1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "devauthservaddmultimemberstogroup_fuzzer.h"
17 #include "device_auth.h"
18 #include "device_auth_defines.h"
19 #include "hc_dev_info.h"
20 #include "hc_log.h"
21 #include "json_utils.h"
22 #include "securec.h"
23 #include <unistd.h>
24 
25 namespace OHOS {
26     static char g_groupId[128] = { 0 };
27 
OnError(int64_t requestId,int operationCode,int errorCode,const char * errorReturn)28     static void OnError(int64_t requestId, int operationCode, int errorCode, const char *errorReturn)
29     {
30         LOGE("error return: %s", errorReturn);
31     }
32 
OnFinish(int64_t requestId,int operationCode,const char * authReturn)33     static void OnFinish(int64_t requestId, int operationCode, const char *authReturn)
34     {
35         LOGI("return value: %s", authReturn);
36         if (operationCode == GROUP_CREATE) {
37             CJson *json = CreateJsonFromString(authReturn);
38             if (json != nullptr) {
39                 const char *data = GetStringFromJson(json, FIELD_GROUP_ID);
40                 if (data != nullptr) {
41                     (void)memcpy_s(g_groupId, sizeof(g_groupId), data, strlen(data));
42                     g_groupId[strlen(data)] = 0;
43                 }
44                 FreeJson(json);
45             }
46         }
47     }
48 
OnSessionKeyReturned(int64_t requestId,const uint8_t * sessionKey,uint32_t sessionKeyLen)49     static void OnSessionKeyReturned(int64_t requestId, const uint8_t *sessionKey, uint32_t sessionKeyLen) {}
50 
OnTransmit(int64_t requestId,const uint8_t * data,uint32_t dataLen)51     static bool OnTransmit(int64_t requestId, const uint8_t *data, uint32_t dataLen)
52     {
53         return true;
54     }
55 
OnRequest(int64_t requestId,int operationCode,const char * reqParam)56     static char *OnRequest(int64_t requestId, int operationCode, const char* reqParam)
57     {
58         return nullptr;
59     }
60 
61     static DeviceAuthCallback g_gmCallback = {
62         .onTransmit = OnTransmit,
63         .onSessionKeyReturned = OnSessionKeyReturned,
64         .onFinish = OnFinish,
65         .onError = OnError,
66         .onRequest = OnRequest,
67     };
68 
GenerateAddMultiMemberParamsJson(CJson * json)69     static void GenerateAddMultiMemberParamsJson(CJson *json)
70     {
71         AddStringToJson(json, FIELD_GROUP_ID, g_groupId);
72         AddIntToJson(json, FIELD_GROUP_TYPE, PEER_TO_PEER_GROUP);
73         AddStringToJson(json, FIELD_PIN_CODE, "123456");
74     }
75 
FuzzDoAddMultiMembersToGroup(const uint8_t * data,size_t size)76     bool FuzzDoAddMultiMembersToGroup(const uint8_t* data, size_t size)
77     {
78         if (data == nullptr) {
79             return false;
80         }
81         InitDeviceAuthService();
82         std::string appId(reinterpret_cast<const char *>(data), size);
83         const DeviceGroupManager *gmInstance = GetGmInstance();
84         gmInstance->regCallback(appId.c_str(), &g_gmCallback);
85         CJson *createJson = CreateJson();
86         AddStringToJson(createJson, FIELD_GROUP_NAME, appId.c_str());
87         char localUdid[INPUT_UDID_LEN] = { 0 };
88         HcGetUdid(reinterpret_cast<uint8_t *>(localUdid), INPUT_UDID_LEN);
89         AddStringToJson(createJson, FIELD_DEVICE_ID, localUdid);
90         AddIntToJson(createJson, FIELD_GROUP_TYPE, PEER_TO_PEER_GROUP);
91         char *createParams = PackJsonToString(createJson);
92         FreeJson(createJson);
93         int64_t reqId = 123;
94         gmInstance->createGroup(0, reqId, appId.c_str(), createParams);
95         sleep(1);
96         ClearAndFreeJsonString(createParams);
97         CJson *addMultiMemberJson = CreateJson();
98         GenerateAddMultiMemberParamsJson(addMultiMemberJson);
99         char *addMultiMembersParams = PackJsonToString(addMultiMemberJson);
100         FreeJson(addMultiMemberJson);
101         LOGI("add multi members params str:%s", addMultiMembersParams);
102         gmInstance->addMultiMembersToGroup(0, appId.c_str(), addMultiMembersParams);
103         sleep(1);
104         ClearAndFreeJsonString(addMultiMembersParams);
105         DestroyDeviceAuthService();
106         return true;
107     }
108 }
109 
110 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)111 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
112 {
113     /* Run your code on data */
114     OHOS::FuzzDoAddMultiMembersToGroup(data, size);
115     return 0;
116 }
117 
118