoGetHighestSecLevel(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/gethighestseclevel_fuzzer.h b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/gethighestseclevel_fuzzer.h new file mode 100644 index 0000000..f9a9236 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/gethighestseclevel_fuzzer.h @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef GETHIGHESTSECLEVEL_FUZZER_H +#define GETHIGHESTSECLEVEL_FUZZER_H + +#include +#include +#include +#include +#include +#include + +#define FUZZ_PROJECT_NAME "gethighestseclevel_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/project.xml b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/project.xml new file mode 100644 index 0000000..5d5ba32 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevel_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 30 + + 4096 + + diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/BUILD.gn b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/BUILD.gn new file mode 100644 index 0000000..ac5e5f1 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/BUILD.gn @@ -0,0 +1,48 @@ +# Copyright (C) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") +import("//build/test.gni") + +ohos_fuzztest("GetHighestSecLevelAsyncFuzzTest") { + module_out_path = "security/dataclassification" + fuzz_config_file = "." + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + include_dirs = [ + "./", + "../../../../interfaces/innerkits/datatransmitmgr/include", + ] + + sources = [ "gethighestseclevelasync_fuzzer.cpp" ] + + deps = [ "../../../../interfaces/innerkits/datatransmitmgr:data_transit_mgr" ] + + defines = [ "HILOG_ENABLE" ] + + external_deps = [ + "access_token:libaccesstoken_sdk", + "access_token:libnativetoken", + "access_token:libtoken_setproc", + "c_utils:utils", + "device_security_level:dslm_sdk", + "hilog:libhilog", + "init:libbegetutil", + ] +} diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/corpus/init b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/corpus/init new file mode 100644 index 0000000..900e36d --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (C) 2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1111111111111111111111111111111111111111111111111111111111111111 \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/gethighestseclevelasync_fuzzer.cpp b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/gethighestseclevelasync_fuzzer.cpp new file mode 100644 index 0000000..6dff429 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/gethighestseclevelasync_fuzzer.cpp @@ -0,0 +1,106 @@ +/* + * Copyright (C) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "gethighestseclevelasync_fuzzer.h" + +#include +#include + +#include "file_ex.h" +#include "securec.h" +#include "nativetoken_kit.h" +#include "token_setproc.h" +#include "accesstoken_kit.h" + +#include "dev_slinfo_mgr.h" + +namespace OHOS { +static bool g_isForcingFuzz1 = false; + +static void NativeTokenGetFuzz1(void) +{ + uint64_t tokenId1; + const char **permsFuzz1 = new const char *[1]; + permsFuzz1[0] = "ohos.permission.DISTRIBUTED_DATASYNC"; + NativeTokenInfoParams infoInstanceFuzz1 = { + .dcapsNum = 0, + .permsNum = 1, + .aclsNum = 0, + .dcaps = nullptr, + .perms = permsFuzz1, + .acls = nullptr, + .aplStr = "system_basic", + }; + + infoInstanceFuzz1.processName = "DevSLMgrTest"; + tokenId1 = GetAccessTokenId(&infoInstanceFuzz1); + SetSelfTokenID(tokenId1); + OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); + delete[] permsFuzz1; +} + +static void BeginFuzzCase1(void) +{ + std::string isEnforcing; + OHOS::LoadStringFromFile("/sys/fs/selinux/enforce", isEnforcing); + if (isEnforcing.compare("1") == 0) { + g_isForcingFuzz1 = true; + OHOS::SaveStringToFile("/sys/fs/selinux/enforce", "0"); + } + NativeTokenGetFuzz1(); +} + +static void EndFuzzCase1(void) +{ + if (g_isForcingFuzz1) { + OHOS::SaveStringToFile("/sys/fs/selinux/enforce", "1"); + } +} + +static void tmpCallbackFuzz1(DEVSLQueryParams *queryParams, int32_t result, uint32_t levelInfo) +{ + (void)queryParams; + (void)result; + (void)levelInfo; + return; +} + +void FuzzDoGetHighestSecLevelAsync(const uint8_t *data, size_t size) +{ + if (data == nullptr || size <= MAX_UDID_LENGTH) { + return; + } + + DEVSLQueryParams queryParams; + (void)memset_s(&queryParams, sizeof(DEVSLQueryParams), 0, sizeof(DEVSLQueryParams)); + queryParams.udidLen = MAX_UDID_LENGTH; + (void)memcpy_s(queryParams.udid, MAX_UDID_LENGTH, data, MAX_UDID_LENGTH); + BeginFuzzCase1(); + (void)DATASL_OnStart(); + (void)DATASL_GetHighestSecLevelAsync(&queryParams, tmpCallbackFuzz1); + (void)DATASL_GetHighestSecLevelAsync(nullptr, tmpCallbackFuzz1); + (void)DATASL_GetHighestSecLevelAsync(&queryParams, nullptr); + DATASL_OnStop(); + EndFuzzCase1(); +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + /* Run your code on data */ + OHOS::FuzzDoGetHighestSecLevelAsync(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/gethighestseclevelasync_fuzzer.h b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/gethighestseclevelasync_fuzzer.h new file mode 100644 index 0000000..2a861ec --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/gethighestseclevelasync_fuzzer.h @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef GETHIGHESTSECLEVELASYNC_FUZZER_H +#define GETHIGHESTSECLEVELASYNC_FUZZER_H + +#include +#include +#include +#include +#include +#include + +#define FUZZ_PROJECT_NAME "gethighestseclevelasync_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/project.xml b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/project.xml new file mode 100644 index 0000000..5d5ba32 --- /dev/null +++ b/test/fuzztest/datatransmitmgr/gethighestseclevelasync_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 30 + + 4096 + + -- Gitee