1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "cdmasmsencode_fuzzer.h"
17
18 #include "addsmstoken_fuzzer.h"
19 #include "cdma_sms_sub_parameter.h"
20 #include "cdma_sms_transport_message.h"
21 #include "securec.h"
22
23 using namespace OHOS::Telephony;
24 namespace OHOS {
25 bool g_flag = false;
26 constexpr int32_t BOOL_NUM = 2;
27
TeleserviceIdEncode(const uint8_t * data,size_t size)28 void TeleserviceIdEncode(const uint8_t *data, size_t size)
29 {
30 uint16_t value;
31 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
32 return;
33 }
34 auto parameter = std::make_unique<CdmaSmsTeleserviceId>(value);
35 if (parameter == nullptr) {
36 return;
37 }
38 SmsWriteBuffer pdu;
39 parameter->Encode(pdu);
40 auto pduBuffer = pdu.GetPduBuffer();
41 }
42
ServiceCategoryEncode(const uint8_t * data,size_t size)43 void ServiceCategoryEncode(const uint8_t *data, size_t size)
44 {
45 uint16_t value;
46 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
47 return;
48 }
49 auto parameter = std::make_unique<CdmaSmsServiceCategory>(value);
50 if (parameter == nullptr) {
51 return;
52 }
53 SmsWriteBuffer pdu;
54 parameter->Encode(pdu);
55 auto pduBuffer = pdu.GetPduBuffer();
56 }
57
BearerReplyEncode(const uint8_t * data,size_t size)58 void BearerReplyEncode(const uint8_t *data, size_t size)
59 {
60 uint8_t value;
61 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
62 return;
63 }
64 auto parameter = std::make_unique<CdmaSmsBearerReply>(value);
65 if (parameter == nullptr) {
66 return;
67 }
68 SmsWriteBuffer pdu;
69 parameter->Encode(pdu);
70 auto pduBuffer = pdu.GetPduBuffer();
71 }
72
CauseCodesEncode(const uint8_t * data,size_t size)73 void CauseCodesEncode(const uint8_t *data, size_t size)
74 {
75 TransportCauseCode value;
76 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
77 return;
78 }
79 auto parameter = std::make_unique<CdmaSmsCauseCodes>(value);
80 if (parameter == nullptr) {
81 return;
82 }
83 SmsWriteBuffer pdu;
84 parameter->Encode(pdu);
85 auto pduBuffer = pdu.GetPduBuffer();
86 }
87
AddressParameterEncode(const uint8_t * data,size_t size)88 void AddressParameterEncode(const uint8_t *data, size_t size)
89 {
90 TransportAddr value;
91 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
92 return;
93 }
94 value.digitMode = static_cast<bool>(size % BOOL_NUM);
95 value.numberMode = static_cast<bool>(size % BOOL_NUM);
96 auto parameter = std::make_unique<CdmaSmsAddressParameter>(value, CdmaSmsParameterRecord::ORG_ADDRESS);
97 if (parameter == nullptr) {
98 return;
99 }
100 SmsWriteBuffer pdu;
101 parameter->Encode(pdu);
102 auto pduBuffer = pdu.GetPduBuffer();
103 }
104
SubaddressEncode(const uint8_t * data,size_t size)105 void SubaddressEncode(const uint8_t *data, size_t size)
106 {
107 TransportSubAddr value;
108 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
109 return;
110 }
111 value.odd = static_cast<bool>(size % BOOL_NUM);
112 auto parameter = std::make_unique<CdmaSmsSubaddress>(value, CdmaSmsParameterRecord::ORG_SUB_ADDRESS);
113 if (parameter == nullptr) {
114 return;
115 }
116 SmsWriteBuffer pdu;
117 parameter->Encode(pdu);
118 auto pduBuffer = pdu.GetPduBuffer();
119 }
120
BearerDataEncode(const uint8_t * data,size_t size)121 void BearerDataEncode(const uint8_t *data, size_t size)
122 {
123 CdmaTeleserviceMsg value;
124 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
125 return;
126 }
127 auto parameter = std::make_unique<CdmaSmsBearerData>(value);
128 if (parameter == nullptr) {
129 return;
130 }
131 SmsWriteBuffer pdu;
132 parameter->Encode(pdu);
133 auto pduBuffer = pdu.GetPduBuffer();
134 }
135
BaseParameterEncode(const uint8_t * data,size_t size)136 void BaseParameterEncode(const uint8_t *data, size_t size)
137 {
138 uint8_t value;
139 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
140 return;
141 }
142 auto parameter = std::make_unique<CdmaSmsBaseParameter>(CdmaSmsSubParameter::MESSAGE_IDENTIFIER, value);
143 if (parameter == nullptr) {
144 return;
145 }
146 SmsWriteBuffer pdu;
147 parameter->Encode(pdu);
148 auto pduBuffer = pdu.GetPduBuffer();
149 }
150
ReservedParameterEncode(const uint8_t * data,size_t size)151 void ReservedParameterEncode(const uint8_t *data, size_t size)
152 {
153 auto parameter = std::make_unique<CdmaSmsReservedParameter>(CdmaSmsSubParameter::MESSAGE_IDENTIFIER);
154 if (parameter == nullptr) {
155 return;
156 }
157 SmsWriteBuffer pdu;
158 parameter->Encode(pdu);
159 auto pduBuffer = pdu.GetPduBuffer();
160 }
161
MessageIdEncode(const uint8_t * data,size_t size)162 void MessageIdEncode(const uint8_t *data, size_t size)
163 {
164 SmsTeleSvcMsgId value;
165 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
166 return;
167 }
168 value.headerInd = static_cast<bool>(size % BOOL_NUM);
169 auto parameter = std::make_unique<CdmaSmsMessageId>(value, CdmaSmsTeleserviceMessage::DELIVER);
170 if (parameter == nullptr) {
171 return;
172 }
173 SmsWriteBuffer pdu;
174 parameter->Encode(pdu);
175 auto pduBuffer = pdu.GetPduBuffer();
176 }
177
AbsoluteTimeEncode(const uint8_t * data,size_t size)178 void AbsoluteTimeEncode(const uint8_t *data, size_t size)
179 {
180 SmsTimeAbs value;
181 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
182 return;
183 }
184 auto parameter = std::make_unique<CdmaSmsAbsoluteTime>(CdmaSmsSubParameter::VALIDITY_PERIOD_ABSOLUTE, value);
185 if (parameter == nullptr) {
186 return;
187 }
188 SmsWriteBuffer pdu;
189 parameter->Encode(pdu);
190 auto pduBuffer = pdu.GetPduBuffer();
191 }
192
PriorityIndEncode(const uint8_t * data,size_t size)193 void PriorityIndEncode(const uint8_t *data, size_t size)
194 {
195 SmsPriorityIndicator value;
196 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
197 return;
198 }
199 auto parameter = std::make_unique<CdmaSmsPriorityInd>(value);
200 if (parameter == nullptr) {
201 return;
202 }
203 SmsWriteBuffer pdu;
204 parameter->Encode(pdu);
205 auto pduBuffer = pdu.GetPduBuffer();
206 }
207
PrivacyIndEncode(const uint8_t * data,size_t size)208 void PrivacyIndEncode(const uint8_t *data, size_t size)
209 {
210 SmsPrivacyIndicator value;
211 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
212 return;
213 }
214 auto parameter = std::make_unique<CdmaSmsPrivacyInd>(value);
215 if (parameter == nullptr) {
216 return;
217 }
218 SmsWriteBuffer pdu;
219 parameter->Encode(pdu);
220 auto pduBuffer = pdu.GetPduBuffer();
221 }
222
ReplyOptionEncode(const uint8_t * data,size_t size)223 void ReplyOptionEncode(const uint8_t *data, size_t size)
224 {
225 SmsReplyOption value;
226 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
227 return;
228 }
229 auto parameter = std::make_unique<CdmaSmsReplyOption>(value);
230 if (parameter == nullptr) {
231 return;
232 }
233 SmsWriteBuffer pdu;
234 parameter->Encode(pdu);
235 auto pduBuffer = pdu.GetPduBuffer();
236 }
237
UserDataEncode(const uint8_t * data,size_t size)238 void UserDataEncode(const uint8_t *data, size_t size)
239 {
240 SmsTeleSvcUserData value;
241 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
242 return;
243 }
244 bool headerInd = false;
245 auto parameter = std::make_unique<CdmaSmsUserData>(value, headerInd);
246 if (parameter == nullptr) {
247 return;
248 }
249 SmsWriteBuffer pdu;
250 parameter->Encode(pdu);
251 auto pduBuffer = pdu.GetPduBuffer();
252 }
253
CmasDataEncode(const uint8_t * data,size_t size)254 void CmasDataEncode(const uint8_t *data, size_t size)
255 {
256 SmsTeleSvcCmasData value;
257 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
258 return;
259 }
260 auto parameter = std::make_unique<CdmaSmsCmasData>(value);
261 if (parameter == nullptr) {
262 return;
263 }
264 SmsWriteBuffer pdu;
265 parameter->Encode(pdu);
266 auto pduBuffer = pdu.GetPduBuffer();
267 }
268
AlertPriorityEncode(const uint8_t * data,size_t size)269 void AlertPriorityEncode(const uint8_t *data, size_t size)
270 {
271 SmsAlertPriority value;
272 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
273 return;
274 }
275 auto parameter = std::make_unique<CdmaSmsAlertPriority>(value);
276 if (parameter == nullptr) {
277 return;
278 }
279 SmsWriteBuffer pdu;
280 parameter->Encode(pdu);
281 auto pduBuffer = pdu.GetPduBuffer();
282 }
LanguageIndEncode(const uint8_t * data,size_t size)283 void LanguageIndEncode(const uint8_t *data, size_t size)
284 {
285 SmsLanguageType value;
286 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
287 return;
288 }
289 auto parameter = std::make_unique<CdmaSmsLanguageInd>(value);
290 if (parameter == nullptr) {
291 return;
292 }
293 SmsWriteBuffer pdu;
294 parameter->Encode(pdu);
295 auto pduBuffer = pdu.GetPduBuffer();
296 }
CallbackNumberEncode(const uint8_t * data,size_t size)297 void CallbackNumberEncode(const uint8_t *data, size_t size)
298 {
299 SmsTeleSvcAddr value;
300 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
301 return;
302 }
303 value.digitMode = static_cast<bool>(size % BOOL_NUM);
304 auto parameter = std::make_unique<CdmaSmsCallbackNumber>(value);
305 if (parameter == nullptr) {
306 return;
307 }
308 SmsWriteBuffer pdu;
309 parameter->Encode(pdu);
310 auto pduBuffer = pdu.GetPduBuffer();
311 }
DepositIndexEncode(const uint8_t * data,size_t size)312 void DepositIndexEncode(const uint8_t *data, size_t size)
313 {
314 uint16_t value;
315 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
316 return;
317 }
318 auto parameter = std::make_unique<CdmaSmsDepositIndex>(value);
319 if (parameter == nullptr) {
320 return;
321 }
322 SmsWriteBuffer pdu;
323 parameter->Encode(pdu);
324 auto pduBuffer = pdu.GetPduBuffer();
325 }
DisplayModeEncode(const uint8_t * data,size_t size)326 void DisplayModeEncode(const uint8_t *data, size_t size)
327 {
328 SmsDisplayMode value;
329 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
330 return;
331 }
332 auto parameter = std::make_unique<CdmaSmsDisplayMode>(value);
333 if (parameter == nullptr) {
334 return;
335 }
336 SmsWriteBuffer pdu;
337 parameter->Encode(pdu);
338 auto pduBuffer = pdu.GetPduBuffer();
339 }
MessageStatusEncode(const uint8_t * data,size_t size)340 void MessageStatusEncode(const uint8_t *data, size_t size)
341 {
342 SmsStatusCode value;
343 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
344 return;
345 }
346 auto parameter = std::make_unique<CdmaSmsMessageStatus>(value);
347 if (parameter == nullptr) {
348 return;
349 }
350 SmsWriteBuffer pdu;
351 parameter->Encode(pdu);
352 auto pduBuffer = pdu.GetPduBuffer();
353 }
NumberMessagesEncode(const uint8_t * data,size_t size)354 void NumberMessagesEncode(const uint8_t *data, size_t size)
355 {
356 uint32_t value;
357 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
358 return;
359 }
360 auto parameter = std::make_unique<CdmaSmsNumberMessages>(value);
361 if (parameter == nullptr) {
362 return;
363 }
364 SmsWriteBuffer pdu;
365 parameter->Encode(pdu);
366 auto pduBuffer = pdu.GetPduBuffer();
367 }
EnhancedVmnEncode(const uint8_t * data,size_t size)368 void EnhancedVmnEncode(const uint8_t *data, size_t size)
369 {
370 SmsEnhancedVmn value;
371 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
372 return;
373 }
374 auto parameter = std::make_unique<CdmaSmsEnhancedVmn>(value);
375 if (parameter == nullptr) {
376 return;
377 }
378 SmsWriteBuffer pdu;
379 parameter->Encode(pdu);
380 auto pduBuffer = pdu.GetPduBuffer();
381 }
EnhancedVmnAckEncode(const uint8_t * data,size_t size)382 void EnhancedVmnAckEncode(const uint8_t *data, size_t size)
383 {
384 SmsEnhancedVmnAck value;
385 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
386 return;
387 }
388 auto parameter = std::make_unique<CdmaSmsEnhancedVmnAck>(value);
389 if (parameter == nullptr) {
390 return;
391 }
392 SmsWriteBuffer pdu;
393 parameter->Encode(pdu);
394 auto pduBuffer = pdu.GetPduBuffer();
395 }
396
TransportMessageEncode(const uint8_t * data,size_t size)397 void TransportMessageEncode(const uint8_t *data, size_t size)
398 {
399 SmsWriteBuffer pdu;
400 CdmaTransportMsg msg;
401 if (memcpy_s(&msg, sizeof(msg), data, size) != EOK) {
402 return;
403 }
404 auto message = CdmaSmsTransportMessage::CreateTransportMessage(msg);
405 if (message == nullptr) {
406 return;
407 }
408 message->Encode(pdu);
409 auto pduBuffer = pdu.GetPduBuffer();
410
411 SmsWriteBuffer wBuffer1;
412 msg.type = CdmaTransportMsgType::P2P;
413 auto message1 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
414 if (message1 == nullptr) {
415 return;
416 }
417 message1->Encode(wBuffer1);
418 auto pduBuffer1 = wBuffer1.GetPduBuffer();
419
420 SmsWriteBuffer wBuffer2;
421 msg.type = CdmaTransportMsgType::BROADCAST;
422 auto message2 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
423 if (message2 == nullptr) {
424 return;
425 }
426 message2->Encode(wBuffer2);
427 auto pduBuffer2 = wBuffer2.GetPduBuffer();
428
429 SmsWriteBuffer wBuffer3;
430 msg.type = CdmaTransportMsgType::ACK;
431 auto message3 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
432 if (message3 == nullptr) {
433 return;
434 }
435 message3->Encode(wBuffer3);
436 auto pduBuffer3 = wBuffer3.GetPduBuffer();
437 }
438
ParameterRecordEncode(const uint8_t * data,size_t size)439 void ParameterRecordEncode(const uint8_t *data, size_t size)
440 {
441 TeleserviceIdEncode(data, size);
442 ServiceCategoryEncode(data, size);
443 BearerReplyEncode(data, size);
444 CauseCodesEncode(data, size);
445 AddressParameterEncode(data, size);
446 SubaddressEncode(data, size);
447 BearerDataEncode(data, size);
448 }
449
SubParameterEncode(const uint8_t * data,size_t size)450 void SubParameterEncode(const uint8_t *data, size_t size)
451 {
452 BaseParameterEncode(data, size);
453 ReservedParameterEncode(data, size);
454 MessageIdEncode(data, size);
455 AbsoluteTimeEncode(data, size);
456 PriorityIndEncode(data, size);
457 PrivacyIndEncode(data, size);
458 ReplyOptionEncode(data, size);
459 UserDataEncode(data, size);
460 CmasDataEncode(data, size);
461 AlertPriorityEncode(data, size);
462 LanguageIndEncode(data, size);
463 CallbackNumberEncode(data, size);
464 DepositIndexEncode(data, size);
465 DisplayModeEncode(data, size);
466 MessageStatusEncode(data, size);
467 NumberMessagesEncode(data, size);
468 EnhancedVmnEncode(data, size);
469 EnhancedVmnAckEncode(data, size);
470 }
471
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)472 void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
473 {
474 if (data == nullptr || size == 0) {
475 return;
476 }
477
478 if (g_flag) {
479 return;
480 }
481 g_flag = true;
482
483 TransportMessageEncode(data, size);
484 ParameterRecordEncode(data, size);
485 SubParameterEncode(data, size);
486 }
487
488 } // namespace OHOS
489
490 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)491 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
492 {
493 /* Run your code on data */
494 OHOS::AddSmsTokenFuzzer token;
495 OHOS::DoSomethingInterestingWithMyAPI(data, size);
496 return 0;
497 }
498