/* * Copyright (c) 2022 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "call_fuzzer.h" #include #include #define private public #define protected public #include "addcalltoken_fuzzer.h" #include "cs_call.h" #include "ims_call.h" #include "ott_call.h" #include "satellite_call.h" #include "surface_utils.h" #include "voip_call.h" using namespace OHOS::Telephony; namespace OHOS { constexpr int32_t SLOT_NUM = 2; constexpr int32_t BOOL_NUM = 2; constexpr int32_t DIAL_TYPE = 3; constexpr int32_t CALL_TYPE_NUM = 4; constexpr int32_t VIDIO_TYPE_NUM = 2; constexpr int32_t TEL_CALL_STATE_NUM = 9; constexpr int32_t TEL_CONFERENCE_STATE_NUM = 4; constexpr int32_t CALL_RUNNING_STATE_NUM = 8; constexpr int32_t CALL_ENDED_TYPE_NUM = 4; constexpr int32_t CALL_ANSWER_TYPE_NUM = 3; constexpr int32_t INVALID_CALL_ID = -1; constexpr int32_t IMS_CALL_MODE_NUM = 5; constexpr int32_t CALL_INDEX_MAX_NUM = 8; constexpr int32_t VIDEO_REQUEST_RESULT_TYPE_NUM = 102; void CSCallFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo dialParaInfo; dialParaInfo.dialType = static_cast(size % DIAL_TYPE); dialParaInfo.callType = static_cast(size % CALL_TYPE_NUM); dialParaInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); dialParaInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(dialParaInfo).release(); int32_t videoState = static_cast(size % VIDIO_TYPE_NUM); int32_t mute = static_cast(size % BOOL_NUM); int32_t slotId = static_cast(size % SLOT_NUM); TelCallState nextState = static_cast(size % TEL_CALL_STATE_NUM); TelConferenceState telConferenceState = static_cast(size % TEL_CONFERENCE_STATE_NUM); VideoStateType mediaType = static_cast(size % VIDIO_TYPE_NUM); PolicyFlag flag = static_cast(size); bool needAutoAnswer = static_cast(size); bool canUnHoldState = static_cast(size); callObjectPtr->AnswerCall(videoState); callObjectPtr->SetMute(mute, slotId); callObjectPtr->StartDtmf(static_cast(*data)); callObjectPtr->StopDtmf(); callObjectPtr->GetSlotId(); callObjectPtr->DialCallBase(); callObjectPtr->IncomingCallBase(); callObjectPtr->AnswerCallBase(); callObjectPtr->RejectCallBase(); callObjectPtr->GetCallID(); callObjectPtr->GetCallType(); callObjectPtr->GetCallRunningState(); callObjectPtr->SetTelCallState(nextState); callObjectPtr->GetTelCallState(); callObjectPtr->SetTelConferenceState(telConferenceState); callObjectPtr->GetTelConferenceState(); callObjectPtr->GetVideoStateType(); callObjectPtr->SetVideoStateType(mediaType); callObjectPtr->SetPolicyFlag(flag); callObjectPtr->GetPolicyFlag(); callObjectPtr->SetAutoAnswerState(needAutoAnswer); callObjectPtr->GetAutoAnswerState(); callObjectPtr->SetCanUnHoldState(canUnHoldState); callObjectPtr->GetCanUnHoldState(); } void DialingProcess(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo paraInfo; paraInfo.dialType = static_cast(size % DIAL_TYPE); paraInfo.callType = static_cast(size % CALL_TYPE_NUM); paraInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); paraInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(paraInfo).release(); callObjectPtr->StartDtmf(static_cast(*data)); callObjectPtr->RejectCall(); callObjectPtr->HangUpCall(); callObjectPtr->HoldCall(); callObjectPtr->UnHoldCall(); callObjectPtr->SwitchCall(); callObjectPtr->DialingProcess(); callObjectPtr->CombineConference(); // merge calls callObjectPtr->SeparateConference(); callObjectPtr->KickOutFromConference(); callObjectPtr->CanSeparateConference(); callObjectPtr->CanCombineConference(); callObjectPtr->CanKickOutFromConference(); callObjectPtr->LaunchConference(); callObjectPtr->ExitConference(); callObjectPtr->HoldConference(); int32_t mainCallId = INVALID_CALL_ID; callObjectPtr->GetMainCallId(mainCallId); std::vector subCallIdList; callObjectPtr->GetSubCallIdList(subCallIdList); std::vector callIdList; callObjectPtr->GetCallIdListForConference(callIdList); callObjectPtr->IsSupportConferenceable(); callObjectPtr->GetEmergencyState(); } void GetCallerInfo(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo info; info.dialType = static_cast(size % DIAL_TYPE); info.callType = static_cast(size % CALL_TYPE_NUM); info.videoState = static_cast(size % VIDIO_TYPE_NUM); info.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(info).release(); ContactInfo contactInfo; CallRunningState callRunningState = static_cast(size % CALL_RUNNING_STATE_NUM); bool speakerphoneOn = static_cast(size % BOOL_NUM); std::string phoneNumber(reinterpret_cast(data), size); int32_t callId = static_cast(size); CallEndedType callEndedType = static_cast(size % CALL_ENDED_TYPE_NUM); CallAnswerType answerType = static_cast(size % CALL_ANSWER_TYPE_NUM); int64_t startTime = static_cast(size); time_t callBeginTime = static_cast(size); time_t callCreateTime = static_cast(size); time_t callEndTime = static_cast(size); time_t ringBeginTime = static_cast(size); time_t ringEndTime = static_cast(size); callObjectPtr->GetCallerInfo(); callObjectPtr->SetCallerInfo(contactInfo); callObjectPtr->SetCallRunningState(callRunningState); callObjectPtr->SetStartTime(startTime); callObjectPtr->SetCallBeginTime(callBeginTime); callObjectPtr->SetCallBeginTime(callCreateTime); callObjectPtr->SetCallEndTime(callEndTime); callObjectPtr->SetRingBeginTime(ringBeginTime); callObjectPtr->SetRingEndTime(ringEndTime); callObjectPtr->SetAnswerType(answerType); callObjectPtr->GetCallEndedType(); callObjectPtr->SetCallEndedType(callEndedType); callObjectPtr->SetCallId(callId); callObjectPtr->IsSpeakerphoneEnabled(); callObjectPtr->IsCurrentRinging(); callObjectPtr->GetAccountNumber(); callObjectPtr->SetSpeakerphoneOn(speakerphoneOn); callObjectPtr->IsSpeakerphoneOn(); callObjectPtr->CheckVoicemailNumber(phoneNumber); callObjectPtr->IsAliveState(); } void IMSCallFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo paraInfo; paraInfo.dialType = static_cast(size % DIAL_TYPE); paraInfo.callType = static_cast(size % CALL_TYPE_NUM); paraInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); paraInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(paraInfo).release(); int32_t videoState = static_cast(size % VIDIO_TYPE_NUM); int32_t mute = static_cast(size % BOOL_NUM); int32_t slotId = static_cast(size % SLOT_NUM); std::string msg(reinterpret_cast(data), size); std::u16string msgU16 = Str8ToStr16(msg); callObjectPtr->InitVideoCall(); callObjectPtr->DialingProcess(); callObjectPtr->AnswerCall(videoState); callObjectPtr->RejectCall(); callObjectPtr->HangUpCall(); callObjectPtr->UnHoldCall(); callObjectPtr->HoldCall(); callObjectPtr->SwitchCall(); callObjectPtr->CombineConference(); callObjectPtr->SeparateConference(); callObjectPtr->KickOutFromConference(); callObjectPtr->CanKickOutFromConference(); callObjectPtr->CanCombineConference(); callObjectPtr->CanSeparateConference(); callObjectPtr->LaunchConference(); callObjectPtr->ExitConference(); callObjectPtr->HoldConference(); int32_t mainCallId = INVALID_CALL_ID; callObjectPtr->GetMainCallId(mainCallId); std::vector subCallIdList; callObjectPtr->GetSubCallIdList(subCallIdList); std::vector callIdList; callObjectPtr->GetCallIdListForConference(callIdList); callObjectPtr->IsSupportConferenceable(); callObjectPtr->StartRtt(msgU16); callObjectPtr->StopRtt(); callObjectPtr->SetMute(mute, slotId); } void VoIPCallFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } CallAttributeInfo info; DialParaInfo dialParaInfo; int32_t mainCallId = 0; VoipCallEventInfo voipcallInfo; std::vector callIdList; int32_t videoState = static_cast(size % VIDIO_TYPE_NUM); sptr voipCall = std::make_unique(dialParaInfo).release(); voipCall->DialingProcess(); voipCall->AnswerCall(videoState); voipCall->PackVoipCallInfo(voipcallInfo); voipCall->RejectCall(); voipCall->HangUpCall(); voipCall->HoldCall(); voipCall->UnHoldCall(); voipCall->SwitchCall(); voipCall->SetMute(0, 0); voipCall->GetCallAttributeInfo(info); voipCall->CombineConference(); voipCall->HandleCombineConferenceFailEvent(); voipCall->SeparateConference(); voipCall->KickOutFromConference(); voipCall->CanCombineConference(); voipCall->CanSeparateConference(); voipCall->CanKickOutFromConference(); voipCall->GetMainCallId(mainCallId); voipCall->GetSubCallIdList(callIdList); voipCall->GetCallIdListForConference(callIdList); voipCall->IsSupportConferenceable(); voipCall->LaunchConference(); voipCall->ExitConference(); voipCall->HoldConference(); } void IMSVideoCallFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo paraInfo; paraInfo.dialType = static_cast(size % DIAL_TYPE); paraInfo.callType = static_cast(size % CALL_TYPE_NUM); paraInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); paraInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(paraInfo).release(); std::string msg(reinterpret_cast(data), size); int32_t callingUid = static_cast(size); int32_t callingPid = static_cast(size); int32_t rotation = static_cast(size); ImsCallMode mode = static_cast(size % IMS_CALL_MODE_NUM); CallModeReportInfo callModeReportInfo; callModeReportInfo.callIndex = static_cast(size % CALL_INDEX_MAX_NUM); callModeReportInfo.callMode = static_cast(size % IMS_CALL_MODE_NUM); callModeReportInfo.result = static_cast(size % VIDEO_REQUEST_RESULT_TYPE_NUM); callObjectPtr->UpdateImsCallMode(mode); callObjectPtr->SendUpdateCallMediaModeRequest(mode); callObjectPtr->RecieveUpdateCallMediaModeRequest(callModeReportInfo); callObjectPtr->SendUpdateCallMediaModeResponse(mode); callObjectPtr->ReceiveUpdateCallMediaModeResponse(callModeReportInfo); CallMediaModeInfo callMediaModeInfo; callMediaModeInfo.callId = static_cast(size); callMediaModeInfo.isRequestInfo = static_cast(size % BOOL_NUM); callMediaModeInfo.result = static_cast(size % VIDEO_REQUEST_RESULT_TYPE_NUM); callMediaModeInfo.callMode = static_cast(size % IMS_CALL_MODE_NUM); callObjectPtr->ReportImsCallModeInfo(callMediaModeInfo); callObjectPtr->SwitchVideoState(mode); callObjectPtr->IsSupportVideoCall(); callObjectPtr->GetCallVideoState(mode); callObjectPtr->ControlCamera(msg, callingUid, callingPid); callObjectPtr->SetPausePicture(msg); callObjectPtr->SetDeviceDirection(rotation); callObjectPtr->CancelCallUpgrade(); callObjectPtr->RequestCameraCapabilities(); } void IMSVideoCallWindowFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo paraInfo; paraInfo.dialType = static_cast(size % DIAL_TYPE); paraInfo.callType = static_cast(size % CALL_TYPE_NUM); paraInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); paraInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(paraInfo).release(); std::string msg(reinterpret_cast(data), size); int len = static_cast(msg.length()); std::string subSurfaceId = msg; if (len >= 1) { subSurfaceId = msg.substr(0, 1); } if (subSurfaceId.empty() || subSurfaceId[0] < '0' || subSurfaceId[0] > '9') { subSurfaceId = ""; callObjectPtr->SetPreviewWindow(subSurfaceId, nullptr); callObjectPtr->SetDisplayWindow(subSurfaceId, nullptr); } else { uint64_t tmpSurfaceId = std::stoull(subSurfaceId); auto surface = SurfaceUtils::GetInstance()->GetSurface(tmpSurfaceId); callObjectPtr->SetPreviewWindow(subSurfaceId, surface); callObjectPtr->SetDisplayWindow(subSurfaceId, surface); } } void OttCallFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo paraInfo; paraInfo.dialType = static_cast(size % DIAL_TYPE); paraInfo.callType = static_cast(size % CALL_TYPE_NUM); paraInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); paraInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(paraInfo).release(); int32_t videoState = static_cast(size % VIDIO_TYPE_NUM); int32_t mute = static_cast(size % BOOL_NUM); int32_t slotId = static_cast(size % SLOT_NUM); callObjectPtr->DialingProcess(); callObjectPtr->AnswerCall(videoState); callObjectPtr->RejectCall(); callObjectPtr->HangUpCall(); callObjectPtr->HoldCall(); callObjectPtr->UnHoldCall(); callObjectPtr->SwitchCall(); callObjectPtr->GetEmergencyState(); callObjectPtr->StopDtmf(); callObjectPtr->GetSlotId(); callObjectPtr->CombineConference(); callObjectPtr->SeparateConference(); callObjectPtr->KickOutFromConference(); callObjectPtr->CanCombineConference(); callObjectPtr->CanSeparateConference(); callObjectPtr->CanKickOutFromConference(); callObjectPtr->LaunchConference(); callObjectPtr->ExitConference(); callObjectPtr->HoldConference(); int32_t mainCallId = INVALID_CALL_ID; callObjectPtr->GetMainCallId(mainCallId); std::vector subCallIdList; callObjectPtr->GetSubCallIdList(subCallIdList); std::vector callIdList; callObjectPtr->GetCallIdListForConference(callIdList); callObjectPtr->IsSupportConferenceable(); callObjectPtr->SetMute(mute, slotId); } void OttVideoCallFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo paraInfo; paraInfo.dialType = static_cast(size % DIAL_TYPE); paraInfo.callType = static_cast(size % CALL_TYPE_NUM); paraInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); paraInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(paraInfo).release(); std::string msg(reinterpret_cast(data), size); int32_t callingUid = static_cast(size); int32_t callingPid = static_cast(size); int32_t rotation = static_cast(size); callObjectPtr->InitVideoCall(); ImsCallMode mode = static_cast(size % IMS_CALL_MODE_NUM); CallModeReportInfo callModeReportInfo; callModeReportInfo.callIndex = static_cast(size % CALL_INDEX_MAX_NUM); callModeReportInfo.callMode = static_cast(size % IMS_CALL_MODE_NUM); callModeReportInfo.result = static_cast(size % VIDEO_REQUEST_RESULT_TYPE_NUM); callObjectPtr->UpdateImsCallMode(mode); callObjectPtr->SendUpdateCallMediaModeRequest(mode); callObjectPtr->RecieveUpdateCallMediaModeRequest(callModeReportInfo); callObjectPtr->SendUpdateCallMediaModeResponse(mode); callObjectPtr->ReceiveUpdateCallMediaModeResponse(callModeReportInfo); CallMediaModeInfo callMediaModeInfo; callMediaModeInfo.callId = static_cast(size); callMediaModeInfo.isRequestInfo = static_cast(size % BOOL_NUM); callMediaModeInfo.result = static_cast(size % VIDEO_REQUEST_RESULT_TYPE_NUM); callMediaModeInfo.callMode = static_cast(size % IMS_CALL_MODE_NUM); callObjectPtr->ReportImsCallModeInfo(callMediaModeInfo); callObjectPtr->ControlCamera(msg, callingUid, callingPid); callObjectPtr->SetPausePicture(msg); callObjectPtr->SetDeviceDirection(rotation); callObjectPtr->CancelCallUpgrade(); callObjectPtr->RequestCameraCapabilities(); } void OttVideoCallWindowFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo paraInfo; paraInfo.dialType = static_cast(size % DIAL_TYPE); paraInfo.callType = static_cast(size % CALL_TYPE_NUM); paraInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); paraInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(paraInfo).release(); std::string msg(reinterpret_cast(data), size); int len = static_cast(msg.length()); std::string subSurfaceId = msg; if (len >= 1) { subSurfaceId = msg.substr(0, 1); } if (subSurfaceId.empty() || subSurfaceId[0] < '0' || subSurfaceId[0] > '9') { subSurfaceId = ""; callObjectPtr->SetPreviewWindow(subSurfaceId, nullptr); callObjectPtr->SetDisplayWindow(subSurfaceId, nullptr); } else { uint64_t tmpSurfaceId = std::stoull(subSurfaceId); auto surface = SurfaceUtils::GetInstance()->GetSurface(tmpSurfaceId); callObjectPtr->SetPreviewWindow(subSurfaceId, surface); callObjectPtr->SetDisplayWindow(subSurfaceId, surface); } } void SatelliteCallFunc(const uint8_t *data, size_t size) { if (!IsServiceInited()) { return; } DialParaInfo paraInfo; paraInfo.dialType = static_cast(size % DIAL_TYPE); paraInfo.callType = static_cast(size % CALL_TYPE_NUM); paraInfo.videoState = static_cast(size % VIDIO_TYPE_NUM); paraInfo.callState = static_cast(size % TEL_CALL_STATE_NUM); sptr callObjectPtr = std::make_unique(paraInfo).release(); int32_t videoState = static_cast(size % VIDIO_TYPE_NUM); CallAttributeInfo info; callObjectPtr->DialingProcess(); callObjectPtr->AnswerCall(videoState); callObjectPtr->RejectCall(); callObjectPtr->HangUpCall(); callObjectPtr->GetCallAttributeInfo(info); } void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size) { if (data == nullptr || size == 0) { return; } CSCallFunc(data, size); DialingProcess(data, size); GetCallerInfo(data, size); IMSCallFunc(data, size); IMSVideoCallFunc(data, size); IMSVideoCallWindowFunc(data, size); OttCallFunc(data, size); VoIPCallFunc(data, size); OttVideoCallFunc(data, size); OttVideoCallWindowFunc(data, size); SatelliteCallFunc(data, size); } } // namespace OHOS /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { OHOS::AddCallTokenFuzzer token; /* Run your code on data */ OHOS::DoSomethingInterestingWithMyAPI(data, size); return 0; }