1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "wpa_common_fuzzer.h"
16
17 #define WLAN_FREQ_MAX_NUM 35
18 #define ETH_ADDR_LEN 6
19 #define BITS_NUM_24 24
20 #define BITS_NUM_16 16
21 #define BITS_NUM_8 8
22 #define REPLY_SIZE 1024
23
24 static uint32_t g_wpaTestSize = 0;
25 struct IWpaCallback *g_wpaCallbackObj = nullptr;
26
SetWpaDataSize(const uint32_t * dataSize)27 uint32_t SetWpaDataSize(const uint32_t *dataSize)
28 {
29 if (dataSize != nullptr) {
30 g_wpaTestSize = *dataSize;
31 return HDF_SUCCESS;
32 }
33 HDF_LOGE("%{public}s: set data size failed!", __FUNCTION__);
34 return HDF_FAILURE;
35 }
36
GetWpaDataSize(uint32_t * dataSize)37 uint32_t GetWpaDataSize(uint32_t *dataSize)
38 {
39 if (dataSize != nullptr) {
40 *dataSize = g_wpaTestSize;
41 return HDF_SUCCESS;
42 }
43 HDF_LOGE("%{public}s: get data size failed!", __FUNCTION__);
44 return HDF_FAILURE;
45 }
46
Convert2Uint32(const uint8_t * ptr)47 uint32_t Convert2Uint32(const uint8_t *ptr)
48 {
49 if (ptr == nullptr) {
50 return 0;
51 }
52 /*
53 * Move the 0th digit 24 to the left, the first digit 16 to the left, the second digit 8 to the left,
54 * and the third digit no left
55 */
56 return (ptr[0] << BITS_NUM_24) | (ptr[1] << BITS_NUM_16) | (ptr[2] << BITS_NUM_8) | (ptr[3]);
57 }
58
PreProcessRawData(const uint8_t * rawData,size_t size,uint8_t * tmpRawData,size_t tmpRawDataSize)59 bool PreProcessRawData(const uint8_t *rawData, size_t size, uint8_t *tmpRawData, size_t tmpRawDataSize)
60 {
61 if (rawData == nullptr || tmpRawData == nullptr) {
62 HDF_LOGE("%{public}s: rawData or tmpRawData is nullptr!", __FUNCTION__);
63 return false;
64 }
65 uint32_t dataSize = size - OFFSET;
66 if (memcpy_s(tmpRawData, tmpRawDataSize, rawData + OFFSET, dataSize) != EOK) {
67 HDF_LOGE("%{public}s: memcpy_s failed!", __FUNCTION__);
68 return false;
69 }
70 if (SetWpaDataSize(&dataSize) != HDF_SUCCESS) {
71 HDF_LOGE("%{public}s: set data size failed!", __FUNCTION__);
72 return false;
73 }
74 return true;
75 }
76
77 /* **********Wpa Interface********** */
FuzzWpaInterfaceStart(struct IWpaInterface * interface,const uint8_t * rawData)78 void FuzzWpaInterfaceStart(struct IWpaInterface *interface, const uint8_t *rawData)
79 {
80 if (interface == nullptr) {
81 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
82 return;
83 }
84 interface->Start(interface);
85 HDF_LOGI("%{public}s: success", __FUNCTION__);
86 }
87
FuzzWpaInterfaceStop(struct IWpaInterface * interface,const uint8_t * rawData)88 void FuzzWpaInterfaceStop(struct IWpaInterface *interface, const uint8_t *rawData)
89 {
90 if (interface == nullptr) {
91 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
92 return;
93 }
94 interface->Stop(interface);
95 HDF_LOGI("%{public}s: success", __FUNCTION__);
96 }
97
FuzzWpaInterfaceScan(struct IWpaInterface * interface,const uint8_t * rawData)98 void FuzzWpaInterfaceScan(struct IWpaInterface *interface, const uint8_t *rawData)
99 {
100 if (interface == nullptr) {
101 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
102 return;
103 }
104 const char *ifName = reinterpret_cast<const char *>(rawData);
105
106 interface->Scan(interface, ifName);
107 HDF_LOGI("%{public}s: success", __FUNCTION__);
108 }
109
FuzzWpaInterfaceScanResult(struct IWpaInterface * interface,const uint8_t * rawData)110 void FuzzWpaInterfaceScanResult(struct IWpaInterface *interface, const uint8_t *rawData)
111 {
112 if (interface == nullptr) {
113 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
114 return;
115 }
116 const char *ifName = reinterpret_cast<const char *>(rawData);
117 unsigned char buf[ETH_ADDR_LEN] = {0x12, 0x34, 0x56, 0x78, 0xab, 0xcd};
118 uint32_t bufLen = ETH_ADDR_LEN;
119 interface->ScanResult(interface, ifName, buf, &bufLen);
120 HDF_LOGI("%{public}s: success", __FUNCTION__);
121 }
122
FuzzWpaInterfaceAddNetwork(struct IWpaInterface * interface,const uint8_t * rawData)123 void FuzzWpaInterfaceAddNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
124 {
125 if (interface == nullptr) {
126 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
127 return;
128 }
129 const char *ifName = reinterpret_cast<const char *>(rawData);
130 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
131
132 interface->AddNetwork(interface, ifName, &networkId);
133 HDF_LOGI("%{public}s: success", __FUNCTION__);
134 }
135
FuzzWpaInterfaceRemoveNetwork(struct IWpaInterface * interface,const uint8_t * rawData)136 void FuzzWpaInterfaceRemoveNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
137 {
138 if (interface == nullptr) {
139 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
140 return;
141 }
142 const char *ifName = reinterpret_cast<const char *>(rawData);
143 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
144
145 interface->RemoveNetwork(interface, ifName, networkId);
146 HDF_LOGI("%{public}s: success", __FUNCTION__);
147 }
148
FuzzWpaInterfaceDisableNetwork(struct IWpaInterface * interface,const uint8_t * rawData)149 void FuzzWpaInterfaceDisableNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
150 {
151 if (interface == nullptr) {
152 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
153 return;
154 }
155 const char *ifName = reinterpret_cast<const char *>(rawData);
156 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
157
158 interface->DisableNetwork(interface, ifName, networkId);
159 HDF_LOGI("%{public}s: success", __FUNCTION__);
160 }
161
FuzzWpaInterfaceSetNetwork(struct IWpaInterface * interface,const uint8_t * rawData)162 void FuzzWpaInterfaceSetNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
163 {
164 if (interface == nullptr) {
165 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
166 return;
167 }
168 const char *ifName = reinterpret_cast<const char *>(rawData);
169 const char *name = reinterpret_cast<const char *>(rawData);
170 const char *value = reinterpret_cast<const char *>(rawData);
171 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
172
173 interface->SetNetwork(interface, ifName, networkId, name, value);
174 HDF_LOGI("%{public}s: success", __FUNCTION__);
175 }
176
FuzzWpaInterfaceReconnect(struct IWpaInterface * interface,const uint8_t * rawData)177 void FuzzWpaInterfaceReconnect(struct IWpaInterface *interface, const uint8_t *rawData)
178 {
179 if (interface == nullptr) {
180 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
181 return;
182 }
183 const char *ifName = reinterpret_cast<const char *>(rawData);
184
185 interface->Reconnect(interface, ifName);
186 HDF_LOGI("%{public}s: success", __FUNCTION__);
187 }
188
FuzzWpaInterfaceDisconnect(struct IWpaInterface * interface,const uint8_t * rawData)189 void FuzzWpaInterfaceDisconnect(struct IWpaInterface *interface, const uint8_t *rawData)
190 {
191 if (interface == nullptr) {
192 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
193 return;
194 }
195 const char *ifName = reinterpret_cast<const char *>(rawData);
196
197 interface->Disconnect(interface, ifName);
198 HDF_LOGI("%{public}s: success", __FUNCTION__);
199 }
200
FuzzWpaInterfaceSelectNetwork(struct IWpaInterface * interface,const uint8_t * rawData)201 void FuzzWpaInterfaceSelectNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
202 {
203 if (interface == nullptr) {
204 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
205 return;
206 }
207 const char *ifName = reinterpret_cast<const char *>(rawData);
208 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
209
210 interface->SelectNetwork(interface, ifName, networkId);
211 HDF_LOGI("%{public}s: success", __FUNCTION__);
212 }
213
FuzzWpaInterfaceEnableNetwork(struct IWpaInterface * interface,const uint8_t * rawData)214 void FuzzWpaInterfaceEnableNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
215 {
216 if (interface == nullptr) {
217 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
218 return;
219 }
220 const char *ifName = reinterpret_cast<const char *>(rawData);
221 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
222
223 interface->EnableNetwork(interface, ifName, networkId);
224 HDF_LOGI("%{public}s: success", __FUNCTION__);
225 }
226
FuzzWpaInterfaceSetPowerSave(struct IWpaInterface * interface,const uint8_t * rawData)227 void FuzzWpaInterfaceSetPowerSave(struct IWpaInterface *interface, const uint8_t *rawData)
228 {
229 if (interface == nullptr) {
230 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
231 return;
232 }
233 const char *ifName = reinterpret_cast<const char *>(rawData);
234 int32_t enable = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
235
236 interface->SetPowerSave(interface, ifName, enable);
237 HDF_LOGI("%{public}s: success", __FUNCTION__);
238 }
239
FuzzWpaInterfaceAutoConnect(struct IWpaInterface * interface,const uint8_t * rawData)240 void FuzzWpaInterfaceAutoConnect(struct IWpaInterface *interface, const uint8_t *rawData)
241 {
242 if (interface == nullptr) {
243 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
244 return;
245 }
246 const char *ifName = reinterpret_cast<const char *>(rawData);
247 int32_t enable = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
248
249 interface->AutoConnect(interface, ifName, enable);
250 HDF_LOGI("%{public}s: success", __FUNCTION__);
251 }
252
FuzzWpaInterfaceSaveConfig(struct IWpaInterface * interface,const uint8_t * rawData)253 void FuzzWpaInterfaceSaveConfig(struct IWpaInterface *interface, const uint8_t *rawData)
254 {
255 if (interface == nullptr) {
256 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
257 return;
258 }
259 const char *ifName = reinterpret_cast<const char *>(rawData);
260
261 interface->SaveConfig(interface, ifName);
262 HDF_LOGI("%{public}s: success", __FUNCTION__);
263 }
264
FuzzWpaInterfaceWpsCancel(struct IWpaInterface * interface,const uint8_t * rawData)265 void FuzzWpaInterfaceWpsCancel(struct IWpaInterface *interface, const uint8_t *rawData)
266 {
267 if (interface == nullptr) {
268 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
269 return;
270 }
271 const char *ifName = reinterpret_cast<const char *>(rawData);
272
273 interface->WpsCancel(interface, ifName);
274 HDF_LOGI("%{public}s: success", __FUNCTION__);
275 }
276
FuzzWpaInterfaceGetCountryCode(struct IWpaInterface * interface,const uint8_t * rawData)277 void FuzzWpaInterfaceGetCountryCode(struct IWpaInterface *interface, const uint8_t *rawData)
278 {
279 if (interface == nullptr) {
280 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
281 return;
282 }
283 const char *ifName = reinterpret_cast<const char *>(rawData);
284 char countryCode[3] = {0};
285
286 interface->GetCountryCode(interface, ifName, countryCode, 3);
287 HDF_LOGI("%{public}s: success", __FUNCTION__);
288 }
289
FuzzWpaInterfaceGetNetwork(struct IWpaInterface * interface,const uint8_t * rawData)290 void FuzzWpaInterfaceGetNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
291 {
292 if (interface == nullptr) {
293 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
294 return;
295 }
296 const char *ifName = reinterpret_cast<const char *>(rawData);
297 int networkId = 0;
298 char value[32] = {0};
299
300 interface->GetNetwork(interface, ifName, networkId, "ssid", value, 32);
301 HDF_LOGI("%{public}s: success", __FUNCTION__);
302 }
303
FuzzWpaInterfaceBlocklistClear(struct IWpaInterface * interface,const uint8_t * rawData)304 void FuzzWpaInterfaceBlocklistClear(struct IWpaInterface *interface, const uint8_t *rawData)
305 {
306 if (interface == nullptr) {
307 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
308 return;
309 }
310 const char *ifName = reinterpret_cast<const char *>(rawData);
311
312 interface->BlocklistClear(interface, ifName);
313 HDF_LOGI("%{public}s: success", __FUNCTION__);
314 }
315
FuzzWpaInterfaceSetSuspendMode(struct IWpaInterface * interface,const uint8_t * rawData)316 void FuzzWpaInterfaceSetSuspendMode(struct IWpaInterface *interface, const uint8_t *rawData)
317 {
318 if (interface == nullptr) {
319 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
320 return;
321 }
322 const char *ifName = reinterpret_cast<const char *>(rawData);
323 int32_t mode = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
324
325 interface->SetSuspendMode(interface, ifName, mode);
326 HDF_LOGI("%{public}s: success", __FUNCTION__);
327 }
328
FuzzWpaInterfaceGetScanSsid(struct IWpaInterface * interface,const uint8_t * rawData)329 void FuzzWpaInterfaceGetScanSsid(struct IWpaInterface *interface, const uint8_t *rawData)
330 {
331 if (interface == nullptr) {
332 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
333 return;
334 }
335 const char *ifName = reinterpret_cast<const char *>(rawData);
336 int32_t enable = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
337
338 interface->GetScanSsid(interface, ifName, &enable);
339 HDF_LOGI("%{public}s: success", __FUNCTION__);
340 }
341
FuzzWpaInterfaceGetPskPassphrase(struct IWpaInterface * interface,const uint8_t * rawData)342 void FuzzWpaInterfaceGetPskPassphrase(struct IWpaInterface *interface, const uint8_t *rawData)
343 {
344 if (interface == nullptr) {
345 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
346 return;
347 }
348 const char *ifName = reinterpret_cast<const char *>(rawData);
349 char psk[32] = {0};
350
351 interface->GetPskPassphrase(interface, ifName, psk, 32);
352 HDF_LOGI("%{public}s: success", __FUNCTION__);
353 }
354
FuzzWpaInterfaceGetPsk(struct IWpaInterface * interface,const uint8_t * rawData)355 void FuzzWpaInterfaceGetPsk(struct IWpaInterface *interface, const uint8_t *rawData)
356 {
357 if (interface == nullptr) {
358 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
359 return;
360 }
361 const char *ifName = reinterpret_cast<const char *>(rawData);
362 uint8_t psk[32] = {0};
363 uint32_t pskLen = 32;
364
365 interface->GetPsk(interface, ifName, psk, &pskLen);
366 HDF_LOGI("%{public}s: success", __FUNCTION__);
367 }
368
FuzzWpaInterfaceGetWepKey(struct IWpaInterface * interface,const uint8_t * rawData)369 void FuzzWpaInterfaceGetWepKey(struct IWpaInterface *interface, const uint8_t *rawData)
370 {
371 if (interface == nullptr) {
372 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
373 return;
374 }
375 const char *ifName = reinterpret_cast<const char *>(rawData);
376 uint8_t wepKey[16] = {0};
377 uint32_t wepKeyLen = 16;
378
379 interface->GetWepKey(interface, ifName, 1, wepKey, &wepKeyLen);
380 HDF_LOGI("%{public}s: success", __FUNCTION__);
381 }
382
FuzzWpaInterfaceGetWepTxKeyIdx(struct IWpaInterface * interface,const uint8_t * rawData)383 void FuzzWpaInterfaceGetWepTxKeyIdx(struct IWpaInterface *interface, const uint8_t *rawData)
384 {
385 if (interface == nullptr) {
386 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
387 return;
388 }
389 const char *ifName = reinterpret_cast<const char *>(rawData);
390 int keyIdx = *const_cast<int *>(reinterpret_cast<const int *>(rawData));
391
392 interface->GetWepTxKeyIdx(interface, ifName, &keyIdx);
393 HDF_LOGI("%{public}s: success", __FUNCTION__);
394 }
395
FuzzWpaInterfaceGetRequirePmf(struct IWpaInterface * interface,const uint8_t * rawData)396 void FuzzWpaInterfaceGetRequirePmf(struct IWpaInterface *interface, const uint8_t *rawData)
397 {
398 if (interface == nullptr) {
399 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
400 return;
401 }
402 const char *ifName = reinterpret_cast<const char *>(rawData);
403 int enable = *const_cast<int *>(reinterpret_cast<const int *>(rawData));
404
405 interface->GetRequirePmf(interface, ifName, &enable);
406 HDF_LOGI("%{public}s: success", __FUNCTION__);
407 }
408
FuzzWpaInterfaceSetCountryCode(struct IWpaInterface * interface,const uint8_t * rawData)409 void FuzzWpaInterfaceSetCountryCode(struct IWpaInterface *interface, const uint8_t *rawData)
410 {
411 if (interface == nullptr) {
412 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
413 return;
414 }
415 const char *ifName = reinterpret_cast<const char *>(rawData);
416 const char countryCode[3] = {0};
417
418 interface->SetCountryCode(interface, ifName, countryCode);
419 HDF_LOGI("%{public}s: success", __FUNCTION__);
420 }
421
FuzzWpaInterfaceListNetworks(struct IWpaInterface * interface,const uint8_t * rawData)422 void FuzzWpaInterfaceListNetworks(struct IWpaInterface *interface, const uint8_t *rawData)
423 {
424 if (interface == nullptr) {
425 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
426 return;
427 }
428 const char *ifName = reinterpret_cast<const char *>(rawData);
429 struct HdiWifiWpaNetworkInfo networkInfo;
430 (void)memset_s(&networkInfo, sizeof(struct HdiWifiWpaNetworkInfo), 0, sizeof(struct HdiWifiWpaNetworkInfo));
431 uint32_t networkInfoLen = 0;
432
433 interface->ListNetworks(interface, ifName, (struct HdiWifiWpaNetworkInfo *)&networkInfo, &networkInfoLen);
434 HDF_LOGI("%{public}s: success", __FUNCTION__);
435 }
436
FuzzWpaInterfaceWifiStatus(struct IWpaInterface * interface,const uint8_t * rawData)437 void FuzzWpaInterfaceWifiStatus(struct IWpaInterface *interface, const uint8_t *rawData)
438 {
439 if (interface == nullptr) {
440 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
441 return;
442 }
443 const char *ifName = reinterpret_cast<const char *>(rawData);
444 struct HdiWpaCmdStatus wifiStatus;
445 (void)memset_s(&wifiStatus, sizeof(struct HdiWpaCmdStatus), 0, sizeof(struct HdiWpaCmdStatus));
446
447 interface->WifiStatus(interface, ifName, &wifiStatus);
448 HDF_LOGI("%{public}s: success", __FUNCTION__);
449 }
450
FuzzWpaInterfaceWpsPbcMode(struct IWpaInterface * interface,const uint8_t * rawData)451 void FuzzWpaInterfaceWpsPbcMode(struct IWpaInterface *interface, const uint8_t *rawData)
452 {
453 if (interface == nullptr) {
454 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
455 return;
456 }
457 const char *ifName = reinterpret_cast<const char *>(rawData);
458 struct HdiWifiWpsParam wpsParam;
459 (void)memset_s(&wpsParam, sizeof(struct HdiWifiWpsParam), 0, sizeof(struct HdiWifiWpsParam));
460 wpsParam.anyFlag = 1;
461 wpsParam.multiAp = 1;
462 wpsParam.bssidLen = 6;
463 wpsParam.bssid = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * (wpsParam.bssidLen)));
464 if (wpsParam.bssid == nullptr) {
465 return;
466 }
467 wpsParam.bssid[0] = 0x12;
468 wpsParam.bssid[1] = 0x34;
469 wpsParam.bssid[2] = 0x56;
470 wpsParam.bssid[3] = 0x78;
471 wpsParam.bssid[4] = 0xab;
472 wpsParam.bssid[5] = 0xcd;
473
474 interface->WpsPbcMode(interface, ifName, &wpsParam);
475 OsalMemFree(wpsParam.bssid);
476 HDF_LOGI("%{public}s: success", __FUNCTION__);
477 }
478
FuzzWpaInterfaceWpsPinMode(struct IWpaInterface * interface,const uint8_t * rawData)479 void FuzzWpaInterfaceWpsPinMode(struct IWpaInterface *interface, const uint8_t *rawData)
480 {
481 if (interface == nullptr) {
482 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
483 return;
484 }
485 const char *ifName = reinterpret_cast<const char *>(rawData);
486 struct HdiWifiWpsParam wpsParam;
487 (void)memset_s(&wpsParam, sizeof(struct HdiWifiWpsParam), 0, sizeof(struct HdiWifiWpsParam));
488 wpsParam.anyFlag = 1;
489 wpsParam.multiAp = 1;
490 wpsParam.bssidLen = 6;
491 wpsParam.bssid = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * (wpsParam.bssidLen)));
492 if (wpsParam.bssid == nullptr) {
493 return;
494 }
495 wpsParam.bssid[0] = 0x12;
496 wpsParam.bssid[1] = 0x34;
497 wpsParam.bssid[2] = 0x56;
498 wpsParam.bssid[3] = 0x78;
499 wpsParam.bssid[4] = 0xab;
500 wpsParam.bssid[5] = 0xcd;
501 int pinCode = 0;
502
503 interface->WpsPinMode(interface, ifName, &wpsParam, &pinCode);
504 OsalMemFree(wpsParam.bssid);
505 HDF_LOGI("%{public}s: success", __FUNCTION__);
506 }
507
FuzzWpaInterfaceRegisterEventCallback(struct IWpaInterface * interface,const uint8_t * rawData)508 void FuzzWpaInterfaceRegisterEventCallback(struct IWpaInterface *interface, const uint8_t *rawData)
509 {
510 if (interface == nullptr) {
511 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
512 return;
513 }
514 const char *ifName = reinterpret_cast<const char *>(rawData);
515
516 interface->RegisterEventCallback(interface, g_wpaCallbackObj, ifName);
517 HDF_LOGI("%{public}s: success", __FUNCTION__);
518 }
519
FuzzWpaInterfaceUnregisterEventCallback(struct IWpaInterface * interface,const uint8_t * rawData)520 void FuzzWpaInterfaceUnregisterEventCallback(struct IWpaInterface *interface, const uint8_t *rawData)
521 {
522 if (interface == nullptr) {
523 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
524 return;
525 }
526 const char *ifName = reinterpret_cast<const char *>(rawData);
527
528 interface->UnregisterEventCallback(interface, g_wpaCallbackObj, ifName);
529 HDF_LOGI("%{public}s: success", __FUNCTION__);
530 }
531
FuzzWpaInterfaceGetConnectionCapabilities(struct IWpaInterface * interface,const uint8_t * rawData)532 void FuzzWpaInterfaceGetConnectionCapabilities(struct IWpaInterface *interface, const uint8_t *rawData)
533 {
534 if (interface == nullptr) {
535 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
536 return;
537 }
538 const char *ifName = reinterpret_cast<const char *>(rawData);
539 struct ConnectionCapabilities connectionCap;
540 (void)memset_s(&connectionCap, sizeof(struct ConnectionCapabilities), 0, sizeof(struct ConnectionCapabilities));
541
542 interface->GetConnectionCapabilities(interface, ifName, &connectionCap);
543 HDF_LOGI("%{public}s: success", __FUNCTION__);
544 }
545
FuzzWpaInterfaceAddWpaIface(struct IWpaInterface * interface,const uint8_t * rawData)546 void FuzzWpaInterfaceAddWpaIface(struct IWpaInterface *interface, const uint8_t *rawData)
547 {
548 if (interface == nullptr) {
549 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
550 return;
551 }
552 const char *ifName = reinterpret_cast<const char *>(rawData);
553 const char *configname = "/data/service/el1/public/wifi/wpa_supplicant/wpa_supplicant.conf";
554 interface->AddWpaIface(interface, ifName, configname);
555 HDF_LOGI("%{public}s: success", __FUNCTION__);
556 }
557
FuzzWpaInterfaceRemoveWpaIface(struct IWpaInterface * interface,const uint8_t * rawData)558 void FuzzWpaInterfaceRemoveWpaIface(struct IWpaInterface *interface, const uint8_t *rawData)
559 {
560 if (interface == nullptr) {
561 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
562 return;
563 }
564 const char *ifName = reinterpret_cast<const char *>(rawData);
565
566 interface->RemoveWpaIface(interface, ifName);
567 HDF_LOGI("%{public}s: success", __FUNCTION__);
568 }
569
FuzzWpaInterfaceReassociate(struct IWpaInterface * interface,const uint8_t * rawData)570 void FuzzWpaInterfaceReassociate(struct IWpaInterface *interface, const uint8_t *rawData)
571 {
572 if (interface == nullptr) {
573 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
574 return;
575 }
576 const char *ifName = reinterpret_cast<const char *>(rawData);
577
578 interface->Reassociate(interface, ifName);
579 HDF_LOGI("%{public}s: success", __FUNCTION__);
580 }
581
FuzzWpaInterfaceStaShellCmd(struct IWpaInterface * interface,const uint8_t * rawData)582 void FuzzWpaInterfaceStaShellCmd(struct IWpaInterface *interface, const uint8_t *rawData)
583 {
584 if (interface == nullptr) {
585 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
586 return;
587 }
588 const char *ifName = reinterpret_cast<const char *>(rawData);
589 const char *cmd = reinterpret_cast<const char *>(rawData);
590
591 interface->StaShellCmd(interface, ifName, cmd);
592 HDF_LOGI("%{public}s: success", __FUNCTION__);
593 }
594
595
596 /* **********P2p Interface********** */
FuzzWpaInterfaceP2pSetSsidPostfixName(struct IWpaInterface * interface,const uint8_t * rawData)597 void FuzzWpaInterfaceP2pSetSsidPostfixName(struct IWpaInterface *interface, const uint8_t *rawData)
598 {
599 if (interface == nullptr) {
600 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
601 return;
602 }
603 const char *ifName = reinterpret_cast<const char *>(rawData);
604 const char *name = reinterpret_cast<const char *>(rawData);
605
606 interface->P2pSetSsidPostfixName(interface, ifName, name);
607 HDF_LOGI("%{public}s: success", __FUNCTION__);
608 }
609
FuzzWpaInterfaceP2pSetWpsDeviceType(struct IWpaInterface * interface,const uint8_t * rawData)610 void FuzzWpaInterfaceP2pSetWpsDeviceType(struct IWpaInterface *interface, const uint8_t *rawData)
611 {
612 if (interface == nullptr) {
613 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
614 return;
615 }
616 const char *ifName = reinterpret_cast<const char *>(rawData);
617 const char *type = reinterpret_cast<const char *>(rawData);
618
619 interface->P2pSetWpsDeviceType(interface, ifName, type);
620 HDF_LOGI("%{public}s: success", __FUNCTION__);
621 }
622
FuzzWpaInterfaceP2pSetWpsConfigMethods(struct IWpaInterface * interface,const uint8_t * rawData)623 void FuzzWpaInterfaceP2pSetWpsConfigMethods(struct IWpaInterface *interface, const uint8_t *rawData)
624 {
625 if (interface == nullptr) {
626 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
627 return;
628 }
629 const char *ifName = reinterpret_cast<const char *>(rawData);
630 const char *methods = reinterpret_cast<const char *>(rawData);
631
632 interface->P2pSetWpsConfigMethods(interface, ifName, methods);
633 HDF_LOGI("%{public}s: success", __FUNCTION__);
634 }
635
FuzzWpaInterfaceP2pSetGroupMaxIdle(struct IWpaInterface * interface,const uint8_t * rawData)636 void FuzzWpaInterfaceP2pSetGroupMaxIdle(struct IWpaInterface *interface, const uint8_t *rawData)
637 {
638 if (interface == nullptr) {
639 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
640 return;
641 }
642 const char *ifName = reinterpret_cast<const char *>(rawData);
643 int32_t time = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
644
645 interface->P2pSetGroupMaxIdle(interface, ifName, time);
646 HDF_LOGI("%{public}s: success", __FUNCTION__);
647 }
648
FuzzWpaInterfaceP2pSetWfdEnable(struct IWpaInterface * interface,const uint8_t * rawData)649 void FuzzWpaInterfaceP2pSetWfdEnable(struct IWpaInterface *interface, const uint8_t *rawData)
650 {
651 if (interface == nullptr) {
652 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
653 return;
654 }
655 const char *ifName = reinterpret_cast<const char *>(rawData);
656 int32_t enable = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
657
658 interface->P2pSetWfdEnable(interface, ifName, enable);
659 HDF_LOGI("%{public}s: success", __FUNCTION__);
660 }
661
FuzzWpaInterfaceP2pSetPersistentReconnect(struct IWpaInterface * interface,const uint8_t * rawData)662 void FuzzWpaInterfaceP2pSetPersistentReconnect(struct IWpaInterface *interface, const uint8_t *rawData)
663 {
664 if (interface == nullptr) {
665 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
666 return;
667 }
668 const char *ifName = reinterpret_cast<const char *>(rawData);
669 int32_t status = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
670
671 interface->P2pSetPersistentReconnect(interface, ifName, status);
672 HDF_LOGI("%{public}s: success", __FUNCTION__);
673 }
674
FuzzWpaInterfaceP2pSetWpsSecondaryDeviceType(struct IWpaInterface * interface,const uint8_t * rawData)675 void FuzzWpaInterfaceP2pSetWpsSecondaryDeviceType(struct IWpaInterface *interface, const uint8_t *rawData)
676 {
677 if (interface == nullptr) {
678 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
679 return;
680 }
681 const char *ifName = reinterpret_cast<const char *>(rawData);
682 const char *type = reinterpret_cast<const char *>(rawData);
683
684 interface->P2pSetWpsSecondaryDeviceType(interface, ifName, type);
685 HDF_LOGI("%{public}s: success", __FUNCTION__);
686 }
687
FuzzWpaInterfaceP2pSetupWpsPbc(struct IWpaInterface * interface,const uint8_t * rawData)688 void FuzzWpaInterfaceP2pSetupWpsPbc(struct IWpaInterface *interface, const uint8_t *rawData)
689 {
690 if (interface == nullptr) {
691 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
692 return;
693 }
694 const char *ifName = reinterpret_cast<const char *>(rawData);
695 const char *address = reinterpret_cast<const char *>(rawData);
696
697 interface->P2pSetupWpsPbc(interface, ifName, address);
698 HDF_LOGI("%{public}s: success", __FUNCTION__);
699 }
700
FuzzWpaInterfaceP2pSetupWpsPin(struct IWpaInterface * interface,const uint8_t * rawData)701 void FuzzWpaInterfaceP2pSetupWpsPin(struct IWpaInterface *interface, const uint8_t *rawData)
702 {
703 if (interface == nullptr) {
704 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
705 return;
706 }
707 const char *ifName = reinterpret_cast<const char *>(rawData);
708 const char *address = reinterpret_cast<const char *>(rawData);
709 const char *pin = reinterpret_cast<const char *>(rawData);
710 char result[32] = {0};
711 uint32_t resultLen = *const_cast<uint32_t *>(reinterpret_cast<const uint32_t *>(rawData));
712
713
714 interface->P2pSetupWpsPin(interface, ifName, address, pin, result, resultLen);
715 HDF_LOGI("%{public}s: success", __FUNCTION__);
716 }
717
FuzzWpaInterfaceP2pSetPowerSave(struct IWpaInterface * interface,const uint8_t * rawData)718 void FuzzWpaInterfaceP2pSetPowerSave(struct IWpaInterface *interface, const uint8_t *rawData)
719 {
720 if (interface == nullptr) {
721 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
722 return;
723 }
724 const char *ifName = reinterpret_cast<const char *>(rawData);
725 int32_t enable = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
726
727 interface->P2pSetPowerSave(interface, ifName, enable);
728 HDF_LOGI("%{public}s: success", __FUNCTION__);
729 }
730
FuzzWpaInterfaceP2pSetDeviceName(struct IWpaInterface * interface,const uint8_t * rawData)731 void FuzzWpaInterfaceP2pSetDeviceName(struct IWpaInterface *interface, const uint8_t *rawData)
732 {
733 if (interface == nullptr) {
734 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
735 return;
736 }
737 const char *ifName = reinterpret_cast<const char *>(rawData);
738 const char *name = reinterpret_cast<const char *>(rawData);
739
740 interface->P2pSetDeviceName(interface, ifName, name);
741 HDF_LOGI("%{public}s: success", __FUNCTION__);
742 }
743
FuzzWpaInterfaceP2pSetWfdDeviceConfig(struct IWpaInterface * interface,const uint8_t * rawData)744 void FuzzWpaInterfaceP2pSetWfdDeviceConfig(struct IWpaInterface *interface, const uint8_t *rawData)
745 {
746 if (interface == nullptr) {
747 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
748 return;
749 }
750 const char *ifName = reinterpret_cast<const char *>(rawData);
751 const char *config = reinterpret_cast<const char *>(rawData);
752
753 interface->P2pSetWfdDeviceConfig(interface, ifName, config);
754 HDF_LOGI("%{public}s: success", __FUNCTION__);
755 }
756
FuzzWpaInterfaceP2pSetRandomMac(struct IWpaInterface * interface,const uint8_t * rawData)757 void FuzzWpaInterfaceP2pSetRandomMac(struct IWpaInterface *interface, const uint8_t *rawData)
758 {
759 if (interface == nullptr) {
760 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
761 return;
762 }
763 const char *ifName = reinterpret_cast<const char *>(rawData);
764 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
765
766 interface->P2pSetRandomMac(interface, ifName, networkId);
767 HDF_LOGI("%{public}s: success", __FUNCTION__);
768 }
769
FuzzWpaInterfaceP2pStartFind(struct IWpaInterface * interface,const uint8_t * rawData)770 void FuzzWpaInterfaceP2pStartFind(struct IWpaInterface *interface, const uint8_t *rawData)
771 {
772 if (interface == nullptr) {
773 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
774 return;
775 }
776 const char *ifName = reinterpret_cast<const char *>(rawData);
777 int32_t timeout = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
778
779 interface->P2pStartFind(interface, ifName, timeout);
780 HDF_LOGI("%{public}s: success", __FUNCTION__);
781 }
782
FuzzWpaInterfaceP2pSetExtListen(struct IWpaInterface * interface,const uint8_t * rawData)783 void FuzzWpaInterfaceP2pSetExtListen(struct IWpaInterface *interface, const uint8_t *rawData)
784 {
785 if (interface == nullptr) {
786 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
787 return;
788 }
789 const char *ifName = reinterpret_cast<const char *>(rawData);
790 int32_t enable = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
791 int32_t period = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
792 int32_t interval = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
793
794 interface->P2pSetExtListen(interface, ifName, enable, period, interval);
795 HDF_LOGI("%{public}s: success", __FUNCTION__);
796 }
797
FuzzWpaInterfaceP2pSetListenChannel(struct IWpaInterface * interface,const uint8_t * rawData)798 void FuzzWpaInterfaceP2pSetListenChannel(struct IWpaInterface *interface, const uint8_t *rawData)
799 {
800 if (interface == nullptr) {
801 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
802 return;
803 }
804 const char *ifName = reinterpret_cast<const char *>(rawData);
805 int32_t channel = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
806 int32_t regClass = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
807
808 interface->P2pSetListenChannel(interface, ifName, channel, regClass);
809 HDF_LOGI("%{public}s: success", __FUNCTION__);
810 }
811
FuzzWpaInterfaceP2pProvisionDiscovery(struct IWpaInterface * interface,const uint8_t * rawData)812 void FuzzWpaInterfaceP2pProvisionDiscovery(struct IWpaInterface *interface, const uint8_t *rawData)
813 {
814 if (interface == nullptr) {
815 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
816 return;
817 }
818 const char *ifName = reinterpret_cast<const char *>(rawData);
819 const char *peerBssid = reinterpret_cast<const char *>(rawData);
820 int32_t mode = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
821
822 interface->P2pProvisionDiscovery(interface, ifName, peerBssid, mode);
823 HDF_LOGI("%{public}s: success", __FUNCTION__);
824 }
825
FuzzWpaInterfaceP2pAddGroup(struct IWpaInterface * interface,const uint8_t * rawData)826 void FuzzWpaInterfaceP2pAddGroup(struct IWpaInterface *interface, const uint8_t *rawData)
827 {
828 if (interface == nullptr) {
829 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
830 return;
831 }
832 const char *ifName = reinterpret_cast<const char *>(rawData);
833 int32_t isPersistent = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
834 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
835 int32_t freq = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
836
837 interface->P2pAddGroup(interface, ifName, isPersistent, networkId, freq);
838 HDF_LOGI("%{public}s: success", __FUNCTION__);
839 }
840
FuzzWpaInterfaceP2pAddService(struct IWpaInterface * interface,const uint8_t * rawData)841 void FuzzWpaInterfaceP2pAddService(struct IWpaInterface *interface, const uint8_t *rawData)
842 {
843 if (interface == nullptr) {
844 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
845 return;
846 }
847 const char *ifName = reinterpret_cast<const char *>(rawData);
848 struct HdiP2pServiceInfo info = {0};
849 (void)memset_s(&info, sizeof(struct HdiP2pServiceInfo), 0, sizeof(struct HdiP2pServiceInfo));
850 info.mode = 0;
851 info.version = 0;
852 const int nameLen = 32;
853 const int paramLen = 1;
854 info.nameLen = nameLen;
855 info.queryLen = paramLen;
856 info.respLen = paramLen;
857 info.name = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * nameLen));
858 info.query = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * paramLen));
859 info.resp = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * paramLen));
860 if (info.name == nullptr || info.query == nullptr || info.resp == nullptr) {
861 HDF_LOGI("%{public}s: OsalMemCalloc fail", __FUNCTION__);
862 return;
863 }
864 strcpy_s((char *)info.name, sizeof(info.name), "p2p0");
865
866 interface->P2pAddService(interface, ifName, &info);
867 OsalMemFree(info.name);
868 OsalMemFree(info.query);
869 OsalMemFree(info.resp);
870 HDF_LOGI("%{public}s: success", __FUNCTION__);
871 }
872
FuzzWpaInterfaceP2pRemoveService(struct IWpaInterface * interface,const uint8_t * rawData)873 void FuzzWpaInterfaceP2pRemoveService(struct IWpaInterface *interface, const uint8_t *rawData)
874 {
875 if (interface == nullptr) {
876 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
877 return;
878 }
879 const char *ifName = reinterpret_cast<const char *>(rawData);
880 struct HdiP2pServiceInfo info = {0};
881 (void)memset_s(&info, sizeof(struct HdiP2pServiceInfo), 0, sizeof(struct HdiP2pServiceInfo));
882 info.mode = 0;
883 info.version = 0;
884 const int nameLen = 32;
885 const int paramLen = 1;
886 info.nameLen = nameLen;
887 info.queryLen = paramLen;
888 info.respLen = paramLen;
889 info.name = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * nameLen));
890 info.query = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * paramLen));
891 info.resp = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * paramLen));
892 if (info.name == nullptr || info.query == nullptr || info.resp == nullptr) {
893 HDF_LOGI("%{public}s: OsalMemCalloc fail", __FUNCTION__);
894 return;
895 }
896 strcpy_s((char *)info.name, sizeof(info.name), "p2p0");
897
898 interface->P2pRemoveService(interface, ifName, &info);
899 OsalMemFree(info.name);
900 OsalMemFree(info.query);
901 OsalMemFree(info.resp);
902 HDF_LOGI("%{public}s: success", __FUNCTION__);
903 }
904
FuzzWpaInterfaceP2pStopFind(struct IWpaInterface * interface,const uint8_t * rawData)905 void FuzzWpaInterfaceP2pStopFind(struct IWpaInterface *interface, const uint8_t *rawData)
906 {
907 if (interface == nullptr) {
908 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
909 return;
910 }
911 const char *ifName = reinterpret_cast<const char *>(rawData);
912
913 interface->P2pStopFind(interface, ifName);
914 HDF_LOGI("%{public}s: success", __FUNCTION__);
915 }
916
FuzzWpaInterfaceP2pFlush(struct IWpaInterface * interface,const uint8_t * rawData)917 void FuzzWpaInterfaceP2pFlush(struct IWpaInterface *interface, const uint8_t *rawData)
918 {
919 if (interface == nullptr) {
920 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
921 return;
922 }
923 const char *ifName = reinterpret_cast<const char *>(rawData);
924
925 interface->P2pFlush(interface, ifName);
926 HDF_LOGI("%{public}s: success", __FUNCTION__);
927 }
928
FuzzWpaInterfaceP2pFlushService(struct IWpaInterface * interface,const uint8_t * rawData)929 void FuzzWpaInterfaceP2pFlushService(struct IWpaInterface *interface, const uint8_t *rawData)
930 {
931 if (interface == nullptr) {
932 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
933 return;
934 }
935 const char *ifName = reinterpret_cast<const char *>(rawData);
936
937 interface->P2pFlushService(interface, ifName);
938 HDF_LOGI("%{public}s: success", __FUNCTION__);
939 }
940
FuzzWpaInterfaceP2pRemoveNetwork(struct IWpaInterface * interface,const uint8_t * rawData)941 void FuzzWpaInterfaceP2pRemoveNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
942 {
943 if (interface == nullptr) {
944 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
945 return;
946 }
947 const char *ifName = reinterpret_cast<const char *>(rawData);
948 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
949
950 interface->P2pRemoveNetwork(interface, ifName, networkId);
951 HDF_LOGI("%{public}s: success", __FUNCTION__);
952 }
953
FuzzWpaInterfaceP2pSetGroupConfig(struct IWpaInterface * interface,const uint8_t * rawData)954 void FuzzWpaInterfaceP2pSetGroupConfig(struct IWpaInterface *interface, const uint8_t *rawData)
955 {
956 if (interface == nullptr) {
957 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
958 return;
959 }
960 const char *ifName = reinterpret_cast<const char *>(rawData);
961 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
962 const char *name = reinterpret_cast<const char *>(rawData);
963 const char *value = reinterpret_cast<const char *>(rawData);
964
965 interface->P2pSetGroupConfig(interface, ifName, networkId, name, value);
966 HDF_LOGI("%{public}s: success", __FUNCTION__);
967 }
968
FuzzWpaInterfaceP2pInvite(struct IWpaInterface * interface,const uint8_t * rawData)969 void FuzzWpaInterfaceP2pInvite(struct IWpaInterface *interface, const uint8_t *rawData)
970 {
971 if (interface == nullptr) {
972 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
973 return;
974 }
975 const char *ifName = reinterpret_cast<const char *>(rawData);
976 const char *peerBssid = reinterpret_cast<const char *>(rawData);
977 const char *goBssid = reinterpret_cast<const char *>(rawData);
978
979 interface->P2pInvite(interface, ifName, peerBssid, goBssid);
980 HDF_LOGI("%{public}s: success", __FUNCTION__);
981 }
982
FuzzWpaInterfaceP2pReinvoke(struct IWpaInterface * interface,const uint8_t * rawData)983 void FuzzWpaInterfaceP2pReinvoke(struct IWpaInterface *interface, const uint8_t *rawData)
984 {
985 if (interface == nullptr) {
986 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
987 return;
988 }
989 const char *ifName = reinterpret_cast<const char *>(rawData);
990 const char *bssid = reinterpret_cast<const char *>(rawData);
991 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
992
993 interface->P2pReinvoke(interface, ifName, networkId, bssid);
994 HDF_LOGI("%{public}s: success", __FUNCTION__);
995 }
996
FuzzWpaInterfaceP2pGetDeviceAddress(struct IWpaInterface * interface,const uint8_t * rawData)997 void FuzzWpaInterfaceP2pGetDeviceAddress(struct IWpaInterface *interface, const uint8_t *rawData)
998 {
999 if (interface == nullptr) {
1000 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1001 return;
1002 }
1003 const char *ifName = reinterpret_cast<const char *>(rawData);
1004 char deviceAddress[32] = {0};
1005 uint32_t deviceAddressLen = *const_cast<uint32_t *>(reinterpret_cast<const uint32_t *>(rawData));
1006
1007 interface->P2pGetDeviceAddress(interface, ifName, deviceAddress, deviceAddressLen);
1008 HDF_LOGI("%{public}s: success", __FUNCTION__);
1009 }
1010
FuzzWpaInterfaceP2pReqServiceDiscovery(struct IWpaInterface * interface,const uint8_t * rawData)1011 void FuzzWpaInterfaceP2pReqServiceDiscovery(struct IWpaInterface *interface, const uint8_t *rawData)
1012 {
1013 if (interface == nullptr) {
1014 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1015 return;
1016 }
1017 const char *ifName = reinterpret_cast<const char *>(rawData);
1018 char *replyDisc = static_cast<char *>(calloc(REPLY_SIZE, sizeof(char)));
1019 if (replyDisc == nullptr) {
1020 return;
1021 }
1022 uint32_t replyDiscLen = REPLY_SIZE;
1023 struct HdiP2pReqService reqService;
1024 (void)memset_s(&reqService, sizeof(struct HdiP2pReqService), 0, sizeof(struct HdiP2pReqService));
1025 reqService.bssidLen = ETH_ADDR_LEN;
1026 reqService.bssid = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * (reqService.bssidLen)));
1027 if (reqService.bssid == nullptr) {
1028 free(replyDisc);
1029 return;
1030 }
1031 reqService.bssid[0] = 0x12;
1032 reqService.bssid[1] = 0x34;
1033 reqService.bssid[2] = 0x56;
1034 reqService.bssid[3] = 0x78;
1035 reqService.bssid[4] = 0xab;
1036 reqService.bssid[5] = 0xcd;
1037
1038 interface->P2pReqServiceDiscovery(interface, ifName, &reqService, replyDisc, replyDiscLen);
1039 free(replyDisc);
1040 OsalMemFree(reqService.bssid);
1041 HDF_LOGI("%{public}s: success", __FUNCTION__);
1042 }
1043
FuzzWpaInterfaceP2pCancelServiceDiscovery(struct IWpaInterface * interface,const uint8_t * rawData)1044 void FuzzWpaInterfaceP2pCancelServiceDiscovery(struct IWpaInterface *interface, const uint8_t *rawData)
1045 {
1046 if (interface == nullptr) {
1047 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1048 return;
1049 }
1050 const char *ifName = reinterpret_cast<const char *>(rawData);
1051 const char *id = reinterpret_cast<const char *>(rawData);
1052
1053 interface->P2pCancelServiceDiscovery(interface, ifName, id);
1054 HDF_LOGI("%{public}s: success", __FUNCTION__);
1055 }
1056
FuzzWpaInterfaceP2pRespServerDiscovery(struct IWpaInterface * interface,const uint8_t * rawData)1057 void FuzzWpaInterfaceP2pRespServerDiscovery(struct IWpaInterface *interface, const uint8_t *rawData)
1058 {
1059 if (interface == nullptr) {
1060 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1061 return;
1062 }
1063 const char *ifName = reinterpret_cast<const char *>(rawData);
1064 struct HdiP2pServDiscReqInfo info;
1065 (void)memset_s(&info, sizeof(struct HdiP2pServDiscReqInfo), 0, sizeof(struct HdiP2pServDiscReqInfo));
1066
1067 interface->P2pRespServerDiscovery(interface, ifName, &info);
1068 HDF_LOGI("%{public}s: success", __FUNCTION__);
1069 }
1070
FuzzWpaInterfaceP2pConnect(struct IWpaInterface * interface,const uint8_t * rawData)1071 void FuzzWpaInterfaceP2pConnect(struct IWpaInterface *interface, const uint8_t *rawData)
1072 {
1073 if (interface == nullptr) {
1074 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1075 return;
1076 }
1077 const char *ifName = reinterpret_cast<const char *>(rawData);
1078 struct HdiP2pConnectInfo info;
1079 (void)memset_s(&info, sizeof(struct HdiP2pConnectInfo), 0, sizeof(struct HdiP2pConnectInfo));
1080 char *replyPin = static_cast<char *>(calloc(REPLY_SIZE, sizeof(char)));
1081 if (replyPin == nullptr) {
1082 return;
1083 }
1084 uint32_t replyPinLen = REPLY_SIZE;
1085
1086 interface->P2pConnect(interface, ifName, &info, replyPin, replyPinLen);
1087 free(replyPin);
1088 HDF_LOGI("%{public}s: success", __FUNCTION__);
1089 }
1090
FuzzWpaInterfaceP2pHid2dConnect(struct IWpaInterface * interface,const uint8_t * rawData)1091 void FuzzWpaInterfaceP2pHid2dConnect(struct IWpaInterface *interface, const uint8_t *rawData)
1092 {
1093 if (interface == nullptr) {
1094 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1095 return;
1096 }
1097 const int macAddrIndexOne = 0;
1098 const int macAddrIndexTwo = 1;
1099 const int macAddrIndexThree = 2;
1100 const int macAddrIndexFour = 3;
1101 const int macAddrIndexFive = 4;
1102 const int macAddrIndexSix = 5;
1103 const char *ifName = reinterpret_cast<const char *>(rawData);
1104 struct HdiHid2dConnectInfo info;
1105 (void)memset_s(&info, sizeof(struct HdiHid2dConnectInfo), 0, sizeof(struct HdiHid2dConnectInfo));
1106 info.bssidLen = ETH_ADDR_LEN;
1107 info.bssid = static_cast<uint8_t *>(OsalMemCalloc(sizeof(uint8_t) * (info.bssidLen)));
1108 if (info.bssid == nullptr) {
1109 return;
1110 }
1111 info.bssid[macAddrIndexOne] = 0x00;
1112 info.bssid[macAddrIndexTwo] = 0x00;
1113 info.bssid[macAddrIndexThree] = 0x00;
1114 info.bssid[macAddrIndexFour] = 0x00;
1115 info.bssid[macAddrIndexFive] = 0x00;
1116 info.bssid[macAddrIndexSix] = 0x00;
1117 interface->P2pHid2dConnect(interface, ifName, &info);
1118 OsalMemFree(info.bssid);
1119 HDF_LOGI("%{public}s: success", __FUNCTION__);
1120 }
1121
FuzzWpaInterfaceP2pSetServDiscExternal(struct IWpaInterface * interface,const uint8_t * rawData)1122 void FuzzWpaInterfaceP2pSetServDiscExternal(struct IWpaInterface *interface, const uint8_t *rawData)
1123 {
1124 if (interface == nullptr) {
1125 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1126 return;
1127 }
1128 const char *ifName = reinterpret_cast<const char *>(rawData);
1129 int32_t mode = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
1130
1131 interface->P2pSetServDiscExternal(interface, ifName, mode);
1132 HDF_LOGI("%{public}s: success", __FUNCTION__);
1133 }
1134
FuzzWpaInterfaceP2pRemoveGroup(struct IWpaInterface * interface,const uint8_t * rawData)1135 void FuzzWpaInterfaceP2pRemoveGroup(struct IWpaInterface *interface, const uint8_t *rawData)
1136 {
1137 if (interface == nullptr) {
1138 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1139 return;
1140 }
1141 const char *ifName = reinterpret_cast<const char *>(rawData);
1142 const char *groupName = reinterpret_cast<const char *>(rawData);
1143
1144 interface->P2pRemoveGroup(interface, ifName, groupName);
1145 HDF_LOGI("%{public}s: success", __FUNCTION__);
1146 }
1147
FuzzWpaInterfaceP2pCancelConnect(struct IWpaInterface * interface,const uint8_t * rawData)1148 void FuzzWpaInterfaceP2pCancelConnect(struct IWpaInterface *interface, const uint8_t *rawData)
1149 {
1150 if (interface == nullptr) {
1151 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1152 return;
1153 }
1154 const char *ifName = reinterpret_cast<const char *>(rawData);
1155
1156 interface->P2pCancelConnect(interface, ifName);
1157 HDF_LOGI("%{public}s: success", __FUNCTION__);
1158 }
1159
FuzzWpaInterfaceP2pGetGroupConfig(struct IWpaInterface * interface,const uint8_t * rawData)1160 void FuzzWpaInterfaceP2pGetGroupConfig(struct IWpaInterface *interface, const uint8_t *rawData)
1161 {
1162 if (interface == nullptr) {
1163 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1164 return;
1165 }
1166 const char *ifName = reinterpret_cast<const char *>(rawData);
1167 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
1168 const char *param = reinterpret_cast<const char *>(rawData);
1169 char value[32] = {0};
1170 uint32_t valueLen = *const_cast<uint32_t *>(reinterpret_cast<const uint32_t *>(rawData));
1171
1172 interface->P2pGetGroupConfig(interface, ifName, networkId, param, value, valueLen);
1173 HDF_LOGI("%{public}s: success", __FUNCTION__);
1174 }
1175
FuzzWpaInterfaceP2pAddNetwork(struct IWpaInterface * interface,const uint8_t * rawData)1176 void FuzzWpaInterfaceP2pAddNetwork(struct IWpaInterface *interface, const uint8_t *rawData)
1177 {
1178 if (interface == nullptr) {
1179 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1180 return;
1181 }
1182 const char *ifName = reinterpret_cast<const char *>(rawData);
1183 int32_t networkId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
1184
1185 interface->P2pAddNetwork(interface, ifName, &networkId);
1186 HDF_LOGI("%{public}s: success", __FUNCTION__);
1187 }
1188
FuzzWpaInterfaceP2pGetPeer(struct IWpaInterface * interface,const uint8_t * rawData)1189 void FuzzWpaInterfaceP2pGetPeer(struct IWpaInterface *interface, const uint8_t *rawData)
1190 {
1191 if (interface == nullptr) {
1192 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1193 return;
1194 }
1195 const char *ifName = reinterpret_cast<const char *>(rawData);
1196 const char *bssid = reinterpret_cast<const char *>(rawData);
1197 struct HdiP2pDeviceInfo info;
1198 (void)memset_s(&info, sizeof(struct HdiP2pDeviceInfo), 0, sizeof(struct HdiP2pDeviceInfo));
1199
1200 interface->P2pGetPeer(interface, ifName, bssid, &info);
1201 HDF_LOGI("%{public}s: success", __FUNCTION__);
1202 }
1203
FuzzWpaInterfaceP2pGetGroupCapability(struct IWpaInterface * interface,const uint8_t * rawData)1204 void FuzzWpaInterfaceP2pGetGroupCapability(struct IWpaInterface *interface, const uint8_t *rawData)
1205 {
1206 if (interface == nullptr) {
1207 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1208 return;
1209 }
1210 const char *ifName = reinterpret_cast<const char *>(rawData);
1211 const char *bssid = reinterpret_cast<const char *>(rawData);
1212 int32_t cap = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData));
1213
1214 interface->P2pGetGroupCapability(interface, ifName, bssid, &cap);
1215 HDF_LOGI("%{public}s: success", __FUNCTION__);
1216 }
1217
FuzzWpaInterfaceP2pListNetworks(struct IWpaInterface * interface,const uint8_t * rawData)1218 void FuzzWpaInterfaceP2pListNetworks(struct IWpaInterface *interface, const uint8_t *rawData)
1219 {
1220 if (interface == nullptr) {
1221 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1222 return;
1223 }
1224 const char *ifName = reinterpret_cast<const char *>(rawData);
1225 struct HdiP2pNetworkList infoList;
1226 (void)memset_s(&infoList, sizeof(struct HdiP2pNetworkList), 0, sizeof(struct HdiP2pNetworkList));
1227
1228 interface->P2pListNetworks(interface, ifName, &infoList);
1229 HDF_LOGI("%{public}s: success", __FUNCTION__);
1230 }
1231
FuzzWpaInterfaceP2pSaveConfig(struct IWpaInterface * interface,const uint8_t * rawData)1232 void FuzzWpaInterfaceP2pSaveConfig(struct IWpaInterface *interface, const uint8_t *rawData)
1233 {
1234 if (interface == nullptr) {
1235 HDF_LOGE("%{public}s: interface is null", __FUNCTION__);
1236 return;
1237 }
1238 const char *ifName = reinterpret_cast<const char *>(rawData);
1239
1240 interface->P2pSaveConfig(interface, ifName);
1241 HDF_LOGI("%{public}s: success", __FUNCTION__);
1242 }
1243