1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "setcalltransferinfo_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20 #define private public
21 #include "addcalltoken_fuzzer.h"
22 #include "call_manager_service.h"
23 #include "call_manager_service_stub.h"
24 #include "system_ability_definition.h"
25
26 using namespace OHOS::Telephony;
27 namespace OHOS {
28 static bool g_isInited = false;
29 constexpr int32_t SLOT_NUM = 2;
30 constexpr int32_t TWO_INT_NUM = 2;
31
IsServiceInited()32 bool IsServiceInited()
33 {
34 if (!g_isInited) {
35 DelayedSingleton<CallManagerService>::GetInstance()->OnStart();
36 if (DelayedSingleton<CallManagerService>::GetInstance()->GetServiceRunningState() ==
37 static_cast<int32_t>(CallManagerService::ServiceRunningState::STATE_RUNNING)) {
38 g_isInited = true;
39 }
40 }
41 return g_isInited;
42 }
43
IsImsSwitchEnabled(const uint8_t * data,size_t size)44 void IsImsSwitchEnabled(const uint8_t *data, size_t size)
45 {
46 if (!IsServiceInited()) {
47 return;
48 }
49
50 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
51 MessageParcel dataMessageParcel;
52 dataMessageParcel.WriteInt32(slotId);
53 size_t dataSize = size - sizeof(int32_t);
54 dataMessageParcel.WriteBuffer(data + sizeof(int32_t), dataSize);
55 dataMessageParcel.RewindRead(0);
56 MessageParcel reply;
57 DelayedSingleton<CallManagerService>::GetInstance()->OnIsVoLteEnabled(dataMessageParcel, reply);
58 }
59
GetImsConfig(const uint8_t * data,size_t size)60 void GetImsConfig(const uint8_t *data, size_t size)
61 {
62 if (!IsServiceInited()) {
63 return;
64 }
65
66 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
67 MessageParcel dataMessageParcel;
68 dataMessageParcel.WriteInt32(slotId);
69 dataMessageParcel.WriteInt32(static_cast<ImsConfigItem>(size));
70 size_t dataSize = size - sizeof(int32_t) - sizeof(ImsConfigItem);
71 dataMessageParcel.WriteBuffer(data + sizeof(int32_t) + sizeof(ImsConfigItem), dataSize);
72 dataMessageParcel.RewindRead(0);
73 MessageParcel reply;
74 DelayedSingleton<CallManagerService>::GetInstance()->OnGetImsConfig(dataMessageParcel, reply);
75 }
76
GetImsFeatureValue(const uint8_t * data,size_t size)77 void GetImsFeatureValue(const uint8_t *data, size_t size)
78 {
79 if (!IsServiceInited()) {
80 return;
81 }
82
83 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
84 MessageParcel dataMessageParcel;
85 dataMessageParcel.WriteInt32(slotId);
86 dataMessageParcel.WriteInt32(static_cast<FeatureType>(size));
87 size_t dataSize = size - sizeof(int32_t) * TWO_INT_NUM;
88 dataMessageParcel.WriteBuffer(data + sizeof(int32_t) * TWO_INT_NUM, dataSize);
89 dataMessageParcel.RewindRead(0);
90 MessageParcel reply;
91 DelayedSingleton<CallManagerService>::GetInstance()->OnGetImsFeatureValue(dataMessageParcel, reply);
92 }
93
GetCallTransferInfo(const uint8_t * data,size_t size)94 void GetCallTransferInfo(const uint8_t *data, size_t size)
95 {
96 if (!IsServiceInited()) {
97 return;
98 }
99
100 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
101 MessageParcel dataMessageParcel;
102 dataMessageParcel.WriteInt32(slotId);
103 dataMessageParcel.WriteInt32(static_cast<int32_t>(size));
104 size_t dataSize = size - sizeof(int32_t) * TWO_INT_NUM;
105 dataMessageParcel.WriteBuffer(data + sizeof(int32_t) * TWO_INT_NUM, dataSize);
106 dataMessageParcel.RewindRead(0);
107 MessageParcel reply;
108 DelayedSingleton<CallManagerService>::GetInstance()->OnGetTransferNumber(dataMessageParcel, reply);
109 }
110
SetCallTransferInfo(const uint8_t * data,size_t size)111 void SetCallTransferInfo(const uint8_t *data, size_t size)
112 {
113 if (!IsServiceInited()) {
114 return;
115 }
116
117 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
118 MessageParcel dataMessageParcel;
119 CallTransferInfo info;
120 (void)memcpy_s(info.transferNum, kMaxNumberLen, reinterpret_cast<const char *>(data), size);
121 info.settingType = CallTransferSettingType::CALL_TRANSFER_ENABLE;
122 info.type = CallTransferType::TRANSFER_TYPE_BUSY;
123 dataMessageParcel.WriteInt32(slotId);
124 dataMessageParcel.WriteRawData((const void *)&info, sizeof(CallTransferInfo));
125 dataMessageParcel.RewindRead(0);
126 MessageParcel reply;
127 DelayedSingleton<CallManagerService>::GetInstance()->OnSetTransferNumber(dataMessageParcel, reply);
128 }
129
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)130 void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
131 {
132 if (data == nullptr || size == 0) {
133 return;
134 }
135
136 IsImsSwitchEnabled(data, size);
137 GetImsConfig(data, size);
138 GetImsFeatureValue(data, size);
139 GetCallTransferInfo(data, size);
140 SetCallTransferInfo(data, size);
141 }
142 } // namespace OHOS
143
144 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)145 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
146 {
147 OHOS::AddCallTokenFuzzer token;
148 /* Run your code on data */
149 OHOS::DoSomethingInterestingWithMyAPI(data, size);
150 return 0;
151 }
152