• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "faultloggerd_fuzzer.h"
17 
18 #include <cstddef>
19 #include <cstdint>
20 #include <iostream>
21 #include "dfx_dump_catcher.h"
22 #include "faultloggerd_client.h"
23 #include "fault_logger_daemon.h"
24 #include "securec.h"
25 
26 using namespace OHOS::HiviewDFX;
27 using namespace std;
28 
29 static const int PID_SIZE = 4;
30 static const int RAND_BUF_LIMIT = 9;
31 
32 namespace OHOS {
DumpStackTraceTest(const uint8_t * data,size_t size)33 bool DumpStackTraceTest(const uint8_t* data, size_t size)
34 {
35     if (size < RAND_BUF_LIMIT) {
36         return true;
37     }
38     shared_ptr<DfxDumpCatcher> catcher = make_shared<DfxDumpCatcher>();
39     string msg;
40     int pid[1];
41     int tid[1];
42     errno_t err = memcpy_s(pid, sizeof(pid), data, PID_SIZE);
43     if (err != EOK) {
44         cout << "DumpStackTraceTest :: memcpy_s pid failed" << endl;
45     }
46     data += PID_SIZE;
47     err = memcpy_s(tid, sizeof(tid), data, PID_SIZE);
48     if (err != EOK) {
49         cout << "DumpStackTraceTest :: memcpy_s tid failed" << endl;
50     }
51     data += PID_SIZE;
52     char invalidOption = *data;
53     cout << "pid = " << pid[0] << " tid = " << tid[0] << " invalidOpt = " << invalidOption << endl;
54 
55     if (catcher->DumpCatch(pid[0], tid[0], msg)) {
56         cout << msg << endl;
57     } else {
58         cout << "DumpStackTraceTest :: dumpcatch failed." << endl;
59     }
60 
61     string processdumpCmd = "dumpcatcher -p " + to_string(pid[0]) + " -t " + to_string(tid[0]);
62     system(processdumpCmd.c_str());
63 
64     string processdumpInvalidCmd = "dumpcatcher -" + to_string(invalidOption) + " -p " +
65         to_string(pid[0]) + " -t " + to_string(tid[0]);
66     system(processdumpInvalidCmd.c_str());
67 
68     return true;
69 }
70 
FaultloggerdClientTest(const uint8_t * data,size_t size)71 bool FaultloggerdClientTest(const uint8_t* data, size_t size)
72 {
73     cout << "enter FaultloggerdClientTest, size:" << size << endl;
74     if (size < sizeof(int32_t) * 3) { // 3 : construct three int32_t parameters
75         cout << "size is not correct, return" << endl;
76         return true;
77     }
78     int32_t type[1];
79     int32_t pid[1];
80     int32_t tid[1];
81     errno_t err = memcpy_s(type, sizeof(type), data, sizeof(int32_t));
82     if (err != EOK) {
83         cout << "FaultloggerdClientTest :: memcpy_s type failed" << endl;
84     }
85     data += sizeof(int32_t);
86     err = memcpy_s(tid, sizeof(tid), data, sizeof(int32_t));
87     if (err != EOK) {
88         cout << "FaultloggerdClientTest :: memcpy_s tid failed" << endl;
89     }
90     data += sizeof(int32_t);
91     err = memcpy_s(pid, sizeof(pid), data, sizeof(int32_t));
92     if (err != EOK) {
93         cout << "FaultloggerdClientTest :: memcpy_s pid failed" << endl;
94     }
95     cout << "pid = " << pid[0] << " tid = " << tid[0] << " type = " << type[0] << endl;
96 
97     RequestFileDescriptor(type[0]);
98     RequestPipeFd(pid[0], type[0]);
99     RequestDelPipeFd(pid[0]);
100     RequestCheckPermission(pid[0]);
101     RequestSdkDump(type[0], pid[0], tid[0]);
102     return true;
103 }
104 
FaultloggerdServerTest(const uint8_t * data,size_t size)105 bool FaultloggerdServerTest(const uint8_t* data, size_t size)
106 {
107     cout << "enter FaultloggerdServerTest, size:" << size << endl;
108     if (size < sizeof(int32_t) * 2) { // 2 : construct two int32_t parameters
109         cout << "size is not correct, return" << endl;
110         return true;
111     }
112     int32_t epollFd[1];
113     int32_t connectionFd[1];
114     errno_t err = memcpy_s(epollFd, sizeof(epollFd), data, sizeof(int32_t));
115     if (err != EOK) {
116         cout << "FaultloggerdServerTest :: memcpy_s type failed" << endl;
117     }
118     data += sizeof(int32_t);
119     err = memcpy_s(connectionFd, sizeof(connectionFd), data, sizeof(int32_t));
120     if (err != EOK) {
121         cout << "FaultloggerdServerTest :: memcpy_s tid failed" << endl;
122     }
123     cout << "epollFd = " << epollFd[0] << " connectionFd = " << connectionFd[0] << endl;
124 
125     std::shared_ptr<FaultLoggerDaemon> daemon = std::make_shared<FaultLoggerDaemon>();
126     daemon->HandleRequest(epollFd[0], connectionFd[0]);
127     return true;
128 }
129 } // namespace OHOS
130 
131 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)132 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
133 {
134     /* Run your code on data */
135     OHOS::DumpStackTraceTest(data, size);
136     OHOS::FaultloggerdClientTest(data, size);
137     OHOS::FaultloggerdServerTest(data, size);
138     return 0;
139 }
140