1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <cstring>
17 #include <map>
18 #include <securec.h>
19 #include <string>
20 #include <vector>
21
22 #include "http_request_options.h"
23 #include "netstack_log.h"
24 #include "secure_char.h"
25
26 namespace OHOS {
27 namespace NetStack {
28 namespace Http {
29 namespace {
30 const uint8_t *g_baseFuzzData = nullptr;
31 size_t g_baseFuzzSize = 0;
32 size_t g_baseFuzzPos = 0;
33 constexpr size_t STR_LEN = 255;
34 } // namespace
GetData()35 template <class T> T GetData()
36 {
37 T object{};
38 size_t objectSize = sizeof(object);
39 if (g_baseFuzzData == nullptr || g_baseFuzzSize <= g_baseFuzzPos || objectSize > g_baseFuzzSize - g_baseFuzzPos) {
40 return object;
41 }
42 if (memcpy_s(&object, objectSize, g_baseFuzzData + g_baseFuzzPos, objectSize)) {
43 return {};
44 }
45 g_baseFuzzPos += objectSize;
46 return object;
47 }
48
SetGlobalFuzzData(const uint8_t * data,size_t size)49 void SetGlobalFuzzData(const uint8_t *data, size_t size)
50 {
51 g_baseFuzzData = data;
52 g_baseFuzzSize = size;
53 g_baseFuzzPos = 0;
54 }
55
GetStringFromData(int strlen)56 std::string GetStringFromData(int strlen)
57 {
58 if (strlen < 1) {
59 return "";
60 }
61
62 char cstr[strlen];
63 cstr[strlen - 1] = '\0';
64 for (int i = 0; i < strlen - 1; i++) {
65 cstr[i] = GetData<char>();
66 }
67 std::string str(cstr);
68 return str;
69 }
70
SetCaPathFuzzTest(const uint8_t * data,size_t size)71 void SetCaPathFuzzTest(const uint8_t *data, size_t size)
72 {
73 if ((data == nullptr) || (size < 1)) {
74 return;
75 }
76 SetGlobalFuzzData(data, size);
77 std::string str = GetStringFromData(STR_LEN);
78
79 HttpRequestOptions requestOptions;
80 requestOptions.SetCaPath(str);
81 }
82
SetUrlFuzzTest(const uint8_t * data,size_t size)83 void SetUrlFuzzTest(const uint8_t *data, size_t size)
84 {
85 if ((data == nullptr) || (size < 1)) {
86 return;
87 }
88 SetGlobalFuzzData(data, size);
89 HttpRequestOptions requestOptions;
90 std::string str = GetStringFromData(STR_LEN);
91 requestOptions.SetUrl(str);
92 }
93
SetMethodFuzzTest(const uint8_t * data,size_t size)94 void SetMethodFuzzTest(const uint8_t *data, size_t size)
95 {
96 if ((data == nullptr) || (size < 1)) {
97 return;
98 }
99 SetGlobalFuzzData(data, size);
100 HttpRequestOptions requestOptions;
101 std::string str = GetStringFromData(STR_LEN);
102 requestOptions.SetMethod(str);
103 }
104
SetHeaderFuzzTest(const uint8_t * data,size_t size)105 void SetHeaderFuzzTest(const uint8_t *data, size_t size)
106 {
107 if ((data == nullptr) || (size < 1)) {
108 return;
109 }
110 SetGlobalFuzzData(data, size);
111 HttpRequestOptions requestOptions;
112 std::string str = GetStringFromData(STR_LEN);
113 requestOptions.SetHeader(str, str);
114 }
115
SetReadTimeoutFuzzTest(const uint8_t * data,size_t size)116 void SetReadTimeoutFuzzTest(const uint8_t *data, size_t size)
117 {
118 if ((data == nullptr) || (size < 1)) {
119 return;
120 }
121 SetGlobalFuzzData(data, size);
122 HttpRequestOptions requestOptions;
123 requestOptions.SetReadTimeout(size);
124 }
125
SetConnectTimeoutFuzzTest(const uint8_t * data,size_t size)126 void SetConnectTimeoutFuzzTest(const uint8_t *data, size_t size)
127 {
128 if ((data == nullptr) || (size < 1)) {
129 return;
130 }
131 SetGlobalFuzzData(data, size);
132 HttpRequestOptions requestOptions;
133 requestOptions.SetConnectTimeout(size);
134 }
135
SetUsingProtocolFuzzTest(const uint8_t * data,size_t size)136 void SetUsingProtocolFuzzTest(const uint8_t *data, size_t size)
137 {
138 if ((data == nullptr) || (size < 1)) {
139 return;
140 }
141 SetGlobalFuzzData(data, size);
142 HttpRequestOptions requestOptions;
143 }
144
SetHttpDataTypeFuzzTest(const uint8_t * data,size_t size)145 void SetHttpDataTypeFuzzTest(const uint8_t *data, size_t size)
146 {
147 if ((data == nullptr) || (size < 1)) {
148 return;
149 }
150 SetGlobalFuzzData(data, size);
151 HttpRequestOptions requestOptions;
152 std::string str = GetStringFromData(STR_LEN);
153 requestOptions.SetRequestTime(str);
154 }
155
SetUsingHttpProxyTypeFuzzTest(const uint8_t * data,size_t size)156 void SetUsingHttpProxyTypeFuzzTest(const uint8_t *data, size_t size)
157 {
158 if ((data == nullptr) || (size < 1)) {
159 return;
160 }
161 SetGlobalFuzzData(data, size);
162 HttpRequestOptions requestOptions;
163 requestOptions.SetUsingHttpProxyType(UsingHttpProxyType::USE_SPECIFIED);
164 }
165
SetSpecifiedHttpProxyFuzzTest(const uint8_t * data,size_t size)166 void SetSpecifiedHttpProxyFuzzTest(const uint8_t *data, size_t size)
167 {
168 if ((data == nullptr) || (size < 1)) {
169 return;
170 }
171 SetGlobalFuzzData(data, size);
172 HttpRequestOptions requestOptions;
173 std::string str = GetStringFromData(STR_LEN);
174 requestOptions.SetSpecifiedHttpProxy(str, size, str);
175 }
176
SetDnsServersFuzzTest(const uint8_t * data,size_t size)177 void SetDnsServersFuzzTest(const uint8_t *data, size_t size)
178 {
179 if ((data == nullptr) || (size < 1)) {
180 return;
181 }
182 SetGlobalFuzzData(data, size);
183 HttpRequestOptions requestOptions;
184 std::vector<std::string> dnsServers = { GetStringFromData(STR_LEN), GetStringFromData(STR_LEN),
185 GetStringFromData(STR_LEN) };
186 requestOptions.SetDnsServers(dnsServers);
187 }
188
SetDohUrlFuzzTest(const uint8_t * data,size_t size)189 void SetDohUrlFuzzTest(const uint8_t *data, size_t size)
190 {
191 if ((data == nullptr) || (size < 1)) {
192 return;
193 }
194 SetGlobalFuzzData(data, size);
195
196 HttpRequestOptions requestOptions;
197 std::string str = GetStringFromData(STR_LEN);
198 requestOptions.SetDohUrl(str);
199 }
200
SetRangeNumberFuzzTest(const uint8_t * data,size_t size)201 void SetRangeNumberFuzzTest(const uint8_t *data, size_t size)
202 {
203 if ((data == nullptr) || (size < 1)) {
204 return;
205 }
206 SetGlobalFuzzData(data, size);
207 HttpRequestOptions requestOptions;
208 requestOptions.SetRangeNumber(size, size);
209 }
210
SetClientCertFuzzTest(const uint8_t * data,size_t size)211 void SetClientCertFuzzTest(const uint8_t *data, size_t size)
212 {
213 if ((data == nullptr) || (size < 1)) {
214 return;
215 }
216 SetGlobalFuzzData(data, size);
217
218 HttpRequestOptions requestOptions;
219 std::string str = GetStringFromData(STR_LEN);
220 Secure::SecureChar pwd(str);
221 requestOptions.SetClientCert(str, str, str, pwd);
222 }
223
AddMultiFormDataFuzzTest(const uint8_t * data,size_t size)224 void AddMultiFormDataFuzzTest(const uint8_t *data, size_t size)
225 {
226 if ((data == nullptr) || (size < 1)) {
227 return;
228 }
229 SetGlobalFuzzData(data, size);
230 HttpRequestOptions requestOptions;
231 MultiFormData multiFormData;
232 std::string str = GetStringFromData(STR_LEN);
233 multiFormData.name = str;
234 multiFormData.data = str;
235 multiFormData.contentType = str;
236 multiFormData.remoteFileName = str;
237 multiFormData.filePath = str;
238 requestOptions.AddMultiFormData(multiFormData);
239 }
240 } // namespace Http
241 } // namespace NetStack
242 } // namespace OHOS
243
244 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)245 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
246 {
247 /* Run your code on data */
248 OHOS::NetStack::Http::SetCaPathFuzzTest(data, size);
249 OHOS::NetStack::Http::SetUrlFuzzTest(data, size);
250 OHOS::NetStack::Http::SetMethodFuzzTest(data, size);
251 OHOS::NetStack::Http::SetHeaderFuzzTest(data, size);
252 OHOS::NetStack::Http::SetReadTimeoutFuzzTest(data, size);
253 OHOS::NetStack::Http::SetConnectTimeoutFuzzTest(data, size);
254 OHOS::NetStack::Http::SetUsingProtocolFuzzTest(data, size);
255 OHOS::NetStack::Http::SetHttpDataTypeFuzzTest(data, size);
256 OHOS::NetStack::Http::SetUsingHttpProxyTypeFuzzTest(data, size);
257 OHOS::NetStack::Http::SetSpecifiedHttpProxyFuzzTest(data, size);
258 OHOS::NetStack::Http::SetDnsServersFuzzTest(data, size);
259 OHOS::NetStack::Http::SetDohUrlFuzzTest(data, size);
260 OHOS::NetStack::Http::SetRangeNumberFuzzTest(data, size);
261 OHOS::NetStack::Http::SetClientCertFuzzTest(data, size);
262 OHOS::NetStack::Http::AddMultiFormDataFuzzTest(data, size);
263 return 0;
264 }