• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #define private public
16 #define protected public
17 #include "fuzzer/FuzzedDataProvider.h"
18 #include "scanusbmanager_fuzzer.h"
19 #include "scan_usb_manager.h"
20 #include "scan_service_ability.h"
21 
22 
23 namespace OHOS {
24 namespace Scan {
25     constexpr uint8_t MAX_STRING_LENGTH = 255;
26     constexpr size_t FOO_MAX_LEN = 1024;
27     constexpr size_t U32_AT_SIZE = 4;
28 
TestDealUsbDevStatusChange(const uint8_t * data,size_t size,FuzzedDataProvider * dataProvider)29     void TestDealUsbDevStatusChange(const uint8_t* data, size_t size, FuzzedDataProvider* dataProvider)
30     {
31         DelayedSingleton<ScanUsbManager>::GetInstance()->Init();
32         DelayedSingleton<ScanUsbManager>::GetInstance()->RefreshUsbDevice();
33         std::string devStr = dataProvider->ConsumeRandomLengthString(MAX_STRING_LENGTH);
34         bool isAttach = dataProvider->ConsumeBool();
35         std::string devStrOne = "2-3";
36         DelayedSingleton<ScanUsbManager>::GetInstance()->DealUsbDevStatusChange(devStr, isAttach);
37         DelayedSingleton<ScanUsbManager>::GetInstance()->DealUsbDevStatusChange(devStrOne, true);
38         DelayedSingleton<ScanUsbManager>::GetInstance()->DealUsbDevStatusChange(devStrOne, false);
39         USB::USBDevicePipe usbDevicePipe;
40         DelayedSingleton<ScanUsbManager>::GetInstance()->GetDeviceSerialNumber(usbDevicePipe);
41     }
42 
TestUsbUpdateUsbScannerId(const uint8_t * data,size_t size,FuzzedDataProvider * dataProvider)43     void TestUsbUpdateUsbScannerId(const uint8_t* data, size_t size, FuzzedDataProvider* dataProvider)
44     {
45         std::string usbDeviceName = "2-4";
46         std::string serialNumber = "QWERTY";
47         ScanDeviceInfo scanDeviceInfo;
48         scanDeviceInfo.deviceId = "pantu:libusb:002:004";
49         scanDeviceInfo.serialNumber = serialNumber;
50         ScanServiceAbility::saneGetUsbDeviceInfoMap[serialNumber] = scanDeviceInfo;
51         ScanUsbManager::GetInstance()->UpdateUsbScannerId(serialNumber, usbDeviceName);
52 
53         std::string fuzzUsbDeviceName = dataProvider->ConsumeRandomLengthString(MAX_STRING_LENGTH);
54         std::string fuzzSerialNumber = dataProvider->ConsumeRandomLengthString(MAX_STRING_LENGTH);
55         ScanDeviceInfo fuzzScanDeviceInfo;
56         scanDeviceInfo.deviceId = dataProvider->ConsumeRandomLengthString(MAX_STRING_LENGTH);
57         scanDeviceInfo.serialNumber = fuzzSerialNumber;
58         ScanServiceAbility::saneGetUsbDeviceInfoMap[fuzzSerialNumber] = fuzzScanDeviceInfo;
59         ScanUsbManager::GetInstance()->UpdateUsbScannerId(fuzzSerialNumber, fuzzUsbDeviceName);
60     }
61 
TestUsbDisConnectUsbScanner(const uint8_t * data,size_t size,FuzzedDataProvider * dataProvider)62     void TestUsbDisConnectUsbScanner(const uint8_t* data, size_t size, FuzzedDataProvider* dataProvider)
63     {
64         std::string usbDeviceName = "2-3";
65         std::string serialNumber = "ASDFGH";
66         ScanDeviceInfo scanDeviceInfo;
67         scanDeviceInfo.deviceId = dataProvider->ConsumeRandomLengthString(MAX_STRING_LENGTH);
68         scanDeviceInfo.serialNumber = serialNumber;
69         ScanServiceAbility::saneGetUsbDeviceInfoMap[serialNumber] = scanDeviceInfo;
70         ScanUsbManager::GetInstance()->DisConnectUsbScanner(usbDeviceName);
71 
72         std::string fuzzUsbDeviceName = dataProvider->ConsumeRandomLengthString(MAX_STRING_LENGTH);
73         std::string fuzzSerialNumber = dataProvider->ConsumeRandomLengthString(MAX_STRING_LENGTH);
74         ScanDeviceInfo fuzzScanDeviceInfo;
75         scanDeviceInfo.deviceId = dataProvider->ConsumeRandomLengthString(MAX_STRING_LENGTH);
76         scanDeviceInfo.serialNumber = fuzzSerialNumber;
77         ScanServiceAbility::saneGetUsbDeviceInfoMap[fuzzSerialNumber] = fuzzScanDeviceInfo;
78         ScanUsbManager::GetInstance()->DisConnectUsbScanner(fuzzUsbDeviceName);
79     }
80 }
81 }
82 
83 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)84 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
85 {
86     if (data == nullptr) {
87         return 0;
88     }
89 
90     if (size < OHOS::Scan::U32_AT_SIZE || size > OHOS::Scan::FOO_MAX_LEN) {
91         return 0;
92     }
93     FuzzedDataProvider dataProvider(data, size);
94     OHOS::Scan::TestDealUsbDevStatusChange(data, size, &dataProvider);
95     OHOS::Scan::TestUsbUpdateUsbScannerId(data, size, &dataProvider);
96     OHOS::Scan::TestUsbDisConnectUsbScanner(data, size, &dataProvider);
97 
98     return 0;
99 }
100 
101