1 /*
2  * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <string>
17 #include <vector>
18 #include "device_manager_service.h"
19 #include "authenticate_device_service_fuzzer.h"
20 #include "accesstoken_kit.h"
21 #include "nativetoken_kit.h"
22 #include "token_setproc.h"
23 
24 namespace OHOS {
25 namespace DistributedHardware {
26 
AddPermission()27 void AddPermission()
28 {
29     const int32_t permsNum = 3;
30     const int32_t indexZero = 0;
31     const int32_t indexOne = 1;
32     const int32_t indexTwo = 2;
33     uint64_t tokenId;
34     const char *perms[permsNum];
35     perms[indexZero] = "ohos.permission.ACCESS_SERVICE_DM";
36     perms[indexOne] = "ohos.permission.DISTRIBUTED_DATASYNC";
37     perms[indexTwo] = "ohos.permission.DISTRIBUTED_SOFTBUS_CENTER";
38     NativeTokenInfoParams infoInstance = {
39         .dcapsNum = 0,
40         .permsNum = permsNum,
41         .aclsNum = 0,
42         .dcaps = NULL,
43         .perms = perms,
44         .acls = NULL,
45         .processName = "device_manager",
46         .aplStr = "system_core",
47     };
48     tokenId = GetAccessTokenId(&infoInstance);
49     SetSelfTokenID(tokenId);
50     OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo();
51 }
AuthenticateDeviceServiceFuzzTest(const uint8_t * data,size_t size)52 void AuthenticateDeviceServiceFuzzTest(const uint8_t* data, size_t size)
53 {
54     if ((data == nullptr) || (size < sizeof(int32_t))) {
55         return;
56     }
57 
58     AddPermission();
59     std::string pkgName(reinterpret_cast<const char*>(data), size);
60     std::string extra(reinterpret_cast<const char*>(data), size);
61     std::string deviceId(reinterpret_cast<const char*>(data), size);
62     std::string udid;
63     std::string network;
64     std::string device;
65     int32_t authType = 1;
66     DmAuthParam authParam;
67     std::vector<DmDeviceBasicInfo> deviceBasicInfoList;
68     int32_t level = *(reinterpret_cast<const int32_t*>(data));
69     DeviceManagerService::GetInstance().Init();
70     DeviceManagerService::GetInstance().AuthenticateDevice(pkgName, authType, deviceId, extra);
71     DeviceManagerService::GetInstance().BindDevice(pkgName, authType, deviceId, extra);
72     DeviceManagerService::GetInstance().UnAuthenticateDevice(pkgName, extra);
73     DeviceManagerService::GetInstance().UnBindDevice(pkgName, deviceId);
74     DeviceManagerService::GetInstance().SetUserOperation(pkgName, authType, network);
75     DeviceManagerService::GetInstance().RegisterCallerAppId(pkgName);
76     DeviceManagerService::GetInstance().UnRegisterCallerAppId(pkgName);
77     DeviceManagerService::GetInstance().GetUdidByNetworkId(pkgName, deviceId, udid);
78     DeviceManagerService::GetInstance().CheckApiPermission(level);
79 }
80 }
81 }
82 
83 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)84 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
85 {
86     /* Run your code on data */
87     OHOS::DistributedHardware::AuthenticateDeviceServiceFuzzTest(data, size);
88 
89     return 0;
90 }