1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "geoconvertservice_fuzzer.h"
17 
18 #include "accesstoken_kit.h"
19 #include "if_system_ability_manager.h"
20 #include "iservice_registry.h"
21 #include "message_option.h"
22 #include "message_parcel.h"
23 #include "nativetoken_kit.h"
24 #include "system_ability_definition.h"
25 #include "token_setproc.h"
26 #include "locationhub_ipc_interface_code.h"
27 
28 #include "location.h"
29 #include "locator_ability.h"
30 #ifdef FEATURE_GEOCODE_SUPPORT
31 #include "geo_convert_service.h"
32 #endif
33 #include "permission_manager.h"
34 
35 namespace OHOS {
36 using namespace OHOS::Location;
37 const int32_t MAX_MEM_SIZE = 4 * 1024 * 1024;
38 const int32_t LOCATION_PERM_NUM = 4;
MockNativePermission()39 void MockNativePermission()
40 {
41     const char *perms[] = {
42         ACCESS_LOCATION.c_str(), ACCESS_APPROXIMATELY_LOCATION.c_str(),
43         ACCESS_BACKGROUND_LOCATION.c_str(), MANAGE_SECURE_SETTINGS.c_str(),
44     };
45     NativeTokenInfoParams infoInstance = {
46         .dcapsNum = 0,
47         .permsNum = LOCATION_PERM_NUM,
48         .aclsNum = 0,
49         .dcaps = nullptr,
50         .perms = perms,
51         .acls = nullptr,
52         .processName = "Geocode_FuzzTest",
53         .aplStr = "system_basic",
54     };
55     auto tokenId = GetAccessTokenId(&infoInstance);
56     SetSelfTokenID(tokenId);
57     Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo();
58 }
59 
ParseData(const uint8_t * data,size_t size)60 char* ParseData(const uint8_t* data, size_t size)
61 {
62     if (data == nullptr) {
63         return nullptr;
64     }
65 
66     if (size > MAX_MEM_SIZE) {
67         return nullptr;
68     }
69 
70     char* ch = (char *)malloc(size + 1);
71     if (ch == nullptr) {
72         return nullptr;
73     }
74 
75     (void)memset_s(ch, size + 1, 0x00, size + 1);
76     if (memcpy_s(ch, size, data, size) != EOK) {
77         free(ch);
78         ch = nullptr;
79         return nullptr;
80     }
81     return ch;
82 }
83 
84 #ifdef FEATURE_GEOCODE_SUPPORT
GeoConvertServiceFuzzTest001(const char * data,size_t size)85 bool GeoConvertServiceFuzzTest001(const char* data, size_t size)
86 {
87     MessageParcel requestParcel;
88     requestParcel.WriteInterfaceToken(u"location.IGeoConvert");
89     requestParcel.WriteBuffer(data, size);
90     requestParcel.RewindRead(0);
91 
92     MessageParcel reply;
93     MessageOption option;
94 
95     auto service1 = sptr<GeoConvertService>(new (std::nothrow) GeoConvertService());
96     service1->OnRemoteRequest(static_cast<uint32_t>(GeoConvertInterfaceCode::IS_AVAILABLE),
97         requestParcel, reply, option);
98 
99     return true;
100 }
101 
GeoConvertServiceFuzzTest002(const char * data,size_t size)102 bool GeoConvertServiceFuzzTest002(const char* data, size_t size)
103 {
104     MessageParcel requestParcel;
105     requestParcel.WriteInterfaceToken(u"location.IGeoConvert");
106     requestParcel.WriteBuffer(data, size);
107     requestParcel.RewindRead(0);
108 
109     MessageParcel reply;
110     MessageOption option;
111 
112     auto service2 = sptr<GeoConvertService>(new (std::nothrow) GeoConvertService());
113     service2->OnRemoteRequest(static_cast<uint32_t>(GeoConvertInterfaceCode::GET_FROM_COORDINATE),
114         requestParcel, reply, option);
115 
116     return true;
117 }
118 
GeoConvertServiceFuzzTest003(const char * data,size_t size)119 bool GeoConvertServiceFuzzTest003(const char* data, size_t size)
120 {
121     MessageParcel requestParcel;
122     requestParcel.WriteInterfaceToken(u"location.IGeoConvert");
123     requestParcel.WriteBuffer(data, size);
124     requestParcel.RewindRead(0);
125 
126     MessageParcel reply;
127     MessageOption option;
128 
129     auto service3 = sptr<GeoConvertService>(new (std::nothrow) GeoConvertService());
130     service3->OnRemoteRequest(static_cast<uint32_t>(GeoConvertInterfaceCode::GET_FROM_LOCATION_NAME_BY_BOUNDARY),
131         requestParcel, reply, option);
132 
133     return true;
134 }
135 
GeoConvertServiceFuzzTest004(const char * data,size_t size)136 bool GeoConvertServiceFuzzTest004(const char* data, size_t size)
137 {
138     MessageParcel requestParcel;
139     requestParcel.WriteInterfaceToken(u"location.IGeoConvert");
140     requestParcel.WriteBuffer(data, size);
141     requestParcel.RewindRead(0);
142 
143     MessageParcel reply;
144     MessageOption option;
145 
146     auto service4 = sptr<GeoConvertService>(new (std::nothrow) GeoConvertService());
147     service4->OnRemoteRequest(static_cast<uint32_t>(GeoConvertInterfaceCode::ENABLE_REVERSE_GEOCODE_MOCK),
148         requestParcel, reply, option);
149 
150     return true;
151 }
152 
GeoConvertServiceFuzzTest005(const char * data,size_t size)153 bool GeoConvertServiceFuzzTest005(const char* data, size_t size)
154 {
155     MessageParcel requestParcel;
156     requestParcel.WriteInterfaceToken(u"location.IGeoConvert");
157     requestParcel.WriteBuffer(data, size);
158     requestParcel.RewindRead(0);
159 
160     MessageParcel reply;
161     MessageOption option;
162 
163     auto service5 = sptr<GeoConvertService>(new (std::nothrow) GeoConvertService());
164     service5->OnRemoteRequest(static_cast<uint32_t>(GeoConvertInterfaceCode::DISABLE_REVERSE_GEOCODE_MOCK),
165         requestParcel, reply, option);
166 
167     return true;
168 }
169 
GeoConvertServiceFuzzTest006(const char * data,size_t size)170 bool GeoConvertServiceFuzzTest006(const char* data, size_t size)
171 {
172     MessageParcel requestParcel;
173     requestParcel.WriteInterfaceToken(u"location.IGeoConvert");
174     requestParcel.WriteBuffer(data, size);
175     requestParcel.RewindRead(0);
176 
177     MessageParcel reply;
178     MessageOption option;
179 
180     auto service6 = sptr<GeoConvertService>(new (std::nothrow) GeoConvertService());
181     service6->OnRemoteRequest(static_cast<uint32_t>(GeoConvertInterfaceCode::SET_REVERSE_GEOCODE_MOCKINFO),
182         requestParcel, reply, option);
183 
184     return true;
185 }
186 #endif
187 } // namespace OHOS
188 
189 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)190 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
191 {
192     char* ch = OHOS::ParseData(data, size);
193     if (ch != nullptr) {
194 #ifdef FEATURE_GEOCODE_SUPPORT
195         OHOS::GeoConvertServiceFuzzTest001(ch, size);
196         OHOS::GeoConvertServiceFuzzTest002(ch, size);
197         OHOS::GeoConvertServiceFuzzTest003(ch, size);
198         OHOS::GeoConvertServiceFuzzTest004(ch, size);
199         OHOS::GeoConvertServiceFuzzTest005(ch, size);
200         OHOS::GeoConvertServiceFuzzTest006(ch, size);
201 #endif
202         free(ch);
203         ch = nullptr;
204     }
205     return 0;
206 }
207 
208