From 19c68c0bdd6feb067d2b49f408d91453b9018488 Mon Sep 17 00:00:00 2001 From: Sly <1298008151@qq.com> Date: Thu, 3 Jul 2025 19:11:10 +0800 Subject: [PATCH 1/2] add fuzz Signed-off-by: Sly <1298008151@qq.com> --- test/commonfuzztest/BUILD.gn | 2 + .../jsonobjectcjson_fuzzer/BUILD.gn | 65 ++++ .../jsonobjectcjson_fuzzer/corpus/init | 13 + .../json_object_cjson_fuzzer.cpp | 366 ++++++++++++++++++ .../json_object_cjson_fuzzer.h | 21 + .../jsonobjectcjson_fuzzer/project.xml | 25 ++ .../jsonobjectnlohmannjson_fuzzer/BUILD.gn | 66 ++++ .../jsonobjectnlohmannjson_fuzzer/corpus/init | 13 + .../json_object_nlohmannjson_fuzzer.cpp | 235 +++++++++++ .../json_object_nlohmannjson_fuzzer.h | 21 + .../jsonobjectnlohmannjson_fuzzer/project.xml | 25 ++ 11 files changed, 852 insertions(+) create mode 100644 test/commonfuzztest/jsonobjectcjson_fuzzer/BUILD.gn create mode 100644 test/commonfuzztest/jsonobjectcjson_fuzzer/corpus/init create mode 100644 test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.cpp create mode 100644 test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.h create mode 100644 test/commonfuzztest/jsonobjectcjson_fuzzer/project.xml create mode 100644 test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/BUILD.gn create mode 100644 test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/corpus/init create mode 100644 test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/json_object_nlohmannjson_fuzzer.cpp create mode 100644 test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/json_object_nlohmannjson_fuzzer.h create mode 100644 test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/project.xml diff --git a/test/commonfuzztest/BUILD.gn b/test/commonfuzztest/BUILD.gn index 6ee840205..3827ec98f 100644 --- a/test/commonfuzztest/BUILD.gn +++ b/test/commonfuzztest/BUILD.gn @@ -31,6 +31,8 @@ group("fuzztest") { "generateencrypteduuid_fuzzer:fuzztest", "getdeviceinfo_fuzzer:fuzztest", "hichainconnector_fuzzer:fuzztest", + "jsonobjectcjson_fuzzer:fuzztest", + "jsonobjectnlohmannjson_fuzzer:fuzztest", "ondatareceived_fuzzer:fuzztest", "ondatareceivedv2_fuzzer:fuzztest", "onerror_fuzzer:fuzztest", diff --git a/test/commonfuzztest/jsonobjectcjson_fuzzer/BUILD.gn b/test/commonfuzztest/jsonobjectcjson_fuzzer/BUILD.gn new file mode 100644 index 000000000..6de065e0a --- /dev/null +++ b/test/commonfuzztest/jsonobjectcjson_fuzzer/BUILD.gn @@ -0,0 +1,65 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../device_manager.gni") + +##############################fuzztest########################################## +ohos_fuzztest("JsonObjectCjsonFuzzTest") { + module_out_path = fuzz_test_output_path + fuzz_config_file = + "${devicemanager_path}/test/commonfuzztest/jsonobjectcjson_fuzzer" + + include_dirs = [ + "${common_path}/include", + "${devicemanager_path}/json/include", + ] + + cflags = [ + "-g", + "-O0", + "-Dprivate=public", + "-Dprotected=public", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "json_object_cjson_fuzzer.cpp", + "${devicemanager_path}/json/src/json_object_cjson.cpp", + ] + + deps = [] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"JsonObjectCjsonFuzzTest\"", + "LOG_DOMAIN=0xD004110", + ] + + external_deps = [ + "c_utils:utils", + "cJSON:cjson", + "hilog:libhilog", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":JsonObjectCjsonFuzzTest" ] +} +############################################################################### diff --git a/test/commonfuzztest/jsonobjectcjson_fuzzer/corpus/init b/test/commonfuzztest/jsonobjectcjson_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/commonfuzztest/jsonobjectcjson_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.cpp b/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.cpp new file mode 100644 index 000000000..7bb20ebb2 --- /dev/null +++ b/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.cpp @@ -0,0 +1,366 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "json_object_cjson_fuzzer.h" +#include "json_object.h" + +namespace OHOS { +namespace DistributedHardware { + +void ToJsonDoubleFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size == 0) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + double value = fdp.ConsumeFloatingPoint(); + + ToJson(itemObject, value); +} +void ToJsonUint8FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(uint8_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + + uint8_t value = fdp.ConsumeIntegral(); + + ToJson(itemObject, value); +} + +void ToJsonInt16FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int16_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + int16_t value = fdp.ConsumeIntegral(); + + ToJson(itemObject, value); +} + +void ToJsonUint16FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(uint16_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + uint16_t value = fdp.ConsumeIntegral(); + + ToJson(itemObject, value); +} + +void ToJsonUint64FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(uint64_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + uint64_t value = fdp.ConsumeIntegral(); + + ToJson(itemObject, value); +} + +void FromJsonDoubleFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(double) + sizeof(double)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + double result = fdp.ConsumeFloatingPoint(); + + double testValue = fdp.ConsumeFloatingPoint(); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void FromJsonBoolFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(bool) + sizeof(bool)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + bool result = fdp.ConsumeBool(); + + bool testValue = fdp.ConsumeBool(); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void FromJsonUint8FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int32_t) + sizeof(uint8_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + uint8_t result = fdp.ConsumeIntegral(); + + int32_t testValue = fdp.ConsumeIntegralInRange( + std::numeric_limits::min(), + std::numeric_limits::max()); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void FromJsonInt16FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int32_t) + sizeof(int16_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + int16_t result = fdp.ConsumeIntegralInRange( + std::numeric_limits::min(), + std::numeric_limits::max()); + + int32_t testValue = fdp.ConsumeIntegralInRange( + std::numeric_limits::min(), + std::numeric_limits::max()); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void FromJsonUint16FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int32_t) + sizeof(uint16_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + uint16_t result = fdp.ConsumeIntegralInRange( + std::numeric_limits::min(), + std::numeric_limits::max()); + + int32_t testValue = fdp.ConsumeIntegralInRange( + std::numeric_limits::min(), + std::numeric_limits::max()); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void FromJsonInt32FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int32_t) + sizeof(int32_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + int32_t result = fdp.ConsumeIntegral(); + + int32_t testValue = fdp.ConsumeIntegral(); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +// void FromJsonUint32FuzzTest(const uint8_t* data, size_t size) +// { +// if (data == nullptr || size < sizeof(int32_t) + sizeof(uint32_t)) { +// return; +// } + +// FuzzedDataProvider fdp(data, size); + +// JsonItemObject itemObject; +// uint32_t result = fdp.ConsumeIntegral(); + +// int32_t testValue = fdp.ConsumeIntegralInRange( +// std::numeric_limits::min(), +// std::numeric_limits::max()); +// ToJson(itemObject, testValue); +// FromJson(itemObject, result); +// } + +void ToStringFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + + JsonItemObject Object; + + ToString(Object); +} + +void IsArrayFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonItemObject Object; + Object.IsArray(); +} + +void IsObjectFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonItemObject Object; + Object.IsObject(); +} + +void JsonItemObjectAssignmentFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonItemObject sourceObj; + JsonItemObject targetObj; + targetObj = sourceObj; +} + +void PushBackDoubleFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(double)) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + + double value = fdp.ConsumeFloatingPoint(); + Object.PushBack(value); +} + +void PushBackInt64FuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int64_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + + int64_t value = fdp.ConsumeIntegral(); + Object.PushBack(value); +} + +void PushBackJsonItemObjectFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonItemObject Object; + Object.PushBack(Object); +} + +void AddItemToArrayFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonItemObject Object; + Object.AddItemToArray(Object); +} + +void GetToBoolFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(bool)) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + bool value = fdp.ConsumeBool();; + Object.GetTo(value); +} + +void InitArrayFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonItemObject Object; + Object.InitArray(); +} + +void EraseFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size == 0) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + std::string key = fdp.ConsumeRandomLengthString(); + Object.Erase(key); +} + +void DuplicateFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonObject Object; + Object.Duplicate(Object); +} +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DistributedHardware::ToJsonDoubleFuzzTest(data, size); + OHOS::DistributedHardware::ToJsonUint8FuzzTest(data, size); + OHOS::DistributedHardware::ToJsonInt16FuzzTest(data, size); + OHOS::DistributedHardware::ToJsonUint16FuzzTest(data, size); + OHOS::DistributedHardware::ToJsonUint64FuzzTest(data, size); + OHOS::DistributedHardware::FromJsonDoubleFuzzTest(data, size); + OHOS::DistributedHardware::FromJsonBoolFuzzTest(data, size); + OHOS::DistributedHardware::FromJsonUint8FuzzTest(data, size); + OHOS::DistributedHardware::FromJsonInt16FuzzTest(data, size); + OHOS::DistributedHardware::FromJsonUint16FuzzTest(data, size); + OHOS::DistributedHardware::FromJsonInt32FuzzTest(data, size); + // OHOS::DistributedHardware::FromJsonUint32FuzzTest(data, size); + OHOS::DistributedHardware::ToStringFuzzTest(data, size); + OHOS::DistributedHardware::IsArrayFuzzTest(data, size); + OHOS::DistributedHardware::IsObjectFuzzTest(data, size); + OHOS::DistributedHardware::JsonItemObjectAssignmentFuzzTest(data, size); + OHOS::DistributedHardware::PushBackDoubleFuzzTest(data, size); + OHOS::DistributedHardware::PushBackInt64FuzzTest(data, size); + OHOS::DistributedHardware::PushBackJsonItemObjectFuzzTest(data, size); + OHOS::DistributedHardware::AddItemToArrayFuzzTest(data, size); + OHOS::DistributedHardware::GetToBoolFuzzTest(data, size); + OHOS::DistributedHardware::InitArrayFuzzTest(data, size); + OHOS::DistributedHardware::EraseFuzzTest(data, size); + OHOS::DistributedHardware::DuplicateFuzzTest(data, size); + + return 0; +} diff --git a/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.h b/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.h new file mode 100644 index 000000000..587aa32b0 --- /dev/null +++ b/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef JSON_OBJECT_CJSON_FUZZER_H +#define JSON_OBJECT_CJSON_FUZZER_H + +#define FUZZ_PROJECT_NAME "jsonobjectcjson_fuzzer" + +#endif // JSON_OBJECT_CJSON_FUZZER_H \ No newline at end of file diff --git a/test/commonfuzztest/jsonobjectcjson_fuzzer/project.xml b/test/commonfuzztest/jsonobjectcjson_fuzzer/project.xml new file mode 100644 index 000000000..500f6f414 --- /dev/null +++ b/test/commonfuzztest/jsonobjectcjson_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file diff --git a/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/BUILD.gn b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/BUILD.gn new file mode 100644 index 000000000..50b03acb4 --- /dev/null +++ b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/BUILD.gn @@ -0,0 +1,66 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../device_manager.gni") + +##############################fuzztest########################################## +ohos_fuzztest("JsonObjectNlohmannjsonFuzzTest") { + module_out_path = fuzz_test_output_path + fuzz_config_file = + "${devicemanager_path}/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer" + + include_dirs = [ + "${common_path}/include", + "${devicemanager_path}/json/include", + ] + + cflags = [ + "-g", + "-O0", + "-Dprivate=public", + "-Dprotected=public", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ + "json_object_nlohmannjson_fuzzer.cpp", + "${devicemanager_path}/json/src/json_object_nlohmannjson.cpp", + ] + + deps = [] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"JsonObjectNlohmannjsonFuzzTest\"", + "LOG_DOMAIN=0xD004110", + ] + + external_deps = [ + "c_utils:utils", + "cJSON:cjson", + "hilog:libhilog", + "json:nlohmann_json_static" + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":JsonObjectNlohmannjsonFuzzTest" ] +} +############################################################################### diff --git a/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/corpus/init b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/json_object_nlohmannjson_fuzzer.cpp b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/json_object_nlohmannjson_fuzzer.cpp new file mode 100644 index 000000000..1f838ca9b --- /dev/null +++ b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/json_object_nlohmannjson_fuzzer.cpp @@ -0,0 +1,235 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include "json_object_nlohmannjson_fuzzer.h" +#include "json_object.h" + +namespace OHOS { +namespace DistributedHardware { + +void ToJsonDoubleNLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size == 0) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + double value = fdp.ConsumeFloatingPoint(); + + ToJson(itemObject, value); +} + +void ToJsonInt16NLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int16_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + int16_t value = fdp.ConsumeIntegral(); + + ToJson(itemObject, value); +} + +void FromJsonDoubleNLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(double) + sizeof(double)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + double result = fdp.ConsumeFloatingPoint(); + + double testValue = fdp.ConsumeFloatingPoint(); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void FromJsonBoolNLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(bool) + sizeof(bool)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + bool result = fdp.ConsumeBool(); + + bool testValue = fdp.ConsumeBool(); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void FromJsonUint8NLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int32_t) + sizeof(uint8_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + uint8_t result = fdp.ConsumeIntegral(); + + int32_t testValue = fdp.ConsumeIntegralInRange( + std::numeric_limits::min(), + std::numeric_limits::max()); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void FromJsonInt16NLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int32_t) + sizeof(int16_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + + JsonItemObject itemObject; + int16_t result = fdp.ConsumeIntegralInRange( + std::numeric_limits::min(), + std::numeric_limits::max()); + + int32_t testValue = fdp.ConsumeIntegralInRange( + std::numeric_limits::min(), + std::numeric_limits::max()); + ToJson(itemObject, testValue); + FromJson(itemObject, result); +} + +void IsNumberNLFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonItemObject Object; + Object.IsNumber(); +} + +void JsonItemObjectAssignmentNLFuzzTest(const uint8_t* data, size_t size) +{ + (void)data; + (void)size; + JsonItemObject sourceObj; + JsonItemObject targetObj; + targetObj = sourceObj; +} + +void PushBackDoubleNLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(double)) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + + double value = fdp.ConsumeFloatingPoint(); + Object.PushBack(value); +} + +void PushBackInt64NLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(int64_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + + int64_t value = fdp.ConsumeIntegral(); + Object.PushBack(value); +} + +void PushBackStringNLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size == 0) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + + std::string value = fdp.ConsumeRandomLengthString(); + Object.PushBack(value); +} + +void GetToDoubleNLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(double)) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + double value = fdp.ConsumeFloatingPoint(); + Object.GetTo(value); +} + +void GetToUint32NLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(uint32_t)) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + uint32_t value = fdp.ConsumeIntegral(); + Object.GetTo(value); +} + +void GetToBoolNLFuzzTest(const uint8_t* data, size_t size) +{ + if (data == nullptr || size < sizeof(bool)) { + return; + } + + FuzzedDataProvider fdp(data, size); + JsonItemObject Object; + bool value = fdp.ConsumeBool();; + Object.GetTo(value); +} +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DistributedHardware::ToJsonDoubleNLFuzzTest(data, size); + OHOS::DistributedHardware::ToJsonInt16NLFuzzTest(data, size); + OHOS::DistributedHardware::FromJsonDoubleNLFuzzTest(data, size); + OHOS::DistributedHardware::FromJsonBoolNLFuzzTest(data, size); + OHOS::DistributedHardware::FromJsonUint8NLFuzzTest(data, size); + OHOS::DistributedHardware::FromJsonInt16NLFuzzTest(data, size); + OHOS::DistributedHardware::IsNumberNLFuzzTest(data, size); + OHOS::DistributedHardware::JsonItemObjectAssignmentNLFuzzTest(data, size); + OHOS::DistributedHardware::PushBackDoubleNLFuzzTest(data, size); + OHOS::DistributedHardware::PushBackInt64NLFuzzTest(data, size); + OHOS::DistributedHardware::PushBackStringNLFuzzTest(data, size); + OHOS::DistributedHardware::GetToDoubleNLFuzzTest(data, size); + OHOS::DistributedHardware::GetToUint32NLFuzzTest(data, size); + OHOS::DistributedHardware::GetToBoolNLFuzzTest(data, size); + + return 0; +} diff --git a/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/json_object_nlohmannjson_fuzzer.h b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/json_object_nlohmannjson_fuzzer.h new file mode 100644 index 000000000..f01aa3031 --- /dev/null +++ b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/json_object_nlohmannjson_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef JSON_OBJECT_NLOHMANNJSON_FUZZER_H +#define JSON_OBJECT_NLOHMANNJSON_FUZZER_H + +#define FUZZ_PROJECT_NAME "jsonobjectnlohmannjson_fuzzer" + +#endif // JSON_OBJECT_NLOHMANNJSON_FUZZER_H \ No newline at end of file diff --git a/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/project.xml b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/project.xml new file mode 100644 index 000000000..500f6f414 --- /dev/null +++ b/test/commonfuzztest/jsonobjectnlohmannjson_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file -- Gitee From ce6b0cea5e56d9d570f2460626a9cfce4c7c30a0 Mon Sep 17 00:00:00 2001 From: Sly <1298008151@qq.com> Date: Thu, 3 Jul 2025 19:13:52 +0800 Subject: [PATCH 2/2] add fuzz Signed-off-by: Sly <1298008151@qq.com> --- .../json_object_cjson_fuzzer.cpp | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.cpp b/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.cpp index 7bb20ebb2..d5b8566a3 100644 --- a/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.cpp +++ b/test/commonfuzztest/jsonobjectcjson_fuzzer/json_object_cjson_fuzzer.cpp @@ -196,24 +196,6 @@ void FromJsonInt32FuzzTest(const uint8_t* data, size_t size) FromJson(itemObject, result); } -// void FromJsonUint32FuzzTest(const uint8_t* data, size_t size) -// { -// if (data == nullptr || size < sizeof(int32_t) + sizeof(uint32_t)) { -// return; -// } - -// FuzzedDataProvider fdp(data, size); - -// JsonItemObject itemObject; -// uint32_t result = fdp.ConsumeIntegral(); - -// int32_t testValue = fdp.ConsumeIntegralInRange( -// std::numeric_limits::min(), -// std::numeric_limits::max()); -// ToJson(itemObject, testValue); -// FromJson(itemObject, result); -// } - void ToStringFuzzTest(const uint8_t* data, size_t size) { (void)data; @@ -348,7 +330,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) OHOS::DistributedHardware::FromJsonInt16FuzzTest(data, size); OHOS::DistributedHardware::FromJsonUint16FuzzTest(data, size); OHOS::DistributedHardware::FromJsonInt32FuzzTest(data, size); - // OHOS::DistributedHardware::FromJsonUint32FuzzTest(data, size); OHOS::DistributedHardware::ToStringFuzzTest(data, size); OHOS::DistributedHardware::IsArrayFuzzTest(data, size); OHOS::DistributedHardware::IsObjectFuzzTest(data, size); -- Gitee