• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2021 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at:
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *
16  */
17 
18 #include <fuzzer/FuzzedDataProvider.h>
19 #include "btcore/include/device_class.h"
20 
21 class BTCoreDeviceClassFuzzer {
22  public:
23   void process(const uint8_t* data, size_t size);
24 
25  private:
26   std::unique_ptr<FuzzedDataProvider> mFdp = nullptr;
27 };
28 
process(const uint8_t * data,size_t size)29 void BTCoreDeviceClassFuzzer::process(const uint8_t* data, size_t size) {
30   mFdp = std::make_unique<FuzzedDataProvider>(data, size);
31   size_t dcStreamSize = sizeof(bt_device_class_t) * sizeof(uint8_t);
32 
33   std::vector<uint8_t> dcStreamSrc(dcStreamSize, 0x0);
34   mFdp->ConsumeData(dcStreamSrc.data(), dcStreamSize);
35 
36   bt_device_class_t deviceClass;
37   device_class_from_stream(&deviceClass, dcStreamSrc.data());
38 
39   std::vector<uint8_t> dcStreamDst(dcStreamSize, 0x0);
40   (void)device_class_to_stream(&deviceClass, dcStreamDst.data(), dcStreamSize);
41 
42   device_class_set_limited(&deviceClass, mFdp->ConsumeBool());
43   (void)device_class_get_limited(&deviceClass);
44 
45   int val = mFdp->ConsumeIntegral<int>();
46   device_class_set_major_device(&deviceClass, val);
47   (void)device_class_get_major_device(&deviceClass);
48 
49   val = mFdp->ConsumeIntegral<int>();
50   device_class_set_minor_device(&deviceClass, val);
51   (void)device_class_get_minor_device(&deviceClass);
52 
53   device_class_set_information(&deviceClass, mFdp->ConsumeBool());
54   (void)device_class_get_information(&deviceClass);
55 
56   bt_device_class_t deviceClassCopy;
57   (void)device_class_copy(&deviceClassCopy, &deviceClass);
58   (void)device_class_equals(&deviceClass, &deviceClassCopy);
59 
60   val = mFdp->ConsumeIntegralInRange(1, INT_MAX);
61   device_class_from_int(&deviceClass, val);
62   (void)device_class_to_int(&deviceClass);
63 }
64 
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)65 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
66   BTCoreDeviceClassFuzzer btCoreDeviceClassFuzzer;
67   btCoreDeviceClassFuzzer.process(data, size);
68   return 0;
69 }
70