1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "call_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20 #define private public
21 #define protected public
22 #include "addcalltoken_fuzzer.h"
23 #include "cs_call.h"
24 #include "ims_call.h"
25 #include "ott_call.h"
26 #include "satellite_call.h"
27 #include "surface_utils.h"
28 #include "voip_call.h"
29 #include "antifraud_service.h"
30 #include "interoperable_device_observer.h"
31 #include "interoperable_communication_manager.h"
32 #include "bluetooth_call_connection.h"
33 #include "bluetooth_call_state.h"
34 #include "antifraud_adapter.h"
35 #include "call_manager_service.h"
36 #include "call_manager_utils.h"
37
38 using namespace OHOS::Telephony;
39 namespace OHOS {
40 constexpr int32_t SLOT_NUM = 2;
41 constexpr int32_t BOOL_NUM = 2;
42 constexpr int32_t DIAL_TYPE = 3;
43 constexpr int32_t CALL_TYPE_NUM = 4;
44 constexpr int32_t VIDIO_TYPE_NUM = 2;
45 constexpr int32_t TEL_CALL_STATE_NUM = 9;
46 constexpr int32_t TEL_CONFERENCE_STATE_NUM = 4;
47 constexpr int32_t CALL_RUNNING_STATE_NUM = 8;
48 constexpr int32_t CALL_ENDED_TYPE_NUM = 4;
49 constexpr int32_t CALL_ANSWER_TYPE_NUM = 3;
50 constexpr int32_t INVALID_CALL_ID = -1;
51 constexpr int32_t IMS_CALL_MODE_NUM = 5;
52 constexpr int32_t CALL_INDEX_MAX_NUM = 8;
53 constexpr int32_t VIDEO_REQUEST_RESULT_TYPE_NUM = 102;
54 constexpr int32_t DATA_COUNT = 2;
55
CSCallFunc(const uint8_t * data,size_t size)56 void CSCallFunc(const uint8_t *data, size_t size)
57 {
58 if (!IsServiceInited()) {
59 return;
60 }
61
62 DialParaInfo dialParaInfo;
63 dialParaInfo.dialType = static_cast<DialType>(size % DIAL_TYPE);
64 dialParaInfo.callType = static_cast<CallType>(size % CALL_TYPE_NUM);
65 dialParaInfo.videoState = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
66 dialParaInfo.callState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
67 sptr<CallBase> callObjectPtr = std::make_unique<CSCall>(dialParaInfo).release();
68 int32_t videoState = static_cast<int32_t>(size % VIDIO_TYPE_NUM);
69 int32_t mute = static_cast<int32_t>(size % BOOL_NUM);
70 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
71 TelCallState nextState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
72 TelConferenceState telConferenceState = static_cast<TelConferenceState>(size % TEL_CONFERENCE_STATE_NUM);
73 VideoStateType mediaType = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
74 PolicyFlag flag = static_cast<PolicyFlag>(size);
75 bool needAutoAnswer = static_cast<bool>(size);
76 bool canUnHoldState = static_cast<bool>(size);
77
78 callObjectPtr->AnswerCall(videoState);
79 callObjectPtr->SetMute(mute, slotId);
80 callObjectPtr->StartDtmf(static_cast<char>(*data));
81 callObjectPtr->StopDtmf();
82 callObjectPtr->GetSlotId();
83 callObjectPtr->DialCallBase();
84 callObjectPtr->IncomingCallBase();
85 callObjectPtr->AnswerCallBase();
86 callObjectPtr->RejectCallBase();
87 callObjectPtr->GetCallID();
88 callObjectPtr->GetCallType();
89 callObjectPtr->GetCallRunningState();
90 callObjectPtr->SetTelCallState(nextState);
91 callObjectPtr->GetTelCallState();
92 callObjectPtr->SetTelConferenceState(telConferenceState);
93 callObjectPtr->GetTelConferenceState();
94 callObjectPtr->GetVideoStateType();
95 callObjectPtr->SetVideoStateType(mediaType);
96 callObjectPtr->SetPolicyFlag(flag);
97 callObjectPtr->GetPolicyFlag();
98 callObjectPtr->SetAutoAnswerState(needAutoAnswer);
99 callObjectPtr->GetAutoAnswerState();
100 callObjectPtr->SetCanUnHoldState(canUnHoldState);
101 callObjectPtr->GetCanUnHoldState();
102 }
103
DialingProcess(const uint8_t * data,size_t size)104 void DialingProcess(const uint8_t *data, size_t size)
105 {
106 if (!IsServiceInited()) {
107 return;
108 }
109
110 DialParaInfo paraInfo;
111 paraInfo.dialType = static_cast<DialType>(size % DIAL_TYPE);
112 paraInfo.callType = static_cast<CallType>(size % CALL_TYPE_NUM);
113 paraInfo.videoState = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
114 paraInfo.callState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
115 sptr<CallBase> callObjectPtr = std::make_unique<CSCall>(paraInfo).release();
116
117 callObjectPtr->StartDtmf(static_cast<char>(*data));
118 callObjectPtr->RejectCall();
119 callObjectPtr->HangUpCall();
120 callObjectPtr->HoldCall();
121 callObjectPtr->UnHoldCall();
122 callObjectPtr->SwitchCall();
123 callObjectPtr->DialingProcess();
124 callObjectPtr->CombineConference(); // merge calls
125 callObjectPtr->SeparateConference();
126 callObjectPtr->KickOutFromConference();
127 callObjectPtr->CanSeparateConference();
128 callObjectPtr->CanCombineConference();
129 callObjectPtr->CanKickOutFromConference();
130 callObjectPtr->LaunchConference();
131 callObjectPtr->ExitConference();
132 callObjectPtr->HoldConference();
133 int32_t mainCallId = INVALID_CALL_ID;
134 callObjectPtr->GetMainCallId(mainCallId);
135 std::vector<std::u16string> subCallIdList;
136 callObjectPtr->GetSubCallIdList(subCallIdList);
137 std::vector<std::u16string> callIdList;
138 callObjectPtr->GetCallIdListForConference(callIdList);
139 callObjectPtr->IsSupportConferenceable();
140 callObjectPtr->GetEmergencyState();
141 }
142
GetCallerInfo(const uint8_t * data,size_t size)143 void GetCallerInfo(const uint8_t *data, size_t size)
144 {
145 if (!IsServiceInited()) {
146 return;
147 }
148
149 DialParaInfo info;
150 info.dialType = static_cast<DialType>(size % DIAL_TYPE);
151 info.callType = static_cast<CallType>(size % CALL_TYPE_NUM);
152 info.videoState = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
153 info.callState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
154 sptr<CallBase> callObjectPtr = std::make_unique<CSCall>(info).release();
155 ContactInfo contactInfo;
156 CallRunningState callRunningState = static_cast<CallRunningState>(size % CALL_RUNNING_STATE_NUM);
157 bool speakerphoneOn = static_cast<bool>(size % BOOL_NUM);
158 std::string phoneNumber(reinterpret_cast<const char *>(data), size);
159 int32_t callId = static_cast<int32_t>(size);
160 CallEndedType callEndedType = static_cast<CallEndedType>(size % CALL_ENDED_TYPE_NUM);
161 CallAnswerType answerType = static_cast<CallAnswerType>(size % CALL_ANSWER_TYPE_NUM);
162 int64_t startTime = static_cast<int64_t>(size);
163 time_t callBeginTime = static_cast<time_t>(size);
164 time_t callCreateTime = static_cast<time_t>(size);
165 time_t callEndTime = static_cast<time_t>(size);
166 time_t ringBeginTime = static_cast<time_t>(size);
167 time_t ringEndTime = static_cast<time_t>(size);
168 callObjectPtr->GetCallerInfo();
169 callObjectPtr->SetCallerInfo(contactInfo);
170 callObjectPtr->SetCallRunningState(callRunningState);
171 callObjectPtr->SetStartTime(startTime);
172 callObjectPtr->SetCallBeginTime(callBeginTime);
173 callObjectPtr->SetCallBeginTime(callCreateTime);
174 callObjectPtr->SetCallEndTime(callEndTime);
175 callObjectPtr->SetRingBeginTime(ringBeginTime);
176 callObjectPtr->SetRingEndTime(ringEndTime);
177 callObjectPtr->SetAnswerType(answerType);
178 callObjectPtr->GetCallEndedType();
179 callObjectPtr->SetCallEndedType(callEndedType);
180 callObjectPtr->SetCallId(callId);
181 callObjectPtr->IsSpeakerphoneEnabled();
182 callObjectPtr->IsCurrentRinging();
183 callObjectPtr->GetAccountNumber();
184 callObjectPtr->SetSpeakerphoneOn(speakerphoneOn);
185 callObjectPtr->IsSpeakerphoneOn();
186 callObjectPtr->CheckVoicemailNumber(phoneNumber);
187 callObjectPtr->IsAliveState();
188 }
189
IMSCallFunc(const uint8_t * data,size_t size)190 void IMSCallFunc(const uint8_t *data, size_t size)
191 {
192 if (!IsServiceInited()) {
193 return;
194 }
195
196 DialParaInfo paraInfo;
197 paraInfo.dialType = static_cast<DialType>(size % DIAL_TYPE);
198 paraInfo.callType = static_cast<CallType>(size % CALL_TYPE_NUM);
199 paraInfo.videoState = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
200 paraInfo.callState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
201 sptr<IMSCall> callObjectPtr = std::make_unique<IMSCall>(paraInfo).release();
202 int32_t videoState = static_cast<int32_t>(size % VIDIO_TYPE_NUM);
203 int32_t mute = static_cast<int32_t>(size % BOOL_NUM);
204 int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
205 std::string msg(reinterpret_cast<const char *>(data), size);
206 std::u16string msgU16 = Str8ToStr16(msg);
207
208 callObjectPtr->InitVideoCall();
209 callObjectPtr->DialingProcess();
210 callObjectPtr->AnswerCall(videoState);
211 callObjectPtr->RejectCall();
212 callObjectPtr->HangUpCall();
213 callObjectPtr->UnHoldCall();
214 callObjectPtr->HoldCall();
215 callObjectPtr->SwitchCall();
216 callObjectPtr->CombineConference();
217 callObjectPtr->SeparateConference();
218 callObjectPtr->KickOutFromConference();
219 callObjectPtr->CanKickOutFromConference();
220 callObjectPtr->CanCombineConference();
221 callObjectPtr->CanSeparateConference();
222 callObjectPtr->LaunchConference();
223 callObjectPtr->ExitConference();
224 callObjectPtr->HoldConference();
225 int32_t mainCallId = INVALID_CALL_ID;
226 callObjectPtr->GetMainCallId(mainCallId);
227 std::vector<std::u16string> subCallIdList;
228 callObjectPtr->GetSubCallIdList(subCallIdList);
229 std::vector<std::u16string> callIdList;
230 callObjectPtr->GetCallIdListForConference(callIdList);
231 callObjectPtr->IsSupportConferenceable();
232 callObjectPtr->StartRtt(msgU16);
233 callObjectPtr->StopRtt();
234 callObjectPtr->SetMute(mute, slotId);
235 }
236
VoIPCallFunc(const uint8_t * data,size_t size)237 void VoIPCallFunc(const uint8_t *data, size_t size)
238 {
239 if (!IsServiceInited()) {
240 return;
241 }
242 CallAttributeInfo info;
243 DialParaInfo dialParaInfo;
244 int32_t mainCallId = 0;
245 VoipCallEventInfo voipcallInfo;
246 std::vector<std::u16string> callIdList;
247 int32_t videoState = static_cast<int32_t>(*data % VIDIO_TYPE_NUM);
248 sptr<VoIPCall> voipCall = std::make_unique<VoIPCall>(dialParaInfo).release();
249
250 voipCall->DialingProcess();
251 voipCall->AnswerCall(videoState);
252 voipCall->PackVoipCallInfo(voipcallInfo);
253 voipCall->RejectCall();
254 voipCall->HangUpCall();
255 voipCall->HoldCall();
256 voipCall->UnHoldCall();
257 voipCall->SwitchCall();
258 voipCall->SetMute(0, 0);
259 voipCall->GetCallAttributeInfo(info);
260 voipCall->CombineConference();
261 voipCall->HandleCombineConferenceFailEvent();
262 voipCall->SeparateConference();
263 voipCall->KickOutFromConference();
264 voipCall->CanCombineConference();
265 voipCall->CanSeparateConference();
266 voipCall->CanKickOutFromConference();
267 voipCall->GetMainCallId(mainCallId);
268 voipCall->GetSubCallIdList(callIdList);
269 voipCall->GetCallIdListForConference(callIdList);
270 voipCall->IsSupportConferenceable();
271 voipCall->LaunchConference();
272 voipCall->ExitConference();
273 voipCall->HoldConference();
274 }
275
IMSVideoCallFunc(const uint8_t * data,size_t size)276 void IMSVideoCallFunc(const uint8_t *data, size_t size)
277 {
278 if (!IsServiceInited()) {
279 return;
280 }
281
282 DialParaInfo paraInfo;
283 paraInfo.dialType = static_cast<DialType>(size % DIAL_TYPE);
284 paraInfo.callType = static_cast<CallType>(size % CALL_TYPE_NUM);
285 paraInfo.videoState = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
286 paraInfo.callState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
287 sptr<IMSCall> callObjectPtr = std::make_unique<IMSCall>(paraInfo).release();
288 std::string msg(reinterpret_cast<const char *>(data), size);
289 int32_t callingUid = static_cast<int32_t>(size);
290 int32_t callingPid = static_cast<int32_t>(size);
291 int32_t rotation = static_cast<int32_t>(size);
292 ImsCallMode mode = static_cast<ImsCallMode>(size % IMS_CALL_MODE_NUM);
293 CallModeReportInfo callModeReportInfo;
294 callModeReportInfo.callIndex = static_cast<int32_t>(size % CALL_INDEX_MAX_NUM);
295 callModeReportInfo.callMode = static_cast<ImsCallMode>(size % IMS_CALL_MODE_NUM);
296 callModeReportInfo.result = static_cast<VideoRequestResultType>(size % VIDEO_REQUEST_RESULT_TYPE_NUM);
297 callObjectPtr->UpdateImsCallMode(mode);
298 callObjectPtr->SendUpdateCallMediaModeRequest(mode);
299 callObjectPtr->RecieveUpdateCallMediaModeRequest(callModeReportInfo);
300 callObjectPtr->SendUpdateCallMediaModeResponse(mode);
301 callObjectPtr->ReceiveUpdateCallMediaModeResponse(callModeReportInfo);
302 CallMediaModeInfo callMediaModeInfo;
303 callMediaModeInfo.callId = static_cast<int32_t>(size);
304 callMediaModeInfo.isRequestInfo = static_cast<bool>(size % BOOL_NUM);
305 callMediaModeInfo.result = static_cast<VideoRequestResultType>(size % VIDEO_REQUEST_RESULT_TYPE_NUM);
306 callMediaModeInfo.callMode = static_cast<ImsCallMode>(size % IMS_CALL_MODE_NUM);
307 callObjectPtr->ReportImsCallModeInfo(callMediaModeInfo);
308 callObjectPtr->SwitchVideoState(mode);
309 callObjectPtr->IsSupportVideoCall();
310 callObjectPtr->GetCallVideoState(mode);
311 callObjectPtr->ControlCamera(msg, callingUid, callingPid);
312 callObjectPtr->SetPausePicture(msg);
313 callObjectPtr->SetDeviceDirection(rotation);
314 callObjectPtr->CancelCallUpgrade();
315 callObjectPtr->RequestCameraCapabilities();
316 }
317
IMSVideoCallWindowFunc(const uint8_t * data,size_t size)318 void IMSVideoCallWindowFunc(const uint8_t *data, size_t size)
319 {
320 if (!IsServiceInited()) {
321 return;
322 }
323
324 DialParaInfo paraInfo;
325 paraInfo.dialType = static_cast<DialType>(size % DIAL_TYPE);
326 paraInfo.callType = static_cast<CallType>(size % CALL_TYPE_NUM);
327 paraInfo.videoState = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
328 paraInfo.callState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
329 sptr<IMSCall> callObjectPtr = std::make_unique<IMSCall>(paraInfo).release();
330 std::string msg(reinterpret_cast<const char *>(data), size);
331 int len = static_cast<int>(msg.length());
332 std::string subSurfaceId = msg;
333 if (len >= 1) {
334 subSurfaceId = msg.substr(0, 1);
335 }
336 if (subSurfaceId.empty() || subSurfaceId[0] < '0' || subSurfaceId[0] > '9') {
337 subSurfaceId = "";
338 callObjectPtr->SetPreviewWindow(subSurfaceId, nullptr);
339 callObjectPtr->SetDisplayWindow(subSurfaceId, nullptr);
340 } else {
341 uint64_t tmpSurfaceId = std::stoull(subSurfaceId);
342 auto surface = SurfaceUtils::GetInstance()->GetSurface(tmpSurfaceId);
343 callObjectPtr->SetPreviewWindow(subSurfaceId, surface);
344 callObjectPtr->SetDisplayWindow(subSurfaceId, surface);
345 }
346 }
347
OttCallFunc(const uint8_t * data,size_t size)348 void OttCallFunc(const uint8_t *data, size_t size)
349 {
350 if (!IsServiceInited()) {
351 return;
352 }
353
354 DialParaInfo paraInfo;
355 paraInfo.dialType = static_cast<DialType>(*data % DIAL_TYPE);
356 paraInfo.callType = static_cast<CallType>(*data % CALL_TYPE_NUM);
357 paraInfo.videoState = static_cast<VideoStateType>(*data % VIDIO_TYPE_NUM);
358 paraInfo.callState = static_cast<TelCallState>(*data % TEL_CALL_STATE_NUM);
359 sptr<OTTCall> callObjectPtr = std::make_unique<OTTCall>(paraInfo).release();
360 int32_t videoState = static_cast<int32_t>(*data % VIDIO_TYPE_NUM);
361 int32_t mute = static_cast<int32_t>(*data % BOOL_NUM);
362 int32_t slotId = static_cast<int32_t>(*data % SLOT_NUM);
363
364 callObjectPtr->DialingProcess();
365 callObjectPtr->AnswerCall(videoState);
366 callObjectPtr->RejectCall();
367 callObjectPtr->HangUpCall();
368 callObjectPtr->HoldCall();
369 callObjectPtr->UnHoldCall();
370 callObjectPtr->SwitchCall();
371 callObjectPtr->GetEmergencyState();
372 callObjectPtr->StopDtmf();
373 callObjectPtr->GetSlotId();
374 callObjectPtr->CombineConference();
375 callObjectPtr->SeparateConference();
376 callObjectPtr->KickOutFromConference();
377 callObjectPtr->CanCombineConference();
378 callObjectPtr->CanSeparateConference();
379 callObjectPtr->CanKickOutFromConference();
380 callObjectPtr->LaunchConference();
381 callObjectPtr->ExitConference();
382 callObjectPtr->HoldConference();
383 int32_t mainCallId = INVALID_CALL_ID;
384 callObjectPtr->GetMainCallId(mainCallId);
385 std::vector<std::u16string> subCallIdList;
386 callObjectPtr->GetSubCallIdList(subCallIdList);
387 std::vector<std::u16string> callIdList;
388 callObjectPtr->GetCallIdListForConference(callIdList);
389 callObjectPtr->IsSupportConferenceable();
390 callObjectPtr->SetMute(mute, slotId);
391 }
392
OttVideoCallFunc(const uint8_t * data,size_t size)393 void OttVideoCallFunc(const uint8_t *data, size_t size)
394 {
395 if (!IsServiceInited()) {
396 return;
397 }
398 DialParaInfo paraInfo;
399 paraInfo.dialType = static_cast<DialType>(size % DIAL_TYPE);
400 paraInfo.callType = static_cast<CallType>(size % CALL_TYPE_NUM);
401 paraInfo.videoState = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
402 paraInfo.callState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
403 sptr<OTTCall> callObjectPtr = std::make_unique<OTTCall>(paraInfo).release();
404 std::string msg(reinterpret_cast<const char *>(data), size);
405 int32_t callingUid = static_cast<int32_t>(size);
406 int32_t callingPid = static_cast<int32_t>(size);
407 int32_t rotation = static_cast<int32_t>(size);
408 callObjectPtr->InitVideoCall();
409 ImsCallMode mode = static_cast<ImsCallMode>(size % IMS_CALL_MODE_NUM);
410 CallModeReportInfo callModeReportInfo;
411 callModeReportInfo.callIndex = static_cast<int32_t>(size % CALL_INDEX_MAX_NUM);
412 callModeReportInfo.callMode = static_cast<ImsCallMode>(size % IMS_CALL_MODE_NUM);
413 callModeReportInfo.result = static_cast<VideoRequestResultType>(size % VIDEO_REQUEST_RESULT_TYPE_NUM);
414 callObjectPtr->UpdateImsCallMode(mode);
415 callObjectPtr->SendUpdateCallMediaModeRequest(mode);
416 callObjectPtr->RecieveUpdateCallMediaModeRequest(callModeReportInfo);
417 callObjectPtr->SendUpdateCallMediaModeResponse(mode);
418 callObjectPtr->ReceiveUpdateCallMediaModeResponse(callModeReportInfo);
419 CallMediaModeInfo callMediaModeInfo;
420 callMediaModeInfo.callId = static_cast<int32_t>(size);
421 callMediaModeInfo.isRequestInfo = static_cast<bool>(size % BOOL_NUM);
422 callMediaModeInfo.result = static_cast<VideoRequestResultType>(size % VIDEO_REQUEST_RESULT_TYPE_NUM);
423 callMediaModeInfo.callMode = static_cast<ImsCallMode>(size % IMS_CALL_MODE_NUM);
424 callObjectPtr->ReportImsCallModeInfo(callMediaModeInfo);
425 callObjectPtr->ControlCamera(msg, callingUid, callingPid);
426 callObjectPtr->SetPausePicture(msg);
427 callObjectPtr->SetDeviceDirection(rotation);
428 callObjectPtr->CancelCallUpgrade();
429 callObjectPtr->RequestCameraCapabilities();
430 }
431
OttVideoCallWindowFunc(const uint8_t * data,size_t size)432 void OttVideoCallWindowFunc(const uint8_t *data, size_t size)
433 {
434 if (!IsServiceInited()) {
435 return;
436 }
437 DialParaInfo paraInfo;
438 paraInfo.dialType = static_cast<DialType>(size % DIAL_TYPE);
439 paraInfo.callType = static_cast<CallType>(size % CALL_TYPE_NUM);
440 paraInfo.videoState = static_cast<VideoStateType>(size % VIDIO_TYPE_NUM);
441 paraInfo.callState = static_cast<TelCallState>(size % TEL_CALL_STATE_NUM);
442 sptr<OTTCall> callObjectPtr = std::make_unique<OTTCall>(paraInfo).release();
443 std::string msg(reinterpret_cast<const char *>(data), size);
444 int len = static_cast<int>(msg.length());
445 std::string subSurfaceId = msg;
446 if (len >= 1) {
447 subSurfaceId = msg.substr(0, 1);
448 }
449 if (subSurfaceId.empty() || subSurfaceId[0] < '0' || subSurfaceId[0] > '9') {
450 subSurfaceId = "";
451 callObjectPtr->SetPreviewWindow(subSurfaceId, nullptr);
452 callObjectPtr->SetDisplayWindow(subSurfaceId, nullptr);
453 } else {
454 uint64_t tmpSurfaceId = std::stoull(subSurfaceId);
455 auto surface = SurfaceUtils::GetInstance()->GetSurface(tmpSurfaceId);
456 callObjectPtr->SetPreviewWindow(subSurfaceId, surface);
457 callObjectPtr->SetDisplayWindow(subSurfaceId, surface);
458 }
459 }
460
SatelliteCallFunc(const uint8_t * data,size_t size)461 void SatelliteCallFunc(const uint8_t *data, size_t size)
462 {
463 if (!IsServiceInited()) {
464 return;
465 }
466
467 DialParaInfo paraInfo;
468 paraInfo.dialType = static_cast<DialType>(*data % DIAL_TYPE);
469 paraInfo.callType = static_cast<CallType>(*data % CALL_TYPE_NUM);
470 paraInfo.videoState = static_cast<VideoStateType>(*data % VIDIO_TYPE_NUM);
471 paraInfo.callState = static_cast<TelCallState>(*data % TEL_CALL_STATE_NUM);
472 sptr<SatelliteCall> callObjectPtr = std::make_unique<SatelliteCall>(paraInfo).release();
473 int32_t videoState = static_cast<int32_t>(*data % VIDIO_TYPE_NUM);
474 CallAttributeInfo info;
475
476 callObjectPtr->DialingProcess();
477 callObjectPtr->AnswerCall(videoState);
478 callObjectPtr->RejectCall();
479 callObjectPtr->HangUpCall();
480 callObjectPtr->GetCallAttributeInfo(info);
481 }
482
483 template <typename Type>
GetInt(const uint8_t * data,size_t size,int index=0)484 static Type GetInt(const uint8_t *data, size_t size, int index = 0)
485 {
486 size_t typeSize = sizeof(Type);
487 uintptr_t align = reinterpret_cast<uintptr_t>(data) % typeSize;
488 const uint8_t *base = data + (align > 0 ? typeSize - align : 0);
489 if (size - align < typeSize * index + (typeSize - align)) {
490 return 0;
491 }
492 return *reinterpret_cast<const Type*>(base + index * typeSize);
493 }
494
AntiFraudServiceFunc(const uint8_t * data,size_t size)495 void AntiFraudServiceFunc(const uint8_t *data, size_t size)
496 {
497 int index = 0;
498 auto antiFraudService = DelayedSingleton<Telephony::AntiFraudService>::GetInstance();
499 int32_t slotId = GetInt<int32_t>(data, size, index++);
500 int32_t count = GetInt<int32_t>(data, size, index++);
501 antiFraudService->CheckAntiFraudService(std::string(reinterpret_cast<const char *>(data), size), slotId, count);
502 antiFraudService->StartAntiFraudService(std::string(reinterpret_cast<const char *>(data), size), slotId, count);
503 char temp[size + 1];
504 for (size_t i = 0; i < size; ++i) {
505 temp[i] = static_cast<char>(data[i]);
506 }
507 temp[size] = '\0';
508 antiFraudService->CreateDataShareHelper(slotId, temp);
509 antiFraudService->IsSwitchOn(std::string(reinterpret_cast<const char *>(data), size));
510 antiFraudService->IsAntiFraudSwitchOn();
511 antiFraudService->IsUserImprovementPlanSwitchOn();
512 antiFraudService->InitParams();
513 antiFraudService->GetStoppedSlotId();
514 antiFraudService->GetStoppedIndex();
515 antiFraudService->AnonymizeText();
516 OHOS::AntiFraudService::AntiFraudResult antiFraudResult;
517 antiFraudResult.modelVersion = GetInt<int32_t>(data, size, index++);
518 antiFraudResult.fraudType = GetInt<int32_t>(data, size, index++);
519 antiFraudService->RecordDetectResult(antiFraudResult, std::string(reinterpret_cast<const char*>(data), size),
520 slotId, count);
521 antiFraudService->StopAntiFraudService(slotId, count);
522 antiFraudService->SetStoppedSlotId(slotId);
523 antiFraudService->SetStoppedIndex(count);
524 auto antiFraudAdapter = DelayedSingleton<AntiFraudAdapter>::GetInstance();
525 antiFraudAdapter->ReleaseAntiFraud();
526 std::string phoneNum = std::string(reinterpret_cast<const char*>(data), size);
527 auto listener = std::make_shared<Telephony::AntiFraudService::AntiFraudDetectResListenerImpl>(
528 phoneNum, slotId, index);
529 listener->HandleAntiFraudDetectRes(antiFraudResult);
530 }
531
InterOperableCommunicationManagerFunc(const uint8_t * data,size_t size)532 void InterOperableCommunicationManagerFunc(const uint8_t *data, size_t size)
533 {
534 int index = 0;
535 auto communicationManager = DelayedSingleton<InteroperableCommunicationManager>::GetInstance();
536 DistributedHardware::DmDeviceInfo deviceInfo;
537 deviceInfo.range = GetInt<int32_t>(data, size, index++);
538 deviceInfo.networkType = GetInt<int32_t>(data, size, index++);
539 communicationManager->SetMuted(GetInt<bool>(data, size, index++));
540 communicationManager->OnDeviceOnline(deviceInfo);
541 communicationManager->OnDeviceOffline(deviceInfo);
542 communicationManager->MuteRinger();
543 }
544
InterOperableDeviceObserverFunc(const uint8_t * data,size_t size)545 void InterOperableDeviceObserverFunc(const uint8_t *data, size_t size)
546 {
547 auto observer = DelayedSingleton<InteroperableDeviceObserver>::GetInstance();
548 auto stateCallback = std::make_shared<DmStateCallback>();
549 observer->Init();
550 size_t length = size / DATA_COUNT;
551 std::string networkId = std::string(reinterpret_cast<const char*>(data), length);
552 std::string devName = std::string(reinterpret_cast<const char*>(data + length), length);
553 observer->OnDeviceOnline(networkId, devName, GetInt<uint16_t>(data, size, 0));
554 observer->OnDeviceOffline(networkId, devName, GetInt<uint16_t>(data, size, 0));
555 DistributedHardware::DmDeviceInfo deviceInfo;
556 deviceInfo.range = GetInt<int32_t>(data, size, 0);
557 deviceInfo.networkType = GetInt<int32_t>(data, size, 1);
558 stateCallback->OnDeviceOnline(deviceInfo);
559 stateCallback->OnDeviceOffline(deviceInfo);
560 }
561
BluetoothCallConnectionFunc(const uint8_t * data,size_t size)562 void BluetoothCallConnectionFunc(const uint8_t *data, size_t size)
563 {
564 int index = 0;
565 auto bluetoothConnection = DelayedSingleton<BluetoothCallConnection>::GetInstance();
566 DialParaInfo info;
567 info.accountId = GetInt<int32_t>(data, size, index++);
568 info.callId = GetInt<int32_t>(data, size, index++);
569 bluetoothConnection->Dial(info);
570 bluetoothConnection->GetMacAddress();
571 bluetoothConnection->ConnectBtSco();
572 bluetoothConnection->DisConnectBtSco();
573 bluetoothConnection->GetBtScoIsConnected();
574 bluetoothConnection->SetHfpConnected(GetInt<bool>(data, size, index++));
575 bluetoothConnection->GetSupportBtCall();
576 bluetoothConnection->SetBtCallScoConnected(GetInt<bool>(data, size, index++));
577 bluetoothConnection->HfpDisConnectedEndBtCall();
578 size_t length = size / DATA_COUNT;
579 std::string hfpPhoneNumber = std::string(reinterpret_cast<const char*>(data), length);
580 std::string hfpContactName = std::string(reinterpret_cast<const char*>(data + length), length);
581 bluetoothConnection->SetHfpContactName(hfpPhoneNumber, hfpContactName);
582 bluetoothConnection->GetHfpContactName(hfpPhoneNumber);
583 }
584
BluetoothCallStateFunc(const uint8_t * data,size_t size)585 void BluetoothCallStateFunc(const uint8_t *data, size_t size)
586 {
587 auto bluetoothCallState = std::make_shared<BluetoothCallState>();
588 Bluetooth::BluetoothRemoteDevice device;
589 int32_t state = GetInt<int32_t>(data, size, 0);
590 int32_t cause = GetInt<int32_t>(data, size, 1);
591 bluetoothCallState->OnConnectionStateChanged(device, state, cause);
592 bluetoothCallState->OnScoStateChanged(device, state);
593 }
594
CallMangerServiceFunc(const uint8_t * data,size_t size)595 void CallMangerServiceFunc(const uint8_t *data, size_t size)
596 {
597 auto callManagerService = DelayedSingleton<CallManagerService>::GetInstance();
598 int index = 0;
599 int32_t systemAbilityId = GetInt<int32_t>(data, size, index++);
600 callManagerService->OnAddSystemAbility(systemAbilityId, std::string(reinterpret_cast<const char*>(data), size));
601 std::vector<std::u16string> args;
602 std::u16string arg = Str8ToStr16(std::string(reinterpret_cast<const char*>(data), size));
603 args.push_back(arg);
604 std::int32_t fd = GetInt<int32_t>(data, size, index++);
605 callManagerService->Dump(fd, args);
606 callManagerService->GetBindTime();
607 callManagerService->GetStartServiceSpent();
608 bool enabled = GetInt<bool>(data, size, index++);
609 callManagerService->IsNewCallAllowed(enabled);
610 int32_t callId = GetInt<int32_t>(data, size, index++);
611 callManagerService->SwitchCall(callId);
612 callManagerService->UnHoldCall(callId);
613 callManagerService->StopDtmf(callId);
614 callManagerService->EnableImsSwitch(callId);
615 callManagerService->GetBundleInfo();
616 callManagerService->dealCeliaCallEvent(callId);
617 std::string eventName = std::string(reinterpret_cast<const char*>(data), size);
618 callManagerService->HandleVoIPCallEvent(callId, eventName);
619 callManagerService->HandleDisplaySpecifiedCallPage(callId);
620 callManagerService->HandleCeliaAutoAnswerCall(callId, GetInt<bool>(data, size, index++));
621 callManagerService->SendUssdResponse(callId, std::string(reinterpret_cast<const char*>(data), size));
622 callManagerService->OnStop();
623 callManagerService->UnRegisterCallBack();
624 callManagerService->UnInit();
625 MessageParcel messageParcel;
626 CallAttributeInfo info;
627 info.accountId = GetInt<int32_t>(data, size, index);
628 info.callType = CallType::TYPE_VOIP;
629 CallManagerUtils::WriteCallAttributeInfo(info, messageParcel);
630 CallManagerUtils::IsBundleInstalled(std::string(reinterpret_cast<const char*>(data), size), callId);
631 }
632
CallMangerServiceStubFunc(const uint8_t * data,size_t size)633 void CallMangerServiceStubFunc(const uint8_t *data, size_t size)
634 {
635 auto callManagerService = DelayedSingleton<CallManagerService>::GetInstance();
636 MessageParcel dataParcel;
637 MessageParcel reply;
638 int index = 0;
639 int32_t callId = GetInt<int32_t>(data, size, index++);
640 dataParcel.WriteInt32(callId);
641 callManagerService->OnUnHoldCall(dataParcel, reply);
642 callManagerService->OnSwitchCall(dataParcel, reply);
643 callManagerService->OnStopDtmf(dataParcel, reply);
644 callManagerService->OnCombineConference(dataParcel, reply);
645 callManagerService->OnEnableVoLte(dataParcel, reply);
646 callManagerService->OnSendUssdResponse(dataParcel, reply);
647 dataParcel.WriteBool(GetInt<bool>(data, size, index++));
648 callManagerService->OnIsNewCallAllowed(dataParcel, reply);
649 }
650
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)651 void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
652 {
653 if (data == nullptr || size == 0) {
654 return;
655 }
656
657 CSCallFunc(data, size);
658 DialingProcess(data, size);
659 GetCallerInfo(data, size);
660 IMSCallFunc(data, size);
661 IMSVideoCallFunc(data, size);
662 IMSVideoCallWindowFunc(data, size);
663 OttCallFunc(data, size);
664 VoIPCallFunc(data, size);
665 OttVideoCallFunc(data, size);
666 OttVideoCallWindowFunc(data, size);
667 SatelliteCallFunc(data, size);
668 AntiFraudServiceFunc(data, size);
669 InterOperableCommunicationManagerFunc(data, size);
670 InterOperableDeviceObserverFunc(data, size);
671 BluetoothCallConnectionFunc(data, size);
672 BluetoothCallStateFunc(data, size);
673 CallMangerServiceFunc(data, size);
674 CallMangerServiceStubFunc(data, size);
675 }
676 } // namespace OHOS
677
678 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)679 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
680 {
681 OHOS::AddCallTokenFuzzer token;
682 /* Run your code on data */
683 OHOS::DoSomethingInterestingWithMyAPI(data, size);
684 return 0;
685 }
686