• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "executejavascript_fuzzer.h"
17 
18 #include <refbase.h>
19 #include <ui/rs_surface_node.h>
20 
21 #include <cstdint>
22 #include <cstring>
23 #include <iosfwd>
24 #include <list>
25 #include <memory>
26 #include <new>
27 #include <unordered_map>
28 
29 #include "nweb.h"
30 #include "nweb_adapter_helper.h"
31 
32 using namespace OHOS::Rosen;
33 
34 namespace OHOS {
35     std::shared_ptr<OHOS::NWeb::NWeb> g_nweb = nullptr;
36     sptr<Surface> g_surface = nullptr;
37     std::unordered_map<std::string, std::string> g_argsMap;
38     const std::string ARG_URL = "--url";
39     const std::string ARG_DUMP = "--dump-path";
40     const std::string ARG_FRAME_INFO = "--frame-info";
41     const std::string ARG_ADD_WEB_ENGINE_ARG = "--add-args";
42     const std::string ARG_DELETE_WEB_ENGINE_ARG = "--delete-args";
43     const std::string ARG_MULTI_RENDER_PROCESS = "--multi-renderer-process";
44     const std::string ARG_NWEB_TEST_MOCK_BUNDLEPATH = "--bundle-installation-dir";
45     const std::string MOCK_INSTALLATION_DIR = "/data/app/el1/bundle/public/com.ohos.nweb";
46     const std::string ARG_WIDTH = "--width";
47     const std::string ARG_HEIGHT = "--height";
48 
HasArg(const std::string & arg)49     bool HasArg(const std::string &arg)
50     {
51         return (!g_argsMap.empty()) && (g_argsMap.find(arg) != g_argsMap.end());
52     }
53 
GetArgValue(const std::string & arg)54     std::string GetArgValue(const std::string &arg)
55     {
56         if (!HasArg(arg)) {
57             return "";
58         }
59         return g_argsMap.at(arg);
60     }
61 
GetWebEngineArgs(const std::string & arg)62     std::list<std::string> GetWebEngineArgs(const std::string &arg)
63     {
64         std::string webEngineArgValue = GetArgValue(arg);
65         std::list<std::string> webEngineArgList;
66         if (webEngineArgValue.empty()) {
67             return webEngineArgList;
68         }
69         uint32_t start = 0;
70         uint32_t pos = 0;
71         while (pos < webEngineArgValue.size()) {
72             if (webEngineArgValue[pos] == ',') {
73                 webEngineArgList.emplace_back(webEngineArgValue.substr(start, pos - start));
74                 pos++;
75                 start = pos;
76             } else {
77                 pos++;
78             }
79         }
80         webEngineArgList.emplace_back(webEngineArgValue.substr(start, pos - start));
81         webEngineArgList.emplace_back(ARG_NWEB_TEST_MOCK_BUNDLEPATH + "=" + MOCK_INSTALLATION_DIR);
82         return webEngineArgList;
83     }
84 
GetInitArgs()85     OHOS::NWeb::NWebInitArgs GetInitArgs()
86     {
87         OHOS::NWeb::NWebInitArgs initArgs = {
88             .dump_path = GetArgValue(ARG_DUMP),
89             .frame_info_dump = HasArg(ARG_FRAME_INFO) ? true : false,
90             .web_engine_args_to_add = GetWebEngineArgs(ARG_ADD_WEB_ENGINE_ARG),
91             .web_engine_args_to_delete = GetWebEngineArgs(ARG_DELETE_WEB_ENGINE_ARG),
92             .multi_renderer_process = HasArg(ARG_MULTI_RENDER_PROCESS) ? true : false,
93         };
94         return initArgs;
95     }
96 
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)97     bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size)
98     {
99         if ((data == nullptr) || (size == 0)) {
100             return true;
101         }
102         if (!g_surface) {
103             RSSurfaceNodeConfig config;
104             config.SurfaceNodeName = "webTestSurfaceName";
105             auto surfaceNode = RSSurfaceNode::Create(config, false);
106             if (surfaceNode == nullptr) {
107                 return false;
108             }
109             g_surface = surfaceNode->GetSurface();
110             if (g_surface== nullptr) {
111                 return false;
112             }
113         }
114         g_nweb = NWeb::NWebAdapterHelper::Instance().CreateNWeb(g_surface, GetInitArgs());
115         if (g_nweb == nullptr) {
116             return true;
117         }
118         std::string code(reinterpret_cast<const char*>(data), size);
119         g_nweb->ExecuteJavaScript(code);
120         return true;
121     }
122 }
123 
124 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)125 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
126 {
127     /* Run your code on data */
128     OHOS::DoSomethingInterestingWithMyAPI(data, size);
129     return 0;
130 }
131