• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2022 Huawei Technologies Co., Ltd.
3  * Licensed under the Mulan PSL v2.
4  * You can use this software according to the terms and conditions of the Mulan PSL v2.
5  * You may obtain a copy of Mulan PSL v2 at:
6  *     http://license.coscl.org.cn/MulanPSL2
7  * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
8  * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
9  * PURPOSE.
10  * See the Mulan PSL v2 for more details.
11  */
12 
13 #include "libteecvendorinitializecontext_fuzzer.h"
14 
15 #include <cstddef>
16 #include <cstdint>
17 #include <string>
18 #include "tee_client_api.h"
19 #include "tee_client_constants.h"
20 #include "tee_client_type.h"
21 #include "tee_client_inner_api.h"
22 
23 namespace OHOS {
LibteecVendorInitializeContextFuzzTest(const uint8_t * data,size_t size)24     bool LibteecVendorInitializeContextFuzzTest(const uint8_t *data, size_t size)
25     {
26         bool result = false;
27         if (size >= sizeof(TEEC_Context)) {
28             uint8_t *temp = const_cast<uint8_t *>(data);
29             TEEC_Context context = *reinterpret_cast<TEEC_Context *>(temp);
30             temp += sizeof(TEEC_Context);
31             std::string name(reinterpret_cast<const char *>(temp), size - sizeof(TEEC_Context));
32 
33             TEEC_Result ret = TEEC_InitializeContext(name.c_str(), &context);
34             if (ret == TEEC_SUCCESS) {
35                 TEEC_FinalizeContext(&context);
36             }
37         }
38         return result;
39     }
40 
SetBitFuzzTest_001(const uint8_t * data,size_t size)41     void SetBitFuzzTest_001(const uint8_t *data, size_t size)
42     {
43         uint32_t i = 0, byteMax = 0;
44         uint8_t bitMap = 0;
45 
46         SetBit(i, byteMax, NULL);
47 
48         byteMax = 1;
49         SetBit(i, byteMax, NULL);
50 
51         SetBit(i, byteMax, &bitMap);
52 
53         (void)data;
54         (void)size;
55     }
56 
CheckBitFuzzTest_001(const uint8_t * data,size_t size)57     void CheckBitFuzzTest_001(const uint8_t *data, size_t size)
58     {
59         uint32_t i = 0, byteMax = 0;
60         uint8_t bitMap = 0;
61 
62         CheckBit(i, byteMax, NULL);
63 
64         byteMax = 1;
65         CheckBit(i, byteMax, NULL);
66 
67         CheckBit(i, byteMax, &bitMap);
68         (void)data;
69         (void)size;
70     }
71 
ClearBitFuzzTest_001(const uint8_t * data,size_t size)72     void ClearBitFuzzTest_001(const uint8_t *data, size_t size)
73     {
74         uint32_t i = 0, byteMax = 0;
75         uint8_t bitMap = 0;
76 
77         ClearBit(i, byteMax, NULL);
78 
79         byteMax = 1;
80         ClearBit(i, byteMax, NULL);
81 
82         ClearBit(i, byteMax, &bitMap);
83         (void)data;
84         (void)size;
85     }
86 
GetAndSetBitFuzzTest_001(const uint8_t * data,size_t size)87     void GetAndSetBitFuzzTest_001(const uint8_t *data, size_t size)
88     {
89         uint8_t bitMap[1] = { 0 };
90         uint32_t byteMax = 0;
91 
92         GetAndSetBit(NULL, byteMax);
93 
94         byteMax = 1;
95         GetAndSetBit(bitMap, byteMax);
96 
97         bitMap[0] = 0xff;
98         GetAndSetBit(bitMap, byteMax);
99         (void)data;
100         (void)size;
101     }
102 
GetAndCleartBitFuzzTest_001(const uint8_t * data,size_t size)103     void GetAndCleartBitFuzzTest_001(const uint8_t *data, size_t size)
104     {
105         uint8_t bitMap[1] = { 0 };
106         uint32_t byteMax = 0;
107 
108         GetAndCleartBit(NULL, byteMax);
109 
110         byteMax = 1;
111         GetAndCleartBit(bitMap, byteMax);
112 
113         bitMap[0] = 0xff;
114         GetAndCleartBit(bitMap, byteMax);
115         (void)data;
116         (void)size;
117     }
118 
GetBnSessionFuzzTest_001(const uint8_t * data,size_t size)119     void GetBnSessionFuzzTest_001(const uint8_t *data, size_t size)
120     {
121         TEEC_Session session = { 0 };
122         TEEC_ContextInner context = { 0 };
123 
124         GetBnSession(NULL, &context);
125         GetBnSession(&session, NULL);
126         (void)data;
127         (void)size;
128     }
129 
PutBnSessionTest_001(void)130     void PutBnSessionTest_001(void)
131     {
132         PutBnSession(NULL);
133     }
134 
PutBnShrMemTest_001(void)135     void PutBnShrMemTest_001(void)
136     {
137         PutBnShrMem(NULL);
138     }
139 
GetBnShmByOffsetTest_001(void)140     void GetBnShmByOffsetTest_001(void)
141     {
142         GetBnShmByOffset(0, NULL);
143     }
144 }
145 
146 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)147 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
148 {
149     /* Run your code on data */
150     OHOS::LibteecVendorInitializeContextFuzzTest(data, size);
151     OHOS::SetBitFuzzTest_001(data, size);
152     OHOS::CheckBitFuzzTest_001(data, size);
153     OHOS::ClearBitFuzzTest_001(data, size);
154     OHOS::GetAndSetBitFuzzTest_001(data, size);
155     OHOS::GetAndCleartBitFuzzTest_001(data, size);
156     OHOS::GetBnSessionFuzzTest_001(data, size);
157     OHOS::PutBnSessionTest_001();
158     OHOS::PutBnShrMemTest_001();
159     OHOS::GetBnShmByOffsetTest_001();
160 
161     return 0;
162 }