1 /*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "displaymanager_fuzzer.h"
17
18 #include <securec.h>
19 #include <ui/rs_surface_node.h>
20 #include "display_manager.h"
21
22 namespace OHOS ::Rosen {
23 class DisplayListener : public DisplayManager::IDisplayListener {
24 public:
OnCreate(DisplayId)25 virtual void OnCreate(DisplayId) override
26 {
27 }
OnDestroy(DisplayId)28 virtual void OnDestroy(DisplayId) override
29 {
30 }
OnChange(DisplayId)31 virtual void OnChange(DisplayId) override
32 {
33 }
34 };
35
36 class ScreenshotListener : public DisplayManager::IScreenshotListener {
37 public:
OnScreenshot(const ScreenshotInfo info)38 void OnScreenshot(const ScreenshotInfo info) override
39 {
40 }
41 };
42
43 class PrivateWindowListener : public DisplayManager::IPrivateWindowListener {
44 public:
OnPrivateWindow(bool hasPrivate)45 void OnPrivateWindow(bool hasPrivate) override
46 {
47 }
48 };
49
50 class DisplayPowerEventListener : public IDisplayPowerEventListener {
51 public:
OnDisplayPowerEvent(DisplayPowerEvent event,EventStatus status)52 virtual void OnDisplayPowerEvent(DisplayPowerEvent event, EventStatus status) override
53 {
54 }
55 };
56
57 template<class T>
GetObject(T & object,const uint8_t * data,size_t size)58 size_t GetObject(T &object, const uint8_t *data, size_t size)
59 {
60 size_t objectSize = sizeof(object);
61 if (objectSize > size) {
62 return 0;
63 }
64 return memcpy_s(&object, objectSize, data, objectSize) == EOK ? objectSize : 0;
65 }
66
DisplayFuzzTest(const uint8_t * data,size_t size)67 bool DisplayFuzzTest(const uint8_t* data, size_t size)
68 {
69 DisplayId displayId;
70 ScreenId screenId;
71 if (data == nullptr || size < sizeof(displayId) + sizeof(screenId)) {
72 return false;
73 }
74 size_t startPos = 0;
75 DisplayManager& displayManager = DisplayManager::GetInstance();
76 sptr<DisplayListener> displayListener = new DisplayListener();
77 displayManager.GetAllDisplays();
78 displayManager.GetAllDisplayIds();
79 displayManager.GetDefaultDisplayId();
80 displayManager.GetDefaultDisplay();
81
82 startPos += GetObject<DisplayId>(displayId, data + startPos, size - startPos);
83 displayManager.GetDisplayById(displayId);
84 startPos += GetObject<ScreenId>(screenId, data + startPos, size - startPos);
85 displayManager.GetDisplayByScreen(screenId);
86 bool flag = true;
87 startPos += GetObject<bool>(flag, data + startPos, size - startPos);
88 displayManager.HasPrivateWindow(displayId, flag);
89 displayManager.RegisterDisplayListener(displayListener);
90 displayManager.UnregisterDisplayListener(displayListener);
91 sptr<ScreenshotListener> screenshotListener = new ScreenshotListener();
92 displayManager.RegisterScreenshotListener(screenshotListener);
93 displayManager.UnregisterScreenshotListener(screenshotListener);
94 sptr<PrivateWindowListener> privateWindowListener = new PrivateWindowListener();
95 displayManager.RegisterPrivateWindowListener(privateWindowListener);
96 displayManager.UnregisterPrivateWindowListener(privateWindowListener);
97 RSSurfaceNodeConfig config;
98 config.SurfaceNodeName = "AddSurfaceNodeToDisplay";
99 auto surfaceNode = RSSurfaceNode::Create(config, false);
100 displayManager.AddSurfaceNodeToDisplay(displayId, surfaceNode);
101 displayManager.RemoveSurfaceNodeFromDisplay(displayId, surfaceNode);
102 return true;
103 }
104
GetScreenshotFuzzTest(const uint8_t * data,size_t size)105 bool GetScreenshotFuzzTest(const uint8_t* data, size_t size)
106 {
107 DisplayId displayId;
108 Media::Rect rect;
109 Media::Size mediaSize;
110 int rotation;
111 if (data == nullptr || size < sizeof(displayId) + sizeof(rect) + sizeof(size) + sizeof(rotation)) {
112 return false;
113 }
114 size_t startPos = 0;
115 DisplayManager& displayManager = DisplayManager::GetInstance();
116 startPos += GetObject<DisplayId>(displayId, data + startPos, size - startPos);
117 displayManager.GetScreenshot(displayId);
118 startPos += GetObject<Media::Rect>(rect, data + startPos, size - startPos);
119 startPos += GetObject<Media::Size>(mediaSize, data + startPos, size - startPos);
120 GetObject<int>(rotation, data + startPos, size - startPos);
121 displayManager.GetScreenshot(displayId, rect, mediaSize, rotation);
122 return true;
123 }
124
DisplayPowerFuzzTest(const uint8_t * data,size_t size)125 bool DisplayPowerFuzzTest(const uint8_t* data, size_t size)
126 {
127 uint32_t reason;
128 DisplayId displayId;
129 uint32_t state;
130 if (data == nullptr || size < sizeof(reason) + sizeof(displayId) + sizeof(state)) {
131 return false;
132 }
133 size_t startPos = 0;
134 DisplayManager& displayManager = DisplayManager::GetInstance();
135 sptr<IDisplayPowerEventListener> listener = new DisplayPowerEventListener();
136 displayManager.RegisterDisplayPowerEventListener(listener);
137
138 startPos += GetObject<uint32_t>(reason, data + startPos, size - startPos);
139 displayManager.WakeUpBegin(static_cast<PowerStateChangeReason>(reason));
140 displayManager.WakeUpEnd();
141 displayManager.SuspendBegin(static_cast<PowerStateChangeReason>(reason));
142 displayManager.SuspendEnd();
143
144 startPos += GetObject<uint32_t>(state, data + startPos, size - startPos);
145 DisplayStateCallback callback = [](DisplayState state) {
146 };
147 displayManager.SetDisplayState(static_cast<DisplayState>(state), callback);
148 startPos += GetObject<DisplayId>(displayId, data + startPos, size - startPos);
149 displayManager.GetDisplayState(displayId);
150
151 displayManager.UnregisterDisplayPowerEventListener(listener);
152 return true;
153 }
154
ScreenBrightnessFuzzTest(const uint8_t * data,size_t size)155 bool ScreenBrightnessFuzzTest(const uint8_t* data, size_t size)
156 {
157 uint64_t screenId;
158 uint32_t level;
159 if (data == nullptr || size < sizeof(screenId) + sizeof(level)) {
160 return false;
161 }
162 size_t startPos = 0;
163 DisplayManager& displayManager = DisplayManager::GetInstance();
164
165 startPos += GetObject<uint64_t>(screenId, data + startPos, size - startPos);
166 GetObject<uint32_t>(level, data + startPos, size - startPos);
167 displayManager.SetScreenBrightness(screenId, level);
168 displayManager.GetScreenBrightness(screenId);
169 return true;
170 }
171
FreezeFuzzTest(const uint8_t * data,size_t size)172 bool FreezeFuzzTest(const uint8_t* data, size_t size)
173 {
174 // 10 displays
175 if (data == nullptr || size < sizeof(DisplayId) * 10) {
176 return false;
177 }
178 size_t startPos = 0;
179 DisplayManager& displayManager = DisplayManager::GetInstance();
180 // 10 displays
181 std::vector<DisplayId> displays(10);
182 for (DisplayId& id : displays) {
183 startPos += GetObject<DisplayId>(id, data + startPos, size - startPos);
184 }
185 displayManager.Freeze(displays);
186 displayManager.Unfreeze(displays);
187 return true;
188 }
189
NotifyDisplayEventFuzzTest(const uint8_t * data,size_t size)190 bool NotifyDisplayEventFuzzTest(const uint8_t* data, size_t size)
191 {
192 // 10 displays
193 if (data == nullptr || size < sizeof(DisplayEvent)) {
194 return false;
195 }
196 size_t startPos = 0;
197 DisplayManager& displayManager = DisplayManager::GetInstance();
198 uint32_t event;
199 GetObject<uint32_t>(event, data + startPos, size - startPos);
200 displayManager.NotifyDisplayEvent(static_cast<DisplayEvent>(event));
201 return true;
202 }
203 } // namespace.OHOS::Rosen
204
205 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)206 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
207 {
208 /* Run your code on data */
209 OHOS::Rosen::DisplayFuzzTest(data, size);
210 OHOS::Rosen::GetScreenshotFuzzTest(data, size);
211 OHOS::Rosen::DisplayPowerFuzzTest(data, size);
212 OHOS::Rosen::ScreenBrightnessFuzzTest(data, size);
213 OHOS::Rosen::FreezeFuzzTest(data, size);
214 OHOS::Rosen::NotifyDisplayEventFuzzTest(data, size);
215 return 0;
216 }
217
218