1 /*
2 * Copyright (c) 2023-2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "getcredentialinfostub_fuzzer.h"
17
18 #include <string>
19 #include <vector>
20 #include "access_token.h"
21 #include "access_token_error.h"
22 #include "accesstoken_kit.h"
23 #include "account_iam_callback_service.h"
24 #include "account_iam_service.h"
25 #include "account_log_wrapper.h"
26 #include "fuzz_data.h"
27 #include "securec.h"
28 #include "nativetoken_kit.h"
29 #include "token_setproc.h"
30
31 using namespace std;
32 using namespace OHOS::AccountSA;
33 using namespace OHOS::Security::AccessToken;
34 namespace OHOS {
35 const std::u16string IAMACCOUNT_TOKEN = u"ohos.accountfwk.IAccountIAM";
36
37 class GetCredInfoCallbackImpl : public GetCredInfoCallback {
38 public:
39 virtual ~GetCredInfoCallbackImpl() = default;
OnCredentialInfo(int32_t result,const std::vector<CredentialInfo> & infoList)40 void OnCredentialInfo(int32_t result, const std::vector<CredentialInfo> &infoList) override
41 {
42 return;
43 }
44 };
45
GetCredentialInfoStubFuzzTest(const uint8_t * data,size_t size)46 bool GetCredentialInfoStubFuzzTest(const uint8_t *data, size_t size)
47 {
48 if ((data == nullptr) || (size == 0)) {
49 return false;
50 }
51 MessageParcel dataTemp;
52 if (!dataTemp.WriteInterfaceToken(IAMACCOUNT_TOKEN)) {
53 return false;
54 }
55 FuzzData fuzzData(data, size);
56 int32_t userId = fuzzData.GetData<int32_t>();
57 if (!dataTemp.WriteInt32(userId)) {
58 return false;
59 }
60 int32_t authType = fuzzData.GetData<int32_t>();
61 if (!dataTemp.WriteInt32(authType)) {
62 return false;
63 }
64 std::shared_ptr<GetCredInfoCallbackImpl> callback =
65 make_shared<GetCredInfoCallbackImpl>();
66 sptr<IGetCredInfoCallback> wrapper = sptr<GetCredInfoCallbackService>::MakeSptr(callback);
67 if (fuzzData.GenerateBool()) {
68 if (!dataTemp.WriteRemoteObject(wrapper->AsObject())) {
69 return false;
70 }
71 }
72 MessageParcel reply;
73 MessageOption option;
74 uint32_t code = static_cast<uint32_t>(IAccountIAMIpcCode::COMMAND_GET_CREDENTIAL_INFO);
75 auto iamAccountManagerService = std::make_shared<AccountIAMService>();
76 iamAccountManagerService->OnRemoteRequest(code, dataTemp, reply, option);
77
78 return true;
79 }
80 } // namespace OHOS
81
NativeTokenGet()82 void NativeTokenGet()
83 {
84 uint64_t tokenId;
85 const char **perms = new const char *[1];
86 perms[0] = "ohos.permission.USE_USER_IDM";
87 NativeTokenInfoParams infoInstance = {
88 .dcapsNum = 0,
89 .permsNum = 1,
90 .aclsNum = 0,
91 .perms = perms,
92 .acls = nullptr,
93 .aplStr = "system_core",
94 };
95 infoInstance.processName = "GET_CREDENTIAL_INFO";
96 tokenId = GetAccessTokenId(&infoInstance);
97 SetSelfTokenID(tokenId);
98 AccessTokenKit::ReloadNativeTokenInfo();
99 delete [] perms;
100 }
101
102 /* Fuzzer entry point */
LLVMFuzzerInitialize(int * argc,char *** argv)103 extern "C" int LLVMFuzzerInitialize(int *argc, char ***argv)
104 {
105 NativeTokenGet();
106 return 0;
107 }
108
109 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)110 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
111 {
112 /* Run your code on data */
113 OHOS::GetCredentialInfoStubFuzzTest(data, size);
114 return 0;
115 }
116