diff --git a/interfaces/native/test/fuzztest/BUILD.gn b/interfaces/native/test/fuzztest/BUILD.gn index bd9265b34e40fd46a261ac7540859e2d47e65870..0ea4c43e43e847b36ae49b696d94ea3f16ad91ac 100644 --- a/interfaces/native/test/fuzztest/BUILD.gn +++ b/interfaces/native/test/fuzztest/BUILD.gn @@ -17,5 +17,9 @@ import("//build/test.gni") group("fuzztest") { testonly = true - deps = [ "sensoragent_fuzzer:fuzztest" ] + deps = [ + "getallsensors_fuzzer:fuzztest", + "sensoragent_fuzzer:fuzztest", + "setmode_fuzzer:fuzztest", + ] } diff --git a/interfaces/native/test/fuzztest/getallsensors_fuzzer/BUILD.gn b/interfaces/native/test/fuzztest/getallsensors_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..9b756ae1aba3570f92719a57690834df1eeff1cc --- /dev/null +++ b/interfaces/native/test/fuzztest/getallsensors_fuzzer/BUILD.gn @@ -0,0 +1,50 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +module_output_path = "sensors/sensor" + +ohos_fuzztest("GetAllSensorsFuzzTest") { + module_out_path = module_output_path + + fuzz_config_file = "//base/sensors/sensor/interfaces/native/test/fuzztest/getallsensors_fuzzer" + + include_dirs = [ + "//base/sensors/sensor/interfaces/native/test/fuzztest/getallsensors_fuzzer", + "//base/sensors/sensor/interfaces/native/include", + ] + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ "getallsensors_fuzzer.cpp" ] + + deps = [ "//base/sensors/sensor/interfaces/native:sensor_interface_native" ] + + external_deps = [ "c_utils:utils" ] +} + +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":GetAllSensorsFuzzTest", + ] +} diff --git a/interfaces/native/test/fuzztest/getallsensors_fuzzer/corpus/init b/interfaces/native/test/fuzztest/getallsensors_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..c49c21aa8683c4d54af710059267afe15db14f96 --- /dev/null +++ b/interfaces/native/test/fuzztest/getallsensors_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/interfaces/native/test/fuzztest/getallsensors_fuzzer/getallsensors_fuzzer.cpp b/interfaces/native/test/fuzztest/getallsensors_fuzzer/getallsensors_fuzzer.cpp new file mode 100755 index 0000000000000000000000000000000000000000..233cdd2225a8f795a9e970ce12ee9841b618e51e --- /dev/null +++ b/interfaces/native/test/fuzztest/getallsensors_fuzzer/getallsensors_fuzzer.cpp @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "getallsensors_fuzzer.h" + +#include "securec.h" + +#include "sensor_agent.h" +#include "sensor_agent_type.h" + +template +size_t GetObject(const uint8_t *data, size_t size, T &object) +{ + size_t objectSize = sizeof(object); + if (objectSize > size) { + return 0; + } + return memcpy_s(&object, objectSize, data, objectSize) == EOK ? objectSize : 0; +} + +bool GetAllSensorsFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < (sizeof(int32_t) + sizeof(SensorInfo))) { + return false; + } + int32_t count; + size_t startPos = 0; + startPos = GetObject(data + startPos, size - startPos, count); + SensorInfo info; + GetObject(data + startPos, size - startPos, info); + SensorInfo *info2; + info2 = &info; + if (GetAllSensors(&info2, &count) != 0) { + return false; + } + return true; +} + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + GetAllSensorsFuzzTest(data, size); + return 0; +} + diff --git a/interfaces/native/test/fuzztest/getallsensors_fuzzer/getallsensors_fuzzer.h b/interfaces/native/test/fuzztest/getallsensors_fuzzer/getallsensors_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..32bf74add96937ef45632aabd252b62642252735 --- /dev/null +++ b/interfaces/native/test/fuzztest/getallsensors_fuzzer/getallsensors_fuzzer.h @@ -0,0 +1,22 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SENSOR_DISABLE_FUZZER_H +#define SENSOR_DISABLE_FUZZER_H + +#define FUZZ_PROJECT_NAME "getallsensors_fuzzer" + +#endif + diff --git a/interfaces/native/test/fuzztest/getallsensors_fuzzer/project.xml b/interfaces/native/test/fuzztest/getallsensors_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..20dc766db73742058c8300227a37ba63703fc683 --- /dev/null +++ b/interfaces/native/test/fuzztest/getallsensors_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 120 + + 2048 + + diff --git a/interfaces/native/test/fuzztest/sensoragent_fuzzer/sensoragent_fuzzer.cpp b/interfaces/native/test/fuzztest/sensoragent_fuzzer/sensoragent_fuzzer.cpp index d780c28d5d60f53c4dd2a410905958c1d82b32b5..a8711e336f2b6a5c305a537df78be396fe11ce8d 100644 --- a/interfaces/native/test/fuzztest/sensoragent_fuzzer/sensoragent_fuzzer.cpp +++ b/interfaces/native/test/fuzztest/sensoragent_fuzzer/sensoragent_fuzzer.cpp @@ -14,10 +14,12 @@ */ #include "sensoragent_fuzzer.h" + +#include "securec.h" +#include + #include "sensor_agent.h" #include "sensor_agent_type.h" -#include -#include void SensorDataCallbackImpl(SensorEvent *event) { @@ -45,6 +47,9 @@ bool CheckSensorTypeId(int32_t sensorTypeId) bool SensorAgentFuzzTest(const uint8_t* data, size_t size) { + if (data == nullptr || size < sizeof(int32_t)) { + return false; + } intptr_t sensorTypeId = reinterpret_cast(data); bool validSensorId = CheckSensorTypeId(sensorTypeId); SensorUser user; diff --git a/interfaces/native/test/fuzztest/setmode_fuzzer/BUILD.gn b/interfaces/native/test/fuzztest/setmode_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..541d20b581187663ca86c4210d3044cde18668b2 --- /dev/null +++ b/interfaces/native/test/fuzztest/setmode_fuzzer/BUILD.gn @@ -0,0 +1,51 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +module_output_path = "sensors/sensor" + +ohos_fuzztest("SetModeFuzzTest") { + module_out_path = module_output_path + + fuzz_config_file = + "//base/sensors/sensor/interfaces/native/test/fuzztest/setmode_fuzzer" + + include_dirs = [ + "//base/sensors/sensor/interfaces/native/test/fuzztest/setmode_fuzzer", + "//base/sensors/sensor/interfaces/native/include", + ] + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ "setmode_fuzzer.cpp" ] + + deps = [ "//base/sensors/sensor/interfaces/native:sensor_interface_native" ] + + external_deps = [ "c_utils:utils" ] +} + +group("fuzztest") { + testonly = true + deps = [] + deps += [ + # deps file + ":SetModeFuzzTest", + ] +} diff --git a/interfaces/native/test/fuzztest/setmode_fuzzer/corpus/init b/interfaces/native/test/fuzztest/setmode_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..c49c21aa8683c4d54af710059267afe15db14f96 --- /dev/null +++ b/interfaces/native/test/fuzztest/setmode_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ \ No newline at end of file diff --git a/interfaces/native/test/fuzztest/setmode_fuzzer/project.xml b/interfaces/native/test/fuzztest/setmode_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..20dc766db73742058c8300227a37ba63703fc683 --- /dev/null +++ b/interfaces/native/test/fuzztest/setmode_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 120 + + 2048 + + diff --git a/interfaces/native/test/fuzztest/setmode_fuzzer/setmode_fuzzer.cpp b/interfaces/native/test/fuzztest/setmode_fuzzer/setmode_fuzzer.cpp new file mode 100755 index 0000000000000000000000000000000000000000..53ad70306dcb41069f802a20cb4b604a018ef9f7 --- /dev/null +++ b/interfaces/native/test/fuzztest/setmode_fuzzer/setmode_fuzzer.cpp @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "setmode_fuzzer.h" + +#include "securec.h" + +#include "sensor_agent.h" +#include "sensor_agent_type.h" + +template +size_t GetObject(const uint8_t *data, size_t size, T &object) +{ + size_t objectSize = sizeof(object); + if (objectSize > size) { + return 0; + } + return memcpy_s(&object, objectSize, data, objectSize) == EOK ? objectSize : 0; +} + +bool SetModeFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < (sizeof(int32_t) + sizeof(SensorUser))) { + return false; + } + int32_t option; + size_t startPos = 0; + startPos = GetObject(data + startPos, size - startPos, option); + SensorUser user; + GetObject(data + startPos, size - startPos, user); + if (SetMode(option, &user, option) != 0) { + return false; + } + return true; +} + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + SetModeFuzzTest(data, size); + return 0; +} + diff --git a/interfaces/native/test/fuzztest/setmode_fuzzer/setmode_fuzzer.h b/interfaces/native/test/fuzztest/setmode_fuzzer/setmode_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..681ce9dd80822b000103a2f9f0dd58d873eb9834 --- /dev/null +++ b/interfaces/native/test/fuzztest/setmode_fuzzer/setmode_fuzzer.h @@ -0,0 +1,22 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef SENSOR_DISABLE_FUZZER_H +#define SENSOR_DISABLE_FUZZER_H + +#define FUZZ_PROJECT_NAME "setmode_fuzzer" + +#endif +