1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "cdmasmsencode_fuzzer.h"
17
18 #include "addsmstoken_fuzzer.h"
19 #include "cdma_sms_sub_parameter.h"
20 #include "cdma_sms_transport_message.h"
21 #include "securec.h"
22
23 using namespace OHOS::Telephony;
24 namespace OHOS {
25 bool g_flag = false;
26
TeleserviceIdEncode(const uint8_t * data,size_t size)27 void TeleserviceIdEncode(const uint8_t *data, size_t size)
28 {
29 uint16_t value;
30 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
31 return;
32 }
33 auto parameter = std::make_unique<CdmaSmsTeleserviceId>(value);
34 if (parameter == nullptr) {
35 return;
36 }
37 SmsWriteBuffer pdu;
38 parameter->Encode(pdu);
39 auto pduBuffer = pdu.GetPduBuffer();
40 }
41
ServiceCategoryEncode(const uint8_t * data,size_t size)42 void ServiceCategoryEncode(const uint8_t *data, size_t size)
43 {
44 uint16_t value;
45 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
46 return;
47 }
48 auto parameter = std::make_unique<CdmaSmsServiceCategory>(value);
49 if (parameter == nullptr) {
50 return;
51 }
52 SmsWriteBuffer pdu;
53 parameter->Encode(pdu);
54 auto pduBuffer = pdu.GetPduBuffer();
55 }
56
BearerReplyEncode(const uint8_t * data,size_t size)57 void BearerReplyEncode(const uint8_t *data, size_t size)
58 {
59 uint8_t value;
60 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
61 return;
62 }
63 auto parameter = std::make_unique<CdmaSmsBearerReply>(value);
64 if (parameter == nullptr) {
65 return;
66 }
67 SmsWriteBuffer pdu;
68 parameter->Encode(pdu);
69 auto pduBuffer = pdu.GetPduBuffer();
70 }
71
CauseCodesEncode(const uint8_t * data,size_t size)72 void CauseCodesEncode(const uint8_t *data, size_t size)
73 {
74 TransportCauseCode value;
75 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
76 return;
77 }
78 auto parameter = std::make_unique<CdmaSmsCauseCodes>(value);
79 if (parameter == nullptr) {
80 return;
81 }
82 SmsWriteBuffer pdu;
83 parameter->Encode(pdu);
84 auto pduBuffer = pdu.GetPduBuffer();
85 }
86
AddressParameterEncode(const uint8_t * data,size_t size)87 void AddressParameterEncode(const uint8_t *data, size_t size)
88 {
89 TransportAddr value;
90 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
91 return;
92 }
93 auto parameter = std::make_unique<CdmaSmsAddressParameter>(value, CdmaSmsParameterRecord::ORG_ADDRESS);
94 if (parameter == nullptr) {
95 return;
96 }
97 SmsWriteBuffer pdu;
98 parameter->Encode(pdu);
99 auto pduBuffer = pdu.GetPduBuffer();
100 }
101
SubaddressEncode(const uint8_t * data,size_t size)102 void SubaddressEncode(const uint8_t *data, size_t size)
103 {
104 TransportSubAddr value;
105 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
106 return;
107 }
108 auto parameter = std::make_unique<CdmaSmsSubaddress>(value, CdmaSmsParameterRecord::ORG_SUB_ADDRESS);
109 if (parameter == nullptr) {
110 return;
111 }
112 SmsWriteBuffer pdu;
113 parameter->Encode(pdu);
114 auto pduBuffer = pdu.GetPduBuffer();
115 }
116
BearerDataEncode(const uint8_t * data,size_t size)117 void BearerDataEncode(const uint8_t *data, size_t size)
118 {
119 CdmaTeleserviceMsg value;
120 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
121 return;
122 }
123 auto parameter = std::make_unique<CdmaSmsBearerData>(value);
124 if (parameter == nullptr) {
125 return;
126 }
127 SmsWriteBuffer pdu;
128 parameter->Encode(pdu);
129 auto pduBuffer = pdu.GetPduBuffer();
130 }
131
BaseParameterEncode(const uint8_t * data,size_t size)132 void BaseParameterEncode(const uint8_t *data, size_t size)
133 {
134 uint8_t value;
135 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
136 return;
137 }
138 auto parameter = std::make_unique<CdmaSmsBaseParameter>(CdmaSmsSubParameter::MESSAGE_IDENTIFIER, value);
139 if (parameter == nullptr) {
140 return;
141 }
142 SmsWriteBuffer pdu;
143 parameter->Encode(pdu);
144 auto pduBuffer = pdu.GetPduBuffer();
145 }
146
ReservedParameterEncode(const uint8_t * data,size_t size)147 void ReservedParameterEncode(const uint8_t *data, size_t size)
148 {
149 auto parameter = std::make_unique<CdmaSmsReservedParameter>(CdmaSmsSubParameter::MESSAGE_IDENTIFIER);
150 if (parameter == nullptr) {
151 return;
152 }
153 SmsWriteBuffer pdu;
154 parameter->Encode(pdu);
155 auto pduBuffer = pdu.GetPduBuffer();
156 }
157
MessageIdEncode(const uint8_t * data,size_t size)158 void MessageIdEncode(const uint8_t *data, size_t size)
159 {
160 SmsTeleSvcMsgId value;
161 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
162 return;
163 }
164 auto parameter = std::make_unique<CdmaSmsMessageId>(value, CdmaSmsTeleserviceMessage::DELIVER);
165 if (parameter == nullptr) {
166 return;
167 }
168 SmsWriteBuffer pdu;
169 parameter->Encode(pdu);
170 auto pduBuffer = pdu.GetPduBuffer();
171 }
172
AbsoluteTimeEncode(const uint8_t * data,size_t size)173 void AbsoluteTimeEncode(const uint8_t *data, size_t size)
174 {
175 SmsTimeAbs value;
176 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
177 return;
178 }
179 auto parameter = std::make_unique<CdmaSmsAbsoluteTime>(CdmaSmsSubParameter::VALIDITY_PERIOD_ABSOLUTE, value);
180 if (parameter == nullptr) {
181 return;
182 }
183 SmsWriteBuffer pdu;
184 parameter->Encode(pdu);
185 auto pduBuffer = pdu.GetPduBuffer();
186 }
187
PriorityIndEncode(const uint8_t * data,size_t size)188 void PriorityIndEncode(const uint8_t *data, size_t size)
189 {
190 SmsPriorityIndicator value;
191 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
192 return;
193 }
194 auto parameter = std::make_unique<CdmaSmsPriorityInd>(value);
195 if (parameter == nullptr) {
196 return;
197 }
198 SmsWriteBuffer pdu;
199 parameter->Encode(pdu);
200 auto pduBuffer = pdu.GetPduBuffer();
201 }
202
PrivacyIndEncode(const uint8_t * data,size_t size)203 void PrivacyIndEncode(const uint8_t *data, size_t size)
204 {
205 SmsPrivacyIndicator value;
206 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
207 return;
208 }
209 auto parameter = std::make_unique<CdmaSmsPrivacyInd>(value);
210 if (parameter == nullptr) {
211 return;
212 }
213 SmsWriteBuffer pdu;
214 parameter->Encode(pdu);
215 auto pduBuffer = pdu.GetPduBuffer();
216 }
217
ReplyOptionEncode(const uint8_t * data,size_t size)218 void ReplyOptionEncode(const uint8_t *data, size_t size)
219 {
220 SmsReplyOption value;
221 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
222 return;
223 }
224 auto parameter = std::make_unique<CdmaSmsReplyOption>(value);
225 if (parameter == nullptr) {
226 return;
227 }
228 SmsWriteBuffer pdu;
229 parameter->Encode(pdu);
230 auto pduBuffer = pdu.GetPduBuffer();
231 }
232
UserDataEncode(const uint8_t * data,size_t size)233 void UserDataEncode(const uint8_t *data, size_t size)
234 {
235 SmsTeleSvcUserData value;
236 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
237 return;
238 }
239 bool headerInd = false;
240 auto parameter = std::make_unique<CdmaSmsUserData>(value, headerInd);
241 if (parameter == nullptr) {
242 return;
243 }
244 SmsWriteBuffer pdu;
245 parameter->Encode(pdu);
246 auto pduBuffer = pdu.GetPduBuffer();
247 }
248
CmasDataEncode(const uint8_t * data,size_t size)249 void CmasDataEncode(const uint8_t *data, size_t size)
250 {
251 SmsTeleSvcCmasData value;
252 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
253 return;
254 }
255 auto parameter = std::make_unique<CdmaSmsCmasData>(value);
256 if (parameter == nullptr) {
257 return;
258 }
259 SmsWriteBuffer pdu;
260 parameter->Encode(pdu);
261 auto pduBuffer = pdu.GetPduBuffer();
262 }
263
AlertPriorityEncode(const uint8_t * data,size_t size)264 void AlertPriorityEncode(const uint8_t *data, size_t size)
265 {
266 SmsAlertPriority value;
267 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
268 return;
269 }
270 auto parameter = std::make_unique<CdmaSmsAlertPriority>(value);
271 if (parameter == nullptr) {
272 return;
273 }
274 SmsWriteBuffer pdu;
275 parameter->Encode(pdu);
276 auto pduBuffer = pdu.GetPduBuffer();
277 }
LanguageIndEncode(const uint8_t * data,size_t size)278 void LanguageIndEncode(const uint8_t *data, size_t size)
279 {
280 SmsLanguageType value;
281 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
282 return;
283 }
284 auto parameter = std::make_unique<CdmaSmsLanguageInd>(value);
285 if (parameter == nullptr) {
286 return;
287 }
288 SmsWriteBuffer pdu;
289 parameter->Encode(pdu);
290 auto pduBuffer = pdu.GetPduBuffer();
291 }
CallbackNumberEncode(const uint8_t * data,size_t size)292 void CallbackNumberEncode(const uint8_t *data, size_t size)
293 {
294 SmsTeleSvcAddr value;
295 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
296 return;
297 }
298 auto parameter = std::make_unique<CdmaSmsCallbackNumber>(value);
299 if (parameter == nullptr) {
300 return;
301 }
302 SmsWriteBuffer pdu;
303 parameter->Encode(pdu);
304 auto pduBuffer = pdu.GetPduBuffer();
305 }
DepositIndexEncode(const uint8_t * data,size_t size)306 void DepositIndexEncode(const uint8_t *data, size_t size)
307 {
308 uint16_t value;
309 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
310 return;
311 }
312 auto parameter = std::make_unique<CdmaSmsDepositIndex>(value);
313 if (parameter == nullptr) {
314 return;
315 }
316 SmsWriteBuffer pdu;
317 parameter->Encode(pdu);
318 auto pduBuffer = pdu.GetPduBuffer();
319 }
DisplayModeEncode(const uint8_t * data,size_t size)320 void DisplayModeEncode(const uint8_t *data, size_t size)
321 {
322 SmsDisplayMode value;
323 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
324 return;
325 }
326 auto parameter = std::make_unique<CdmaSmsDisplayMode>(value);
327 if (parameter == nullptr) {
328 return;
329 }
330 SmsWriteBuffer pdu;
331 parameter->Encode(pdu);
332 auto pduBuffer = pdu.GetPduBuffer();
333 }
MessageStatusEncode(const uint8_t * data,size_t size)334 void MessageStatusEncode(const uint8_t *data, size_t size)
335 {
336 SmsStatusCode value;
337 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
338 return;
339 }
340 auto parameter = std::make_unique<CdmaSmsMessageStatus>(value);
341 if (parameter == nullptr) {
342 return;
343 }
344 SmsWriteBuffer pdu;
345 parameter->Encode(pdu);
346 auto pduBuffer = pdu.GetPduBuffer();
347 }
NumberMessagesEncode(const uint8_t * data,size_t size)348 void NumberMessagesEncode(const uint8_t *data, size_t size)
349 {
350 uint32_t value;
351 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
352 return;
353 }
354 auto parameter = std::make_unique<CdmaSmsNumberMessages>(value);
355 if (parameter == nullptr) {
356 return;
357 }
358 SmsWriteBuffer pdu;
359 parameter->Encode(pdu);
360 auto pduBuffer = pdu.GetPduBuffer();
361 }
EnhancedVmnEncode(const uint8_t * data,size_t size)362 void EnhancedVmnEncode(const uint8_t *data, size_t size)
363 {
364 SmsEnhancedVmn value;
365 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
366 return;
367 }
368 auto parameter = std::make_unique<CdmaSmsEnhancedVmn>(value);
369 if (parameter == nullptr) {
370 return;
371 }
372 SmsWriteBuffer pdu;
373 parameter->Encode(pdu);
374 auto pduBuffer = pdu.GetPduBuffer();
375 }
EnhancedVmnAckEncode(const uint8_t * data,size_t size)376 void EnhancedVmnAckEncode(const uint8_t *data, size_t size)
377 {
378 SmsEnhancedVmnAck value;
379 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
380 return;
381 }
382 auto parameter = std::make_unique<CdmaSmsEnhancedVmnAck>(value);
383 if (parameter == nullptr) {
384 return;
385 }
386 SmsWriteBuffer pdu;
387 parameter->Encode(pdu);
388 auto pduBuffer = pdu.GetPduBuffer();
389 }
390
TransportMessageEncode(const uint8_t * data,size_t size)391 void TransportMessageEncode(const uint8_t *data, size_t size)
392 {
393 SmsWriteBuffer pdu;
394 CdmaTransportMsg msg;
395 if (memcpy_s(&msg, sizeof(msg), data, size) != EOK) {
396 return;
397 }
398 auto message = CdmaSmsTransportMessage::CreateTransportMessage(msg);
399 if (message == nullptr) {
400 return;
401 }
402 message->Encode(pdu);
403 auto pduBuffer = pdu.GetPduBuffer();
404
405 SmsWriteBuffer wBuffer1;
406 msg.type = CdmaTransportMsgType::P2P;
407 auto message1 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
408 if (message1 == nullptr) {
409 return;
410 }
411 message1->Encode(wBuffer1);
412 auto pduBuffer1 = wBuffer1.GetPduBuffer();
413
414 SmsWriteBuffer wBuffer2;
415 msg.type = CdmaTransportMsgType::BROADCAST;
416 auto message2 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
417 if (message2 == nullptr) {
418 return;
419 }
420 message2->Encode(wBuffer2);
421 auto pduBuffer2 = wBuffer2.GetPduBuffer();
422
423 SmsWriteBuffer wBuffer3;
424 msg.type = CdmaTransportMsgType::ACK;
425 auto message3 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
426 if (message3 == nullptr) {
427 return;
428 }
429 message3->Encode(wBuffer3);
430 auto pduBuffer3 = wBuffer3.GetPduBuffer();
431 }
432
ParameterRecordEncode(const uint8_t * data,size_t size)433 void ParameterRecordEncode(const uint8_t *data, size_t size)
434 {
435 TeleserviceIdEncode(data, size);
436 ServiceCategoryEncode(data, size);
437 BearerReplyEncode(data, size);
438 CauseCodesEncode(data, size);
439 AddressParameterEncode(data, size);
440 SubaddressEncode(data, size);
441 BearerDataEncode(data, size);
442 }
443
SubParameterEncode(const uint8_t * data,size_t size)444 void SubParameterEncode(const uint8_t *data, size_t size)
445 {
446 BaseParameterEncode(data, size);
447 ReservedParameterEncode(data, size);
448 MessageIdEncode(data, size);
449 AbsoluteTimeEncode(data, size);
450 PriorityIndEncode(data, size);
451 PrivacyIndEncode(data, size);
452 ReplyOptionEncode(data, size);
453 UserDataEncode(data, size);
454 CmasDataEncode(data, size);
455 AlertPriorityEncode(data, size);
456 LanguageIndEncode(data, size);
457 CallbackNumberEncode(data, size);
458 DepositIndexEncode(data, size);
459 DisplayModeEncode(data, size);
460 MessageStatusEncode(data, size);
461 NumberMessagesEncode(data, size);
462 EnhancedVmnEncode(data, size);
463 EnhancedVmnAckEncode(data, size);
464 }
465
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)466 void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
467 {
468 if (data == nullptr || size == 0) {
469 return;
470 }
471
472 if (g_flag) {
473 return;
474 }
475 g_flag = true;
476
477 TransportMessageEncode(data, size);
478 ParameterRecordEncode(data, size);
479 SubParameterEncode(data, size);
480 }
481
482 } // namespace OHOS
483
484 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)485 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
486 {
487 /* Run your code on data */
488 OHOS::AddSmsTokenFuzzer token;
489 OHOS::DoSomethingInterestingWithMyAPI(data, size);
490 return 0;
491 }
492