• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "procauthstub_fuzzer.h"
17 
18 #include <string>
19 #include <vector>
20 
21 #include "domain_account_callback.h"
22 #include "domain_account_callback_service.h"
23 #include "domain_account_manager_service.h"
24 #include "domain_account_plugin_service.h"
25 #include "fuzz_data.h"
26 #include "idomain_account.h"
27 
28 using namespace std;
29 using namespace OHOS::AccountSA;
30 
31 namespace OHOS {
32 namespace {
33 const int32_t PASSWORD_LEN = 8;
34 const int ENUM_MAX = 4;
35 const uint32_t TEST_VECTOR_MAX_SIZE = 102402;
36 
37 class TestDomainAuthCallback : public OHOS::AccountSA::DomainAccountCallback {
38 public:
39     TestDomainAuthCallback() = default;
40     virtual ~TestDomainAuthCallback() = default;
OnResult(const int32_t errCode,Parcel & parcel)41     void OnResult(const int32_t errCode, Parcel &parcel) override
42     {}
43 };
44 
45 class TestDomainAccountPlugin : public DomainAccountPlugin {
46 public:
TestDomainAccountPlugin()47     TestDomainAccountPlugin() {}
~TestDomainAccountPlugin()48     virtual ~TestDomainAccountPlugin() {}
Auth(const DomainAccountInfo & info,const std::vector<uint8_t> & password,const std::shared_ptr<DomainAccountCallback> & callback)49     void Auth(const DomainAccountInfo &info, const std::vector<uint8_t> &password,
50         const std::shared_ptr<DomainAccountCallback> &callback) override {}
AuthWithPopup(const AccountSA::DomainAccountInfo & info,const std::shared_ptr<AccountSA::DomainAccountCallback> & callback)51     void AuthWithPopup(const AccountSA::DomainAccountInfo &info,
52         const std::shared_ptr<AccountSA::DomainAccountCallback> &callback) override {}
AuthWithToken(const AccountSA::DomainAccountInfo & info,const std::vector<uint8_t> & token,const std::shared_ptr<AccountSA::DomainAccountCallback> & callback)53     void AuthWithToken(const AccountSA::DomainAccountInfo &info, const std::vector<uint8_t> &token,
54         const std::shared_ptr<AccountSA::DomainAccountCallback> &callback) override {}
GetAuthStatusInfo(const DomainAccountInfo & info,const std::shared_ptr<DomainAccountCallback> & callback)55     void GetAuthStatusInfo(const DomainAccountInfo &info,
56         const std::shared_ptr<DomainAccountCallback> &callback) override {}
GetDomainAccountInfo(const GetDomainAccountInfoOptions & options,const std::shared_ptr<DomainAccountCallback> & callback)57     void GetDomainAccountInfo(const GetDomainAccountInfoOptions &options,
58         const std::shared_ptr<DomainAccountCallback> &callback) override {}
OnAccountBound(const DomainAccountInfo & info,const int32_t localId,const std::shared_ptr<DomainAccountCallback> & callback)59     void OnAccountBound(const DomainAccountInfo &info, const int32_t localId,
60         const std::shared_ptr<DomainAccountCallback> &callback) override {}
OnAccountUnBound(const DomainAccountInfo & info,const std::shared_ptr<DomainAccountCallback> & callback)61     void OnAccountUnBound(const DomainAccountInfo &info,
62         const std::shared_ptr<DomainAccountCallback> &callback) override {}
IsAccountTokenValid(const DomainAccountInfo & info,const std::vector<uint8_t> & token,const std::shared_ptr<DomainAccountCallback> & callback)63     void IsAccountTokenValid(const DomainAccountInfo &info, const std::vector<uint8_t> &token,
64         const std::shared_ptr<DomainAccountCallback> &callback) override {}
GetAccessToken(const DomainAccountInfo & domainInfo,const std::vector<uint8_t> & accountToken,const GetAccessTokenOptions & option,const std::shared_ptr<DomainAccountCallback> & callback)65     void GetAccessToken(const DomainAccountInfo &domainInfo, const std::vector<uint8_t> &accountToken,
66         const GetAccessTokenOptions &option, const std::shared_ptr<DomainAccountCallback> &callback) override {}
67 };
68 }
69 
ProcAuthStubFuzzTest(const uint8_t * data,size_t size)70     bool ProcAuthStubFuzzTest(const uint8_t* data, size_t size)
71     {
72         if ((data == nullptr) || (size == 0)) {
73             return false;
74         }
75 
76         FuzzData fuzzData(data, size);
77 
78         auto callbackPtr = std::make_shared<TestDomainAuthCallback>();
79         sptr<IDomainAccountCallback> callback = new (std::nothrow) DomainAccountCallbackService(callbackPtr);
80 
81         MessageParcel dataTemp;
82 
83         DomainAccountInfo info;
84         info.domain_ = fuzzData.GenerateString();
85         info.accountName_ = fuzzData.GenerateString();
86         info.accountId_ = fuzzData.GenerateString();
87         info.isAuthenticated = fuzzData.GenerateBool();
88         info.serverConfigId_ = fuzzData.GenerateString();
89         int typeNumber = fuzzData.GetData<int>() % ENUM_MAX;
90         info.status_ = static_cast<DomainAccountStatus>(typeNumber);
91 
92         if (!dataTemp.WriteInterfaceToken(DomainAccountStub::GetDescriptor())) {
93             return false;
94         }
95         if (fuzzData.GetData<bool>()) {
96             if (!dataTemp.WriteParcelable(&info)) {
97                 return false;
98             }
99         }
100         uint32_t passwordSize = fuzzData.GetData<bool>() ? TEST_VECTOR_MAX_SIZE : PASSWORD_LEN;
101         if (!dataTemp.WriteInt32(passwordSize)) {
102             return false;
103         }
104         for (uint32_t i = 0; i < PASSWORD_LEN; i++) {
105             if (!dataTemp.WriteUint8(fuzzData.GetData<uint8_t>())) {
106                 return false;
107             }
108         }
109         if (fuzzData.GetData<bool>()) {
110             if (!dataTemp.WriteRemoteObject(callback->AsObject())) {
111                 return false;
112             }
113         }
114 
115         MessageParcel reply;
116         MessageOption option;
117 
118         uint32_t code = static_cast<uint32_t>(IDomainAccountIpcCode::COMMAND_AUTH);
119         auto domainAccountService = std::make_shared<DomainAccountManagerService>();
120         domainAccountService->OnRemoteRequest(code, dataTemp, reply, option);
121 
122         return true;
123     }
124 
CheckIDomainAccountPlugin(uint32_t code)125     bool CheckIDomainAccountPlugin(uint32_t code)
126     {
127         MessageParcel dataTemp;
128         if (!dataTemp.WriteInterfaceToken(DomainAccountStub::GetDescriptor())) {
129             return false;
130         }
131 
132         std::shared_ptr<DomainAccountPlugin> pluginImpl = std::make_shared<TestDomainAccountPlugin>();
133         sptr<IDomainAccountPlugin> plugin = new (std::nothrow) DomainAccountPluginService(pluginImpl);
134 
135         if (!dataTemp.WriteRemoteObject(plugin->AsObject())) {
136             return false;
137         }
138         MessageParcel reply;
139         MessageOption option;
140         auto domainAccountService = std::make_shared<DomainAccountManagerService>();
141         domainAccountService->OnRemoteRequest(code, dataTemp, reply, option);
142         return true;
143     }
144 
CheckIDomainAccountCallback(uint32_t code)145     bool CheckIDomainAccountCallback(uint32_t code)
146     {
147         MessageParcel dataTemp;
148         if (!dataTemp.WriteInterfaceToken(DomainAccountStub::GetDescriptor())) {
149             return false;
150         }
151 
152         auto callbackPtr = std::make_shared<TestDomainAuthCallback>();
153         sptr<IDomainAccountCallback> callback = new (std::nothrow) DomainAccountCallbackService(callbackPtr);
154 
155         if (!dataTemp.WriteRemoteObject(callback->AsObject())) {
156             return false;
157         }
158         MessageParcel reply;
159         MessageOption option;
160         auto domainAccountService = std::make_shared<DomainAccountManagerService>();
161         domainAccountService->OnRemoteRequest(code, dataTemp, reply, option);
162         return true;
163     }
164 }
165 
LLVMFuzzerInitialize(int * argc,char *** argv)166 extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv)
167 {
168     OHOS::CheckIDomainAccountPlugin(static_cast<uint32_t>(IDomainAccountIpcCode::COMMAND_REGISTER_PLUGIN));
169     OHOS::CheckIDomainAccountPlugin(static_cast<uint32_t>(IDomainAccountIpcCode::COMMAND_UNREGISTER_PLUGIN));
170     OHOS::CheckIDomainAccountCallback(static_cast<uint32_t>(
171         IDomainAccountIpcCode::COMMAND_REGISTER_ACCOUNT_STATUS_LISTENER));
172     OHOS::CheckIDomainAccountCallback(static_cast<uint32_t>(
173         IDomainAccountIpcCode::COMMAND_UNREGISTER_ACCOUNT_STATUS_LISTENER));
174     OHOS::CheckIDomainAccountCallback(static_cast<uint32_t>(IDomainAccountIpcCode::COMMAND_GET_ALL_SERVER_CONFIGS));
175     return 0;
176 }
177 
178 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)179 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
180 {
181     /* Run your code on data */
182     OHOS::ProcAuthStubFuzzTest(data, size);
183     return 0;
184 }
185 
186