1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "displaymanager_fuzzer.h"
17
18 #include <securec.h>
19 #include "display_manager.h"
20
21 namespace OHOS ::Rosen {
22 class DisplayListener : public DisplayManager::IDisplayListener {
23 public:
OnCreate(DisplayId)24 virtual void OnCreate(DisplayId) override
25 {
26 }
OnDestroy(DisplayId)27 virtual void OnDestroy(DisplayId) override
28 {
29 }
OnChange(DisplayId)30 virtual void OnChange(DisplayId) override
31 {
32 }
33 };
34
35 class DisplayPowerEventListener : public IDisplayPowerEventListener {
36 public:
OnDisplayPowerEvent(DisplayPowerEvent event,EventStatus status)37 virtual void OnDisplayPowerEvent(DisplayPowerEvent event, EventStatus status) override
38 {
39 }
40 };
41
42 template<class T>
GetObject(T & object,const uint8_t * data,size_t size)43 size_t GetObject(T &object, const uint8_t *data, size_t size)
44 {
45 size_t objectSize = sizeof(object);
46 if (objectSize > size) {
47 return 0;
48 }
49 return memcpy_s(&object, objectSize, data, objectSize) == EOK ? objectSize : 0;
50 }
51
DisplayFuzzTest(const uint8_t * data,size_t size)52 bool DisplayFuzzTest(const uint8_t* data, size_t size)
53 {
54 DisplayId displayId;
55 ScreenId screenId;
56 if (data == nullptr || size < sizeof(displayId) + sizeof(screenId)) {
57 return false;
58 }
59 size_t startPos = 0;
60 DisplayManager& displayManager = DisplayManager::GetInstance();
61 sptr<DisplayListener> displayListener = new DisplayListener();
62 displayManager.GetAllDisplays();
63 displayManager.GetAllDisplayIds();
64 displayManager.GetDefaultDisplayId();
65 displayManager.GetDefaultDisplay();
66
67 startPos += GetObject<DisplayId>(displayId, data + startPos, size - startPos);
68 displayManager.GetDisplayById(displayId);
69 startPos += GetObject<ScreenId>(screenId, data + startPos, size - startPos);
70 displayManager.GetDisplayByScreen(screenId);
71 displayManager.RegisterDisplayListener(displayListener);
72 displayManager.UnregisterDisplayListener(displayListener);
73 return true;
74 }
75
GetScreenshotFuzzTest(const uint8_t * data,size_t size)76 bool GetScreenshotFuzzTest(const uint8_t* data, size_t size)
77 {
78 DisplayId displayId;
79 Media::Rect rect;
80 Media::Size mediaSize;
81 int rotation;
82 if (data == nullptr || size < sizeof(displayId) + sizeof(rect) + sizeof(size) + sizeof(rotation)) {
83 return false;
84 }
85 size_t startPos = 0;
86 DisplayManager& displayManager = DisplayManager::GetInstance();
87 startPos += GetObject<DisplayId>(displayId, data + startPos, size - startPos);
88 displayManager.GetScreenshot(displayId);
89 startPos += GetObject<Media::Rect>(rect, data + startPos, size - startPos);
90 startPos += GetObject<Media::Size>(mediaSize, data + startPos, size - startPos);
91 GetObject<int>(rotation, data + startPos, size - startPos);
92 displayManager.GetScreenshot(displayId, rect, mediaSize, rotation);
93 return true;
94 }
95
DisplayPowerFuzzTest(const uint8_t * data,size_t size)96 bool DisplayPowerFuzzTest(const uint8_t* data, size_t size)
97 {
98 uint32_t reason;
99 DisplayId displayId;
100 uint32_t state;
101 if (data == nullptr || size < sizeof(reason) + sizeof(displayId) + sizeof(state)) {
102 return false;
103 }
104 size_t startPos = 0;
105 DisplayManager& displayManager = DisplayManager::GetInstance();
106 sptr<IDisplayPowerEventListener> listener = new DisplayPowerEventListener();
107 displayManager.RegisterDisplayPowerEventListener(listener);
108
109 startPos += GetObject<uint32_t>(reason, data + startPos, size - startPos);
110 displayManager.WakeUpBegin(static_cast<PowerStateChangeReason>(reason));
111 displayManager.WakeUpEnd();
112 displayManager.SuspendBegin(static_cast<PowerStateChangeReason>(reason));
113 displayManager.SuspendEnd();
114
115 startPos += GetObject<uint32_t>(state, data + startPos, size - startPos);
116 DisplayStateCallback callback = [](DisplayState state) {
117 };
118 displayManager.SetDisplayState(static_cast<DisplayState>(state), callback);
119 startPos += GetObject<DisplayId>(displayId, data + startPos, size - startPos);
120 displayManager.GetDisplayState(displayId);
121
122 displayManager.UnregisterDisplayPowerEventListener(listener);
123 return true;
124 }
125
ScreenBrightnessFuzzTest(const uint8_t * data,size_t size)126 bool ScreenBrightnessFuzzTest(const uint8_t* data, size_t size)
127 {
128 uint64_t screenId;
129 uint32_t level;
130 if (data == nullptr || size < sizeof(screenId) + sizeof(level)) {
131 return false;
132 }
133 size_t startPos = 0;
134 DisplayManager& displayManager = DisplayManager::GetInstance();
135
136 startPos += GetObject<uint64_t>(screenId, data + startPos, size - startPos);
137 GetObject<uint32_t>(level, data + startPos, size - startPos);
138 displayManager.SetScreenBrightness(screenId, level);
139 displayManager.GetScreenBrightness(screenId);
140 return true;
141 }
142
FreezeFuzzTest(const uint8_t * data,size_t size)143 bool FreezeFuzzTest(const uint8_t* data, size_t size)
144 {
145 // 10 displays
146 if (data == nullptr || size < sizeof(DisplayId) * 10) {
147 return false;
148 }
149 size_t startPos = 0;
150 DisplayManager& displayManager = DisplayManager::GetInstance();
151 // 10 displays
152 std::vector<DisplayId> displays(10);
153 for (DisplayId& id : displays) {
154 startPos += GetObject<DisplayId>(id, data + startPos, size - startPos);
155 }
156 displayManager.Freeze(displays);
157 displayManager.Unfreeze(displays);
158 return true;
159 }
160
NotifyDisplayEventFuzzTest(const uint8_t * data,size_t size)161 bool NotifyDisplayEventFuzzTest(const uint8_t* data, size_t size)
162 {
163 // 10 displays
164 if (data == nullptr || size < sizeof(DisplayEvent)) {
165 return false;
166 }
167 size_t startPos = 0;
168 DisplayManager& displayManager = DisplayManager::GetInstance();
169 uint32_t event;
170 GetObject<uint32_t>(event, data + startPos, size - startPos);
171 displayManager.NotifyDisplayEvent(static_cast<DisplayEvent>(event));
172 return true;
173 }
174 } // namespace.OHOS::Rosen
175
176 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)177 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
178 {
179 /* Run your code on data */
180 OHOS::Rosen::DisplayFuzzTest(data, size);
181 OHOS::Rosen::GetScreenshotFuzzTest(data, size);
182 OHOS::Rosen::DisplayPowerFuzzTest(data, size);
183 OHOS::Rosen::ScreenBrightnessFuzzTest(data, size);
184 OHOS::Rosen::FreezeFuzzTest(data, size);
185 OHOS::Rosen::NotifyDisplayEventFuzzTest(data, size);
186 return 0;
187 }
188
189