1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "executejavascriptcode_fuzzer.h"
17
18 #include <refbase.h>
19 #include <ui/rs_surface_node.h>
20
21 #include <cstdint>
22 #include <cstring>
23 #include <iosfwd>
24 #include <list>
25 #include <memory>
26 #include <new>
27 #include <unordered_map>
28
29 #include "nweb.h"
30 #include "nweb_adapter_helper.h"
31 #include "nweb_value_callback.h"
32 #include "window.h"
33 #include "window_option.h"
34
35 const int DEFAULT_WIDTH = 2560;
36 const int DEFAULT_HEIGHT = 1396;
37
38 namespace OHOS {
39 sptr<Rosen::Window> g_window = nullptr;
40 std::shared_ptr<OHOS::NWeb::NWeb> g_nweb = nullptr;
41
42 std::unordered_map<std::string, std::string> g_argsMap;
43 const std::string ARG_URL = "--url";
44 const std::string ARG_DUMP = "--dump-path";
45 const std::string ARG_FRAME_INFO = "--frame-info";
46 const std::string ARG_ADD_WEB_ENGINE_ARG = "--add-args";
47 const std::string ARG_DELETE_WEB_ENGINE_ARG = "--delete-args";
48 const std::string ARG_MULTI_RENDER_PROCESS = "--multi-renderer-process";
49 const std::string ARG_NWEB_TEST_MOCK_BUNDLEPATH = "--bundle-installation-dir";
50 const std::string MOCK_INSTALLATION_DIR = "/data/app/el1/bundle/public/com.ohos.nweb";
51 const std::string ARG_WIDTH = "--width";
52 const std::string ARG_HEIGHT = "--height";
53
HasArg(const std::string & arg)54 bool HasArg(const std::string &arg)
55 {
56 return (!g_argsMap.empty()) && (g_argsMap.find(arg) != g_argsMap.end());
57 }
58
GetArgValue(const std::string & arg)59 std::string GetArgValue(const std::string &arg)
60 {
61 if (!HasArg(arg)) {
62 return "";
63 }
64 return g_argsMap.at(arg);
65 }
66
GetNumFromArgs(const std::string & arg)67 uint32_t GetNumFromArgs(const std::string &arg)
68 {
69 if (!HasArg(arg)) {
70 return 0;
71 }
72 return std::stoi(GetArgValue(arg));
73 }
74
GetWebEngineArgs(const std::string & arg)75 std::list<std::string> GetWebEngineArgs(const std::string &arg)
76 {
77 std::string webEngineArgValue = GetArgValue(arg);
78 std::list<std::string> webEngineArgList;
79 if (webEngineArgValue.empty()) {
80 return webEngineArgList;
81 }
82 uint32_t start = 0;
83 uint32_t pos = 0;
84 while (pos < webEngineArgValue.size()) {
85 if (webEngineArgValue[pos] == ',') {
86 webEngineArgList.emplace_back(webEngineArgValue.substr(start, pos - start));
87 pos++;
88 start = pos;
89 } else {
90 pos++;
91 }
92 }
93 webEngineArgList.emplace_back(webEngineArgValue.substr(start, pos - start));
94 webEngineArgList.emplace_back(ARG_NWEB_TEST_MOCK_BUNDLEPATH + "=" + MOCK_INSTALLATION_DIR);
95 return webEngineArgList;
96 }
97
GetInitArgs()98 OHOS::NWeb::NWebInitArgs GetInitArgs()
99 {
100 OHOS::NWeb::NWebInitArgs initArgs = {
101 .dump_path = GetArgValue(ARG_DUMP),
102 .frame_info_dump = HasArg(ARG_FRAME_INFO) ? true : false,
103 .web_engine_args_to_add = GetWebEngineArgs(ARG_ADD_WEB_ENGINE_ARG),
104 .web_engine_args_to_delete = GetWebEngineArgs(ARG_DELETE_WEB_ENGINE_ARG),
105 .multi_renderer_process = HasArg(ARG_MULTI_RENDER_PROCESS) ? true : false,
106 };
107 return initArgs;
108 }
109
CreateWindow()110 sptr<Rosen::Window> CreateWindow()
111 {
112 sptr<Rosen::WindowOption> option = new Rosen::WindowOption();
113 if (option == nullptr) {
114 return nullptr;
115 }
116 int width = HasArg(ARG_WIDTH) ? GetNumFromArgs(ARG_WIDTH) : DEFAULT_WIDTH;
117 int height = HasArg(ARG_HEIGHT) ? GetNumFromArgs(ARG_HEIGHT) : DEFAULT_HEIGHT;
118 option->SetWindowRect({0, 0, width, height});
119 auto window = Rosen::Window::Create("nweb_test_window", option);
120 return window;
121 }
122
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)123 bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size)
124 {
125 if ((data == nullptr) || (size == 0)) {
126 return true;
127 }
128 g_window = CreateWindow();
129 if (g_window == nullptr) {
130 return true;
131 }
132 g_nweb = NWeb::NWebAdapterHelper::Instance().CreateNWeb(
133 g_window->GetSurfaceNode()->GetSurface(), GetInitArgs());
134 if (g_nweb == nullptr) {
135 return true;
136 }
137 std::string code((const char *)data, size);
138 std::shared_ptr<NWeb::NWebValueCallback<std::string>> callback;
139 g_nweb->ExecuteJavaScript(code, callback);
140 return true;
141 }
142 }
143
144 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)145 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
146 {
147 /* Run your code on data */
148 OHOS::DoSomethingInterestingWithMyAPI(data, size);
149 return 0;
150 }
151