1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "inithaptoken_fuzzer.h"
17 
18 #include <sys/types.h>
19 #include <unistd.h>
20 #include <iostream>
21 #include <thread>
22 #include <string>
23 #include <vector>
24 #include "accesstoken_fuzzdata.h"
25 #undef private
26 #include "accesstoken_kit.h"
27 
28 using namespace std;
29 using namespace OHOS::Security::AccessToken;
30 const int CONSTANTS_NUMBER_TWO = 2;
31 static const int32_t ROOT_UID = 0;
32 
33 namespace OHOS {
InitHapTokenFuzzTest(const uint8_t * data,size_t size)34     bool InitHapTokenFuzzTest(const uint8_t* data, size_t size)
35     {
36         AccessTokenIDEx tokenIdEx = {0};
37         if ((data == nullptr) || (size == 0)) {
38             return false;
39         }
40 
41         AccessTokenFuzzData fuzzData(data, size);
42         std::string permissionName(fuzzData.GenerateRandomString());
43         std::string bundleName(fuzzData.GenerateRandomString());
44         PermissionDef testPermDef;
45         testPermDef.permissionName = permissionName;
46         testPermDef.bundleName = bundleName;
47         testPermDef.grantMode = 1;
48         testPermDef.availableLevel = APL_NORMAL;
49         testPermDef.label = fuzzData.GenerateRandomString();
50         testPermDef.labelId = 1;
51         testPermDef.description = fuzzData.GenerateRandomString();
52         testPermDef.descriptionId = 1;
53 
54         PermissionStateFull testState;
55         testState.permissionName = permissionName;
56         testState.isGeneral = true;
57         testState.resDeviceID = {fuzzData.GenerateRandomString()};
58         testState.grantStatus = {PermissionState::PERMISSION_GRANTED};
59         testState.grantFlags = {1};
60         HapInfoParams TestInfoParms = {
61             .userID = 1,
62             .bundleName = bundleName,
63             .instIndex = 0,
64             .appIDDesc = fuzzData.GenerateRandomString()
65         };
66         HapPolicyParams TestPolicyPrams = {
67             .apl = APL_NORMAL,
68             .domain = fuzzData.GenerateRandomString(),
69             .permList = {testPermDef},
70             .permStateList = {testState}
71         };
72 
73         bool enable = ((size % CONSTANTS_NUMBER_TWO) == 0);
74         if (enable) {
75             setuid(CONSTANTS_NUMBER_TWO);
76         }
77         int32_t res = AccessTokenKit::InitHapToken(TestInfoParms, TestPolicyPrams, tokenIdEx);
78         setuid(ROOT_UID);
79 
80         return res == 0;
81     }
82 }
83 
84 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)85 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
86 {
87     /* Run your code on data */
88     OHOS::InitHapTokenFuzzTest(data, size);
89     return 0;
90 }
91