1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "updateiccdiallingnumbers_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20 #include <thread>
21
22 #define private public
23 #include "addcoreservicetoken_fuzzer.h"
24 #include "core_service.h"
25 #include "napi_util.h"
26 #include "system_ability_definition.h"
27 #include "tel_event_handler.h"
28 #include "unistd.h"
29 #include "tel_ril_manager.h"
30
31 using namespace OHOS::Telephony;
32 namespace OHOS {
33 static bool g_isInited = false;
34 constexpr int32_t SLOT_NUM = 2;
35 constexpr int32_t ACCEPT_TYPE = 2;
36 constexpr int32_t SIM_TYPE_NUM = 2;
37 constexpr int32_t SLEEP_TIME_SECONDS = 2;
38
IsServiceInited()39 bool IsServiceInited()
40 {
41 if (!g_isInited) {
42 DelayedSingleton<CoreService>::GetInstance()->OnStart();
43 if (DelayedSingleton<CoreService>::GetInstance()->GetServiceRunningState() ==
44 static_cast<int32_t>(ServiceRunningState::STATE_RUNNING)) {
45 g_isInited = true;
46 }
47 }
48 return g_isInited;
49 }
50
GetOpKey(const uint8_t * data,size_t size)51 void GetOpKey(const uint8_t *data, size_t size)
52 {
53 if (!IsServiceInited()) {
54 return;
55 }
56
57 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
58 MessageParcel dataMessageParcel;
59 dataMessageParcel.WriteInt32(slotId);
60 dataMessageParcel.WriteBuffer(data, size);
61 dataMessageParcel.RewindRead(0);
62 MessageParcel reply;
63 DelayedSingleton<CoreService>::GetInstance()->OnGetOpKey(dataMessageParcel, reply);
64 }
65
GetOpKeyExt(const uint8_t * data,size_t size)66 void GetOpKeyExt(const uint8_t *data, size_t size)
67 {
68 if (!IsServiceInited()) {
69 return;
70 }
71
72 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
73 MessageParcel dataMessageParcel;
74 dataMessageParcel.WriteInt32(slotId);
75
76 dataMessageParcel.WriteBuffer(data, size);
77 dataMessageParcel.RewindRead(0);
78 MessageParcel reply;
79 DelayedSingleton<CoreService>::GetInstance()->OnGetOpKeyExt(dataMessageParcel, reply);
80 }
81
GetOpName(const uint8_t * data,size_t size)82 void GetOpName(const uint8_t *data, size_t size)
83 {
84 if (!IsServiceInited()) {
85 return;
86 }
87
88 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
89 MessageParcel dataMessageParcel;
90 dataMessageParcel.WriteInt32(slotId);
91
92 dataMessageParcel.WriteBuffer(data, size);
93 dataMessageParcel.RewindRead(0);
94 MessageParcel reply;
95 DelayedSingleton<CoreService>::GetInstance()->OnGetOpName(dataMessageParcel, reply);
96 }
97
SendCallSetupRequestResult(const uint8_t * data,size_t size)98 void SendCallSetupRequestResult(const uint8_t *data, size_t size)
99 {
100 if (!IsServiceInited()) {
101 return;
102 }
103
104 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
105 int32_t accept = static_cast<int32_t>(*data % ACCEPT_TYPE);
106 MessageParcel dataMessageParcel;
107 dataMessageParcel.WriteInt32(slotId);
108 dataMessageParcel.WriteInt32(accept);
109
110 dataMessageParcel.WriteBuffer(data, size);
111 dataMessageParcel.RewindRead(0);
112 MessageParcel reply;
113 DelayedSingleton<CoreService>::GetInstance()->OnSendCallSetupRequestResult(dataMessageParcel, reply);
114 }
115
HasOperatorPrivileges(const uint8_t * data,size_t size)116 void HasOperatorPrivileges(const uint8_t *data, size_t size)
117 {
118 if (!IsServiceInited()) {
119 return;
120 }
121
122 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
123 MessageParcel dataMessageParcel;
124 dataMessageParcel.WriteInt32(slotId);
125
126 dataMessageParcel.WriteBuffer(data, size);
127 dataMessageParcel.RewindRead(0);
128 MessageParcel reply;
129 DelayedSingleton<CoreService>::GetInstance()->OnHasOperatorPrivileges(dataMessageParcel, reply);
130 }
131
GetCellInfoList(const uint8_t * data,size_t size)132 void GetCellInfoList(const uint8_t *data, size_t size)
133 {
134 if (!IsServiceInited()) {
135 return;
136 }
137
138 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
139 MessageParcel dataMessageParcel;
140 dataMessageParcel.WriteInt32(slotId);
141
142 dataMessageParcel.WriteBuffer(data, size);
143 dataMessageParcel.RewindRead(0);
144 MessageParcel reply;
145 DelayedSingleton<CoreService>::GetInstance()->OnGetCellInfoList(dataMessageParcel, reply);
146 }
147
UpdateIccDiallingNumbers(const uint8_t * data,size_t size)148 void UpdateIccDiallingNumbers(const uint8_t *data, size_t size)
149 {
150 if (!IsServiceInited()) {
151 return;
152 }
153
154 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
155 int32_t type = *data % SIM_TYPE_NUM + 1;
156 MessageParcel dataMessageParcel;
157 dataMessageParcel.WriteInt32(slotId);
158 dataMessageParcel.WriteInt32(type);
159 dataMessageParcel.WriteBuffer(data, size);
160 dataMessageParcel.RewindRead(0);
161 MessageParcel reply;
162 DelayedSingleton<CoreService>::GetInstance()->OnUpdateIccDiallingNumbers(dataMessageParcel, reply);
163 }
164
GetNrSsbIdInfoTesting(const uint8_t * data,size_t size)165 void GetNrSsbIdInfoTesting(const uint8_t *data, size_t size)
166 {
167 if (!IsServiceInited()) {
168 return;
169 }
170
171 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
172 MessageParcel dataMessageParcel;
173 dataMessageParcel.WriteInt32(slotId);
174
175 dataMessageParcel.WriteBuffer(data, size);
176 dataMessageParcel.RewindRead(0);
177 MessageParcel reply;
178 DelayedSingleton<CoreService>::GetInstance()->OnGetNrSsbIdInfo(dataMessageParcel, reply);
179 }
180
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)181 void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
182 {
183 if (data == nullptr || size == 0) {
184 return;
185 }
186
187 GetOpKey(data, size);
188 GetOpKeyExt(data, size);
189 GetOpName(data, size);
190 SendCallSetupRequestResult(data, size);
191 HasOperatorPrivileges(data, size);
192 GetCellInfoList(data, size);
193 UpdateIccDiallingNumbers(data, size);
194 GetNrSsbIdInfoTesting(data, size);
195 auto telRilManager = std::static_pointer_cast<TelRilManager>(
196 DelayedSingleton<CoreService>::GetInstance()->telRilManager_);
197 if (telRilManager == nullptr || telRilManager->handler_ == nullptr) {
198 return;
199 }
200 auto handler = telRilManager->handler_;
201 if (handler != nullptr) {
202 handler->RemoveAllEvents();
203 handler->SendEvent(0, 0, AppExecFwk::EventQueue::Priority::HIGH);
204 sleep(SLEEP_TIME_SECONDS);
205 }
206 telRilManager->handler_->ClearFfrt(false);
207 telRilManager->handler_->queue_ = nullptr;
208 return;
209 }
210 } // namespace OHOS
211
212 /* Fuzzer entry point */
LLVMFuzzerInitialize(int * argc,char *** argv)213 extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv)
214 {
215 OHOS::AddCoreServiceTokenFuzzer token;
216 return 0;
217 }
218
219 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)220 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
221 {
222 /* Run your code on data */
223 OHOS::DoSomethingInterestingWithMyAPI(data, size);
224 OHOS::DelayedSingleton<CoreService>::DestroyInstance();
225 return 0;
226 }
227