1 /*
2 * Copyright (c) 2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "authclient_fuzzer.h"
17
18 #include "account_log_wrapper.h"
19 #include "domain_account_client.h"
20 #include "fuzz_data.h"
21 #include <string>
22
23 using namespace std;
24 using namespace OHOS::AccountSA;
25
26 namespace OHOS {
27 namespace {
28 const int ENUM_MAX = 4;
29 const int TEST_ENUM = 5;
30 class TestDomainAccountCallback : public DomainAccountCallback {
31 public:
TestDomainAccountCallback()32 TestDomainAccountCallback() {};
~TestDomainAccountCallback()33 virtual ~TestDomainAccountCallback() {}
OnResult(const int32_t errCode,Parcel & parcel)34 void OnResult(const int32_t errCode, Parcel &parcel) override {}
35 };
36 }
AuthFuzzTest(const uint8_t * data,size_t size)37 bool AuthFuzzTest(const uint8_t* data, size_t size)
38 {
39 bool result = false;
40 if ((data == nullptr) || (size == 0)) {
41 return false;
42 }
43 FuzzData fuzzData(data, size);
44 DomainAccountInfo info;
45 info.domain_ = fuzzData.GenerateString();
46 info.accountName_ = fuzzData.GenerateString();
47 info.accountId_ = fuzzData.GenerateString();
48 info.isAuthenticated = fuzzData.GenerateBool();
49 info.serverConfigId_ = fuzzData.GenerateString();
50 int typeNumber = fuzzData.GenerateBool() ? TEST_ENUM : fuzzData.GetData<int>() % ENUM_MAX;
51 info.status_ = static_cast<DomainAccountStatus>(typeNumber);
52
53 std::vector<uint8_t> password = {fuzzData.GetData<uint8_t>(), fuzzData.GetData<uint8_t>()};
54 std::shared_ptr<DomainAccountCallback> callback = std::make_shared<TestDomainAccountCallback>();
55 result = DomainAccountClient::GetInstance().Auth(info, password, callback);
56 return result == ERR_OK;
57 }
58
AuthUserFuzzTest(const uint8_t * data,size_t size)59 bool AuthUserFuzzTest(const uint8_t* data, size_t size)
60 {
61 bool result = false;
62 if ((data == nullptr) || (size == 0)) {
63 return false;
64 }
65 FuzzData fuzzData(data, size);
66 int32_t userId = fuzzData.GetData<int32_t>();
67 std::vector<uint8_t> password = {fuzzData.GetData<uint8_t>(), fuzzData.GetData<uint8_t>()};
68 std::shared_ptr<DomainAccountCallback> callback = std::make_shared<TestDomainAccountCallback>();
69 result = DomainAccountClient::GetInstance().AuthUser(userId, password, callback);
70 return result == ERR_OK;
71 }
72
AuthWithPopupFuzzTest(const uint8_t * data,size_t size)73 bool AuthWithPopupFuzzTest(const uint8_t* data, size_t size)
74 {
75 bool result = false;
76 if ((data == nullptr) || (size == 0)) {
77 return false;
78 }
79 FuzzData fuzzData(data, size);
80 int32_t userId = fuzzData.GetData<int32_t>();
81 std::shared_ptr<DomainAccountCallback> callback = std::make_shared<TestDomainAccountCallback>();
82 result = DomainAccountClient::GetInstance().AuthWithPopup(userId, callback);
83 return result == ERR_OK;
84 }
85 }
86
87 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)88 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
89 {
90 /* Run your code on data */
91 OHOS::AuthFuzzTest(data, size);
92 OHOS::AuthUserFuzzTest(data, size);
93 OHOS::AuthWithPopupFuzzTest(data, size);
94 return 0;
95 }
96
97