• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "report_security_info_fuzzer.h"
17 
18 #include <string>
19 #include <fuzzer/FuzzedDataProvider.h>
20 #include "securec.h"
21 
22 #include "security_guard_define.h"
23 #include "sg_collect_client.h"
24 
25 #undef private
26 
27 extern "C" int32_t ReportSecurityInfo(const struct EventInfoSt *info);
28 
29 namespace OHOS {
30 namespace {
31 constexpr int MAX_STRING_SIZE = 1024;
32 }
ReportSecurityInfoFuzzTest(const uint8_t * data,size_t size)33 bool ReportSecurityInfoFuzzTest(const uint8_t *data, size_t size)
34 {
35     int64_t eventId = rand() % (size + 1);
36     EventInfoSt info;
37     info.eventId = eventId;
38     std::string version(reinterpret_cast<const char *>(data), size);
39     info.version = version.c_str();
40     uint32_t cpyLen = size >= CONTENT_MAX_LEN ? CONTENT_MAX_LEN - 1 : static_cast<uint32_t>(size);
41     (void)memcpy_s(info.content, CONTENT_MAX_LEN, data, cpyLen);
42     info.contentLen = cpyLen;
43     ReportSecurityInfo(&info);
44     return true;
45 }
46 
ReportSecurityInfoAsyncFuzzTest(const uint8_t * data,size_t size,FuzzedDataProvider & fdp)47 bool ReportSecurityInfoAsyncFuzzTest(const uint8_t* data, size_t size, FuzzedDataProvider &fdp)
48 {
49     EventInfoSt info;
50     info.eventId = fdp.ConsumeIntegral<int64_t>();
51     std::string str = fdp.ConsumeRandomLengthString(MAX_STRING_SIZE);
52     info.version = str.c_str();
53     uint32_t cpyLen = size >= CONTENT_MAX_LEN ? CONTENT_MAX_LEN - 1 : static_cast<uint32_t>(size);
54     (void)memcpy_s(info.content, CONTENT_MAX_LEN, data, cpyLen);
55     info.contentLen = cpyLen;
56     ReportSecurityInfoAsync(&info);
57     return true;
58 }
59 
SecurityGuardConfigUpdateFuzzTest(FuzzedDataProvider & fdp)60 bool SecurityGuardConfigUpdateFuzzTest(FuzzedDataProvider &fdp)
61 {
62     int32_t fd = fdp.ConsumeIntegral<int32_t>();
63     std::string name = fdp.ConsumeRandomLengthString(MAX_STRING_SIZE).c_str();
64     SecurityGuardConfigUpdate(fd, name.c_str());
65     return true;
66 }
67 }  // namespace OHOS
68 
69 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)70 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
71 {
72     FuzzedDataProvider fdp(data, size);
73     /* Run your code on date */
74     OHOS::ReportSecurityInfoFuzzTest(data, size);
75     OHOS::ReportSecurityInfoAsyncFuzzTest(data, size, fdp);
76     OHOS::SecurityGuardConfigUpdateFuzzTest(fdp);
77     return 0;
78 }
79