1 /*
2 * Copyright (c) 2025 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "preloaduiextstateobserver_fuzzer.h"
16
17 #define private public
18 #include "preload_uiext_state_observer.h"
19 #undef private
20
21 #include <fuzzer/FuzzedDataProvider.h>
22 #include <iostream>
23
24 namespace OHOS {
25 namespace {
26 constexpr uint8_t ENABLE = 2;
27 constexpr size_t U32_AT_SIZE = 4;
28 constexpr size_t STRING_MAX_LENGTH = 128;
29 }
30
DoSomethingInterestingWithMyAPI(const uint8_t * data,size_t size)31 bool DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
32 {
33 FuzzedDataProvider fdp(data, size);
34 std::shared_ptr<AbilityRuntime::ExtensionRecord> extRecord;
35 std::weak_ptr<AbilityRuntime::ExtensionRecord> weakExtRecord = extRecord;
36 std::shared_ptr<AAFwk::PreLoadUIExtStateObserver> preLoad =
37 std::make_shared<AAFwk::PreLoadUIExtStateObserver>(weakExtRecord);
38 if (!preLoad) {
39 return false;
40 }
41
42 AppExecFwk::ProcessData processData;
43 processData.bundleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
44 processData.pid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
45 processData.uid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
46 processData.hostPid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
47 processData.gpuPid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
48 processData.renderUid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
49 processData.isContinuousTask = fdp.ConsumeBool();
50 processData.isKeepAlive = fdp.ConsumeBool();
51 processData.isFocused = fdp.ConsumeBool();
52 processData.requestProcCode = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
53 processData.processChangeReason = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
54 processData.processName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
55 processData.accessTokenId = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
56 processData.isTestMode = fdp.ConsumeBool();
57 processData.exitReason = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
58 processData.exitMsg = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
59 processData.childUid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
60 processData.isPreload = fdp.ConsumeBool();
61 processData.isPreloadModule = fdp.ConsumeBool();
62 processData.callerPid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
63 processData.killReason = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
64 processData.processType = AppExecFwk::ProcessType::NORMAL;
65 processData.extensionType = AppExecFwk::ExtensionAbilityType::UNSPECIFIED;
66 processData.state = AppExecFwk::AppProcessState::APP_STATE_FOREGROUND;
67 preLoad->OnProcessDied(processData);
68 processData.processType = AppExecFwk::ProcessType::EXTENSION;
69 processData.extensionType = AppExecFwk::ExtensionAbilityType::APP_ACCOUNT_AUTHORIZATION;
70 processData.state = AppExecFwk::AppProcessState::APP_STATE_CREATE;
71 preLoad->OnProcessDied(processData);
72 processData.processType = AppExecFwk::ProcessType::RENDER;
73 processData.extensionType = AppExecFwk::ExtensionAbilityType::HMS_ACCOUNT;
74 processData.state = AppExecFwk::AppProcessState::APP_STATE_READY;
75 preLoad->OnProcessDied(processData);
76 processData.processType = AppExecFwk::ProcessType::GPU;
77 processData.extensionType = AppExecFwk::ExtensionAbilityType::REMOTE_NOTIFICATION;
78 processData.state = AppExecFwk::AppProcessState::APP_STATE_FOCUS;
79 preLoad->OnProcessDied(processData);
80
81 AppExecFwk::AppStateData appStateData;
82 std::vector<int32_t> renderPids;
83 appStateData.isFocused = fdp.ConsumeBool();
84 appStateData.isSplitScreenMode = fdp.ConsumeBool();
85 appStateData.isFloatingWindowMode = fdp.ConsumeBool();
86 appStateData.isSpecifyTokenId = fdp.ConsumeBool();
87 appStateData.isPreloadModule = fdp.ConsumeBool();
88 appStateData.pid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
89 appStateData.uid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
90 appStateData.callerUid = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
91 appStateData.state = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
92 appStateData.appIndex = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
93 appStateData.accessTokenId = fdp.ConsumeIntegralInRange<int32_t>(0, U32_AT_SIZE);
94 appStateData.bundleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
95 appStateData.callerBundleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH);
96 appStateData.extensionType = AppExecFwk::ExtensionAbilityType::UNSPECIFIED;
97 preLoad->OnAppCacheStateChanged(appStateData);
98 appStateData.extensionType = AppExecFwk::ExtensionAbilityType::REMOTE_NOTIFICATION;
99 preLoad->OnAppCacheStateChanged(appStateData);
100 appStateData.extensionType = AppExecFwk::ExtensionAbilityType::HMS_ACCOUNT;
101 preLoad->OnAppCacheStateChanged(appStateData);
102 appStateData.extensionType = AppExecFwk::ExtensionAbilityType::APP_ACCOUNT_AUTHORIZATION;
103 preLoad->OnAppCacheStateChanged(appStateData);
104 appStateData.extensionType = AppExecFwk::ExtensionAbilityType::ACCOUNTLOGOUT;
105 preLoad->OnAppCacheStateChanged(appStateData);
106 return true;
107 }
108 }
109
110 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)111 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
112 {
113 // Run your code on data.
114 OHOS::DoSomethingInterestingWithMyAPI(data, size);
115 return 0;
116 }