1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "cdmasmsencode_fuzzer.h"
17
18 #include "addsmstoken_fuzzer.h"
19 #include "cdma_sms_sub_parameter.h"
20 #include "cdma_sms_transport_message.h"
21 #include "securec.h"
22 #include "cdma_sms_message.h"
23
24 using namespace OHOS::Telephony;
25 namespace OHOS {
26 bool g_flag = false;
27 constexpr int32_t BOOL_NUM = 2;
28
TeleserviceIdEncode(const uint8_t * data,size_t size)29 void TeleserviceIdEncode(const uint8_t *data, size_t size)
30 {
31 uint16_t value;
32 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
33 return;
34 }
35 auto parameter = std::make_unique<CdmaSmsTeleserviceId>(value);
36 if (parameter == nullptr) {
37 return;
38 }
39 SmsWriteBuffer pdu;
40 parameter->Encode(pdu);
41 auto pduBuffer = pdu.GetPduBuffer();
42 }
43
ServiceCategoryEncode(const uint8_t * data,size_t size)44 void ServiceCategoryEncode(const uint8_t *data, size_t size)
45 {
46 uint16_t value;
47 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
48 return;
49 }
50 auto parameter = std::make_unique<CdmaSmsServiceCategory>(value);
51 if (parameter == nullptr) {
52 return;
53 }
54 SmsWriteBuffer pdu;
55 parameter->Encode(pdu);
56 auto pduBuffer = pdu.GetPduBuffer();
57 }
58
BearerReplyEncode(const uint8_t * data,size_t size)59 void BearerReplyEncode(const uint8_t *data, size_t size)
60 {
61 uint8_t value;
62 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
63 return;
64 }
65 auto parameter = std::make_unique<CdmaSmsBearerReply>(value);
66 if (parameter == nullptr) {
67 return;
68 }
69 SmsWriteBuffer pdu;
70 parameter->Encode(pdu);
71 auto pduBuffer = pdu.GetPduBuffer();
72 }
73
CauseCodesEncode(const uint8_t * data,size_t size)74 void CauseCodesEncode(const uint8_t *data, size_t size)
75 {
76 TransportCauseCode value;
77 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
78 return;
79 }
80 auto parameter = std::make_unique<CdmaSmsCauseCodes>(value);
81 if (parameter == nullptr) {
82 return;
83 }
84 SmsWriteBuffer pdu;
85 parameter->Encode(pdu);
86 auto pduBuffer = pdu.GetPduBuffer();
87 }
88
AddressParameterEncode(const uint8_t * data,size_t size)89 void AddressParameterEncode(const uint8_t *data, size_t size)
90 {
91 TransportAddr value;
92 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
93 return;
94 }
95 value.digitMode = static_cast<bool>(size % BOOL_NUM);
96 value.numberMode = static_cast<bool>(size % BOOL_NUM);
97 auto parameter = std::make_unique<CdmaSmsAddressParameter>(value, CdmaSmsParameterRecord::ORG_ADDRESS);
98 if (parameter == nullptr) {
99 return;
100 }
101 SmsWriteBuffer pdu;
102 parameter->Encode(pdu);
103 auto pduBuffer = pdu.GetPduBuffer();
104 }
105
SubaddressEncode(const uint8_t * data,size_t size)106 void SubaddressEncode(const uint8_t *data, size_t size)
107 {
108 TransportSubAddr value;
109 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
110 return;
111 }
112 value.odd = static_cast<bool>(size % BOOL_NUM);
113 auto parameter = std::make_unique<CdmaSmsSubaddress>(value, CdmaSmsParameterRecord::ORG_SUB_ADDRESS);
114 if (parameter == nullptr) {
115 return;
116 }
117 SmsWriteBuffer pdu;
118 parameter->Encode(pdu);
119 auto pduBuffer = pdu.GetPduBuffer();
120 }
121
BearerDataEncode(const uint8_t * data,size_t size)122 void BearerDataEncode(const uint8_t *data, size_t size)
123 {
124 CdmaTeleserviceMsg value;
125 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
126 return;
127 }
128 auto parameter = std::make_unique<CdmaSmsBearerData>(value);
129 if (parameter == nullptr) {
130 return;
131 }
132 SmsWriteBuffer pdu;
133 parameter->Encode(pdu);
134 auto pduBuffer = pdu.GetPduBuffer();
135 }
136
BaseParameterEncode(const uint8_t * data,size_t size)137 void BaseParameterEncode(const uint8_t *data, size_t size)
138 {
139 uint8_t value;
140 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
141 return;
142 }
143 auto parameter = std::make_unique<CdmaSmsBaseParameter>(CdmaSmsSubParameter::MESSAGE_IDENTIFIER, value);
144 if (parameter == nullptr) {
145 return;
146 }
147 SmsWriteBuffer pdu;
148 parameter->Encode(pdu);
149 auto pduBuffer = pdu.GetPduBuffer();
150 }
151
ReservedParameterEncode(const uint8_t * data,size_t size)152 void ReservedParameterEncode(const uint8_t *data, size_t size)
153 {
154 CdmaSmsMessage msg;
155 std::string oriPdu(reinterpret_cast<const char *>(data), size);
156 msg.CreateMessage(oriPdu);
157 auto parameter = std::make_unique<CdmaSmsReservedParameter>(CdmaSmsSubParameter::MESSAGE_IDENTIFIER);
158 if (parameter == nullptr) {
159 return;
160 }
161 SmsWriteBuffer pdu;
162 parameter->Encode(pdu);
163 auto pduBuffer = pdu.GetPduBuffer();
164 }
165
MessageIdEncode(const uint8_t * data,size_t size)166 void MessageIdEncode(const uint8_t *data, size_t size)
167 {
168 SmsTeleSvcMsgId value;
169 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
170 return;
171 }
172 value.headerInd = static_cast<bool>(size % BOOL_NUM);
173 auto parameter = std::make_unique<CdmaSmsMessageId>(value, CdmaSmsTeleserviceMessage::DELIVER);
174 if (parameter == nullptr) {
175 return;
176 }
177 SmsWriteBuffer pdu;
178 parameter->Encode(pdu);
179 auto pduBuffer = pdu.GetPduBuffer();
180 }
181
AbsoluteTimeEncode(const uint8_t * data,size_t size)182 void AbsoluteTimeEncode(const uint8_t *data, size_t size)
183 {
184 SmsTimeAbs value;
185 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
186 return;
187 }
188 auto parameter = std::make_unique<CdmaSmsAbsoluteTime>(CdmaSmsSubParameter::VALIDITY_PERIOD_ABSOLUTE, value);
189 if (parameter == nullptr) {
190 return;
191 }
192 SmsWriteBuffer pdu;
193 parameter->Encode(pdu);
194 auto pduBuffer = pdu.GetPduBuffer();
195 }
196
PriorityIndEncode(const uint8_t * data,size_t size)197 void PriorityIndEncode(const uint8_t *data, size_t size)
198 {
199 SmsPriorityIndicator value;
200 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
201 return;
202 }
203 auto parameter = std::make_unique<CdmaSmsPriorityInd>(value);
204 if (parameter == nullptr) {
205 return;
206 }
207 SmsWriteBuffer pdu;
208 parameter->Encode(pdu);
209 auto pduBuffer = pdu.GetPduBuffer();
210 }
211
PrivacyIndEncode(const uint8_t * data,size_t size)212 void PrivacyIndEncode(const uint8_t *data, size_t size)
213 {
214 SmsPrivacyIndicator value;
215 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
216 return;
217 }
218 auto parameter = std::make_unique<CdmaSmsPrivacyInd>(value);
219 if (parameter == nullptr) {
220 return;
221 }
222 SmsWriteBuffer pdu;
223 parameter->Encode(pdu);
224 auto pduBuffer = pdu.GetPduBuffer();
225 }
226
ReplyOptionEncode(const uint8_t * data,size_t size)227 void ReplyOptionEncode(const uint8_t *data, size_t size)
228 {
229 SmsReplyOption value;
230 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
231 return;
232 }
233 auto parameter = std::make_unique<CdmaSmsReplyOption>(value);
234 if (parameter == nullptr) {
235 return;
236 }
237 SmsWriteBuffer pdu;
238 parameter->Encode(pdu);
239 auto pduBuffer = pdu.GetPduBuffer();
240 }
241
UserDataEncode(const uint8_t * data,size_t size)242 void UserDataEncode(const uint8_t *data, size_t size)
243 {
244 SmsTeleSvcUserData value;
245 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
246 return;
247 }
248 bool headerInd = false;
249 auto parameter = std::make_unique<CdmaSmsUserData>(value, headerInd);
250 if (parameter == nullptr) {
251 return;
252 }
253 SmsWriteBuffer pdu;
254 parameter->Encode(pdu);
255 auto pduBuffer = pdu.GetPduBuffer();
256 }
257
CmasDataEncode(const uint8_t * data,size_t size)258 void CmasDataEncode(const uint8_t *data, size_t size)
259 {
260 SmsTeleSvcCmasData value;
261 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
262 return;
263 }
264 auto parameter = std::make_unique<CdmaSmsCmasData>(value);
265 if (parameter == nullptr) {
266 return;
267 }
268 SmsWriteBuffer pdu;
269 parameter->Encode(pdu);
270 auto pduBuffer = pdu.GetPduBuffer();
271 }
272
AlertPriorityEncode(const uint8_t * data,size_t size)273 void AlertPriorityEncode(const uint8_t *data, size_t size)
274 {
275 SmsAlertPriority value;
276 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
277 return;
278 }
279 auto parameter = std::make_unique<CdmaSmsAlertPriority>(value);
280 if (parameter == nullptr) {
281 return;
282 }
283 SmsWriteBuffer pdu;
284 parameter->Encode(pdu);
285 auto pduBuffer = pdu.GetPduBuffer();
286 }
LanguageIndEncode(const uint8_t * data,size_t size)287 void LanguageIndEncode(const uint8_t *data, size_t size)
288 {
289 SmsLanguageType value;
290 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
291 return;
292 }
293 auto parameter = std::make_unique<CdmaSmsLanguageInd>(value);
294 if (parameter == nullptr) {
295 return;
296 }
297 SmsWriteBuffer pdu;
298 parameter->Encode(pdu);
299 auto pduBuffer = pdu.GetPduBuffer();
300 }
CallbackNumberEncode(const uint8_t * data,size_t size)301 void CallbackNumberEncode(const uint8_t *data, size_t size)
302 {
303 SmsTeleSvcAddr value;
304 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
305 return;
306 }
307 value.digitMode = static_cast<bool>(size % BOOL_NUM);
308 auto parameter = std::make_unique<CdmaSmsCallbackNumber>(value);
309 if (parameter == nullptr) {
310 return;
311 }
312 SmsWriteBuffer pdu;
313 parameter->Encode(pdu);
314 auto pduBuffer = pdu.GetPduBuffer();
315 }
DepositIndexEncode(const uint8_t * data,size_t size)316 void DepositIndexEncode(const uint8_t *data, size_t size)
317 {
318 uint16_t value;
319 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
320 return;
321 }
322 auto parameter = std::make_unique<CdmaSmsDepositIndex>(value);
323 if (parameter == nullptr) {
324 return;
325 }
326 SmsWriteBuffer pdu;
327 parameter->Encode(pdu);
328 auto pduBuffer = pdu.GetPduBuffer();
329 }
DisplayModeEncode(const uint8_t * data,size_t size)330 void DisplayModeEncode(const uint8_t *data, size_t size)
331 {
332 SmsDisplayMode value;
333 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
334 return;
335 }
336 auto parameter = std::make_unique<CdmaSmsDisplayMode>(value);
337 if (parameter == nullptr) {
338 return;
339 }
340 SmsWriteBuffer pdu;
341 parameter->Encode(pdu);
342 auto pduBuffer = pdu.GetPduBuffer();
343 }
MessageStatusEncode(const uint8_t * data,size_t size)344 void MessageStatusEncode(const uint8_t *data, size_t size)
345 {
346 SmsStatusCode value;
347 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
348 return;
349 }
350 auto parameter = std::make_unique<CdmaSmsMessageStatus>(value);
351 if (parameter == nullptr) {
352 return;
353 }
354 SmsWriteBuffer pdu;
355 parameter->Encode(pdu);
356 auto pduBuffer = pdu.GetPduBuffer();
357 }
NumberMessagesEncode(const uint8_t * data,size_t size)358 void NumberMessagesEncode(const uint8_t *data, size_t size)
359 {
360 uint32_t value;
361 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
362 return;
363 }
364 auto parameter = std::make_unique<CdmaSmsNumberMessages>(value);
365 if (parameter == nullptr) {
366 return;
367 }
368 SmsWriteBuffer pdu;
369 parameter->Encode(pdu);
370 auto pduBuffer = pdu.GetPduBuffer();
371 }
EnhancedVmnEncode(const uint8_t * data,size_t size)372 void EnhancedVmnEncode(const uint8_t *data, size_t size)
373 {
374 SmsEnhancedVmn value;
375 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
376 return;
377 }
378 auto parameter = std::make_unique<CdmaSmsEnhancedVmn>(value);
379 if (parameter == nullptr) {
380 return;
381 }
382 SmsWriteBuffer pdu;
383 parameter->Encode(pdu);
384 auto pduBuffer = pdu.GetPduBuffer();
385 }
EnhancedVmnAckEncode(const uint8_t * data,size_t size)386 void EnhancedVmnAckEncode(const uint8_t *data, size_t size)
387 {
388 SmsEnhancedVmnAck value;
389 if (memcpy_s(&value, sizeof(value), data, size) != EOK) {
390 return;
391 }
392 auto parameter = std::make_unique<CdmaSmsEnhancedVmnAck>(value);
393 if (parameter == nullptr) {
394 return;
395 }
396 SmsWriteBuffer pdu;
397 parameter->Encode(pdu);
398 auto pduBuffer = pdu.GetPduBuffer();
399 }
400
TransportMessageEncode(const uint8_t * data,size_t size)401 void TransportMessageEncode(const uint8_t *data, size_t size)
402 {
403 SmsWriteBuffer pdu;
404 CdmaTransportMsg msg;
405 if (memcpy_s(&msg, sizeof(msg), data, size) != EOK) {
406 return;
407 }
408 auto message = CdmaSmsTransportMessage::CreateTransportMessage(msg);
409 if (message == nullptr) {
410 return;
411 }
412 message->Encode(pdu);
413 auto pduBuffer = pdu.GetPduBuffer();
414
415 SmsWriteBuffer wBuffer1;
416 msg.type = CdmaTransportMsgType::P2P;
417 auto message1 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
418 if (message1 == nullptr) {
419 return;
420 }
421 message1->Encode(wBuffer1);
422 auto pduBuffer1 = wBuffer1.GetPduBuffer();
423
424 SmsWriteBuffer wBuffer2;
425 msg.type = CdmaTransportMsgType::BROADCAST;
426 auto message2 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
427 if (message2 == nullptr) {
428 return;
429 }
430 message2->Encode(wBuffer2);
431 auto pduBuffer2 = wBuffer2.GetPduBuffer();
432
433 SmsWriteBuffer wBuffer3;
434 msg.type = CdmaTransportMsgType::ACK;
435 auto message3 = CdmaSmsTransportMessage::CreateTransportMessage(msg);
436 if (message3 == nullptr) {
437 return;
438 }
439 message3->Encode(wBuffer3);
440 auto pduBuffer3 = wBuffer3.GetPduBuffer();
441 }
442
ParameterRecordEncode(const uint8_t * data,size_t size)443 void ParameterRecordEncode(const uint8_t *data, size_t size)
444 {
445 TeleserviceIdEncode(data, size);
446 ServiceCategoryEncode(data, size);
447 BearerReplyEncode(data, size);
448 CauseCodesEncode(data, size);
449 AddressParameterEncode(data, size);
450 SubaddressEncode(data, size);
451 BearerDataEncode(data, size);
452 }
453
SubParameterEncode(const uint8_t * data,size_t size)454 void SubParameterEncode(const uint8_t *data, size_t size)
455 {
456 BaseParameterEncode(data, size);
457 ReservedParameterEncode(data, size);
458 MessageIdEncode(data, size);
459 AbsoluteTimeEncode(data, size);
460 PriorityIndEncode(data, size);
461 PrivacyIndEncode(data, size);
462 ReplyOptionEncode(data, size);
463 UserDataEncode(data, size);
464 CmasDataEncode(data, size);
465 AlertPriorityEncode(data, size);
466 LanguageIndEncode(data, size);
467 CallbackNumberEncode(data, size);
468 DepositIndexEncode(data, size);
469 DisplayModeEncode(data, size);
470 MessageStatusEncode(data, size);
471 NumberMessagesEncode(data, size);
472 EnhancedVmnEncode(data, size);
473 EnhancedVmnAckEncode(data, size);
474 }
475
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)476 void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
477 {
478 if (data == nullptr || size == 0) {
479 return;
480 }
481
482 if (g_flag) {
483 return;
484 }
485 g_flag = true;
486
487 TransportMessageEncode(data, size);
488 ParameterRecordEncode(data, size);
489 SubParameterEncode(data, size);
490 }
491
492 } // namespace OHOS
493
494 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)495 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
496 {
497 /* Run your code on data */
498 OHOS::AddSmsTokenFuzzer token;
499 OHOS::DoSomethingInterestingWithMyAPI(data, size);
500 return 0;
501 }
502