1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "updatesimmessage_fuzzer.h"
17
18 #define private public
19 #include "addsmstoken_fuzzer.h"
20 #include "i_sms_service_interface.h"
21 #include "sms_service.h"
22
23 using namespace OHOS::Telephony;
24 namespace OHOS {
25 static bool g_isInited = false;
26 constexpr int32_t SLOT_NUM = 2;
27 constexpr int32_t SIM_MESSAGE_STATUE = 4;
28
IsServiceInited()29 bool IsServiceInited()
30 {
31 if (!g_isInited) {
32 DelayedSingleton<SmsService>::GetInstance()->OnStart();
33 if (DelayedSingleton<SmsService>::GetInstance()->GetServiceRunningState() ==
34 static_cast<int32_t>(Telephony::ServiceRunningState::STATE_RUNNING)) {
35 g_isInited = true;
36 }
37 }
38 return g_isInited;
39 }
40
UpdateSimMessage(const uint8_t * data,size_t size)41 void UpdateSimMessage(const uint8_t *data, size_t size)
42 {
43 if (!IsServiceInited()) {
44 return;
45 }
46
47 MessageParcel dataParcel;
48 MessageParcel replyParcel;
49 MessageOption option(MessageOption::TF_SYNC);
50
51 std::string smsc(reinterpret_cast<const char *>(data), size);
52 std::string pdu(reinterpret_cast<const char *>(data), size);
53 auto smscU16 = Str8ToStr16(smsc);
54 auto pduU16 = Str8ToStr16(pdu);
55 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
56 ISmsServiceInterface::SimMessageStatus status =
57 static_cast<ISmsServiceInterface::SimMessageStatus>(size % SIM_MESSAGE_STATUE);
58
59 dataParcel.WriteInt32(slotId);
60 dataParcel.WriteUint32(size);
61 dataParcel.WriteUint32(status);
62 dataParcel.WriteString16(smscU16);
63 dataParcel.WriteString16(pduU16);
64 dataParcel.RewindRead(0);
65
66 DelayedSingleton<SmsService>::GetInstance()->OnUpdateSimMessage(dataParcel, replyParcel, option);
67
68 std::shared_ptr<SmsInterfaceManager> interfaceManager = std::make_shared<SmsInterfaceManager>(slotId);
69 if (interfaceManager == nullptr) {
70 TELEPHONY_LOGE("interfaceManager nullptr error");
71 return;
72 }
73 interfaceManager->UpdateSimMessage(size, status, pdu, smsc);
74
75 auto smsMiscRunner = AppExecFwk::EventRunner::Create("SmsMiscRunner");
76 if (smsMiscRunner == nullptr) {
77 TELEPHONY_LOGE("failed to create SmsMiscRunner");
78 return;
79 }
80 std::shared_ptr<SmsMiscManager> smsMiscManager = std::make_shared<SmsMiscManager>(smsMiscRunner, slotId);
81 if (smsMiscManager == nullptr) {
82 TELEPHONY_LOGE("smsMiscManager nullptr error");
83 return;
84 }
85 smsMiscManager->UpdateSimMessage(size, status, pdu, smsc);
86 }
87
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)88 void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
89 {
90 if (data == nullptr || size == 0) {
91 return;
92 }
93
94 UpdateSimMessage(data, size);
95 }
96 } // namespace OHOS
97
98 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)99 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
100 {
101 /* Run your code on data */
102 OHOS::AddSmsTokenFuzzer token;
103 OHOS::DoSomethingInterestingWithMyAPI(data, size);
104 return 0;
105 }
106