From 91535a4f8e838c159fec0c64c830da2064a301eb Mon Sep 17 00:00:00 2001 From: LiangNuo Date: Mon, 16 Jun 2025 20:13:24 +0800 Subject: [PATCH 1/4] modify format Signed-off-by: LiangNuo --- test/unittest/mock/accesstoken_kit_mock.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/unittest/mock/accesstoken_kit_mock.cpp b/test/unittest/mock/accesstoken_kit_mock.cpp index 8475fc5f3..31e987215 100644 --- a/test/unittest/mock/accesstoken_kit_mock.cpp +++ b/test/unittest/mock/accesstoken_kit_mock.cpp @@ -35,9 +35,9 @@ int AccessTokenKit::GetNativeTokenInfo(AccessTokenID tokenID, NativeTokenInfo &n return AccessTokenKitInterface::GetOrCreateAccessTokenKit()->GetNativeTokenInfo(tokenID, nativeTokenInfoRes); } -AccessTokenID AccessTokenKit::GetNativeTokenId(const std::string &GetNativeTokenId) +AccessTokenID AccessTokenKit::GetNativeTokenId(const std::string &nativeTokenId) { - return AccessTokenKitInterface::GetOrCreateAccessTokenKit()->GetNativeTokenId(GetNativeTokenId); + return AccessTokenKitInterface::GetOrCreateAccessTokenKit()->GetNativeTokenId(nativeTokenId); } AccessTokenID AccessTokenKit::GetHapTokenID(int32_t userID, const std::string &bundleName, int32_t instIndex) -- Gitee From 82201969356eba30526254f78c877f9a435cc7e7 Mon Sep 17 00:00:00 2001 From: WangChenglong <15817580+FoXiMistyMoon@user.noreply.gitee.com> Date: Sat, 21 Jun 2025 19:27:06 +0800 Subject: [PATCH 2/4] fuzz update Signed-off-by: WangChenglong <15817580+FoXiMistyMoon@user.noreply.gitee.com> --- test/BUILD.gn | 56 ++++++------ test/commonfuzztest/BUILD.gn | 6 ++ test/commonfuzztest/authacl_fuzzer/BUILD.gn | 82 +++++++++++++++++ .../authacl_fuzzer/auth_acl_fuzzer.cpp | 50 +++++++++++ .../authacl_fuzzer/auth_acl_fuzzer.h | 21 +++++ .../commonfuzztest/authacl_fuzzer/corpus/init | 13 +++ .../commonfuzztest/authacl_fuzzer/project.xml | 25 ++++++ .../authcredential_fuzzer/BUILD.gn | 83 ++++++++++++++++++ .../auth_credential_fuzzer.cpp | 71 +++++++++++++++ .../auth_credential_fuzzer.h | 21 +++++ .../authcredential_fuzzer/corpus/init | 13 +++ .../authcredential_fuzzer/project.xml | 25 ++++++ .../authpinauth_fuzzer/BUILD.gn | 80 +++++++++++++++++ .../auth_pin_auth_fuzzer.cpp | 71 +++++++++++++++ .../authpinauth_fuzzer/auth_pin_auth_fuzzer.h | 21 +++++ .../authpinauth_fuzzer/corpus/init | 13 +++ .../authpinauth_fuzzer/project.xml | 25 ++++++ .../commonfuzztest/dmanonyous_fuzzer/BUILD.gn | 75 ++++++++++++++++ .../dmanonyous_fuzzer/corpus/init | 13 +++ .../dmanonyous_fuzzer/dm_anonyous_fuzzer.cpp | 74 ++++++++++++++++ .../dmanonyous_fuzzer/dm_anonyous_fuzzer.h | 21 +++++ .../dmanonyous_fuzzer/project.xml | 25 ++++++ .../dm_auth_manager_fuzzer.cpp | 1 - .../dmauthmanager_fuzzer/project.xml | 2 +- .../dmauthmanagerv2_fuzzer/BUILD.gn | 4 +- .../dm_auth_manager_fuzzer.cpp | 61 ++++++++++++- .../dmfreezeprocess_fuzzer/BUILD.gn | 80 +++++++++++++++++ .../dmfreezeprocess_fuzzer/corpus/init | 13 +++ .../dm_freeze_process_fuzzer.cpp | 87 +++++++++++++++++++ .../dm_freeze_process_fuzzer.h | 21 +++++ .../dmfreezeprocess_fuzzer/project.xml | 25 ++++++ .../ondatareceivedv2_fuzzer/BUILD.gn | 4 +- .../UTTest_hichain_connector.cpp | 0 test/interfacesfuzztest/BUILD.gn | 0 .../devicemanagerimpl_fuzzer/BUILD.gn | 2 +- .../devicemanagerimpl_fuzzer/corpus/init | 0 .../device_manager_impl_fuzzer.cpp | 35 ++++++++ .../device_manager_impl_fuzzer.h | 0 .../devicemanagerimpl_fuzzer/project.xml | 0 test/servicesfuzztest/BUILD.gn | 1 + .../auth_message_processor_fuzzer.cpp | 82 ++++++++++++++++- .../devicenamemanager_fuzzer/BUILD.gn | 2 +- .../dmauthattestcommon_fuzzer/BUILD.gn | 80 +++++++++++++++++ .../dmauthattestcommon_fuzzer/corpus/init | 13 +++ .../dm_auth_attest_common_fuzzer.cpp | 54 ++++++++++++ .../dm_auth_attest_common_fuzzer.h | 21 +++++ .../dmauthattestcommon_fuzzer/project.xml | 25 ++++++ .../dmcommtool_fuzzer/dm_comm_tool_fuzzer.cpp | 27 ++++++ .../dm_transport_msg_fuzzer.cpp | 29 +++++++ 49 files changed, 1513 insertions(+), 40 deletions(-) create mode 100644 test/commonfuzztest/authacl_fuzzer/BUILD.gn create mode 100644 test/commonfuzztest/authacl_fuzzer/auth_acl_fuzzer.cpp create mode 100644 test/commonfuzztest/authacl_fuzzer/auth_acl_fuzzer.h create mode 100644 test/commonfuzztest/authacl_fuzzer/corpus/init create mode 100644 test/commonfuzztest/authacl_fuzzer/project.xml create mode 100644 test/commonfuzztest/authcredential_fuzzer/BUILD.gn create mode 100644 test/commonfuzztest/authcredential_fuzzer/auth_credential_fuzzer.cpp create mode 100644 test/commonfuzztest/authcredential_fuzzer/auth_credential_fuzzer.h create mode 100644 test/commonfuzztest/authcredential_fuzzer/corpus/init create mode 100644 test/commonfuzztest/authcredential_fuzzer/project.xml create mode 100644 test/commonfuzztest/authpinauth_fuzzer/BUILD.gn create mode 100644 test/commonfuzztest/authpinauth_fuzzer/auth_pin_auth_fuzzer.cpp create mode 100644 test/commonfuzztest/authpinauth_fuzzer/auth_pin_auth_fuzzer.h create mode 100644 test/commonfuzztest/authpinauth_fuzzer/corpus/init create mode 100644 test/commonfuzztest/authpinauth_fuzzer/project.xml create mode 100644 test/commonfuzztest/dmanonyous_fuzzer/BUILD.gn create mode 100644 test/commonfuzztest/dmanonyous_fuzzer/corpus/init create mode 100644 test/commonfuzztest/dmanonyous_fuzzer/dm_anonyous_fuzzer.cpp create mode 100644 test/commonfuzztest/dmanonyous_fuzzer/dm_anonyous_fuzzer.h create mode 100644 test/commonfuzztest/dmanonyous_fuzzer/project.xml create mode 100644 test/commonfuzztest/dmfreezeprocess_fuzzer/BUILD.gn create mode 100644 test/commonfuzztest/dmfreezeprocess_fuzzer/corpus/init create mode 100644 test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp create mode 100644 test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.h create mode 100644 test/commonfuzztest/dmfreezeprocess_fuzzer/project.xml mode change 100755 => 100644 test/commonunittest/UTTest_hichain_connector.cpp mode change 100755 => 100644 test/interfacesfuzztest/BUILD.gn mode change 100755 => 100644 test/interfacesfuzztest/devicemanagerimpl_fuzzer/BUILD.gn mode change 100755 => 100644 test/interfacesfuzztest/devicemanagerimpl_fuzzer/corpus/init mode change 100755 => 100644 test/interfacesfuzztest/devicemanagerimpl_fuzzer/device_manager_impl_fuzzer.cpp mode change 100755 => 100644 test/interfacesfuzztest/devicemanagerimpl_fuzzer/device_manager_impl_fuzzer.h mode change 100755 => 100644 test/interfacesfuzztest/devicemanagerimpl_fuzzer/project.xml create mode 100644 test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn create mode 100644 test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init create mode 100644 test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.cpp create mode 100644 test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h create mode 100644 test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml diff --git a/test/BUILD.gn b/test/BUILD.gn index c856a29d0..e5cb6fa45 100644 --- a/test/BUILD.gn +++ b/test/BUILD.gn @@ -1,28 +1,28 @@ -# Copyright (c) 2022-2023 Huawei Device Co., Ltd. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -group("test") { - testonly = true - - deps = [] - if (support_jsapi) { - deps += [ - "benchmarktest:benchmarktest", - "commonfuzztest:fuzztest", - "interfacesfuzztest:fuzztest", - "servicesfuzztest:fuzztest", - "softbusfuzztest:fuzztest", - "unittest:unittest", - ] - } -} +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +group("test") { + testonly = true + + deps = [] + if (support_jsapi) { + deps += [ + "benchmarktest:benchmarktest", + "commonfuzztest:fuzztest", + "interfacesfuzztest:fuzztest", + "servicesfuzztest:fuzztest", + "softbusfuzztest:fuzztest", + "unittest:unittest", + ] + } +} diff --git a/test/commonfuzztest/BUILD.gn b/test/commonfuzztest/BUILD.gn index c88c67ba2..393935132 100644 --- a/test/commonfuzztest/BUILD.gn +++ b/test/commonfuzztest/BUILD.gn @@ -15,13 +15,18 @@ group("fuzztest") { testonly = true deps = [ + "authacl_fuzzer:fuzztest", + "authcredential_fuzzer:fuzztest", "authenticatedevice_fuzzer:fuzztest", "authenticatedeviceservice_fuzzer:fuzztest", "authenticatedeviceserviceimpl_fuzzer:fuzztest", + "authpinauth_fuzzer:fuzztest", + "dmanonyous_fuzzer:fuzztest", "dmauthmanager_fuzzer:fuzztest", "dmauthmanagerv2_fuzzer:fuzztest", "dmcommoneventmanager_fuzzer:fuzztest", "dmcredentialimpl_fuzzer:fuzztest", + "dmfreezeprocess_fuzzer:fuzztest", "generateencrypteduuid_fuzzer:fuzztest", "getdeviceinfo_fuzzer:fuzztest", "hichainconnector_fuzzer:fuzztest", @@ -33,5 +38,6 @@ group("fuzztest") { "pinauth_fuzzer:fuzztest", "pinauthui_fuzzer:fuzztest", "pinholder_fuzzer:fuzztest", + ] } diff --git a/test/commonfuzztest/authacl_fuzzer/BUILD.gn b/test/commonfuzztest/authacl_fuzzer/BUILD.gn new file mode 100644 index 000000000..9b8b45671 --- /dev/null +++ b/test/commonfuzztest/authacl_fuzzer/BUILD.gn @@ -0,0 +1,82 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributedhardware/device_manager/device_manager.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AuthAclFuzzTest") { + module_out_path = fuzz_test_output_path + fuzz_config_file = + "${devicemanager_path}/test/commonfuzztest/authacl_fuzzer" + + include_dirs = [ + "${innerkits_path}/native_cpp/include", + "${servicesimpl_path}/include/ability", + "${servicesimpl_path}/include/adapter", + "${servicesimpl_path}/include/authentication_v2", + "${servicesimpl_path}/include/dependency/hichain", + "${servicesimpl_path}/include/dependency/softbus", + "${servicesimpl_path}/include/dependency/timer", + ] + + cflags = [ + "-g", + "-O0", + "-Dprivate=public", + "-Dprotected=public", + "-Werror", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ "auth_acl_fuzzer.cpp" ] + + deps = [ + "${innerkits_path}/native_cpp:devicemanagersdk", + "${services_path}:devicemanagerservicetest", + "${servicesimpl_path}:devicemanagerserviceimpl", + "${utils_path}:devicemanagerutilstest", + ] + + external_deps = [ + "cJSON:cjson", + "device_auth:deviceauth_sdk", + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + "dsoftbus:softbus_client", + "ffrt:libffrt", + "hilog:libhilog", + "init:libbegetutil", + "ipc:ipc_single", + "safwk:system_ability_fwk", + ] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"AuthAclFuzzTest\"", + "LOG_DOMAIN=0xD004110", + ] + cflags_cc=[ "--coverage"] + ldflags = ["--coverage"] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":AuthAclFuzzTest" ] +} +############################################################################### diff --git a/test/commonfuzztest/authacl_fuzzer/auth_acl_fuzzer.cpp b/test/commonfuzztest/authacl_fuzzer/auth_acl_fuzzer.cpp new file mode 100644 index 000000000..327347467 --- /dev/null +++ b/test/commonfuzztest/authacl_fuzzer/auth_acl_fuzzer.cpp @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "auth_acl_fuzzer.h" + +#include +#include + +#include "device_manager_service_listener.h" +#include "dm_auth_state.h" +#include "dm_freeze_process.h" + +namespace OHOS { +namespace DistributedHardware { +void AuthAclFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FuzzedDataProvider fdp(data, size); + int32_t sessionId = fdp.ConsumeIntegral(); + std::string result = fdp.ConsumeRandomLengthString(); + std::shared_ptr authSink = std::make_shared(); + std::shared_ptr authSrc = std::make_shared(); + + authSink->GetStateType(); + authSrc->GetStateType(); +} +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DistributedHardware::AuthAclFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/commonfuzztest/authacl_fuzzer/auth_acl_fuzzer.h b/test/commonfuzztest/authacl_fuzzer/auth_acl_fuzzer.h new file mode 100644 index 000000000..6e30090a7 --- /dev/null +++ b/test/commonfuzztest/authacl_fuzzer/auth_acl_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef AUTH_ACL_FUZZER_H +#define AUTH_ACL_FUZZER_H + +#define FUZZ_PROJECT_NAME "authacl_fuzzer" + +#endif // AUTH_ACL_FUZZER_H \ No newline at end of file diff --git a/test/commonfuzztest/authacl_fuzzer/corpus/init b/test/commonfuzztest/authacl_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/commonfuzztest/authacl_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/commonfuzztest/authacl_fuzzer/project.xml b/test/commonfuzztest/authacl_fuzzer/project.xml new file mode 100644 index 000000000..500f6f414 --- /dev/null +++ b/test/commonfuzztest/authacl_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file diff --git a/test/commonfuzztest/authcredential_fuzzer/BUILD.gn b/test/commonfuzztest/authcredential_fuzzer/BUILD.gn new file mode 100644 index 000000000..04f4d5c98 --- /dev/null +++ b/test/commonfuzztest/authcredential_fuzzer/BUILD.gn @@ -0,0 +1,83 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributedhardware/device_manager/device_manager.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AuthCredentialFuzzTest") { + module_out_path = fuzz_test_output_path + fuzz_config_file = + "${devicemanager_path}/test/commonfuzztest/authcredential_fuzzer" + + include_dirs = [ + "${innerkits_path}/native_cpp/include", + "${servicesimpl_path}/include/ability", + "${servicesimpl_path}/include/adapter", + "${servicesimpl_path}/include/authentication_v2", + "${servicesimpl_path}/include/dependency/hichain", + "${servicesimpl_path}/include/dependency/softbus", + "${servicesimpl_path}/include/dependency/timer", + ] + + cflags = [ + "-g", + "-O0", + "-Dprivate=public", + "-Dprotected=public", + "-Werror", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ "auth_credential_fuzzer.cpp" ] + + deps = [ + "${innerkits_path}/native_cpp:devicemanagersdk", + "${services_path}:devicemanagerservicetest", + "${servicesimpl_path}:devicemanagerserviceimpl", + "${utils_path}:devicemanagerutilstest", + ] + + external_deps = [ + "cJSON:cjson", + "device_auth:deviceauth_sdk", + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + "dsoftbus:softbus_client", + "ffrt:libffrt", + "hilog:libhilog", + "init:libbegetutil", + "ipc:ipc_single", + "safwk:system_ability_fwk", + ] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"AuthCredentialFuzzTest\"", + "LOG_DOMAIN=0xD004110", + ] + + cflags_cc=[ "--coverage"] + ldflags = ["--coverage"] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":AuthCredentialFuzzTest" ] +} +############################################################################### diff --git a/test/commonfuzztest/authcredential_fuzzer/auth_credential_fuzzer.cpp b/test/commonfuzztest/authcredential_fuzzer/auth_credential_fuzzer.cpp new file mode 100644 index 000000000..273bd1909 --- /dev/null +++ b/test/commonfuzztest/authcredential_fuzzer/auth_credential_fuzzer.cpp @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "auth_credential_fuzzer.h" + +#include +#include + +#include "device_manager_service_listener.h" +#include "dm_auth_state.h" +#include "dm_freeze_process.h" + +namespace OHOS { +namespace DistributedHardware { +constexpr uint32_t SERVICE = 2; + +void AuthCredentialFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FreezeProcess freezeProcess; + FuzzedDataProvider fdp(data, size); + std::shared_ptr context = std::make_shared(); + context->transmitData = fdp.ConsumeRandomLengthString(); + context->requestId = fdp.ConsumeIntegral(); + context->accesser.userId = fdp.ConsumeIntegral(); + context->accesser.isGenerateLnnCredential = true; + context->isAppCredentialVerified = false; + context->accesser.bindLevel = SERVICE; + std::shared_ptr auth1 = std::make_shared(); + std::shared_ptr auth2 = std::make_shared(); + std::shared_ptr auth3 = std::make_shared(); + std::shared_ptr auth4 = std::make_shared(); + std::shared_ptr auth5 = std::make_shared(); + std::shared_ptr auth6 = std::make_shared(); + + auth1->Action(context); + auth2->Action(context); + context->isAppCredentialVerified = true; + auth2->Action(context); + context->accesser.isGenerateLnnCredential = false; + auth1->GetStateType(); + auth2->GetStateType(); + auth3->GetStateType(); + auth4->GetStateType(); + auth5->GetStateType(); + auth6->GetStateType(); +} +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DistributedHardware::AuthCredentialFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/commonfuzztest/authcredential_fuzzer/auth_credential_fuzzer.h b/test/commonfuzztest/authcredential_fuzzer/auth_credential_fuzzer.h new file mode 100644 index 000000000..6e30090a7 --- /dev/null +++ b/test/commonfuzztest/authcredential_fuzzer/auth_credential_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef AUTH_ACL_FUZZER_H +#define AUTH_ACL_FUZZER_H + +#define FUZZ_PROJECT_NAME "authacl_fuzzer" + +#endif // AUTH_ACL_FUZZER_H \ No newline at end of file diff --git a/test/commonfuzztest/authcredential_fuzzer/corpus/init b/test/commonfuzztest/authcredential_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/commonfuzztest/authcredential_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/commonfuzztest/authcredential_fuzzer/project.xml b/test/commonfuzztest/authcredential_fuzzer/project.xml new file mode 100644 index 000000000..500f6f414 --- /dev/null +++ b/test/commonfuzztest/authcredential_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file diff --git a/test/commonfuzztest/authpinauth_fuzzer/BUILD.gn b/test/commonfuzztest/authpinauth_fuzzer/BUILD.gn new file mode 100644 index 000000000..9ab8575c5 --- /dev/null +++ b/test/commonfuzztest/authpinauth_fuzzer/BUILD.gn @@ -0,0 +1,80 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributedhardware/device_manager/device_manager.gni") + +##############################fuzztest########################################## +ohos_fuzztest("AuthPinAuthFuzzTest") { + module_out_path = fuzz_test_output_path + fuzz_config_file = + "${devicemanager_path}/test/commonfuzztest/authpinauth_fuzzer" + + include_dirs = [ + "${innerkits_path}/native_cpp/include", + "${servicesimpl_path}/include/ability", + "${servicesimpl_path}/include/adapter", + "${servicesimpl_path}/include/authentication_v2", + "${servicesimpl_path}/include/dependency/hichain", + "${servicesimpl_path}/include/dependency/softbus", + "${servicesimpl_path}/include/dependency/timer", + ] + + cflags = [ + "-g", + "-O0", + "-Dprivate=public", + "-Dprotected=public", + "-Werror", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ "auth_pin_auth_fuzzer.cpp"] + + deps = [ + "${innerkits_path}/native_cpp:devicemanagersdk", + "${services_path}:devicemanagerservicetest", + "${servicesimpl_path}:devicemanagerserviceimpl", + "${utils_path}:devicemanagerutilstest", + ] + + external_deps = [ + "cJSON:cjson", + "device_auth:deviceauth_sdk", + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + "dsoftbus:softbus_client", + "ffrt:libffrt", + "hilog:libhilog", + "init:libbegetutil", + "ipc:ipc_single", + "safwk:system_ability_fwk", + ] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"AuthPinAuthFuzzTest\"", + "LOG_DOMAIN=0xD004110", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":AuthPinAuthFuzzTest" ] +} +############################################################################### diff --git a/test/commonfuzztest/authpinauth_fuzzer/auth_pin_auth_fuzzer.cpp b/test/commonfuzztest/authpinauth_fuzzer/auth_pin_auth_fuzzer.cpp new file mode 100644 index 000000000..c04aa8541 --- /dev/null +++ b/test/commonfuzztest/authpinauth_fuzzer/auth_pin_auth_fuzzer.cpp @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "auth_pin_auth_fuzzer.h" + +#include +#include + +#include "device_manager_service_listener.h" +#include "dm_auth_state.h" +#include "dm_auth_state_machine.h" +#include "dm_freeze_process.h" + +namespace OHOS { +namespace DistributedHardware { +constexpr uint32_t SERVICE = 2; + +void AuthPinAuthFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FreezeProcess freezeProcess; + FuzzedDataProvider fdp(data, size); + std::shared_ptr context = std::make_shared(); + context->transmitData = fdp.ConsumeRandomLengthString(); + context->requestId = fdp.ConsumeIntegral(); + context->accesser.userId = fdp.ConsumeIntegral(); + + std::shared_ptr auth1 = std::make_shared(); + std::shared_ptr auth2 = std::make_shared(); + std::shared_ptr auth3 = std::make_shared(); + std::shared_ptr auth4 = std::make_shared(); + std::shared_ptr auth5 = std::make_shared(); + std::shared_ptr auth6 = std::make_shared(); + std::shared_ptr auth7 = std::make_shared(); + std::shared_ptr auth8 = std::make_shared(); + auth1->GetStateType(); + auth2->GetStateType(); + int32_t credType = fdp.ConsumeIntegral(); + auth3->GetCredIdByCredType(context, credType); + context->isAppCredentialVerified = true; + context->accesser.isGenerateLnnCredential = false; + auth4->ShowStartAuthDialog(context); + auth5->GetStateType(); + auth6->GetStateType(); + auth7->GetStateType(); + auth8->GetStateType(); +} +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DistributedHardware::AuthPinAuthFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/commonfuzztest/authpinauth_fuzzer/auth_pin_auth_fuzzer.h b/test/commonfuzztest/authpinauth_fuzzer/auth_pin_auth_fuzzer.h new file mode 100644 index 000000000..d9a1a29ba --- /dev/null +++ b/test/commonfuzztest/authpinauth_fuzzer/auth_pin_auth_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef AUTH_PIN_AUTH_FUZZER_H +#define AUTH_PIN_AUTH_FUZZER_H + +#define FUZZ_PROJECT_NAME "authpinauth_fuzzer" + +#endif // AUTH_PIN_AUTH_FUZZER_H \ No newline at end of file diff --git a/test/commonfuzztest/authpinauth_fuzzer/corpus/init b/test/commonfuzztest/authpinauth_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/commonfuzztest/authpinauth_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/commonfuzztest/authpinauth_fuzzer/project.xml b/test/commonfuzztest/authpinauth_fuzzer/project.xml new file mode 100644 index 000000000..500f6f414 --- /dev/null +++ b/test/commonfuzztest/authpinauth_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file diff --git a/test/commonfuzztest/dmanonyous_fuzzer/BUILD.gn b/test/commonfuzztest/dmanonyous_fuzzer/BUILD.gn new file mode 100644 index 000000000..dfc1d5b80 --- /dev/null +++ b/test/commonfuzztest/dmanonyous_fuzzer/BUILD.gn @@ -0,0 +1,75 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributedhardware/device_manager/device_manager.gni") + +##############################fuzztest########################################## +ohos_fuzztest("DmAnonyousFuzzTest") { + module_out_path = fuzz_test_output_path + fuzz_config_file = "${devicemanager_path}/test/commonfuzztest/dmanonyous_fuzzer" + + include_dirs = [ + "${common_path}/include", + "${innerkits_path}/native_cpp/include", + "${services_path}/include/softbus", + ] + + cflags = [ + "-g", + "-O0", + "-Dprivate=public", + "-Dprotected=public", + "-Werror", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ "dm_anonyous_fuzzer.cpp", + "${json_path}/src/json_object_cjson.cpp", ] + + deps = [ + "${innerkits_path}/native_cpp:devicemanagersdk", + "${services_path}:devicemanagerservicetest", + "${servicesimpl_path}:devicemanagerserviceimpl", + ] + + external_deps = [ + "cJSON:cjson", + "c_utils:utils", + "device_auth:deviceauth_sdk", + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + "dsoftbus:softbus_client", + "hilog:libhilog", + "ipc:ipc_single", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + ] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"DmAnonyousFuzzTest\"", + "LOG_DOMAIN=0xD004110", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":DmAnonyousFuzzTest" ] +} +############################################################################### diff --git a/test/commonfuzztest/dmanonyous_fuzzer/corpus/init b/test/commonfuzztest/dmanonyous_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/commonfuzztest/dmanonyous_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/commonfuzztest/dmanonyous_fuzzer/dm_anonyous_fuzzer.cpp b/test/commonfuzztest/dmanonyous_fuzzer/dm_anonyous_fuzzer.cpp new file mode 100644 index 000000000..013a0c071 --- /dev/null +++ b/test/commonfuzztest/dmanonyous_fuzzer/dm_anonyous_fuzzer.cpp @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include + +#include "device_manager_impl.h" +#include "dm_constants.h" +#include "softbus_listener.h" +#include "dm_anonymous.h" +namespace OHOS { +namespace DistributedHardware { + +void DmAnonyousFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + std::vector strList; + strList.push_back("test1"); + strList.push_back("test2"); + GetAnonyStringList(strList); + std::vector intList; + intList.push_back(1); + GetAnonyInt32List(intList); + JsonObject jsonObj; + jsonObj["key1"] = 123; + jsonObj["key2"] = "value2"; + jsonObj["key3"] = true; + IsUint32(jsonObj, "key1"); + IsUint64(jsonObj, "key1"); + IsBool(jsonObj, "key3"); + std::map paramMap; + paramMap["key1"] = "value1"; + paramMap["key2"] = "value2"; + std::map paramMap2 = {}; + std::string jsonStr = ConvertMapToJsonString(paramMap); + ParseMapFromJsonString(jsonStr, paramMap2); + StringToInt("123", 10); + StringToInt64("123", 10); + int32_t versionNum = 0; + GetVersionNumber("1.0.0", versionNum); + GetCallerPkgName("com.example.app#test"); + GetSubscribeId("123#12345"); + std::multimap unorderedmap; + unorderedmap.insert(std::make_pair("key1", 123)); + IsValueExist(unorderedmap, "key1", 123); + GetSubStr("test#123", "#", 0); + IsJsonValIntegerString(jsonObj, "key2"); +} +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DistributedHardware::DmAnonyousFuzzTest(data, size); + + return 0; +} diff --git a/test/commonfuzztest/dmanonyous_fuzzer/dm_anonyous_fuzzer.h b/test/commonfuzztest/dmanonyous_fuzzer/dm_anonyous_fuzzer.h new file mode 100644 index 000000000..45837bdba --- /dev/null +++ b/test/commonfuzztest/dmanonyous_fuzzer/dm_anonyous_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DM_ANONYOUS_Test_FUZZER_H +#define DM_ANONYOUS_Test_FUZZER_H + +#define FUZZ_PROJECT_NAME "dmanonyous_fuzzer" + +#endif // DM_ANONYOUS_Test_FUZZER_H \ No newline at end of file diff --git a/test/commonfuzztest/dmanonyous_fuzzer/project.xml b/test/commonfuzztest/dmanonyous_fuzzer/project.xml new file mode 100644 index 000000000..500f6f414 --- /dev/null +++ b/test/commonfuzztest/dmanonyous_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file diff --git a/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp b/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp index 053f739b4..593378fa2 100644 --- a/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp +++ b/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp @@ -116,6 +116,5 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { /* Run your code on data */ OHOS::DistributedHardware::DmAuthManagerFuzzTest(data, size); - return 0; } \ No newline at end of file diff --git a/test/commonfuzztest/dmauthmanager_fuzzer/project.xml b/test/commonfuzztest/dmauthmanager_fuzzer/project.xml index bac4974e9..e53c5f16d 100644 --- a/test/commonfuzztest/dmauthmanager_fuzzer/project.xml +++ b/test/commonfuzztest/dmauthmanager_fuzzer/project.xml @@ -18,7 +18,7 @@ 1000 - 300 + 30 4096 diff --git a/test/commonfuzztest/dmauthmanagerv2_fuzzer/BUILD.gn b/test/commonfuzztest/dmauthmanagerv2_fuzzer/BUILD.gn index fb2de39ca..7c6fff579 100644 --- a/test/commonfuzztest/dmauthmanagerv2_fuzzer/BUILD.gn +++ b/test/commonfuzztest/dmauthmanagerv2_fuzzer/BUILD.gn @@ -46,9 +46,9 @@ ohos_fuzztest("DmAuthManagerV2FuzzTest") { deps = [ "${innerkits_path}/native_cpp:devicemanagersdk", - "${services_path}:devicemanagerservice", + "${services_path}:devicemanagerservicetest", "${servicesimpl_path}:devicemanagerserviceimpl", - "${utils_path}:devicemanagerutils", + "${utils_path}:devicemanagerutilstest", ] external_deps = [ diff --git a/test/commonfuzztest/dmauthmanagerv2_fuzzer/dm_auth_manager_fuzzer.cpp b/test/commonfuzztest/dmauthmanagerv2_fuzzer/dm_auth_manager_fuzzer.cpp index 018ed3697..f955a2baa 100644 --- a/test/commonfuzztest/dmauthmanagerv2_fuzzer/dm_auth_manager_fuzzer.cpp +++ b/test/commonfuzztest/dmauthmanagerv2_fuzzer/dm_auth_manager_fuzzer.cpp @@ -13,11 +13,15 @@ * limitations under the License. */ -#include +#include "dm_auth_manager_fuzzer.h" + #include -#include "device_manager_service_listener.h" +#include + #include "auth_manager.h" -#include "dm_auth_manager_fuzzer.h" +#include "device_manager_service_listener.h" +#include "dm_auth_context.h" +#include "dm_auth_state_machine.h" namespace OHOS { namespace DistributedHardware { @@ -111,6 +115,56 @@ void DmAuthSinkManagerFuzzTest(const uint8_t* data, size_t size) authManager->OnDataReceived(g_sessionId, str); authManager->OnAuthDeviceDataReceived(g_sessionId, str); } + +void DmAuthManagerV2FuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + std::shared_ptr softbusConnector = std::make_shared(); + std::shared_ptr listener = std::make_shared(); + std::shared_ptr hiChainAuthConnector = std::make_shared(); + std::shared_ptr hiChainConnector = std::make_shared(); + FuzzedDataProvider fdp(data, size); + int32_t sessionId = fdp.ConsumeIntegral(); + int32_t sessionSide = fdp.ConsumeIntegral(); + int32_t result = fdp.ConsumeIntegral(); + int64_t requestId = fdp.ConsumeIntegral(); + int32_t errorCode = fdp.ConsumeIntegral(); + uint64_t logicalSessionId = fdp.ConsumeIntegral(); + int32_t authType = fdp.ConsumeIntegral(); + PeerTargetId targetId = { + .deviceId = fdp.ConsumeRandomLengthString(), + .brMac = fdp.ConsumeRandomLengthString(), + .bleMac = fdp.ConsumeRandomLengthString(), + .wifiIp = fdp.ConsumeRandomLengthString(), + .wifiPort = fdp.ConsumeIntegral(), + }; + std::map bindParam = { { "key1", fdp.ConsumeRandomLengthString() }, + { "key2", fdp.ConsumeRandomLengthString() }, { "key3", fdp.ConsumeRandomLengthString() } }; + std::string pkgName = fdp.ConsumeRandomLengthString(); + std::string deviceId = fdp.ConsumeRandomLengthString(); + std::string extra = fdp.ConsumeRandomLengthString(); + std::shared_ptr authSrcManager = + std::make_shared(softbusConnector, hiChainConnector, listener, hiChainAuthConnector); + std::shared_ptr authSinkManager = + std::make_shared(softbusConnector, hiChainConnector, listener, hiChainAuthConnector); + authSrcManager->BindTarget(pkgName, targetId, bindParam, sessionId, logicalSessionId); + authSrcManager->GetAuthParam(pkgName, authType, deviceId, extra); + authSinkManager->OnSessionOpened(sessionId, sessionSide, result); + authSrcManager->OnSessionDisable(); + authSrcManager->GetIsCryptoSupport(); + std::shared_ptr context = std::make_shared(); + authSinkManager->context_->authStateMachine->curState_ = DmAuthStateType::AUTH_SINK_PIN_AUTH_START_STATE; + authSinkManager->AuthDeviceError(requestId, errorCode); + authSinkManager->context_->authStateMachine->curState_ = DmAuthStateType::AUTH_SINK_FINISH_STATE; + authSinkManager->AuthDeviceError(requestId, errorCode); + authSinkManager->AuthDeviceFinish(requestId); + authSinkManager->GetBindTargetParams(pkgName, targetId, bindParam); + authSinkManager->SetBindTargetParams(targetId); + authSinkManager->ClearSoftbusSessionCallback(); + authSinkManager->PrepareSoftbusSessionCallback(); +} } } @@ -120,5 +174,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) /* Run your code on data */ OHOS::DistributedHardware::DmAuthSrcManagerFuzzTest(data, size); OHOS::DistributedHardware::DmAuthSinkManagerFuzzTest(data, size); + OHOS::DistributedHardware::DmAuthManagerV2FuzzTest(data, size); return 0; } \ No newline at end of file diff --git a/test/commonfuzztest/dmfreezeprocess_fuzzer/BUILD.gn b/test/commonfuzztest/dmfreezeprocess_fuzzer/BUILD.gn new file mode 100644 index 000000000..01ef24d27 --- /dev/null +++ b/test/commonfuzztest/dmfreezeprocess_fuzzer/BUILD.gn @@ -0,0 +1,80 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributedhardware/device_manager/device_manager.gni") + +##############################fuzztest########################################## +ohos_fuzztest("DmFreezeProcessFuzzTest") { + module_out_path = fuzz_test_output_path + fuzz_config_file = + "${devicemanager_path}/test/commonfuzztest/dmfreezeprocess_fuzzer" + + include_dirs = [ + "${innerkits_path}/native_cpp/include", + "${servicesimpl_path}/include/ability", + "${servicesimpl_path}/include/adapter", + "${servicesimpl_path}/include/authentication_v2", + "${servicesimpl_path}/include/dependency/hichain", + "${servicesimpl_path}/include/dependency/softbus", + "${servicesimpl_path}/include/dependency/timer", + ] + + cflags = [ + "-g", + "-O0", + "-Dprivate=public", + "-Dprotected=public", + "-Werror", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + sources = [ "dm_freeze_process_fuzzer.cpp" ] + + deps = [ + "${innerkits_path}/native_cpp:devicemanagersdk", + "${services_path}:devicemanagerservicetest", + "${servicesimpl_path}:devicemanagerserviceimpl", + "${utils_path}:devicemanagerutilstest", + ] + + external_deps = [ + "cJSON:cjson", + "device_auth:deviceauth_sdk", + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + "dsoftbus:softbus_client", + "ffrt:libffrt", + "hilog:libhilog", + "init:libbegetutil", + "ipc:ipc_single", + "safwk:system_ability_fwk", + ] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"DmFreezeProcessFuzzTest\"", + "LOG_DOMAIN=0xD004110", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":DmFreezeProcessFuzzTest" ] +} +############################################################################### diff --git a/test/commonfuzztest/dmfreezeprocess_fuzzer/corpus/init b/test/commonfuzztest/dmfreezeprocess_fuzzer/corpus/init new file mode 100644 index 000000000..8f37f0925 --- /dev/null +++ b/test/commonfuzztest/dmfreezeprocess_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp b/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp new file mode 100644 index 000000000..6c687e9aa --- /dev/null +++ b/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp @@ -0,0 +1,87 @@ +/* + * Copyright (c) 2025-2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "dm_freeze_process_fuzzer.h" + +#include +#include + +#include "device_manager_service_listener.h" +#include "dm_freeze_process.h" + +namespace OHOS { +namespace DistributedHardware { +namespace { +constexpr const char* BIND_FAILED_EVENTS_KEY = "bindFailedEvents"; +constexpr const char* FREEZE_STATE_KEY = "freezeState"; +constexpr const char* START_FREEZE_TIME_KEY = "startFreezeTimeStamp"; +constexpr const char* STOP_FREEZE_TIME_KEY = "stopFreezeTimeStamp"; +constexpr const char* FAILED_TIMES_STAMPS_KEY = "failedTimeStamps"; +constexpr const char* FREEZE_TIMES_STAMPS_KEY = "freezeTimeStamps"; +constexpr const char* CAST_BUNDLE_NAME = "cast_engine_service"; +constexpr int32_t MAX_CONTINUEOUS_BIND_FAILED_NUM = 2; +constexpr int64_t CONTINUEOUS_FAILED_INTERVAL = 6 * 60; +constexpr int64_t DATA_REFRESH_INTERVAL = 20 * 60; +constexpr int64_t NOT_FREEZE_TIME = 0; +constexpr int64_t FIRST_FREEZE_TIME = 60; +constexpr int64_t SECOND_FREEZE_TIME = 3 * 60; +constexpr int64_t THIRD_FREEZE_TIME = 5 * 60; +constexpr int64_t MAX_FREEZE_TIME = 10 * 60; +} // namespace + +void DmFreezeProcessFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FuzzedDataProvider fdp(data, size); + int32_t sessionId = fdp.ConsumeIntegral(); + std::string result = fdp.ConsumeRandomLengthString(); + DeviceFreezeState freezeStateObj; + BindFailedEvents bindFailedEvents; + std::string bundleName = CAST_BUNDLE_NAME; + int32_t deviceType = DEVICE_TYPE_TV; + int64_t reservedDataTimeStamp = fdp.ConsumeIntegral(); + FreezeProcess::GetInstance().ConvertJsonToDeviceFreezeState(result, freezeStateObj); + FreezeProcess::GetInstance().ConvertJsonToBindFailedEvents(result, bindFailedEvents); + bundleName = fdp.ConsumeRandomLengthString(); + deviceType = fdp.ConsumeIntegral(); + FreezeProcess::GetInstance().CleanBindFailedEvents(reservedDataTimeStamp); + FreezeProcess::GetInstance().CleanFreezeState(reservedDataTimeStamp); + FreezeProcess::GetInstance().ConvertDeviceFreezeStateToJson(freezeStateObj, result); + int64_t nowTime = NOT_FREEZE_TIME; + + int64_t nextTime = fdp.ConsumeIntegral(); + FreezeProcess::GetInstance().CleanFreezeRecord(nowTime); + FreezeProcess::GetInstance().UpdateFreezeState(nowTime); + FreezeProcess::GetInstance().CalculateNextFreezeTime(nowTime, nextTime); + nowTime = FIRST_FREEZE_TIME; + FreezeProcess::GetInstance().CalculateNextFreezeTime(nowTime, nextTime); + nowTime = SECOND_FREEZE_TIME; + FreezeProcess::GetInstance().CalculateNextFreezeTime(nowTime, nextTime); + nowTime = MAX_FREEZE_TIME; + FreezeProcess::GetInstance().CalculateNextFreezeTime(nowTime, nextTime); + FreezeProcess::GetInstance().DeleteFreezeRecord(); +} +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DistributedHardware::DmFreezeProcessFuzzTest(data, size); + return 0; +} \ No newline at end of file diff --git a/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.h b/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.h new file mode 100644 index 000000000..0628940ed --- /dev/null +++ b/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DM_FREE_PROCESS_FUZZER_H +#define DM_FREE_PROCESS_FUZZER_H + +#define FUZZ_PROJECT_NAME "dmfreezeprocess_fuzzer" + +#endif // DM_FREE_PROCESS_FUZZER_H \ No newline at end of file diff --git a/test/commonfuzztest/dmfreezeprocess_fuzzer/project.xml b/test/commonfuzztest/dmfreezeprocess_fuzzer/project.xml new file mode 100644 index 000000000..500f6f414 --- /dev/null +++ b/test/commonfuzztest/dmfreezeprocess_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file diff --git a/test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn b/test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn index b81e1b472..0ae8fbf8d 100644 --- a/test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn +++ b/test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn @@ -45,9 +45,9 @@ ohos_fuzztest("OnDataReceivedV2FuzzTest") { sources = [ "on_data_received_fuzzer.cpp" ] deps = [ - "${services_path}:devicemanagerservice", + "${services_path}:devicemanagerservicetest", "${servicesimpl_path}:devicemanagerserviceimpl", - "${utils_path}:devicemanagerutils", + "${utils_path}:devicemanagerutilstest", ] external_deps = [ diff --git a/test/commonunittest/UTTest_hichain_connector.cpp b/test/commonunittest/UTTest_hichain_connector.cpp old mode 100755 new mode 100644 diff --git a/test/interfacesfuzztest/BUILD.gn b/test/interfacesfuzztest/BUILD.gn old mode 100755 new mode 100644 diff --git a/test/interfacesfuzztest/devicemanagerimpl_fuzzer/BUILD.gn b/test/interfacesfuzztest/devicemanagerimpl_fuzzer/BUILD.gn old mode 100755 new mode 100644 index a706fd85f..a7e9c7038 --- a/test/interfacesfuzztest/devicemanagerimpl_fuzzer/BUILD.gn +++ b/test/interfacesfuzztest/devicemanagerimpl_fuzzer/BUILD.gn @@ -63,7 +63,7 @@ ohos_fuzztest("DeviceManagerImplFuzzTest") { deps = [ "${innerkits_path}/native_cpp:devicemanagersdk", - "${utils_path}:devicemanagerutils", + "${utils_path}:devicemanagerutilstest", ] defines = [ diff --git a/test/interfacesfuzztest/devicemanagerimpl_fuzzer/corpus/init b/test/interfacesfuzztest/devicemanagerimpl_fuzzer/corpus/init old mode 100755 new mode 100644 diff --git a/test/interfacesfuzztest/devicemanagerimpl_fuzzer/device_manager_impl_fuzzer.cpp b/test/interfacesfuzztest/devicemanagerimpl_fuzzer/device_manager_impl_fuzzer.cpp old mode 100755 new mode 100644 index 69cebe8cf..098ef9b34 --- a/test/interfacesfuzztest/devicemanagerimpl_fuzzer/device_manager_impl_fuzzer.cpp +++ b/test/interfacesfuzztest/devicemanagerimpl_fuzzer/device_manager_impl_fuzzer.cpp @@ -235,6 +235,40 @@ std::string pkgName = fdp.ConsumeRandomLengthString(); DeviceManagerImpl::GetInstance().UnRegisterPinHolderCallback(pkgName); } + + void DeviceManagerImplFuzzTest(const uint8_t* data, size_t size) + { + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FuzzedDataProvider fdp(data, size); + std::string pkgName = fdp.ConsumeRandomLengthString(); + std::string deviceName = fdp.ConsumeRandomLengthString(); + std::string deviceId = fdp.ConsumeRandomLengthString(); + std::string extra = fdp.ConsumeRandomLengthString(); + std::string bundleName = fdp.ConsumeRandomLengthString(); + int32_t pinExchangeType = fdp.ConsumeIntegral(); + // std::shared_ptr callback = std::make_shared(); + OHOS::DistributedHardware::DmDeviceIconInfoFilterOptions filterOptions; + DMLocalServiceInfo localServiceInfo; + DmAccessCaller caller; + DmAccessCallee callee; + DMIpcCmdInterfaceCode ipcCode = REGISTER_DEVICE_MANAGER_LISTENER; + DeviceManagerImpl::GetInstance().GetLocalDeviceName(pkgName, deviceName); + DeviceManagerImpl::GetInstance().UnBindDevice(pkgName, deviceId, extra); + DeviceManagerImpl::GetInstance().UnRegisterSinkBindCallback(pkgName); + // DeviceManagerImpl::GetInstance().GetDeviceIconInfo(pkgName, filterOptions, callback); + DeviceManagerImpl::GetInstance().RegisterLocalServiceInfo(localServiceInfo); + DeviceManagerImpl::GetInstance().UnRegisterLocalServiceInfo(bundleName, pinExchangeType); + DeviceManagerImpl::GetInstance().UpdateLocalServiceInfo(localServiceInfo); + DeviceManagerImpl::GetInstance().CheckAccessControl(caller, callee); + DeviceManagerImpl::GetInstance().CheckIsSameAccount(caller, callee); + DeviceManagerImpl::GetInstance().CheckSrcAccessControl(caller, callee); + DeviceManagerImpl::GetInstance().CheckSinkAccessControl(caller, callee); + DeviceManagerImpl::GetInstance().CheckSrcIsSameAccount(caller, callee); + DeviceManagerImpl::GetInstance().CheckSinkIsSameAccount(caller, callee); + DeviceManagerImpl::GetInstance().CheckAclByIpcCode(caller, callee, ipcCode); + } } } @@ -260,6 +294,7 @@ OHOS::DistributedHardware::RestoreLocalDeviceNameTest(data, size); OHOS::DistributedHardware::GetLocalServiceInfoByBundleNameAndPinExchangeTypeTest(data, size); OHOS::DistributedHardware::UnRegisterPinHolderCallbackTest(data, size); + OHOS::DistributedHardware::DeviceManagerImplFuzzTest(data, size); return 0; } \ No newline at end of file diff --git a/test/interfacesfuzztest/devicemanagerimpl_fuzzer/device_manager_impl_fuzzer.h b/test/interfacesfuzztest/devicemanagerimpl_fuzzer/device_manager_impl_fuzzer.h old mode 100755 new mode 100644 diff --git a/test/interfacesfuzztest/devicemanagerimpl_fuzzer/project.xml b/test/interfacesfuzztest/devicemanagerimpl_fuzzer/project.xml old mode 100755 new mode 100644 diff --git a/test/servicesfuzztest/BUILD.gn b/test/servicesfuzztest/BUILD.gn index 074d1cd33..e6a972d7f 100644 --- a/test/servicesfuzztest/BUILD.gn +++ b/test/servicesfuzztest/BUILD.gn @@ -28,6 +28,7 @@ group("fuzztest") { "devicenamemanagerone_fuzzer:fuzztest", "deviceprofileconnector_fuzzer:fuzztest", "devicepublish_fuzzer:fuzztest", + "dmauthattestcommon_fuzzer:fuzztest", "dmcommtool_fuzzer:fuzztest", "dmcommtooltwo_fuzzer:fuzztest", "dmtransport_fuzzer:fuzztest", diff --git a/test/servicesfuzztest/authmessageprocessor_fuzzer/auth_message_processor_fuzzer.cpp b/test/servicesfuzztest/authmessageprocessor_fuzzer/auth_message_processor_fuzzer.cpp index 73a030896..559cedfe4 100644 --- a/test/servicesfuzztest/authmessageprocessor_fuzzer/auth_message_processor_fuzzer.cpp +++ b/test/servicesfuzztest/authmessageprocessor_fuzzer/auth_message_processor_fuzzer.cpp @@ -151,7 +151,86 @@ void AuthMessageProcessorFuzzTest(const uint8_t* data, size_t size) dmAuthMessageProcessor_ -> SetLnnAccessControlList(context_, accesser, accessee); AuthMessageProcessorFuzzTestNext(jsonObject); } + +void AuthMessageProcessorFirstFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FuzzedDataProvider fdp(data, size); + std::string message = fdp.ConsumeRandomLengthString(); + std::string inputStr = fdp.ConsumeRandomLengthString(); + std::string compressed = fdp.ConsumeRandomLengthString(); + std::string trustDeviceId = fdp.ConsumeRandomLengthString(); + std::string encSyncMsg = fdp.ConsumeRandomLengthString(); + std::string enSyncMsg = fdp.ConsumeRandomLengthString(); + std::string aclStr = fdp.ConsumeRandomLengthString(); + uint32_t keyLen = fdp.ConsumeIntegralInRange(0, 1024); + uint32_t oriLen = fdp.ConsumeIntegralInRange(0, 1024); + std::vector sessionKey = fdp.ConsumeBytes(keyLen); + int32_t userId = fdp.ConsumeIntegral(); + int32_t skId = fdp.ConsumeIntegral(); + DistributedDeviceProfile::AccessControlProfile acl; + DistributedDeviceProfile::Accesser accesser; + DistributedDeviceProfile::Accessee accessee; + acl.SetExtraData(fdp.ConsumeRandomLengthString()); + accesser.SetAccesserExtraData(fdp.ConsumeRandomLengthString()); + accessee.SetAccesseeExtraData(fdp.ConsumeRandomLengthString()); + DmAccess access; + JsonObject jsonObject; + GenerateJsonObject(jsonObject, fdp); + dmAuthMessageProcessor_->CheckLogicalSessionId(jsonObject, context_); + jsonObject[TAG_TRANSMIT_SK_ID] = fdp.ConsumeRandomLengthString(); + jsonObject[TAG_TRANSMIT_SK_TIMESTAMP] = fdp.ConsumeRandomLengthString(); + jsonObject[TAG_TRANSMIT_CREDENTIAL_ID] = fdp.ConsumeRandomLengthString(); + jsonObject[TAG_DMVERSION] = fdp.ConsumeRandomLengthString(); + jsonObject[TAG_LNN_SK_ID] = fdp.ConsumeRandomLengthString(); + jsonObject[TAG_LNN_SK_TIMESTAMP] = fdp.ConsumeRandomLengthString(); + jsonObject[TAG_LNN_CREDENTIAL_ID] = fdp.ConsumeRandomLengthString(); + jsonObject[TAG_ACCESS] = fdp.ConsumeRandomLengthString(); + // Run ParseDmAccessToSync + dmAuthMessageProcessor_->ParseSyncMessage(context_, access, jsonObject); + jsonObject[TAG_AUTH_TYPE_LIST] = fdp.ConsumeRandomLengthString(); + jsonObject[TAG_EXTRA_INFO] = fdp.ConsumeRandomLengthString(); + // Run stringToVectorAuthType + dmAuthMessageProcessor_->ParseMessageRespUserConfirm(jsonObject, context_); + } +void AuthMessageProcessorSecondFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FuzzedDataProvider fdp(data, size); + JsonItemObject jsonItemObject; + DmAccessToSync sync_table = { .deviceName = fdp.ConsumeRandomLengthString(), + .deviceNameFull = fdp.ConsumeRandomLengthString(), + .deviceId = fdp.ConsumeRandomLengthString(), + .userId = fdp.ConsumeIntegral(), + .accountId = fdp.ConsumeRandomLengthString(), + .tokenId = fdp.ConsumeIntegral(), + .bundleName = fdp.ConsumeRandomLengthString(), + .pkgName = fdp.ConsumeRandomLengthString(), + .bindLevel = fdp.ConsumeIntegral(), + .sessionKeyId = fdp.ConsumeIntegral(), + .skTimeStamp = fdp.ConsumeIntegral() }; + FromJson(jsonItemObject, sync_table); + DmAccessControlTable control_table = { .accessControlId = fdp.ConsumeIntegral(), + .accesserId = fdp.ConsumeIntegral(), + .accesseeId = fdp.ConsumeIntegral(), + .deviceId = fdp.ConsumeRandomLengthString(), + .sessionKey = fdp.ConsumeRandomLengthString(), + .bindType = fdp.ConsumeIntegral(), + .authType = fdp.ConsumeIntegral(), + .deviceType = fdp.ConsumeIntegral(), + .deviceIdHash = fdp.ConsumeRandomLengthString(), + .status = fdp.ConsumeIntegral(), + .validPeriod = fdp.ConsumeIntegral(), + .lastAuthTime = fdp.ConsumeIntegral(), + .bindLevel = fdp.ConsumeIntegral() }; + FromJson(jsonItemObject, control_table); +} +} // namespace DistributedHardware } /* Fuzzer entry point */ @@ -159,6 +238,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { /* Run your code on data */ OHOS::DistributedHardware::AuthMessageProcessorFuzzTest(data, size); - + OHOS::DistributedHardware::AuthMessageProcessorFirstFuzzTest(data, size); + OHOS::DistributedHardware::AuthMessageProcessorSecondFuzzTest(data, size); return 0; } diff --git a/test/servicesfuzztest/devicenamemanager_fuzzer/BUILD.gn b/test/servicesfuzztest/devicenamemanager_fuzzer/BUILD.gn index e769025ec..a129f111d 100644 --- a/test/servicesfuzztest/devicenamemanager_fuzzer/BUILD.gn +++ b/test/servicesfuzztest/devicenamemanager_fuzzer/BUILD.gn @@ -63,7 +63,7 @@ ohos_fuzztest("DeviceNameManagerFuzzTest") { deps = [ "${devicemanager_path}/services/service:devicemanagerservice", - "${utils_path}:devicemanagerutils", + "${utils_path}:devicemanagerutilstest", ] defines = [ diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn b/test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn new file mode 100644 index 000000000..6d43daf2c --- /dev/null +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn @@ -0,0 +1,80 @@ +# Copyright (c) 2022-2024 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") +import("//foundation/distributedhardware/device_manager/device_manager.gni") + +##############################fuzztest########################################## +ohos_fuzztest("DmAuthAttestCommonFuzzTest") { + module_out_path = fuzz_test_output_path + fuzz_config_file = + "${devicemanager_path}/test/servicesfuzztest/dmauthattestcommon_fuzzer" + + include_dirs = [ + "${utils_path}/include", + "${common_path}/include", + "${common_path}/include/ipc", + "${common_path}/include/ipc/model", + "${utils_path}/include/ipc/standard", + "${servicesimpl_path}/include", + "${servicesimpl_path}/include/adapter", + "${servicesimpl_path}/include/ability", + "${servicesimpl_path}/include/config", + "${innerkits_path}/native_cpp/include", + "${servicesimpl_path}/include/attest", + "${utils_path}/include/kvadapter", + "${json_path}/include", + ] + + cflags = [ + "-g", + "-O0", + "-Dprivate=public", + "-Dprotected=public", + "-Werror", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "${servicesimpl_path}/src/adapter/standard/dm_adapter_manager.cpp", + "dm_auth_attest_common_fuzzer.cpp", + "${json_path}/src/json_object_cjson.cpp", + ] + + deps = [ + "${devicemanager_path}/services/implementation:devicemanagerserviceimpl", + ] + + defines = [ + "HI_LOG_ENABLE", + "DH_LOG_TAG=\"DmAuthAttestCommonFuzzTest\"", + "LOG_DOMAIN=0xD004110", + ] + + external_deps = [ + "cJSON:cjson", + "c_utils:utils", + "safwk:system_ability_fwk", + "hilog:libhilog", + ] +} + +############################################################################### +group("fuzztest") { + testonly = true + + deps = [ ":DmAuthAttestCommonFuzzTest" ] +} +############################################################################### diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init b/test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init new file mode 100644 index 000000000..d6b252ca0 --- /dev/null +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.cpp b/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.cpp new file mode 100644 index 000000000..da2a66229 --- /dev/null +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.cpp @@ -0,0 +1,54 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "dm_auth_attest_common_fuzzer.h" + +#include + +#include "dm_auth_attest_common.h" + +namespace OHOS { +namespace DistributedHardware { + +void DmAuthAttestCommonFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return; + } + FuzzedDataProvider fdp(data, size); + DmCertChain* chain = new DmCertChain; + chain->cert = new DmBlob[1]; + chain->certCount = 1; + chain->cert[0].size = 1; + chain->cert[0].data = new uint8_t[size]; + *chain->cert[0].data = fdp.ConsumeIntegral(); + std::string str_value = fdp.ConsumeRandomLengthString(); + JsonItemObject jsonItem; + jsonItem.PushBack(str_value); + + AuthAttestCommon::GetInstance().SerializeDmCertChain(nullptr); + AuthAttestCommon::GetInstance().SerializeDmCertChain(chain); + AuthAttestCommon::GetInstance().FreeDmCertChain(*chain); +} +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DistributedHardware::DmAuthAttestCommonFuzzTest(data, size); + return 0; +} diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h b/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h new file mode 100644 index 000000000..29c301687 --- /dev/null +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef DM_AUTH_ATTEST_COMMON_FUZZ_TEST_H +#define DM_AUTH_ATTEST_COMMON_FUZZ_TEST_H + +#define FUZZ_PROJECT_NAME "dmauthattestcommon_fuzzer" + +#endif // DM_AUTH_ATTEST_COMMON_FUZZ_TEST_H diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml b/test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml new file mode 100644 index 000000000..27c26d11b --- /dev/null +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + \ No newline at end of file diff --git a/test/servicesfuzztest/dmcommtool_fuzzer/dm_comm_tool_fuzzer.cpp b/test/servicesfuzztest/dmcommtool_fuzzer/dm_comm_tool_fuzzer.cpp index f8b0b9354..f8d04a6bd 100644 --- a/test/servicesfuzztest/dmcommtool_fuzzer/dm_comm_tool_fuzzer.cpp +++ b/test/servicesfuzztest/dmcommtool_fuzzer/dm_comm_tool_fuzzer.cpp @@ -62,6 +62,32 @@ void DmCommToolFuzzTest(const uint8_t* data, size_t size) dmCommToolPtr_->GetDMTransportPtr(); dmCommToolPtr_->GetEventHandler(); } + +void DmCommToolFirstFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FuzzedDataProvider fdp(data, size); + DMCommTool::DMCommToolEventHandler dmCommToolEventHandler( + AppExecFwk::EventRunner::Create(FUZZ_PROJECT_NAME), dmCommToolPtr_); + + int32_t socketId = fdp.ConsumeIntegral(); + std::string rmtNetworkId = fdp.ConsumeRandomLengthString(); + int32_t code = fdp.ConsumeIntegral(); + std::string msg = fdp.ConsumeRandomLengthString(); + std::shared_ptr commMsg = std::make_shared(code, msg); + std::shared_ptr innrCommMsg = std::make_shared(rmtNetworkId, commMsg, socketId); + UserIdsMsg userIdsMsg; + userIdsMsg.foregroundUserIds.push_back(DATA_LEN); + dmCommToolEventHandler.ParseUserIdsMsg(innrCommMsg, userIdsMsg); + AppExecFwk::InnerEvent::Pointer event = AppExecFwk::InnerEvent::Get(commMsg->code, innrCommMsg); + dmCommToolEventHandler.ProcessEvent(event); + dmCommToolPtr_->ProcessResponseUserStopEvent(innrCommMsg); + std::string commonEventType; + EventCallback eventCallback; + dmCommToolPtr_->StartCommonEvent(commonEventType, eventCallback); +} } } @@ -70,5 +96,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { /* Run your code on data */ OHOS::DistributedHardware::DmCommToolFuzzTest(data, size); + OHOS::DistributedHardware::DmCommToolFirstFuzzTest(data, size); return 0; } diff --git a/test/servicesfuzztest/dmtransportmsg_fuzzer/dm_transport_msg_fuzzer.cpp b/test/servicesfuzztest/dmtransportmsg_fuzzer/dm_transport_msg_fuzzer.cpp index 663947393..54d374cd7 100644 --- a/test/servicesfuzztest/dmtransportmsg_fuzzer/dm_transport_msg_fuzzer.cpp +++ b/test/servicesfuzztest/dmtransportmsg_fuzzer/dm_transport_msg_fuzzer.cpp @@ -86,6 +86,34 @@ void DmTransPortMsgFuzzTest(const uint8_t* data, size_t size) notifyUserIds.ToString(); cJSON_Delete(jsonObject); } +void DmTransPortMsgFirstFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size < sizeof(int32_t))) { + return; + } + FuzzedDataProvider fdp(data, size); + int32_t code = fdp.ConsumeIntegral(); + std::string msg(reinterpret_cast(data), size); + std::string remoteUdid(reinterpret_cast(data), size); + const char* jsonString = R"({ + "MsgType": "0", + "userId": "12345", + "accountId": "a******3", + "peerUdids": ["u******1", "u******2"], + "peerUdid": "p******d", + "accountName": "t******t", + "syncUserIdFlag": 1, + "userIds": [ + {"type": 1, "userId": 111}, + {"type": 0, "userId": 222} + ] + })"; + cJSON* jsonObject = nullptr; + LogoutAccountMsg accountInfo; + ToJson(jsonObject, accountInfo); + FromJson(jsonObject, accountInfo); + cJSON_Delete(jsonObject); +} } } @@ -94,5 +122,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { /* Run your code on data */ OHOS::DistributedHardware::DmTransPortMsgFuzzTest(data, size); + OHOS::DistributedHardware::DmTransPortMsgFirstFuzzTest(data, size); return 0; } -- Gitee From 0b7432d44666810420cafee1469a98deea396f53 Mon Sep 17 00:00:00 2001 From: WangChenglong <15817580+FoXiMistyMoon@user.noreply.gitee.com> Date: Sat, 21 Jun 2025 19:41:44 +0800 Subject: [PATCH 3/4] fuzz update Signed-off-by: WangChenglong <15817580+FoXiMistyMoon@user.noreply.gitee.com> --- .../dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp | 1 + test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp b/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp index 593378fa2..53809c965 100644 --- a/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp +++ b/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp @@ -116,5 +116,6 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { /* Run your code on data */ OHOS::DistributedHardware::DmAuthManagerFuzzTest(data, size); + return 0; } \ No newline at end of file diff --git a/test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn b/test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn index 0ae8fbf8d..b81e1b472 100644 --- a/test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn +++ b/test/commonfuzztest/ondatareceivedv2_fuzzer/BUILD.gn @@ -45,9 +45,9 @@ ohos_fuzztest("OnDataReceivedV2FuzzTest") { sources = [ "on_data_received_fuzzer.cpp" ] deps = [ - "${services_path}:devicemanagerservicetest", + "${services_path}:devicemanagerservice", "${servicesimpl_path}:devicemanagerserviceimpl", - "${utils_path}:devicemanagerutilstest", + "${utils_path}:devicemanagerutils", ] external_deps = [ -- Gitee From fed3bf8e5ef4dbf70876d83fc575bb5ffb94aa4f Mon Sep 17 00:00:00 2001 From: WangChenglong <15817580+FoXiMistyMoon@user.noreply.gitee.com> Date: Sat, 21 Jun 2025 20:10:01 +0800 Subject: [PATCH 4/4] fuzz update Signed-off-by: WangChenglong <15817580+FoXiMistyMoon@user.noreply.gitee.com> --- .../dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp | 1 - test/commonfuzztest/dmauthmanager_fuzzer/project.xml | 2 +- .../dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp | 5 +++-- test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn | 2 +- test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init | 2 +- .../dm_auth_attest_common_fuzzer.cpp | 2 +- .../dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h | 2 +- test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp b/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp index 53809c965..593378fa2 100644 --- a/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp +++ b/test/commonfuzztest/dmauthmanager_fuzzer/dm_auth_manager_fuzzer.cpp @@ -116,6 +116,5 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { /* Run your code on data */ OHOS::DistributedHardware::DmAuthManagerFuzzTest(data, size); - return 0; } \ No newline at end of file diff --git a/test/commonfuzztest/dmauthmanager_fuzzer/project.xml b/test/commonfuzztest/dmauthmanager_fuzzer/project.xml index e53c5f16d..bac4974e9 100644 --- a/test/commonfuzztest/dmauthmanager_fuzzer/project.xml +++ b/test/commonfuzztest/dmauthmanager_fuzzer/project.xml @@ -18,7 +18,7 @@ 1000 - 30 + 300 4096 diff --git a/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp b/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp index 6c687e9aa..08f2d5bc1 100644 --- a/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp +++ b/test/commonfuzztest/dmfreezeprocess_fuzzer/dm_freeze_process_fuzzer.cpp @@ -41,9 +41,10 @@ constexpr int64_t THIRD_FREEZE_TIME = 5 * 60; constexpr int64_t MAX_FREEZE_TIME = 10 * 60; } // namespace -void DmFreezeProcessFuzzTest(const uint8_t* data, size_t size) +void DmFreezeProcessFuzzTest(const uint8_t *data, size_t size) { - if ((data == nullptr) || (size < sizeof(int32_t))) { + if ((data == nullptr) || (size < sizeof(int32_t))) + { return; } FuzzedDataProvider fdp(data, size); diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn b/test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn index 6d43daf2c..0b933d849 100644 --- a/test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2024 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init b/test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init index d6b252ca0..9c560fe89 100644 --- a/test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/corpus/init @@ -1,4 +1,4 @@ -# Copyright (c) 2022 Huawei Device Co., Ltd. +# Copyright (c) 2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.cpp b/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.cpp index da2a66229..0f15314d0 100644 --- a/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.cpp +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h b/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h index 29c301687..e4e5a1fff 100644 --- a/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/dm_auth_attest_common_fuzzer.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at diff --git a/test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml b/test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml index 27c26d11b..500f6f414 100644 --- a/test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml +++ b/test/servicesfuzztest/dmauthattestcommon_fuzzer/project.xml @@ -1,5 +1,5 @@ -