1 /*
2 * Copyright (c) 2024-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "extensionrecordmanager_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20 #include <fuzzer/FuzzedDataProvider.h>
21
22 #include "ability_record.h"
23 #include "extension_record_factory.h"
24 #define private public
25 #define inline
26 #include "extension_record.h"
27 #include "extension_record_manager.h"
28 #define inline
29 #undef private
30 #include "ability_fuzz_util.h"
31
32 using namespace OHOS::AAFwk;
33 using namespace OHOS::AbilityRuntime;
34 using namespace OHOS::AppExecFwk;
35
36 namespace OHOS {
37 namespace {
38 constexpr size_t STRING_MAX_LENGTH = 128;
39 } // namespace
40
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)41 bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size)
42 {
43 auto extensionRecordManager = std::make_shared<ExtensionRecordManager>(0);
44 int32_t userId;
45 int32_t extensionRecordId;
46 int32_t pid;
47 int32_t hostPid;
48 int32_t recordNum;
49 std::shared_ptr<AbilityRuntime::ExtensionRecord> record;
50 std::shared_ptr<AbilityRuntime::ExtensionRecord> extensionRecord;
51 std::shared_ptr<AAFwk::AbilityRecord> abilityRecord;
52 std::list<sptr<IRemoteObject>> callerList;
53 std::string hostBundleName;
54 std::string bundleName;
55 std::string process;
56 std::string moduleName;
57 bool isLoaded;
58 AbilityInfo abilityInfo;
59 AbilityRequest abilityRequest;
60 ExtensionRecordManager::PreLoadUIExtensionMapKey preLoadUIExtensionInfo;
61 UIExtensionSessionInfo uiExtensionSessionInfo;
62 ElementName element;
63 std::vector<std::string> extensionList;
64 sptr<AAFwk::SessionInfo> sessionInfo;
65 sptr<IRemoteObject> focusedCallerToken;
66 sptr<IRemoteObject> token;
67 sptr<IRemoteObject> focusToken;
68 std::tuple<std::string, std::string, std::string, std::string> extensionRecordMapKey;
69
70 FuzzedDataProvider fdp(data, size);
71 userId = fdp.ConsumeIntegral<int32_t>();
72 extensionRecordId = fdp.ConsumeIntegral<int32_t>();
73 pid = fdp.ConsumeIntegral<int32_t>();
74 hostPid = fdp.ConsumeIntegral<int32_t>();
75 recordNum = fdp.ConsumeIntegral<int32_t>();
76 hostBundleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
77 bundleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
78 process = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
79 moduleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
80 isLoaded = fdp.ConsumeBool();
81 extensionList = AbilityFuzzUtil::GenerateStringArray(fdp);
82 AbilityFuzzUtil::GetRandomAbilityInfo(fdp, abilityInfo);
83 AbilityFuzzUtil::GetRandomAbilityRequestInfo(fdp, abilityRequest);
84 AbilityFuzzUtil::GenerateElementName(fdp, element);
85
86 extensionRecordManager->GenerateExtensionRecordId(extensionRecordId);
87 extensionRecordManager->AddExtensionRecord(extensionRecordId, record);
88 extensionRecordManager->RemoveExtensionRecord(extensionRecordId);
89 extensionRecordManager->AddExtensionRecordToTerminatedList(extensionRecordId);
90 extensionRecordManager->GetExtensionRecord(extensionRecordId, hostBundleName, extensionRecord, isLoaded);
91 extensionRecordManager->IsBelongToManager(abilityInfo);
92 extensionRecordManager->GetActiveUIExtensionList(pid, extensionList);
93 extensionRecordManager->GetActiveUIExtensionList(bundleName, extensionList);
94 extensionRecordManager->GetOrCreateExtensionRecord(abilityRequest, hostBundleName, abilityRecord, isLoaded);
95 extensionRecordManager->GetAbilityRecordBySessionInfo(sessionInfo);
96 extensionRecordManager->IsHostSpecifiedProcessValid(abilityRequest, record, process);
97 extensionRecordManager->UpdateProcessName(abilityRequest, record);
98 extensionRecordManager->GetHostBundleNameForExtensionId(extensionRecordId, hostBundleName);
99 extensionRecordManager->AddPreloadUIExtensionRecord(abilityRecord);
100 extensionRecordManager->RemoveAllPreloadUIExtensionRecord(preLoadUIExtensionInfo);
101 extensionRecordManager->IsPreloadExtensionRecord(abilityRequest, hostBundleName, extensionRecord, isLoaded);
102 extensionRecordManager->RemovePreloadUIExtensionRecordById(extensionRecordMapKey, extensionRecordId);
103 extensionRecordManager->RemovePreloadUIExtensionRecord(extensionRecordMapKey);
104 extensionRecordManager->GetOrCreateExtensionRecordInner(abilityRequest, hostBundleName, extensionRecord, isLoaded);
105 extensionRecordManager->SetAbilityProcessName(abilityRequest, abilityRecord, extensionRecord);
106 extensionRecordManager->StartAbility(abilityRequest);
107 extensionRecordManager->SetCachedFocusedCallerToken(extensionRecordId, focusedCallerToken);
108 extensionRecordManager->GetCachedFocusedCallerToken(extensionRecordId);
109 extensionRecordManager->GetRootCallerTokenLocked(extensionRecordId, abilityRecord);
110 extensionRecordManager->CreateExtensionRecord(abilityRequest, hostBundleName, extensionRecord, hostPid);
111 extensionRecordManager->GetUIExtensionRootHostInfo(token);
112 extensionRecordManager->GetUIExtensionSessionInfo(token, uiExtensionSessionInfo);
113 extensionRecordManager->GetExtensionRecordById(extensionRecordId);
114 extensionRecordManager->LoadTimeout(extensionRecordId);
115 extensionRecordManager->ForegroundTimeout(extensionRecordId);
116 extensionRecordManager->BackgroundTimeout(extensionRecordId);
117 extensionRecordManager->TerminateTimeout(extensionRecordId);
118 extensionRecordManager->GetCallerTokenList(abilityRecord, callerList);
119 extensionRecordManager->IsFocused(extensionRecordId, token, focusToken);
120 extensionRecordManager->QueryPreLoadUIExtensionRecord(element, moduleName, hostBundleName, recordNum);
121 return true;
122 }
123 } // namespace OHOS
124
125 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)126 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
127 {
128 // Run your code on data.
129 OHOS::DoSomethingInterestingWithMyAPI(data, size);
130 return 0;
131 }
132