• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "ecmascript/base/string_helper.h"
17 #include "ecmascript/global_env.h"
18 #include "ecmascript/js_function.h"
19 #include "ecmascript/js_generator_object.h"
20 #include "ecmascript/js_tagged_value-inl.h"
21 #include "ecmascript/napi/include/jsnapi.h"
22 #include "ecmascript/napi/jsnapi_helper.h"
23 #include "jsvaluerefisasync_fuzzer.h"
24 
25 using namespace panda;
26 using namespace panda::ecmascript;
27 
28 namespace OHOS {
JSValueRefIsAsyncGeneratorFunctionTrueFuzzTest(const uint8_t * data,size_t size)29     void JSValueRefIsAsyncGeneratorFunctionTrueFuzzTest(const uint8_t* data, size_t size)
30     {
31         RuntimeOption option;
32         option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
33         EcmaVM *vm = JSNApi::CreateJSVM(option);
34         {
35             JsiFastNativeScope scope(vm);
36             if (data == nullptr || size <= 0) {
37                 LOG_ECMA(ERROR) << "illegal input!";
38                 return;
39             }
40             uint8_t* ptr = nullptr;
41             ptr = const_cast<uint8_t*>(data);
42             ObjectFactory *factory = vm->GetFactory();
43             MethodLiteral *methodLiteral = nullptr;
44             JSHandle<Method> method = factory->NewSMethod(methodLiteral);
45             JSHandle<JSFunction> asyncGeneratorFunction = factory->NewJSAsyncGeneratorFunction(method);
46             JSHandle<JSTaggedValue> asyncgefu = JSHandle<JSTaggedValue>::Cast(asyncGeneratorFunction);
47             Local<JSValueRef> object = JSNApiHelper::ToLocal<JSValueRef>(asyncgefu);
48             [[maybe_unused]] auto it = object->IsAsyncGeneratorFunction(vm);
49         }
50         JSNApi::DestroyJSVM(vm);
51     }
52 
JSValueRefIsAsyncGeneratorFunctionFalseFuzzTest(const uint8_t * data,size_t size)53     void JSValueRefIsAsyncGeneratorFunctionFalseFuzzTest(const uint8_t* data, size_t size)
54     {
55         RuntimeOption option;
56         option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
57         EcmaVM *vm = JSNApi::CreateJSVM(option);
58         if (data == nullptr || size <= 0) {
59             LOG_ECMA(ERROR) << "illegal input!";
60             return;
61         }
62         uint8_t* ptr = nullptr;
63         ptr = const_cast<uint8_t*>(data);
64         int num = static_cast<int>(size);
65         Local<JSValueRef> object = IntegerRef::New(vm, num);
66         object->IsAsyncGeneratorFunction(vm);
67         JSNApi::DestroyJSVM(vm);
68     }
69 
JSValueRefIsAsyncGeneratorObjectTrueFuzzTest(const uint8_t * data,size_t size)70     void JSValueRefIsAsyncGeneratorObjectTrueFuzzTest(const uint8_t* data, size_t size)
71     {
72         RuntimeOption option;
73         option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
74         EcmaVM *vm = JSNApi::CreateJSVM(option);
75         {
76             JsiFastNativeScope scope(vm);
77             if (data == nullptr || size <= 0) {
78                 LOG_ECMA(ERROR) << "illegal input!";
79                 return;
80             }
81             uint8_t* ptr = nullptr;
82             ptr = const_cast<uint8_t*>(data);
83             ObjectFactory *factory = vm->GetFactory();
84             MethodLiteral *methodLiteral = nullptr;
85             JSHandle<Method> method = factory->NewSMethod(methodLiteral);
86             JSHandle<JSFunction> asyncGeneratorFunction = factory->NewJSAsyncGeneratorFunction(method);
87             JSHandle<JSTaggedValue> asyncgefu = JSHandle<JSTaggedValue>::Cast(asyncGeneratorFunction);
88             Local<JSValueRef> object = JSNApiHelper::ToLocal<JSValueRef>(asyncgefu);
89             [[maybe_unused]] auto it = object->IsAsyncGeneratorObject(vm);
90         }
91         JSNApi::DestroyJSVM(vm);
92     }
93 
JSValueRefIsAsyncGeneratorObjectFalseFuzzTest(const uint8_t * data,size_t size)94     void JSValueRefIsAsyncGeneratorObjectFalseFuzzTest(const uint8_t* data, size_t size)
95     {
96         RuntimeOption option;
97         option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
98         EcmaVM *vm = JSNApi::CreateJSVM(option);
99         if (data == nullptr || size <= 0) {
100             LOG_ECMA(ERROR) << "illegal input!";
101             return;
102         }
103         uint8_t* ptr = nullptr;
104         ptr = const_cast<uint8_t*>(data);
105         int num = static_cast<int>(size);
106         Local<JSValueRef> object = IntegerRef::New(vm, num);
107         object->IsAsyncGeneratorObject(vm);
108         JSNApi::DestroyJSVM(vm);
109     }
110 }
111 
112 // Fuzzer entry point.
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)113 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
114 {
115     // Run your code on data.
116     OHOS::JSValueRefIsAsyncGeneratorFunctionTrueFuzzTest(data, size);
117     OHOS::JSValueRefIsAsyncGeneratorFunctionFalseFuzzTest(data, size);
118     OHOS::JSValueRefIsAsyncGeneratorObjectTrueFuzzTest(data, size);
119     OHOS::JSValueRefIsAsyncGeneratorObjectFalseFuzzTest(data, size);
120     return 0;
121 }