From 353719d3b6299c9eb5d39b56752962a40287c352 Mon Sep 17 00:00:00 2001 From: weixin_45932406 Date: Mon, 8 Sep 2025 15:42:08 +0800 Subject: [PATCH] add fuzz Signed-off-by: zhaogan --- test/fuzztest/fuzztest_bundlemanager/BUILD.gn | 1 + .../bmsgetshortcutinfos_fuzzer/BUILD.gn | 188 ++++++++++++++++++ .../bmsgetshortcutinfos_fuzzer.cpp | 55 +++++ .../bmsgetshortcutinfos_fuzzer.h | 21 ++ .../bmsgetshortcutinfos_fuzzer/corpus/init | 1 + .../bmsgetshortcutinfos_fuzzer/project.xml | 25 +++ 6 files changed, 291 insertions(+) create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/BUILD.gn create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/bmsgetshortcutinfos_fuzzer.cpp create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/bmsgetshortcutinfos_fuzzer.h create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/corpus/init create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/project.xml diff --git a/test/fuzztest/fuzztest_bundlemanager/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/BUILD.gn index 027efc81da..da585b0291 100644 --- a/test/fuzztest/fuzztest_bundlemanager/BUILD.gn +++ b/test/fuzztest/fuzztest_bundlemanager/BUILD.gn @@ -104,6 +104,7 @@ group("bundlemanagerfuzztest") { "bmsgetlaunchwantforbundle_fuzzer:BMSGetLaunchWantForBundleFuzzTest", "bmsgetnameforuid_fuzzer:BMSGetNameForUidFuzzTest", "bmsgetpermissiondef_fuzzer:BMSGetPermissionDefFuzzTest", + "bmsgetshortcutinfos_fuzzer:BMSGetShortcutInfosFuzzTest", "bmshapmoduleinfo_fuzzer:BMSHapModuleInfoFuzzTest", "bmshmpbundleinstaller_fuzzer:BMSHmpBundleInstallerFuzzTest", "bmsinstalldloadcallback_fuzzer:BMSInstalldLoadCallbackFuzzTest", diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/BUILD.gn new file mode 100644 index 0000000000..39da074df3 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/BUILD.gn @@ -0,0 +1,188 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") +import("../../../../appexecfwk.gni") +import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni") + +module_output_path = fuzz_test_path + +ohos_fuzztest("BMSGetShortcutInfosFuzzTest") { + fuzz_config_file = "../../../fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer" + + use_exceptions = true + module_out_path = module_output_path + include_dirs = [ "${test_path}/fuzztest" ] + sources = bundle_mgr_source + sources += [ + "${services_path}/bundlemgr/src/aot/aot_executor.cpp", + "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp", + "${services_path}/bundlemgr/src/installd/installd_operator.cpp", + "${services_path}/bundlemgr/src/installd/installd_service.cpp", + ] + + sources += + [ "${services_path}/bundlemgr/src/installd/installd_permission_mgr.cpp" ] + + sources += bundle_install_sources + + sources += [ "bmsgetshortcutinfos_fuzzer.cpp" ] + + configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + deps = [ + "${core_path}:appexecfwk_core", + ] + deps += bundle_install_deps + + external_deps = [ + "ability_base:want", + "ability_runtime:app_manager", + "access_token:el5_filekey_manager_sdk", + "access_token:libprivacy_sdk", + "access_token:libtokenid_sdk", + "appspawn:hnpapi", + "appverify:libhapverify", + "bounds_checking_function:libsec_shared", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "hilog:libhilog", + "hitrace:hitrace_meter", + "init:libbegetutil", + "jsoncpp:jsoncpp", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + "selinux_adapter:librestorecon", + ] + external_deps += bundle_install_external_deps + + defines = [] + if (code_signature_enable) { + sources += [ + "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp", + "${services_path}/bundlemgr/src/code_sign_helper.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include" ] + external_deps += [ + "bounds_checking_function:libsec_shared", + "code_signature:libcode_sign_utils", + "ets_runtime:libcompiler_service", + ] + defines += [ "CODE_SIGNATURE_ENABLE" ] + } + + if (configpolicy_enable) { + external_deps += [ "config_policy:configpolicy_util" ] + defines += [ "CONFIG_POLOCY_ENABLE" ] + } + + if (bundle_framework_app_control) { + defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ] + sources += [ + "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include/app_control" ] + external_deps += [ "c_utils:utils" ] + } + if (current_cpu == "arm64") { + defines += [ "USE_BUNDLE_EXTENSION" ] + } + + if (build_selinux) { + external_deps += [ "selinux_adapter:libhap_restorecon" ] + } + if (account_enable) { + external_deps += [ "os_account:os_account_innerkits" ] + defines += [ "ACCOUNT_ENABLE" ] + } + if (bundle_framework_free_install) { + sources += aging + sources += free_install + sources += distributed_manager + external_deps += [ + "ability_runtime:ability_manager", + "ability_runtime:app_manager", + "battery_manager:batterysrv_client", + "device_usage_statistics:usagestatsinner", + "display_manager:displaymgr", + "power_manager:powermgr_client", + "syscap_codec:syscap_interface_shared", + ] + defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ] + } + if (global_resmgr_enable) { + defines += [ "GLOBAL_RESMGR_ENABLE" ] + external_deps += [ "resource_management:global_resmgr" ] + } + if (hicollie_enable) { + external_deps += [ "hicollie:libhicollie" ] + defines += [ "HICOLLIE_ENABLE" ] + } + + if (hisysevent_enable) { + sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ] + external_deps += [ "hisysevent:libhisysevent" ] + defines += [ "HISYSEVENT_ENABLE" ] + } + + if (bundle_framework_quick_fix) { + include_dirs += [ "${services_path}/bundlemgr/src/include/quick_fix" ] + sources += quick_fix + defines += [ "BUNDLE_FRAMEWORK_QUICK_FIX" ] + } + + if (storage_service_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + defines += [ "STORAGE_SERVICE_ENABLE" ] + } + + external_deps += [ "kv_store:distributeddata_inner" ] + configs += [ "${services_path}/bundlemgr:rdb_config" ] + external_deps += [ "relational_store:native_rdb" ] + sources += [ + "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp", + "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp", + ] + if (udmf_enabled) { + defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ] + external_deps += [ "udmf:udmf_client" ] + external_deps += [ "udmf:utd_client" ] + } + + if (user_auth_framework_impl_enabled) { + external_deps += [ "user_auth_framework:userauth_client" ] + defines += [ "BMS_USER_AUTH_FRAMEWORK_ENABLED" ] + include_dirs += [ "${services_path}/bundlemgr/include/user_auth" ] + sources += user_auth + } + + if (bms_device_info_manager_part_enabled) { + external_deps += [ + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + ] + defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ] + } +} diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/bmsgetshortcutinfos_fuzzer.cpp b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/bmsgetshortcutinfos_fuzzer.cpp new file mode 100644 index 0000000000..79f3ef8dba --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/bmsgetshortcutinfos_fuzzer.cpp @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#define private public +#include "bmsgetshortcutinfos_fuzzer.h" +#include "bundle_data_mgr.h" +#include "bms_fuzztest_util.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::BMSFuzzTestUtil; +namespace OHOS { +bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size) +{ + BundleDataMgr bundleDataMgr; + FuzzedDataProvider dataProvider(data, size); + + InnerBundleInfo innerBundleInfo; + innerBundleInfo.SetIsNewVersion(dataProvider.ConsumeBool()); + std::string moduleName = "entry"; + InnerModuleInfo moduleInfo; + moduleInfo.entryAbilityKey = "entryAbility"; + ApplicationInfo appInfo; + GenerateApplicationInfo(dataProvider, appInfo); + innerBundleInfo.SetBaseApplicationInfo(appInfo); + innerBundleInfo.innerModuleInfos_.try_emplace(moduleName, moduleInfo); + + std::vector shortcutInfos; + bundleDataMgr.GetShortcutInfosByInnerBundleInfo(innerBundleInfo, shortcutInfos); + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + // Run your code on data. + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/bmsgetshortcutinfos_fuzzer.h b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/bmsgetshortcutinfos_fuzzer.h new file mode 100644 index 0000000000..32d9d1b9af --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/bmsgetshortcutinfos_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_BMS_GET_SHORTCUTS_FUZZER_H +#define TEST_FUZZTEST_BMS_GET_SHORTCUTS_FUZZER_H + +#define FUZZ_PROJECT_NAME "bmsgetshortcutinfos_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/corpus/init b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/corpus/init new file mode 100644 index 0000000000..6b7212c8a6 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/corpus/init @@ -0,0 +1 @@ +FUZZ \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/project.xml b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/project.xml new file mode 100644 index 0000000000..66e1dcac47 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsgetshortcutinfos_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + -- Gitee