1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "abilityautostartupdatamanagera_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20
21 #define private public
22 #define protected public
23 #include "ability_auto_startup_data_manager.h"
24 #undef protected
25 #undef private
26
27 #include "ability_record.h"
28
29 using namespace OHOS::AAFwk;
30 using namespace OHOS::AppExecFwk;
31 using namespace OHOS::AbilityRuntime;
32
33 namespace OHOS {
34 namespace {
35 constexpr int INPUT_ZERO = 0;
36 constexpr int INPUT_ONE = 1;
37 constexpr int INPUT_THREE = 3;
38 constexpr size_t FOO_MAX_LEN = 1024;
39 constexpr size_t U32_AT_SIZE = 4;
40 constexpr uint8_t ENABLE = 2;
41 constexpr size_t OFFSET_ZERO = 24;
42 constexpr size_t OFFSET_ONE = 16;
43 constexpr size_t OFFSET_TWO = 8;
44 const std::string jsonStr1 = "{\n\"isAutoStartup\": true, \n\"isEdmForce\": true\n}";
45 const std::string jsonStr2 = "{\n\"isAutoStartup\": \"true\", \n\"isEdmForce\": \"true\"\n}";
46 const std::string jsonStr3 = "{\n\"isAutoStartup2\": true, \n\"isEdmForce2\": true\n}";
47 const std::string jsonStr4 = "{\n\"isAutoStartup2\": true, \n\"isEdmForce2\": true\n";
48 }
49
GetU32Data(const char * ptr)50 uint32_t GetU32Data(const char* ptr)
51 {
52 // convert fuzz input data to an integer
53 return (ptr[INPUT_ZERO] << OFFSET_ZERO) | (ptr[INPUT_ONE] << OFFSET_ONE) | (ptr[ENABLE] << OFFSET_TWO) |
54 ptr[INPUT_THREE];
55 }
56
GetFuzzAbilityToken()57 sptr<Token> GetFuzzAbilityToken()
58 {
59 sptr<Token> token = nullptr;
60 AbilityRequest abilityRequest;
61 abilityRequest.appInfo.bundleName = "com.example.fuzzTest";
62 abilityRequest.abilityInfo.name = "MainAbility";
63 abilityRequest.abilityInfo.type = AbilityType::DATA;
64 std::shared_ptr<AbilityRecord> abilityRecord = AbilityRecord::CreateAbilityRecord(abilityRequest);
65 if (abilityRecord) {
66 token = abilityRecord->GetToken();
67 }
68 return token;
69 }
70
AbilityAutoStartupDataManagerFuzztest1(bool boolParam,std::string & stringParam,int32_t int32Param)71 void AbilityAutoStartupDataManagerFuzztest1(bool boolParam, std::string &stringParam, int32_t int32Param)
72 {
73 std::shared_ptr<AbilityAutoStartupDataManager> dataMgr = std::make_shared<AbilityAutoStartupDataManager>();
74 dataMgr->CheckKvStore();
75 AutoStartupInfo info1;
76 info1.userId = int32Param;
77 dataMgr->InsertAutoStartupData(info1, boolParam, boolParam); // branch info1.bundleName empty
78 info1.bundleName = "com.example.fuzzTest";
79 dataMgr->InsertAutoStartupData(info1, boolParam, boolParam); // branch info1.abilityName empty
80 info1.abilityName = "MainAbility";
81 dataMgr->InsertAutoStartupData(info1, boolParam, boolParam); // branch info1.accestoken empty
82 info1.accessTokenId = "AccessTokenId";
83 dataMgr->InsertAutoStartupData(info1, boolParam, boolParam); // branch info1.accestoken empty
84
85 AutoStartupInfo info2;
86 info2.userId = int32Param;
87 dataMgr->UpdateAutoStartupData(info2, boolParam, boolParam); // branch info2.bundleName empty
88 info2.bundleName = "com.example.fuzzTest";
89 dataMgr->UpdateAutoStartupData(info2, boolParam, boolParam); // branch info2.abilityName empty
90 info2.abilityName = "MainAbility";
91 dataMgr->UpdateAutoStartupData(info2, boolParam, boolParam); // branch info2.accestoken empty
92 info2.accessTokenId = "AccessTokenId";
93 dataMgr->UpdateAutoStartupData(info2, boolParam, boolParam); // branch info2.accestoken empty
94
95 AutoStartupInfo info3;
96 info3.userId = int32Param;
97 dataMgr->UpdateAutoStartupData(info3, boolParam, boolParam); // branch info3.bundleName empty
98 info3.bundleName = "com.example.fuzzTest";
99 dataMgr->UpdateAutoStartupData(info3, boolParam, boolParam); // branch info3.abilityName empty
100 info3.abilityName = "MainAbility";
101 dataMgr->UpdateAutoStartupData(info3, boolParam, boolParam); // branch info3.accestoken empty
102 info3.accessTokenId = "AccessTokenId";
103 dataMgr->UpdateAutoStartupData(info3, boolParam, boolParam); // branch userid
104
105 dataMgr->DeleteAutoStartupData(stringParam, int32Param); // called
106
107 AutoStartupInfo info4;
108 info4.userId = int32Param;
109 dataMgr->QueryAutoStartupData(info4); // branch info3.bundleName empty
110 info4.bundleName = "com.example.fuzzTest";
111 dataMgr->QueryAutoStartupData(info4); // branch info3.abilityName empty
112 info4.abilityName = "MainAbility";
113 dataMgr->QueryAutoStartupData(info4); // branch info3.accestoken empty
114 info4.accessTokenId = "AccessTokenId";
115 dataMgr->QueryAutoStartupData(info4); // branch userid
116
117 std::vector<AutoStartupInfo> vecs;
118 vecs.emplace_back(info1);
119 dataMgr->QueryAllAutoStartupApplications(vecs, int32Param); // called
120 dataMgr->GetCurrentAppAutoStartupData(stringParam, vecs, stringParam); //called
121 }
122
AbilityAutoStartupDataManagerFuzztest2(bool boolParam,std::string & stringParam,int32_t int32Param)123 void AbilityAutoStartupDataManagerFuzztest2(bool boolParam, std::string &stringParam, int32_t int32Param)
124 {
125 std::shared_ptr<AbilityAutoStartupDataManager> dataMgr = std::make_shared<AbilityAutoStartupDataManager>();
126 AutoStartupInfo info1;
127 info1.userId = int32Param;
128 dataMgr->ConvertAutoStartupStatusToValue(boolParam, boolParam, info1.abilityName);
129
130 DistributedKv::Value value1(jsonStr1);
131 dataMgr->ConvertAutoStartupStatusFromValue(value1, boolParam, boolParam); // branch json
132 DistributedKv::Value value2(jsonStr2);
133 dataMgr->ConvertAutoStartupStatusFromValue(value2, boolParam, boolParam); // branch json
134 DistributedKv::Value value3(jsonStr3);
135 dataMgr->ConvertAutoStartupStatusFromValue(value3, boolParam, boolParam); // branch json
136 DistributedKv::Value value4(jsonStr4);
137 dataMgr->ConvertAutoStartupStatusFromValue(value4, boolParam, boolParam); // branch discard jsonstr
138 }
139
DoSomethingInterestingWithMyAPI(const char * data,size_t size)140 bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
141 {
142 bool boolParam = *data % ENABLE;
143 std::string stringParam(data, size);
144 int32_t int32Param = static_cast<int32_t>(GetU32Data(data));
145 AbilityAutoStartupDataManagerFuzztest1(boolParam, stringParam, int32Param);
146 AbilityAutoStartupDataManagerFuzztest2(boolParam, stringParam, int32Param);
147 return true;
148 }
149 }
150
151 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)152 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
153 {
154 /* Run your code on data */
155 if (data == nullptr) {
156 return 0;
157 }
158
159 /* Validate the length of size */
160 if (size < OHOS::U32_AT_SIZE || size > OHOS::FOO_MAX_LEN) {
161 return 0;
162 }
163
164 char* ch = static_cast<char*>(malloc(size + 1));
165 if (ch == nullptr) {
166 std::cout << "malloc failed." << std::endl;
167 return 0;
168 }
169
170 (void)memset_s(ch, size + 1, 0x00, size + 1);
171 if (memcpy_s(ch, size, data, size) != EOK) {
172 std::cout << "copy failed." << std::endl;
173 free(ch);
174 ch = nullptr;
175 return 0;
176 }
177
178 OHOS::DoSomethingInterestingWithMyAPI(ch, size);
179 free(ch);
180 ch = nullptr;
181 return 0;
182 }
183
184