1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "getsimeons_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20 #include <thread>
21
22 #define private public
23 #include "addcoreservicetoken_fuzzer.h"
24 #include "core_service.h"
25 #include "core_service_stub.h"
26 #include "napi_util.h"
27 #include "system_ability_definition.h"
28 #include "unistd.h"
29
30 using namespace OHOS::Telephony;
31 namespace OHOS {
32 static bool g_isInited = false;
33 constexpr int32_t SLOT_NUM = 2;
34 constexpr int32_t CHOICE_NUM = 2;
35 constexpr int32_t SLEEP_TIME_SECONDS = 10;
36
IsServiceInited()37 bool IsServiceInited()
38 {
39 if (!g_isInited) {
40 auto onStart = [] { DelayedSingleton<CoreService>::GetInstance()->OnStart(); };
41 std::thread startThread(onStart);
42 startThread.join();
43
44 sleep(SLEEP_TIME_SECONDS);
45 if (DelayedSingleton<CoreService>::GetInstance()->GetServiceRunningState() ==
46 static_cast<int32_t>(ServiceRunningState::STATE_RUNNING)) {
47 g_isInited = true;
48 }
49 }
50 return g_isInited;
51 }
52
IsNrSupported(const uint8_t * data,size_t size)53 void IsNrSupported(const uint8_t *data, size_t size)
54 {
55 if (!IsServiceInited()) {
56 return;
57 }
58
59 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
60 MessageParcel dataMessageParcel;
61 dataMessageParcel.WriteInt32(slotId);
62 size_t dataSize = size - sizeof(int32_t);
63 dataMessageParcel.WriteBuffer(data + sizeof(int32_t), dataSize);
64 dataMessageParcel.RewindRead(0);
65 MessageParcel reply;
66 DelayedSingleton<CoreService>::GetInstance()->OnIsNrSupported(dataMessageParcel, reply);
67 }
68
GetPsRadioTech(const uint8_t * data,size_t size)69 void GetPsRadioTech(const uint8_t *data, size_t size)
70 {
71 if (!IsServiceInited()) {
72 return;
73 }
74
75 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
76 MessageParcel dataMessageParcel;
77 dataMessageParcel.WriteInt32(slotId);
78 size_t dataSize = size - sizeof(int32_t);
79 dataMessageParcel.WriteBuffer(data + sizeof(int32_t), dataSize);
80 dataMessageParcel.RewindRead(0);
81 MessageParcel reply;
82 DelayedSingleton<CoreService>::GetInstance()->OnGetPsRadioTech(dataMessageParcel, reply);
83 }
84
GetCsRadioTech(const uint8_t * data,size_t size)85 void GetCsRadioTech(const uint8_t *data, size_t size)
86 {
87 if (!IsServiceInited()) {
88 return;
89 }
90
91 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
92 MessageParcel dataMessageParcel;
93 dataMessageParcel.WriteInt32(slotId);
94 size_t dataSize = size - sizeof(int32_t);
95 dataMessageParcel.WriteBuffer(data + sizeof(int32_t), dataSize);
96 dataMessageParcel.RewindRead(0);
97 MessageParcel reply;
98 DelayedSingleton<CoreService>::GetInstance()->OnGetCsRadioTech(dataMessageParcel, reply);
99 }
100
GetNrOptionMode(const uint8_t * data,size_t size)101 void GetNrOptionMode(const uint8_t *data, size_t size)
102 {
103 if (!IsServiceInited()) {
104 return;
105 }
106
107 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
108 MessageParcel dataMessageParcel;
109 dataMessageParcel.WriteInt32(slotId);
110 size_t dataSize = size - sizeof(int32_t);
111 dataMessageParcel.WriteBuffer(data + sizeof(int32_t), dataSize);
112 dataMessageParcel.RewindRead(0);
113 MessageParcel reply;
114 DelayedSingleton<CoreService>::GetInstance()->OnGetNrOptionMode(dataMessageParcel, reply);
115 }
116
GetSimEons(const uint8_t * data,size_t size)117 void GetSimEons(const uint8_t *data, size_t size)
118 {
119 if (!IsServiceInited()) {
120 return;
121 }
122
123 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
124 bool longNameRequired = static_cast<int32_t>(size % CHOICE_NUM);
125 std::string plmn(reinterpret_cast<const char *>(data), size);
126 MessageParcel dataMessageParcel;
127 dataMessageParcel.WriteInt32(slotId);
128 dataMessageParcel.WriteString(plmn);
129 dataMessageParcel.WriteInt32(size);
130 dataMessageParcel.WriteBool(longNameRequired);
131 dataMessageParcel.RewindRead(0);
132 MessageParcel reply;
133 DelayedSingleton<CoreService>::GetInstance()->OnGetSimEons(dataMessageParcel, reply);
134 }
135
GetIsoCountryCodeForNetwork(const uint8_t * data,size_t size)136 void GetIsoCountryCodeForNetwork(const uint8_t *data, size_t size)
137 {
138 if (!IsServiceInited()) {
139 return;
140 }
141
142 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
143 MessageParcel dataMessageParcel;
144 dataMessageParcel.WriteInt32(slotId);
145 size_t dataSize = size - sizeof(int32_t);
146 dataMessageParcel.WriteBuffer(data + sizeof(int32_t), dataSize);
147 dataMessageParcel.RewindRead(0);
148 MessageParcel reply;
149 DelayedSingleton<CoreService>::GetInstance()->OnGetIsoCountryCodeForNetwork(dataMessageParcel, reply);
150 }
151
GetSignalInfoList(const uint8_t * data,size_t size)152 void GetSignalInfoList(const uint8_t *data, size_t size)
153 {
154 if (!IsServiceInited()) {
155 return;
156 }
157
158 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
159 MessageParcel dataMessageParcel;
160 dataMessageParcel.WriteInt32(slotId);
161 size_t dataSize = size - sizeof(int32_t);
162 dataMessageParcel.WriteBuffer(data + sizeof(int32_t), dataSize);
163 dataMessageParcel.RewindRead(0);
164 MessageParcel reply;
165 DelayedSingleton<CoreService>::GetInstance()->OnGetSignalInfoList(dataMessageParcel, reply);
166 }
167
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)168 void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
169 {
170 if (data == nullptr || size == 0) {
171 return;
172 }
173
174 IsNrSupported(data, size);
175 GetPsRadioTech(data, size);
176 GetCsRadioTech(data, size);
177 GetNrOptionMode(data, size);
178 GetSimEons(data, size);
179 GetIsoCountryCodeForNetwork(data, size);
180 GetSignalInfoList(data, size);
181 }
182 } // namespace OHOS
183
184 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)185 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
186 {
187 OHOS::AddCoreServiceTokenFuzzer token;
188 /* Run your code on data */
189 OHOS::DoSomethingInterestingWithMyAPI(data, size);
190 return 0;
191 }
192