From 32644cfa14b269a6aefcacc9becefaf46817b0ef Mon Sep 17 00:00:00 2001 From: wujiqin Date: Mon, 31 Oct 2022 14:09:13 +0800 Subject: [PATCH] =?UTF-8?q?fixed=2045ac8f6=20from=20https://gitee.com/wuji?= =?UTF-8?q?qin5/notification=5Feventhandler/pulls/75=20IssueNo:https://git?= =?UTF-8?q?ee.com/openharmony/notification=5Feventhandler/issues/I5YJ2Z=3F?= =?UTF-8?q?from=3Dproject-issue=20Description:=E8=A6=86=E7=9B=96=E7=8E=87?= =?UTF-8?q?=E6=8F=90=E5=8D=87fuzz02=20Sig:SIG=5FApplicationFramework=20Fea?= =?UTF-8?q?ture=20or=20Bugfix:Bugfix=20Binary=20Source:=20No?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: wujiqin Change-Id: If0b50824042c9b967c02d062197178d088661e61 --- test/fuzztest/BUILD.gn | 5 + test/fuzztest/eventqueue_fuzzer/BUILD.gn | 49 ++++++++++ test/fuzztest/eventqueue_fuzzer/corpus/init | 13 +++ .../eventqueue_fuzzer/eventqueue_fuzzer.cpp | 81 +++++++++++++++++ .../eventqueue_fuzzer/eventqueue_fuzzer.h | 29 ++++++ test/fuzztest/eventqueue_fuzzer/project.xml | 25 +++++ test/fuzztest/eventrunner_fuzzer/BUILD.gn | 49 ++++++++++ test/fuzztest/eventrunner_fuzzer/corpus/init | 13 +++ .../eventrunner_fuzzer/eventrunner_fuzzer.cpp | 91 +++++++++++++++++++ .../eventrunner_fuzzer/eventrunner_fuzzer.h | 29 ++++++ test/fuzztest/eventrunner_fuzzer/project.xml | 25 +++++ .../filedescriptorlistener_fuzzer/BUILD.gn | 48 ++++++++++ .../filedescriptorlistener_fuzzer/corpus/init | 13 +++ .../filedescriptorlistener_fuzzer.cpp | 80 ++++++++++++++++ .../filedescriptorlistener_fuzzer.h | 29 ++++++ .../filedescriptorlistener_fuzzer/project.xml | 25 +++++ test/fuzztest/innerevent_fuzzer/BUILD.gn | 49 ++++++++++ test/fuzztest/innerevent_fuzzer/corpus/init | 13 +++ .../innerevent_fuzzer/innerevent_fuzzer.cpp | 61 +++++++++++++ .../innerevent_fuzzer/innerevent_fuzzer.h | 29 ++++++ test/fuzztest/innerevent_fuzzer/project.xml | 25 +++++ test/fuzztest/noneiowaiter_fuzzer/BUILD.gn | 49 ++++++++++ test/fuzztest/noneiowaiter_fuzzer/corpus/init | 13 +++ .../noneiowaiter_fuzzer.cpp | 65 +++++++++++++ .../noneiowaiter_fuzzer/noneiowaiter_fuzzer.h | 29 ++++++ test/fuzztest/noneiowaiter_fuzzer/project.xml | 25 +++++ 26 files changed, 962 insertions(+) create mode 100644 test/fuzztest/eventqueue_fuzzer/BUILD.gn create mode 100644 test/fuzztest/eventqueue_fuzzer/corpus/init create mode 100644 test/fuzztest/eventqueue_fuzzer/eventqueue_fuzzer.cpp create mode 100644 test/fuzztest/eventqueue_fuzzer/eventqueue_fuzzer.h create mode 100644 test/fuzztest/eventqueue_fuzzer/project.xml create mode 100644 test/fuzztest/eventrunner_fuzzer/BUILD.gn create mode 100644 test/fuzztest/eventrunner_fuzzer/corpus/init create mode 100644 test/fuzztest/eventrunner_fuzzer/eventrunner_fuzzer.cpp create mode 100644 test/fuzztest/eventrunner_fuzzer/eventrunner_fuzzer.h create mode 100644 test/fuzztest/eventrunner_fuzzer/project.xml create mode 100644 test/fuzztest/filedescriptorlistener_fuzzer/BUILD.gn create mode 100644 test/fuzztest/filedescriptorlistener_fuzzer/corpus/init create mode 100644 test/fuzztest/filedescriptorlistener_fuzzer/filedescriptorlistener_fuzzer.cpp create mode 100644 test/fuzztest/filedescriptorlistener_fuzzer/filedescriptorlistener_fuzzer.h create mode 100644 test/fuzztest/filedescriptorlistener_fuzzer/project.xml create mode 100644 test/fuzztest/innerevent_fuzzer/BUILD.gn create mode 100644 test/fuzztest/innerevent_fuzzer/corpus/init create mode 100644 test/fuzztest/innerevent_fuzzer/innerevent_fuzzer.cpp create mode 100644 test/fuzztest/innerevent_fuzzer/innerevent_fuzzer.h create mode 100644 test/fuzztest/innerevent_fuzzer/project.xml create mode 100644 test/fuzztest/noneiowaiter_fuzzer/BUILD.gn create mode 100644 test/fuzztest/noneiowaiter_fuzzer/corpus/init create mode 100644 test/fuzztest/noneiowaiter_fuzzer/noneiowaiter_fuzzer.cpp create mode 100644 test/fuzztest/noneiowaiter_fuzzer/noneiowaiter_fuzzer.h create mode 100644 test/fuzztest/noneiowaiter_fuzzer/project.xml diff --git a/test/fuzztest/BUILD.gn b/test/fuzztest/BUILD.gn index 2134076..2d8ea45 100644 --- a/test/fuzztest/BUILD.gn +++ b/test/fuzztest/BUILD.gn @@ -20,6 +20,11 @@ group("fuzztest") { "epolliowaiter_fuzzer:EpollIoWaiterFuzzTest", "eventhandler_fuzzer:EventHandlerFuzzTest", "eventhandlerannex_fuzzer:EventHandlerAnnexFuzzTest", + "eventqueue_fuzzer:EventQueueFuzzTest", + "eventrunner_fuzzer:EventRunnerFuzzTest", + "filedescriptorlistener_fuzzer:FileDescriptorListenerFuzzTest", + "innerevent_fuzzer:InnerEventFuzzTest", "nativeimplementeventhandler_fuzzer:NativeImplementEventHandlerFuzzTest", + "noneiowaiter_fuzzer:NoneIoWaiterFuzzTest", ] } diff --git a/test/fuzztest/eventqueue_fuzzer/BUILD.gn b/test/fuzztest/eventqueue_fuzzer/BUILD.gn new file mode 100644 index 0000000..066c80b --- /dev/null +++ b/test/fuzztest/eventqueue_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//base/notification/eventhandler/eventhandler.gni") +import("//build/config/features.gni") +import("//build/test.gni") +module_output_path = "eventhandler/fuzztest" + +##############################fuzztest########################################## +ohos_fuzztest("EventQueueFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = + "//base/notification/eventhandler/test/fuzztest/eventqueue_fuzzer" + + include_dirs = [] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "eventqueue_fuzzer.cpp" ] + + deps = [ "${frameworks_path}/eventhandler:libeventhandler" ] + + external_deps = [ + "c_utils:utils", + "ipc:ipc_core", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ ":EventQueueFuzzTest" ] +} +############################################################################### diff --git a/test/fuzztest/eventqueue_fuzzer/corpus/init b/test/fuzztest/eventqueue_fuzzer/corpus/init new file mode 100644 index 0000000..1b91014 --- /dev/null +++ b/test/fuzztest/eventqueue_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzztest/eventqueue_fuzzer/eventqueue_fuzzer.cpp b/test/fuzztest/eventqueue_fuzzer/eventqueue_fuzzer.cpp new file mode 100644 index 0000000..5c6872b --- /dev/null +++ b/test/fuzztest/eventqueue_fuzzer/eventqueue_fuzzer.cpp @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "event_queue.h" +#include "eventqueue_fuzzer.h" +#include "securec.h" + +namespace OHOS { +namespace { + constexpr size_t U32_AT_SIZE = 4; +} + +class DumperTest : public AppExecFwk::Dumper { +public: + DumperTest() = default; + virtual ~DumperTest() + {}; + void Dump(const std::string &message) override + {} + std::string GetTag() override + { + return {}; + } +}; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + AppExecFwk::InnerEvent::TimePoint nextExpiredTime = AppExecFwk::InnerEvent::TimePoint::max(); + DumperTest dumper; + std::string stringData(data); + std::shared_ptr ioWaiter = nullptr; + AppExecFwk::EventQueue eventQueue(ioWaiter); + eventQueue.GetExpiredEvent(nextExpiredTime); + eventQueue.Dump(dumper); + eventQueue.DumpQueueInfo(stringData); + eventQueue.IsQueueEmpty(); + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + return 0; + } + + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = (char *)malloc(size + 1); + if (ch == nullptr) { + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} diff --git a/test/fuzztest/eventqueue_fuzzer/eventqueue_fuzzer.h b/test/fuzztest/eventqueue_fuzzer/eventqueue_fuzzer.h new file mode 100644 index 0000000..3a25fb4 --- /dev/null +++ b/test/fuzztest/eventqueue_fuzzer/eventqueue_fuzzer.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_EVENTQUEUE_FUZZER_EVENTQUEUE_FUZZER_H +#define TEST_FUZZTEST_EVENTQUEUE_FUZZER_EVENTQUEUE_FUZZER_H + +#define FUZZ_PROJECT_NAME "eventqueue_fuzzer" + +#include + +uint32_t U32_AT(const uint8_t *ptr) +{ + // convert fuzz input data to an integer + return (ptr[0] << 24) | (ptr[1] << 16) | (ptr[2] << 8) | ptr[3]; +} + +#endif // TEST_FUZZTEST_EVENTQUEUE_FUZZER_EVENTQUEUE_FUZZER_H diff --git a/test/fuzztest/eventqueue_fuzzer/project.xml b/test/fuzztest/eventqueue_fuzzer/project.xml new file mode 100644 index 0000000..6e8ad2c --- /dev/null +++ b/test/fuzztest/eventqueue_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/eventrunner_fuzzer/BUILD.gn b/test/fuzztest/eventrunner_fuzzer/BUILD.gn new file mode 100644 index 0000000..c591562 --- /dev/null +++ b/test/fuzztest/eventrunner_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//base/notification/eventhandler/eventhandler.gni") +import("//build/config/features.gni") +import("//build/test.gni") +module_output_path = "eventhandler/fuzztest" + +##############################fuzztest########################################## +ohos_fuzztest("EventRunnerFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = + "//base/notification/eventhandler/test/fuzztest/eventrunner_fuzzer" + + include_dirs = [] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "eventrunner_fuzzer.cpp" ] + + deps = [ "${frameworks_path}/eventhandler:libeventhandler" ] + + external_deps = [ + "c_utils:utils", + "ipc:ipc_core", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ ":EventRunnerFuzzTest" ] +} +############################################################################### diff --git a/test/fuzztest/eventrunner_fuzzer/corpus/init b/test/fuzztest/eventrunner_fuzzer/corpus/init new file mode 100644 index 0000000..1b91014 --- /dev/null +++ b/test/fuzztest/eventrunner_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzztest/eventrunner_fuzzer/eventrunner_fuzzer.cpp b/test/fuzztest/eventrunner_fuzzer/eventrunner_fuzzer.cpp new file mode 100644 index 0000000..027bf65 --- /dev/null +++ b/test/fuzztest/eventrunner_fuzzer/eventrunner_fuzzer.cpp @@ -0,0 +1,91 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "event_runner.h" +#include "eventrunner_fuzzer.h" +#include "securec.h" + +namespace OHOS { +namespace { + constexpr size_t U32_AT_SIZE = 4; +} + +class DumperTest : public AppExecFwk::Dumper { +public: + DumperTest() = default; + virtual ~DumperTest() + {}; + void Dump(const std::string &message) override + {} + std::string GetTag() override + { + return {}; + } +}; + +class LoggerTest : public AppExecFwk::Logger { +public: + LoggerTest() = default; + virtual ~LoggerTest() + {}; + void Log(const std::string &line) override + {} +}; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + DumperTest dumper; + std::string stringData(data); + std::shared_ptr logger = std::make_shared(); + auto runner = AppExecFwk::EventRunner::Create(true); + runner->Dump(dumper); + runner->DumpRunnerInfo(stringData); + runner->SetLogger(logger); + runner->GetCurrentEventQueue(); + runner->GetThreadId(); + runner->IsCurrentRunnerThread(); + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + return 0; + } + + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = (char *)malloc(size + 1); + if (ch == nullptr) { + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} diff --git a/test/fuzztest/eventrunner_fuzzer/eventrunner_fuzzer.h b/test/fuzztest/eventrunner_fuzzer/eventrunner_fuzzer.h new file mode 100644 index 0000000..78ca86f --- /dev/null +++ b/test/fuzztest/eventrunner_fuzzer/eventrunner_fuzzer.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_EVENTRUNNER_FUZZER_EVENTRUNNER_FUZZER_H +#define TEST_FUZZTEST_EVENTRUNNER_FUZZER_EVENTRUNNER_FUZZER_H + +#define FUZZ_PROJECT_NAME "eventrunner_fuzzer" + +#include + +uint32_t U32_AT(const uint8_t *ptr) +{ + // convert fuzz input data to an integer + return (ptr[0] << 24) | (ptr[1] << 16) | (ptr[2] << 8) | ptr[3]; +} + +#endif // TEST_FUZZTEST_EVENTRUNNER_FUZZER_EVENTRUNNER_FUZZER_H diff --git a/test/fuzztest/eventrunner_fuzzer/project.xml b/test/fuzztest/eventrunner_fuzzer/project.xml new file mode 100644 index 0000000..6e8ad2c --- /dev/null +++ b/test/fuzztest/eventrunner_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/filedescriptorlistener_fuzzer/BUILD.gn b/test/fuzztest/filedescriptorlistener_fuzzer/BUILD.gn new file mode 100644 index 0000000..e47bc15 --- /dev/null +++ b/test/fuzztest/filedescriptorlistener_fuzzer/BUILD.gn @@ -0,0 +1,48 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//base/notification/eventhandler/eventhandler.gni") +import("//build/config/features.gni") +import("//build/test.gni") +module_output_path = "eventhandler/fuzztest" + +##############################fuzztest########################################## +ohos_fuzztest("FileDescriptorListenerFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = "//base/notification/eventhandler/test/fuzztest/filedescriptorlistener_fuzzer" + + include_dirs = [] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "filedescriptorlistener_fuzzer.cpp" ] + + deps = [ "${frameworks_path}/eventhandler:libeventhandler" ] + + external_deps = [ + "c_utils:utils", + "ipc:ipc_core", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ ":FileDescriptorListenerFuzzTest" ] +} +############################################################################### diff --git a/test/fuzztest/filedescriptorlistener_fuzzer/corpus/init b/test/fuzztest/filedescriptorlistener_fuzzer/corpus/init new file mode 100644 index 0000000..1b91014 --- /dev/null +++ b/test/fuzztest/filedescriptorlistener_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzztest/filedescriptorlistener_fuzzer/filedescriptorlistener_fuzzer.cpp b/test/fuzztest/filedescriptorlistener_fuzzer/filedescriptorlistener_fuzzer.cpp new file mode 100644 index 0000000..5c07156 --- /dev/null +++ b/test/fuzztest/filedescriptorlistener_fuzzer/filedescriptorlistener_fuzzer.cpp @@ -0,0 +1,80 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "file_descriptor_listener.h" +#include "filedescriptorlistener_fuzzer.h" +#include "securec.h" + +namespace OHOS { +namespace { + constexpr size_t U32_AT_SIZE = 4; +} + +class MyFileDescriptorListener : public AppExecFwk::FileDescriptorListener { +public: + MyFileDescriptorListener() = default; + virtual ~MyFileDescriptorListener() + {}; + void OnReadable(int32_t fileDescriptor) override + {} + void OnWritable(int32_t fileDescriptor) override + {} + void OnShutdown(int32_t fileDescriptor) override + {} + void OnException(int32_t fileDescriptor) override + {} +}; + +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + int32_t fileDescriptor = U32_AT(reinterpret_cast(data)); + auto listener = std::make_shared(); + listener -> OnReadable(fileDescriptor); + listener -> OnWritable(fileDescriptor); + listener -> OnShutdown(fileDescriptor); + listener -> OnException(fileDescriptor); + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + return 0; + } + + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = (char *)malloc(size + 1); + if (ch == nullptr) { + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} diff --git a/test/fuzztest/filedescriptorlistener_fuzzer/filedescriptorlistener_fuzzer.h b/test/fuzztest/filedescriptorlistener_fuzzer/filedescriptorlistener_fuzzer.h new file mode 100644 index 0000000..50406b9 --- /dev/null +++ b/test/fuzztest/filedescriptorlistener_fuzzer/filedescriptorlistener_fuzzer.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_FILEDESCRIPTORLISTENER_FUZZER_FILEDESCRIPTORLISTENER_FUZZER_H +#define TEST_FUZZTEST_FILEDESCRIPTORLISTENER_FUZZER_FILEDESCRIPTORLISTENER_FUZZER_H + +#define FUZZ_PROJECT_NAME "filedescriptorlistener_fuzzer" + +#include + +uint32_t U32_AT(const uint8_t *ptr) +{ + // convert fuzz input data to an integer + return (ptr[0] << 24) | (ptr[1] << 16) | (ptr[2] << 8) | ptr[3]; +} + +#endif // TEST_FUZZTEST_FILEDESCRIPTORLISTENER_FUZZER_FILEDESCRIPTORLISTENER_FUZZER_H diff --git a/test/fuzztest/filedescriptorlistener_fuzzer/project.xml b/test/fuzztest/filedescriptorlistener_fuzzer/project.xml new file mode 100644 index 0000000..6e8ad2c --- /dev/null +++ b/test/fuzztest/filedescriptorlistener_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerevent_fuzzer/BUILD.gn b/test/fuzztest/innerevent_fuzzer/BUILD.gn new file mode 100644 index 0000000..f18c141 --- /dev/null +++ b/test/fuzztest/innerevent_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//base/notification/eventhandler/eventhandler.gni") +import("//build/config/features.gni") +import("//build/test.gni") +module_output_path = "eventhandler/fuzztest" + +##############################fuzztest########################################## +ohos_fuzztest("InnerEventFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = + "//base/notification/eventhandler/test/fuzztest/innerevent_fuzzer" + + include_dirs = [] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "innerevent_fuzzer.cpp" ] + + deps = [ "${frameworks_path}/eventhandler:libeventhandler" ] + + external_deps = [ + "c_utils:utils", + "ipc:ipc_core", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ ":InnerEventFuzzTest" ] +} +############################################################################### diff --git a/test/fuzztest/innerevent_fuzzer/corpus/init b/test/fuzztest/innerevent_fuzzer/corpus/init new file mode 100644 index 0000000..1b91014 --- /dev/null +++ b/test/fuzztest/innerevent_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzztest/innerevent_fuzzer/innerevent_fuzzer.cpp b/test/fuzztest/innerevent_fuzzer/innerevent_fuzzer.cpp new file mode 100644 index 0000000..92a59db --- /dev/null +++ b/test/fuzztest/innerevent_fuzzer/innerevent_fuzzer.cpp @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "inner_event.h" +#include "innerevent_fuzzer.h" +#include "securec.h" + +namespace OHOS { +namespace { + constexpr size_t U32_AT_SIZE = 4; +} +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t innerEventId = *data; + auto event = AppExecFwk::InnerEvent::Get(innerEventId); + event->Dump(); + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + return 0; + } + + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = (char *)malloc(size + 1); + if (ch == nullptr) { + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} diff --git a/test/fuzztest/innerevent_fuzzer/innerevent_fuzzer.h b/test/fuzztest/innerevent_fuzzer/innerevent_fuzzer.h new file mode 100644 index 0000000..eb3d733 --- /dev/null +++ b/test/fuzztest/innerevent_fuzzer/innerevent_fuzzer.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_INNEREVENT_FUZZER_INNEREVENT_FUZZER_H +#define TEST_FUZZTEST_INNEREVENT_FUZZER_INNEREVENT_FUZZER_H + +#define FUZZ_PROJECT_NAME "innerevent_fuzzer" + +#include + +uint32_t U32_AT(const uint8_t *ptr) +{ + // convert fuzz input data to an integer + return (ptr[0] << 24) | (ptr[1] << 16) | (ptr[2] << 8) | ptr[3]; +} + +#endif // TEST_FUZZTEST_INNEREVENT_FUZZER_INNEREVENT_FUZZER_H diff --git a/test/fuzztest/innerevent_fuzzer/project.xml b/test/fuzztest/innerevent_fuzzer/project.xml new file mode 100644 index 0000000..6e8ad2c --- /dev/null +++ b/test/fuzztest/innerevent_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/noneiowaiter_fuzzer/BUILD.gn b/test/fuzztest/noneiowaiter_fuzzer/BUILD.gn new file mode 100644 index 0000000..be0b417 --- /dev/null +++ b/test/fuzztest/noneiowaiter_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//base/notification/eventhandler/eventhandler.gni") +import("//build/config/features.gni") +import("//build/test.gni") +module_output_path = "eventhandler/fuzztest" + +##############################fuzztest########################################## +ohos_fuzztest("NoneIoWaiterFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = + "//base/notification/eventhandler/test/fuzztest/noneiowaiter_fuzzer" + + include_dirs = [] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "noneiowaiter_fuzzer.cpp" ] + + deps = [ "${frameworks_path}/eventhandler:libeventhandler" ] + + external_deps = [ + "c_utils:utils", + "ipc:ipc_core", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + deps += [ ":NoneIoWaiterFuzzTest" ] +} +############################################################################### diff --git a/test/fuzztest/noneiowaiter_fuzzer/corpus/init b/test/fuzztest/noneiowaiter_fuzzer/corpus/init new file mode 100644 index 0000000..1b91014 --- /dev/null +++ b/test/fuzztest/noneiowaiter_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzztest/noneiowaiter_fuzzer/noneiowaiter_fuzzer.cpp b/test/fuzztest/noneiowaiter_fuzzer/noneiowaiter_fuzzer.cpp new file mode 100644 index 0000000..c9b3c95 --- /dev/null +++ b/test/fuzztest/noneiowaiter_fuzzer/noneiowaiter_fuzzer.cpp @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "none_io_waiter.h" +#include "noneiowaiter_fuzzer.h" +#include "securec.h" + +namespace OHOS { +namespace { + constexpr size_t U32_AT_SIZE = 4; +} +bool DoSomethingInterestingWithMyAPI(const char* data, size_t size) +{ + uint32_t events = *data; + int32_t fileDescriptor = U32_AT(reinterpret_cast(data)); + AppExecFwk::IoWaiter::FileDescriptorEventCallback callback; + AppExecFwk::NoneIoWaiter noneIoWaiter; + noneIoWaiter.AddFileDescriptor(fileDescriptor, events); + noneIoWaiter.RemoveFileDescriptor(fileDescriptor); + noneIoWaiter.SetFileDescriptorEventCallback(callback); + return true; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + if (data == nullptr) { + return 0; + } + + if (size < OHOS::U32_AT_SIZE) { + return 0; + } + + char* ch = (char *)malloc(size + 1); + if (ch == nullptr) { + return 0; + } + + (void)memset_s(ch, size + 1, 0x00, size + 1); + if (memcpy_s(ch, size, data, size) != EOK) { + free(ch); + ch = nullptr; + return 0; + } + + OHOS::DoSomethingInterestingWithMyAPI(ch, size); + free(ch); + ch = nullptr; + return 0; +} diff --git a/test/fuzztest/noneiowaiter_fuzzer/noneiowaiter_fuzzer.h b/test/fuzztest/noneiowaiter_fuzzer/noneiowaiter_fuzzer.h new file mode 100644 index 0000000..e9410a0 --- /dev/null +++ b/test/fuzztest/noneiowaiter_fuzzer/noneiowaiter_fuzzer.h @@ -0,0 +1,29 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_NONEIOWAITER_FUZZER_NONEIOWAITER_FUZZER_H +#define TEST_FUZZTEST_NONEIOWAITER_FUZZER_NONEIOWAITER_FUZZER_H + +#define FUZZ_PROJECT_NAME "noneiowaiter_fuzzer" + +#include + +uint32_t U32_AT(const uint8_t *ptr) +{ + // convert fuzz input data to an integer + return (ptr[0] << 24) | (ptr[1] << 16) | (ptr[2] << 8) | ptr[3]; +} + +#endif // TEST_FUZZTEST_NONEIOWAITER_FUZZER_NONEIOWAITER_FUZZER_H diff --git a/test/fuzztest/noneiowaiter_fuzzer/project.xml b/test/fuzztest/noneiowaiter_fuzzer/project.xml new file mode 100644 index 0000000..6e8ad2c --- /dev/null +++ b/test/fuzztest/noneiowaiter_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + -- Gitee