1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <fuzzer/FuzzedDataProvider.h>
17 #include "objectgetinformation_fuzzer.h"
18 #include "ecmascript/base/string_helper.h"
19 #include "ecmascript/napi/include/jsnapi.h"
20
21 using namespace panda;
22 using namespace panda::ecmascript;
23
24 namespace OHOS {
ObjectGetAllPropertyNamesFuzzTest(const uint8_t * data,size_t size)25 void ObjectGetAllPropertyNamesFuzzTest(const uint8_t *data, size_t size)
26 {
27 FuzzedDataProvider fdp(data, size);
28 RuntimeOption option;
29 option.SetLogLevel(common::LOG_LEVEL::ERROR);
30 EcmaVM *vm = JSNApi::CreateJSVM(option);
31 std::string str1 = fdp.ConsumeRandomLengthString(1024);
32 void *ptr1 = static_cast<void *>(const_cast<char *>(str1.data()));
33 std::string str2 = fdp.ConsumeRandomLengthString(1024);
34 void *ptr2 = static_cast<void *>(const_cast<char *>(str2.data()));
35 const int32_t index = fdp.ConsumeIntegralInRange<int32_t>(0, 1024);
36 Local<ObjectRef> object = ObjectRef::New(vm);
37 NativePointerCallback callBack = nullptr;
38 object->SetNativePointerField(vm, index, ptr1, callBack, ptr2);
39 object->GetAllPropertyNames(vm, index);
40 JSNApi::DestroyJSVM(vm);
41 }
42
ObjectGetNativePointerFieldCountFuzzTest(const uint8_t * data,size_t size)43 void ObjectGetNativePointerFieldCountFuzzTest(const uint8_t *data, size_t size)
44 {
45 FuzzedDataProvider fdp(data, size);
46 RuntimeOption option;
47 option.SetLogLevel(common::LOG_LEVEL::ERROR);
48 EcmaVM *vm = JSNApi::CreateJSVM(option);
49 const int32_t key = fdp.ConsumeIntegralInRange<int32_t>(0, 1024);
50 Local<ObjectRef> object = ObjectRef::New(vm);
51 object->SetNativePointerFieldCount(vm, key);
52 object->GetNativePointerFieldCount(vm);
53 JSNApi::DestroyJSVM(vm);
54 }
55
ObjectGetOwnEnumerablePropertyNamesFuzzTest(const uint8_t * data,size_t size)56 void ObjectGetOwnEnumerablePropertyNamesFuzzTest(const uint8_t *data, size_t size)
57 {
58 FuzzedDataProvider fdp(data, size);
59 RuntimeOption option;
60 option.SetLogLevel(common::LOG_LEVEL::ERROR);
61 EcmaVM *vm = JSNApi::CreateJSVM(option);
62 std::string str1 = fdp.ConsumeRandomLengthString(1024);
63 void *ptr1 = static_cast<void *>(const_cast<char *>(str1.data()));
64 std::string str2 = fdp.ConsumeRandomLengthString(1024);
65 void *ptr2 = static_cast<void *>(const_cast<char *>(str2.data()));
66 const int32_t index = fdp.ConsumeIntegralInRange<int32_t>(0, 1024);
67 Local<ObjectRef> object = ObjectRef::New(vm);
68 NativePointerCallback callBack = nullptr;
69 object->SetNativePointerField(vm, index, ptr1, callBack, ptr2);
70 object->GetOwnEnumerablePropertyNames(vm);
71 JSNApi::DestroyJSVM(vm);
72 }
73
ObjectGetOwnPropertyNamesFuzzTest(const uint8_t * data,size_t size)74 void ObjectGetOwnPropertyNamesFuzzTest(const uint8_t *data, size_t size)
75 {
76 FuzzedDataProvider fdp(data, size);
77 RuntimeOption option;
78 option.SetLogLevel(common::LOG_LEVEL::ERROR);
79 EcmaVM *vm = JSNApi::CreateJSVM(option);
80 std::string str1 = fdp.ConsumeRandomLengthString(1024);
81 void *ptr1 = static_cast<void *>(const_cast<char *>(str1.data()));
82 std::string str2 = fdp.ConsumeRandomLengthString(1024);
83 void *ptr2 = static_cast<void *>(const_cast<char *>(str2.data()));
84 const int32_t index = fdp.ConsumeIntegralInRange<int32_t>(0, 1024);
85 Local<ObjectRef> object = ObjectRef::New(vm);
86 NativePointerCallback callBack = nullptr;
87 object->SetNativePointerField(vm, index, ptr1, callBack, ptr2);
88 object->GetOwnPropertyNames(vm);
89 JSNApi::DestroyJSVM(vm);
90 }
91 }
92
93 // Fuzzer entry point.
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)94 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
95 {
96 // Run your code on data.
97 OHOS::ObjectGetAllPropertyNamesFuzzTest(data, size);
98 OHOS::ObjectGetNativePointerFieldCountFuzzTest(data, size);
99 OHOS::ObjectGetOwnEnumerablePropertyNamesFuzzTest(data, size);
100 OHOS::ObjectGetOwnPropertyNamesFuzzTest(data, size);
101 return 0;
102 }