1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "cgroupsched_fuzzer.h"
17 #include "background_task_observer.h"
18 #include "cgroup_event_handler.h"
19 #include "cgroup_sched.h"
20 #include "cgroup_adjuster.h"
21 #include "wm_common.h"
22 #include "app_state_observer.h"
23
24 #include <cstddef>
25 #include <cstdint>
26 #include <cstdlib>
27 #include <securec.h>
28 #include <string>
29 #include <vector>
30
31 #ifndef errno_t
32 typedef int errno_t;
33 #endif
34
35 #ifndef EOK
36 #define EOK 0
37 #endif
38
39 #define EVENT_ID_REG_APP_STATE_OBSERVER 1
40 #define EVENT_ID_REG_BGTASK_OBSERVER 2
41 #define EVENT_ID_DEFAULT 3
42
43 #define APP_MGR_SERVICE_ID 501
44 #define WINDOW_MANAGER_SERVICE_ID 4606
45 #define DEFAULT 1904
46 #define TASK_KEEPING 9
47 #define DATA_TRANSFER 1
48
49 namespace OHOS {
50 namespace ResourceSchedule {
51 const uint8_t* G_DATA = nullptr;
52 size_t g_size = 0;
53 size_t g_pos;
54 std::shared_ptr<Supervisor> g_supervisor = std::make_shared<Supervisor>();
55 const size_t STR_LEN = 10;
56
57 /*
58 * describe: get data from outside untrusted data(G_DATA) which size is according to sizeof(T)
59 * tips: only support basic type
60 */
61 template<class T>
GetData()62 T GetData()
63 {
64 T object {};
65 size_t objectSize = sizeof(object);
66 if (G_DATA == nullptr || objectSize > g_size - g_pos) {
67 return object;
68 }
69 errno_t ret = memcpy_s(&object, objectSize, G_DATA + g_pos, objectSize);
70 if (ret != EOK) {
71 return {};
72 }
73 g_pos += objectSize;
74 return object;
75 }
76
77 /*
78 * get a string from G_DATA
79 */
GetStringFromData(int strlen)80 std::string GetStringFromData(int strlen)
81 {
82 if (strlen <= 0) {
83 return "";
84 }
85 char cstr[strlen];
86 cstr[strlen - 1] = '\0';
87 for (int i = 0; i < strlen - 1; i++) {
88 char tmp = GetData<char>();
89 if (tmp == '\0') {
90 tmp = '1';
91 }
92 cstr[i] = tmp;
93 }
94 std::string str(cstr);
95 return str;
96 }
97
TransientTaskStartFuzzTest(const uint8_t * data,size_t size)98 bool TransientTaskStartFuzzTest(const uint8_t* data, size_t size)
99 {
100 if (data == nullptr) {
101 return false;
102 }
103
104 // initialize
105 G_DATA = data;
106 g_size = size;
107 g_pos = 0;
108
109 // getdata
110 int32_t uid = GetData<int32_t>();
111 int32_t pid = GetData<int32_t>();
112 std::string packageName = GetStringFromData(STR_LEN);
113 auto transientTaskAppInfo =
114 std::make_shared<TransientTaskAppInfo>(packageName, uid, pid);
115 auto backgroundTaskObserver = std::make_unique<BackgroundTaskObserver>();
116 backgroundTaskObserver->OnTransientTaskStart(transientTaskAppInfo);
117
118 return true;
119 }
120
TransientTaskEndFuzzTest(const uint8_t * data,size_t size)121 bool TransientTaskEndFuzzTest(const uint8_t* data, size_t size)
122 {
123 if (data == nullptr) {
124 return false;
125 }
126
127 // initialize
128 G_DATA = data;
129 g_size = size;
130 g_pos = 0;
131
132 // getdata
133 int32_t uid = GetData<int32_t>();
134 int32_t pid = GetData<int32_t>();
135 std::string packageName = GetStringFromData(STR_LEN);
136 auto transientTaskAppInfo =
137 std::make_shared<TransientTaskAppInfo>(packageName, uid, pid);
138 auto backgroundTaskObserver = std::make_unique<BackgroundTaskObserver>();
139 backgroundTaskObserver->OnTransientTaskEnd(transientTaskAppInfo);
140
141 return true;
142 }
143
MarshallingContinuousTaskCallbackInfoFuzzTest(const uint8_t * data,size_t size)144 bool MarshallingContinuousTaskCallbackInfoFuzzTest(const uint8_t* data, size_t size)
145 {
146 if (data == nullptr) {
147 return false;
148 }
149
150 // initialize
151 G_DATA = data;
152 g_size = size;
153 g_pos = 0;
154
155 // getdata
156 uint32_t typeId = GetData<int32_t>();
157 std::vector<uint32_t> typeIds;
158 typeIds.push_back(typeId);
159 int32_t creatorUid = GetData<int32_t>();
160 int32_t abilityId = GetData<int32_t>();
161 pid_t creatorPid = GetData<pid_t>();
162 std::string abilityName = GetStringFromData(STR_LEN);
163 bool isBatchApi = GetData<bool>();
164 bool isFromWebview = GetData<bool>();
165 nlohmann::json payload;
166 auto continuousTaskCallbackInfo =
167 std::make_shared<ContinuousTaskCallbackInfo>(typeId, creatorUid, creatorPid, abilityName,
168 isFromWebview, isBatchApi, typeIds, abilityId);
169 auto backgroundTaskObserver = std::make_unique<BackgroundTaskObserver>();
170 backgroundTaskObserver->MarshallingContinuousTaskCallbackInfo(continuousTaskCallbackInfo, payload);
171
172 return true;
173 }
174
ContinuousTaskStartFuzzTest(const uint8_t * data,size_t size)175 bool ContinuousTaskStartFuzzTest(const uint8_t* data, size_t size)
176 {
177 if (data == nullptr) {
178 return false;
179 }
180
181 // initialize
182 G_DATA = data;
183 g_size = size;
184 g_pos = 0;
185
186 // getdata
187 int32_t typeId = DATA_TRANSFER;
188 int32_t creatorUid = GetData<int32_t>();
189 pid_t creatorPid = GetData<pid_t>();
190 std::string abilityName = GetStringFromData(STR_LEN);
191 auto continuousTaskCallbackInfo =
192 std::make_shared<ContinuousTaskCallbackInfo>(typeId, creatorUid, creatorPid, abilityName);
193 auto backgroundTaskObserver = std::make_unique<BackgroundTaskObserver>();
194 backgroundTaskObserver->OnContinuousTaskStart(continuousTaskCallbackInfo);
195 typeId = TASK_KEEPING;
196 continuousTaskCallbackInfo =
197 std::make_shared<ContinuousTaskCallbackInfo>(typeId, creatorUid, creatorPid, abilityName);
198 backgroundTaskObserver->OnContinuousTaskStart(continuousTaskCallbackInfo);
199
200 return true;
201 }
202
ContinuousTaskStopFuzzTest(const uint8_t * data,size_t size)203 bool ContinuousTaskStopFuzzTest(const uint8_t* data, size_t size)
204 {
205 if (data == nullptr) {
206 return false;
207 }
208
209 // initialize
210 G_DATA = data;
211 g_size = size;
212 g_pos = 0;
213
214 // getdata
215 int32_t typeId = DATA_TRANSFER;
216 int32_t creatorUid = GetData<int32_t>();
217 pid_t creatorPid = GetData<pid_t>();
218 std::string abilityName = GetStringFromData(STR_LEN);
219 auto continuousTaskCallbackInfo =
220 std::make_shared<ContinuousTaskCallbackInfo>(typeId, creatorUid, creatorPid, abilityName);
221 auto backgroundTaskObserver = std::make_unique<BackgroundTaskObserver>();
222 backgroundTaskObserver->OnContinuousTaskStop(continuousTaskCallbackInfo);
223 typeId = TASK_KEEPING;
224 continuousTaskCallbackInfo =
225 std::make_shared<ContinuousTaskCallbackInfo>(typeId, creatorUid, creatorPid, abilityName);
226 backgroundTaskObserver->OnContinuousTaskStop(continuousTaskCallbackInfo);
227
228 return true;
229 }
230
ContinuousTaskUpdateFuzzTest(const uint8_t * data,size_t size)231 bool ContinuousTaskUpdateFuzzTest(const uint8_t* data, size_t size)
232 {
233 if (data == nullptr) {
234 return false;
235 }
236
237 // initialize
238 G_DATA = data;
239 g_size = size;
240 g_pos = 0;
241
242 // getdata
243 int32_t typeId = DATA_TRANSFER;
244 int32_t creatorUid = GetData<int32_t>();
245 pid_t creatorPid = GetData<pid_t>();
246 std::string abilityName = GetStringFromData(STR_LEN);
247 auto continuousTaskCallbackInfo =
248 std::make_shared<ContinuousTaskCallbackInfo>(typeId, creatorUid, creatorPid, abilityName);
249 auto backgroundTaskObserver = std::make_unique<BackgroundTaskObserver>();
250 backgroundTaskObserver->OnContinuousTaskUpdate(continuousTaskCallbackInfo);
251 typeId = TASK_KEEPING;
252 continuousTaskCallbackInfo =
253 std::make_shared<ContinuousTaskCallbackInfo>(typeId, creatorUid, creatorPid, abilityName);
254 backgroundTaskObserver->OnContinuousTaskUpdate(continuousTaskCallbackInfo);
255
256 return true;
257 }
258
RemoteDiedFuzzTest(const uint8_t * data,size_t size)259 bool RemoteDiedFuzzTest(const uint8_t* data, size_t size)
260 {
261 if (data == nullptr) {
262 return false;
263 }
264
265 // initialize
266 G_DATA = data;
267 g_size = size;
268 g_pos = 0;
269
270 // getdata
271 wptr<IRemoteObject> iRemoteObject = nullptr;
272 auto backgroundTaskObserver = std::make_unique<BackgroundTaskObserver>();
273 backgroundTaskObserver->OnRemoteDied(iRemoteObject);
274
275 return true;
276 }
277
ProcessEventFuzzTest(const uint8_t * data,size_t size)278 bool ProcessEventFuzzTest(const uint8_t* data, size_t size)
279 {
280 if (data == nullptr) {
281 return false;
282 }
283
284 // initialize
285 G_DATA = data;
286 g_size = size;
287 g_pos = 0;
288
289 // getdata
290 int32_t typeId = GetData<int32_t>();
291 auto cgroupEventHandler =
292 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
293
294 int32_t eventId1 = EVENT_ID_REG_APP_STATE_OBSERVER;
295 int64_t eventParam1 = typeId;
296 cgroupEventHandler->ProcessEvent(eventId1, eventParam1);
297 int32_t eventId2 = EVENT_ID_REG_BGTASK_OBSERVER;
298 int64_t eventParam2 = typeId;
299 cgroupEventHandler->ProcessEvent(eventId2, eventParam2);
300 int32_t eventId3 = EVENT_ID_DEFAULT;
301 int64_t eventParam3 = typeId;
302 cgroupEventHandler->ProcessEvent(eventId3, eventParam3);
303
304 return true;
305 }
306
HandleAbilityAddedFuzzTest(const uint8_t * data,size_t size)307 bool HandleAbilityAddedFuzzTest(const uint8_t* data, size_t size)
308 {
309 if (data == nullptr) {
310 return false;
311 }
312
313 // initialize
314 G_DATA = data;
315 g_size = size;
316 g_pos = 0;
317
318 // getdata
319 std::string deviceId(std::to_string(*data));
320 auto cgroupEventHandler =
321 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
322
323 int32_t saId = APP_MGR_SERVICE_ID;
324 cgroupEventHandler->HandleAbilityAdded(saId, deviceId);
325
326 saId = WINDOW_MANAGER_SERVICE_ID;
327 cgroupEventHandler->HandleAbilityAdded(saId, deviceId);
328
329 saId = APP_MGR_SERVICE_ID;
330 cgroupEventHandler->HandleAbilityAdded(saId, deviceId);
331
332 saId = DEFAULT;
333 cgroupEventHandler->HandleAbilityAdded(saId, deviceId);
334
335 return true;
336 }
337
HandleAbilityRemovedFuzzTest(const uint8_t * data,size_t size)338 bool HandleAbilityRemovedFuzzTest(const uint8_t* data, size_t size)
339 {
340 if (data == nullptr) {
341 return false;
342 }
343
344 // initialize
345 G_DATA = data;
346 g_size = size;
347 g_pos = 0;
348
349 // getdata
350 std::string deviceId(std::to_string(*data));
351 auto cgroupEventHandler =
352 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
353
354 int32_t saId = APP_MGR_SERVICE_ID;
355 cgroupEventHandler->HandleAbilityAdded(saId, deviceId);
356 cgroupEventHandler->HandleAbilityRemoved(saId, deviceId);
357
358 saId = WINDOW_MANAGER_SERVICE_ID;
359 cgroupEventHandler->HandleAbilityAdded(saId, deviceId);
360 cgroupEventHandler->HandleAbilityRemoved(saId, deviceId);
361
362 saId = APP_MGR_SERVICE_ID;
363 cgroupEventHandler->HandleAbilityAdded(saId, deviceId);
364 cgroupEventHandler->HandleAbilityRemoved(saId, deviceId);
365
366 saId = DEFAULT;
367 cgroupEventHandler->HandleAbilityAdded(saId, deviceId);
368 cgroupEventHandler->HandleAbilityRemoved(saId, deviceId);
369
370 return true;
371 }
372
HandleProcessDiedFuzzTest(const uint8_t * data,size_t size)373 bool HandleProcessDiedFuzzTest(const uint8_t* data, size_t size)
374 {
375 if (data == nullptr) {
376 return false;
377 }
378
379 // initialize
380 G_DATA = data;
381 g_size = size;
382 g_pos = 0;
383
384 // getdata
385 uid_t uid = GetData<uid_t>();
386 pid_t pid = GetData<pid_t>();
387 std::string packageName(std::to_string(*data));
388 auto cgroupEventHandler =
389 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
390
391 cgroupEventHandler->HandleProcessDied(uid, pid, packageName);
392 cgroupEventHandler->SetSupervisor(g_supervisor);
393 cgroupEventHandler->HandleProcessDied(uid, pid, packageName);
394
395 return true;
396 }
397
398
HandleTransientTaskStartFuzzTest(const uint8_t * data,size_t size)399 bool HandleTransientTaskStartFuzzTest(const uint8_t* data, size_t size)
400 {
401 if (data == nullptr) {
402 return false;
403 }
404
405 // initialize
406 G_DATA = data;
407 g_size = size;
408 g_pos = 0;
409
410 // getdata
411 uid_t uid = GetData<uid_t>();
412 pid_t pid = GetData<pid_t>();
413 std::string packageName(std::to_string(*data));
414 auto cgroupEventHandler =
415 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
416
417 cgroupEventHandler->HandleTransientTaskStart(uid, pid, packageName);
418 cgroupEventHandler->SetSupervisor(g_supervisor);
419 cgroupEventHandler->HandleTransientTaskStart(uid, pid, packageName);
420
421 return true;
422 }
423
HandleTransientTaskEndFuzzTest(const uint8_t * data,size_t size)424 bool HandleTransientTaskEndFuzzTest(const uint8_t* data, size_t size)
425 {
426 if (data == nullptr) {
427 return false;
428 }
429
430 // initialize
431 G_DATA = data;
432 g_size = size;
433 g_pos = 0;
434
435 // getdata
436 uid_t uid = GetData<uid_t>();
437 pid_t pid = GetData<pid_t>();
438 std::string packageName(std::to_string(*data));
439 auto cgroupEventHandler =
440 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
441
442 cgroupEventHandler->HandleTransientTaskEnd(uid, pid, packageName);
443 cgroupEventHandler->SetSupervisor(g_supervisor);
444 cgroupEventHandler->HandleTransientTaskEnd(uid, pid, packageName);
445
446 return true;
447 }
448
HandleContinuousTaskUpdateFuzzTest(const uint8_t * data,size_t size)449 bool HandleContinuousTaskUpdateFuzzTest(const uint8_t* data, size_t size)
450 {
451 if (data == nullptr) {
452 return false;
453 }
454
455 // initialize
456 G_DATA = data;
457 g_size = size;
458 g_pos = 0;
459
460 // getdata
461 uid_t uid = GetData<uid_t>();
462 pid_t pid = GetData<pid_t>();
463 uint32_t typeIds = GetData<uint32_t>();
464 int32_t abilityId = GetData<int32_t>();
465 auto cgroupEventHandler =
466 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
467
468 cgroupEventHandler->HandleContinuousTaskUpdate(uid, pid, {typeIds}, abilityId);
469 cgroupEventHandler->SetSupervisor(g_supervisor);
470 cgroupEventHandler->HandleContinuousTaskUpdate(uid, pid, {typeIds}, abilityId);
471
472 return true;
473 }
474
HandleContinuousTaskCancelFuzzTest(const uint8_t * data,size_t size)475 bool HandleContinuousTaskCancelFuzzTest(const uint8_t* data, size_t size)
476 {
477 if (data == nullptr) {
478 return false;
479 }
480
481 // initialize
482 G_DATA = data;
483 g_size = size;
484 g_pos = 0;
485
486 // getdata
487 uid_t uid = GetData<uid_t>();
488 pid_t pid = GetData<pid_t>();
489 uint32_t typeId = GetData<uint32_t>();
490 int32_t abilityId = GetData<int32_t>();
491 auto cgroupEventHandler =
492 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
493
494 cgroupEventHandler->HandleContinuousTaskCancel(uid, pid, typeId, abilityId);
495 cgroupEventHandler->SetSupervisor(g_supervisor);
496 cgroupEventHandler->HandleContinuousTaskCancel(uid, pid, typeId, abilityId);
497
498 return true;
499 }
500
HandleReportMMIProcessFuzzTest(const uint8_t * data,size_t size)501 bool HandleReportMMIProcessFuzzTest(const uint8_t* data, size_t size)
502 {
503 if (data == nullptr) {
504 return false;
505 }
506
507 // initialize
508 G_DATA = data;
509 g_size = size;
510 g_pos = 0;
511
512 // getdata
513 uint32_t resType = GetData<uint32_t>();
514 int64_t value = GetData<int64_t>();
515 nlohmann::json payload;
516 auto cgroupEventHandler =
517 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
518
519 cgroupEventHandler->HandleReportMMIProcess(resType, value, payload);
520 cgroupEventHandler->SetSupervisor(g_supervisor);
521 cgroupEventHandler->HandleReportMMIProcess(resType, value, payload);
522
523 return true;
524 }
525
HandleReportRenderThreadFuzzTest(const uint8_t * data,size_t size)526 bool HandleReportRenderThreadFuzzTest(const uint8_t* data, size_t size)
527 {
528 if (data == nullptr) {
529 return false;
530 }
531
532 // initialize
533 G_DATA = data;
534 g_size = size;
535 g_pos = 0;
536
537 // getdata
538 uint32_t resType = GetData<uint32_t>();
539 int64_t value = GetData<int64_t>();
540 nlohmann::json payload;
541 auto cgroupEventHandler =
542 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
543
544 cgroupEventHandler->HandleReportRenderThread(resType, value, payload);
545 cgroupEventHandler->SetSupervisor(g_supervisor);
546 cgroupEventHandler->HandleReportRenderThread(resType, value, payload);
547
548 return true;
549 }
550
HandleReportKeyThreadFuzzTest(const uint8_t * data,size_t size)551 bool HandleReportKeyThreadFuzzTest(const uint8_t* data, size_t size)
552 {
553 if (data == nullptr) {
554 return false;
555 }
556
557 // initialize
558 G_DATA = data;
559 g_size = size;
560 g_pos = 0;
561
562 // getdata
563 uint32_t resType = GetData<uint32_t>();
564 int64_t value = GetData<int64_t>();
565 int32_t keyTid = GetData<int32_t>();
566 int32_t role = GetData<int32_t>();
567 nlohmann::json payload;
568 payload["keyTid"] = std::to_string(keyTid);
569 payload["role"] = std::to_string(role);
570 auto cgroupEventHandler =
571 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
572
573 cgroupEventHandler->HandleReportKeyThread(resType, value, payload);
574 cgroupEventHandler->SetSupervisor(g_supervisor);
575 cgroupEventHandler->HandleReportKeyThread(resType, value, payload);
576
577 return true;
578 }
579
HandleReportWindowStateFuzzTest(const uint8_t * data,size_t size)580 bool HandleReportWindowStateFuzzTest(const uint8_t* data, size_t size)
581 {
582 if (data == nullptr) {
583 return false;
584 }
585
586 // initialize
587 G_DATA = data;
588 g_size = size;
589 g_pos = 0;
590
591 // getdata
592 uint32_t resType = GetData<uint32_t>();
593 int64_t value = GetData<int64_t>();
594 int32_t windowId = GetData<int32_t>();
595 int32_t state = GetData<int32_t>();
596 int32_t nowSerialNum = GetData<int32_t>();
597 nlohmann::json payload;
598 payload["windowId"] = std::to_string(windowId);
599 payload["state"] = std::to_string(state);
600 payload["serialNum"] = std::to_string(nowSerialNum);
601 auto cgroupEventHandler =
602 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
603
604 cgroupEventHandler->HandleReportWindowState(resType, value, payload);
605 cgroupEventHandler->SetSupervisor(g_supervisor);
606 cgroupEventHandler->HandleReportWindowState(resType, value, payload);
607
608 return true;
609 }
610
HandleReportWebviewAudioStateFuzzTest(const uint8_t * data,size_t size)611 bool HandleReportWebviewAudioStateFuzzTest(const uint8_t* data, size_t size)
612 {
613 if (data == nullptr) {
614 return false;
615 }
616
617 // initialize
618 G_DATA = data;
619 g_size = size;
620 g_pos = 0;
621
622 // getdata
623 uint32_t resType = GetData<uint32_t>();
624 int64_t value = GetData<int64_t>();
625 nlohmann::json payload;
626 auto cgroupEventHandler =
627 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
628
629 cgroupEventHandler->HandleReportWebviewAudioState(resType, value, payload);
630 cgroupEventHandler->SetSupervisor(g_supervisor);
631 cgroupEventHandler->HandleReportWebviewAudioState(resType, value, payload);
632
633 return true;
634 }
635
HandleReportRunningLockEventFuzzTest(const uint8_t * data,size_t size)636 bool HandleReportRunningLockEventFuzzTest(const uint8_t* data, size_t size)
637 {
638 if (data == nullptr) {
639 return false;
640 }
641
642 // initialize
643 G_DATA = data;
644 g_size = size;
645 g_pos = 0;
646
647 // getdata
648 uint32_t resType = GetData<uint32_t>();
649 int64_t value = GetData<int64_t>();
650 nlohmann::json payload;
651 auto cgroupEventHandler =
652 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
653
654 cgroupEventHandler->HandleReportRunningLockEvent(resType, value, payload);
655 cgroupEventHandler->SetSupervisor(g_supervisor);
656 cgroupEventHandler->HandleReportRunningLockEvent(resType, value, payload);
657
658 return true;
659 }
660
HandleReportHisysEventFuzzTest(const uint8_t * data,size_t size)661 bool HandleReportHisysEventFuzzTest(const uint8_t* data, size_t size)
662 {
663 if (data == nullptr) {
664 return false;
665 }
666
667 // initialize
668 G_DATA = data;
669 g_size = size;
670 g_pos = 0;
671
672 // getdata
673 uid_t uid = GetData<uid_t>();
674 pid_t pid = GetData<pid_t>();
675 uint32_t resType = GetData<uint32_t>();
676 int64_t value = GetData<int64_t>();
677 nlohmann::json payload;
678 payload["uid"] = std::to_string(uid);
679 payload["pid"] = std::to_string(pid);
680 auto cgroupEventHandler =
681 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
682
683 cgroupEventHandler->HandleReportHisysEvent(resType, value, payload);
684 cgroupEventHandler->SetSupervisor(g_supervisor);
685 cgroupEventHandler->HandleReportHisysEvent(resType, value, payload);
686
687 return true;
688 }
689
HandleReportScreenCaptureEventFuzzTest(const uint8_t * data,size_t size)690 bool HandleReportScreenCaptureEventFuzzTest(const uint8_t* data, size_t size)
691 {
692 if (data == nullptr) {
693 return false;
694 }
695
696 // initialize
697 G_DATA = data;
698 g_size = size;
699 g_pos = 0;
700
701 // getdata
702 uid_t uid = GetData<uid_t>();
703 pid_t pid = GetData<pid_t>();
704 uint32_t resType = GetData<uint32_t>();
705 int64_t value = GetData<int64_t>();
706 nlohmann::json payload;
707 payload["uid"] = std::to_string(uid);
708 payload["pid"] = std::to_string(pid);
709 auto cgroupEventHandler =
710 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
711 cgroupEventHandler->HandleReportScreenCaptureEvent(resType, value, payload);
712 cgroupEventHandler->SetSupervisor(g_supervisor);
713 cgroupEventHandler->HandleReportScreenCaptureEvent(resType, value, payload);
714
715 return true;
716 }
717
CheckVisibilityForRenderProcessFuzzTest(const uint8_t * data,size_t size)718 bool CheckVisibilityForRenderProcessFuzzTest(const uint8_t* data, size_t size)
719 {
720 if (data == nullptr) {
721 return false;
722 }
723
724 // initialize
725 G_DATA = data;
726 g_size = size;
727 g_pos = 0;
728
729 // getdata
730 uid_t uid = GetData<uid_t>();
731 pid_t pid = GetData<pid_t>();
732 ProcessRecord pr(uid, pid);
733 pr.processType_ = ProcRecordType::RENDER;
734 pr.isActive_ = true;
735 ProcessRecord mainProc(uid, pid);
736 auto cgroupEventHandler =
737 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
738
739 cgroupEventHandler->CheckVisibilityForRenderProcess(pr, mainProc);
740 cgroupEventHandler->SetSupervisor(g_supervisor);
741 cgroupEventHandler->CheckVisibilityForRenderProcess(pr, mainProc);
742
743 return true;
744 }
745
ParsePayloadFuzzTest(const uint8_t * data,size_t size)746 bool ParsePayloadFuzzTest(const uint8_t* data, size_t size)
747 {
748 if (data == nullptr) {
749 return false;
750 }
751
752 // initialize
753 G_DATA = data;
754 g_size = size;
755 g_pos = 0;
756
757 // getdata
758 int32_t uid = GetData<int32_t>();
759 int32_t pid = GetData<int32_t>();
760 int32_t tid = GetData<int32_t>();
761 int64_t value = GetData<int64_t>();
762 nlohmann::json payload;
763 auto cgroupEventHandler =
764 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
765 cgroupEventHandler->ParsePayload(uid, pid, tid, value, payload);
766
767 return true;
768 }
769
HandleReportAvCodecEventFuzzTest(const uint8_t * data,size_t size)770 bool HandleReportAvCodecEventFuzzTest(const uint8_t* data, size_t size)
771 {
772 if (data == nullptr) {
773 return false;
774 }
775
776 // initialize
777 G_DATA = data;
778 g_size = size;
779 g_pos = 0;
780
781 // getdata
782 int32_t uid = GetData<int32_t>();
783 int32_t pid = GetData<int32_t>();
784 int32_t instanceId = GetData<int32_t>();
785 uint32_t resType = GetData<uint32_t>();
786 int64_t value = GetData<int64_t>();
787 nlohmann::json payload;
788 payload["uid"] = std::to_string(uid);
789 payload["pid"] = std::to_string(pid);
790 payload["instanceId"] = std::to_string(instanceId);
791 auto cgroupEventHandler =
792 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
793 cgroupEventHandler->HandleReportAvCodecEvent(resType, value, payload);
794
795 return true;
796 }
797
HandleSceneBoardStateFuzzTest(const uint8_t * data,size_t size)798 bool HandleSceneBoardStateFuzzTest(const uint8_t* data, size_t size)
799 {
800 if (data == nullptr) {
801 return false;
802 }
803
804 // initialize
805 G_DATA = data;
806 g_size = size;
807 g_pos = 0;
808
809 // getdata
810 int32_t pid = GetData<int32_t>();
811 uint32_t resType = GetData<uint32_t>();
812 int64_t value = GetData<int64_t>();
813 nlohmann::json payload;
814 payload["pid"] = std::to_string(pid);
815 auto cgroupEventHandler =
816 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
817
818 cgroupEventHandler->HandleSceneBoardState(resType, value, payload);
819 cgroupEventHandler->SetSupervisor(g_supervisor);
820 cgroupEventHandler->HandleSceneBoardState(resType, value, payload);
821
822 return true;
823 }
824
HandleWindowVisibilityChangedFuzzTest(const uint8_t * data,size_t size)825 bool HandleWindowVisibilityChangedFuzzTest(const uint8_t* data, size_t size)
826 {
827 if (data == nullptr) {
828 return false;
829 }
830
831 // initialize
832 G_DATA = data;
833 g_size = size;
834 g_pos = 0;
835
836 // getdata
837 int32_t uid = GetData<int32_t>();
838 int32_t pid = GetData<int32_t>();
839 uint32_t windowId = GetData<int32_t>();
840 uint32_t visibilityState = GetData<uint32_t>();
841 auto cgroupEventHandler =
842 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
843
844 cgroupEventHandler->HandleWindowVisibilityChanged(
845 windowId, visibilityState, WindowType::APP_WINDOW_BASE, pid, uid);
846 cgroupEventHandler->SetSupervisor(g_supervisor);
847 cgroupEventHandler->HandleWindowVisibilityChanged(
848 windowId, visibilityState, WindowType::APP_WINDOW_BASE, pid, uid);
849
850 return true;
851 }
852
HandleDrawingContentChangeWindowFuzzTest(const uint8_t * data,size_t size)853 bool HandleDrawingContentChangeWindowFuzzTest(const uint8_t* data, size_t size)
854 {
855 if (data == nullptr) {
856 return false;
857 }
858
859 // initialize
860 G_DATA = data;
861 g_size = size;
862 g_pos = 0;
863
864 // getdata
865 int32_t uid = GetData<int32_t>();
866 int32_t pid = GetData<int32_t>();
867 uint32_t windowId = GetData<int32_t>();
868 auto cgroupEventHandler =
869 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
870
871 cgroupEventHandler->HandleDrawingContentChangeWindow(windowId, WindowType::APP_WINDOW_BASE, false, pid, uid);
872 cgroupEventHandler->SetSupervisor(g_supervisor);
873 cgroupEventHandler->HandleDrawingContentChangeWindow(windowId, WindowType::APP_WINDOW_BASE, true, pid, uid);
874
875 return true;
876 }
877
HandleUnfocusedWindowFuzzTest(const uint8_t * data,size_t size)878 bool HandleUnfocusedWindowFuzzTest(const uint8_t* data, size_t size)
879 {
880 if (data == nullptr) {
881 return false;
882 }
883
884 // initialize
885 G_DATA = data;
886 g_size = size;
887 g_pos = 0;
888
889 // getdata
890 int32_t uid = GetData<int32_t>();
891 int32_t pid = GetData<int32_t>();
892 uintptr_t token = GetData<uintptr_t>();
893 uint32_t windowId = GetData<int32_t>();
894 uint64_t displayId = GetData<uint64_t>();
895 auto cgroupEventHandler =
896 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
897
898 cgroupEventHandler->HandleUnfocusedWindow(
899 windowId, token, WindowType::APP_WINDOW_BASE, displayId, pid, uid);
900 cgroupEventHandler->SetSupervisor(g_supervisor);
901 cgroupEventHandler->HandleUnfocusedWindow(
902 windowId, token, WindowType::APP_WINDOW_BASE, displayId, pid, uid);
903
904 return true;
905 }
906
HandleFocusedWindowFuzzTest(const uint8_t * data,size_t size)907 bool HandleFocusedWindowFuzzTest(const uint8_t* data, size_t size)
908 {
909 if (data == nullptr) {
910 return false;
911 }
912
913 // initialize
914 G_DATA = data;
915 g_size = size;
916 g_pos = 0;
917
918 // getdata
919 int32_t uid = GetData<int32_t>();
920 int32_t pid = GetData<int32_t>();
921 uintptr_t token = GetData<uintptr_t>();
922 uint32_t windowId = GetData<int32_t>();
923 uint64_t displayId = GetData<uint64_t>();
924 auto cgroupEventHandler =
925 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
926 cgroupEventHandler->SetSupervisor(g_supervisor);
927
928 cgroupEventHandler->HandleFocusedWindow(
929 windowId, token, WindowType::APP_WINDOW_BASE, displayId, pid, uid);
930
931 return true;
932 }
933
HandleApplicationStateChangedFuzzTest(const uint8_t * data,size_t size)934 bool HandleApplicationStateChangedFuzzTest(const uint8_t* data, size_t size)
935 {
936 if (data == nullptr) {
937 return false;
938 }
939
940 // initialize
941 G_DATA = data;
942 g_size = size;
943 g_pos = 0;
944
945 // getdata
946 uid_t uid = GetData<uid_t>();
947 pid_t pid = GetData<pid_t>();
948 std::string packageName(std::to_string(*data));
949 int32_t state = GetData<int32_t>();
950 auto cgroupEventHandler =
951 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
952
953 cgroupEventHandler->HandleApplicationStateChanged(uid, pid, packageName, state);
954 cgroupEventHandler->SetSupervisor(g_supervisor);
955 cgroupEventHandler->HandleApplicationStateChanged(uid, pid, packageName, state);
956
957 return true;
958 }
959
HandleProcessStateChangedFuzzTest(const uint8_t * data,size_t size)960 bool HandleProcessStateChangedFuzzTest(const uint8_t* data, size_t size)
961 {
962 if (data == nullptr) {
963 return false;
964 }
965
966 // initialize
967 G_DATA = data;
968 g_size = size;
969 g_pos = 0;
970
971 // getdata
972 uid_t uid = GetData<uid_t>();
973 pid_t pid = GetData<pid_t>();
974 std::string packageName(std::to_string(*data));
975 int32_t state = GetData<int32_t>();
976 auto cgroupEventHandler =
977 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
978
979 cgroupEventHandler->HandleProcessStateChanged(uid, pid, packageName, state);
980 cgroupEventHandler->SetSupervisor(g_supervisor);
981 cgroupEventHandler->HandleProcessStateChanged(uid, pid, packageName, state);
982
983 return true;
984 }
985
HandleAbilityStateChangedFuzzTest(const uint8_t * data,size_t size)986 bool HandleAbilityStateChangedFuzzTest(const uint8_t* data, size_t size)
987 {
988 if (data == nullptr) {
989 return false;
990 }
991
992 // initialize
993 G_DATA = data;
994 g_size = size;
995 g_pos = 0;
996
997 // getdata
998 uid_t uid = GetData<uid_t>();
999 pid_t pid = GetData<pid_t>();
1000 std::string bundleName(std::to_string(*data));
1001 std::string abilityName(std::to_string(*data));
1002 uintptr_t token = GetData<uintptr_t>();
1003 int32_t abilityState = GetData<int32_t>();
1004 int32_t abilityType = GetData<int32_t>();
1005 auto cgroupEventHandler =
1006 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
1007
1008 cgroupEventHandler->HandleAbilityStateChanged(
1009 uid, pid, bundleName, abilityName, token, abilityState, abilityType);
1010 cgroupEventHandler->SetSupervisor(g_supervisor);
1011 cgroupEventHandler->HandleAbilityStateChanged(
1012 uid, pid, bundleName, abilityName, token, abilityState, abilityType);
1013
1014 return true;
1015 }
1016
HandleExtensionStateChangedFuzzTest(const uint8_t * data,size_t size)1017 bool HandleExtensionStateChangedFuzzTest(const uint8_t* data, size_t size)
1018 {
1019 if (data == nullptr) {
1020 return false;
1021 }
1022
1023 // initialize
1024 G_DATA = data;
1025 g_size = size;
1026 g_pos = 0;
1027
1028 // getdata
1029 uid_t uid = GetData<uid_t>();
1030 pid_t pid = GetData<pid_t>();
1031 std::string bundleName(std::to_string(*data));
1032 std::string abilityName(std::to_string(*data));
1033 uintptr_t token = GetData<uintptr_t>();
1034 int32_t extensionState = GetData<int32_t>();
1035 int32_t abilityType = GetData<int32_t>();
1036 auto cgroupEventHandler =
1037 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
1038
1039 cgroupEventHandler->HandleExtensionStateChanged(
1040 uid, pid, bundleName, abilityName, token, extensionState, abilityType);
1041 cgroupEventHandler->SetSupervisor(g_supervisor);
1042 cgroupEventHandler->HandleExtensionStateChanged(
1043 uid, pid, bundleName, abilityName, token, extensionState, abilityType);
1044
1045 return true;
1046 }
1047
1048
HandleProcessCreatedFuzzTest(const uint8_t * data,size_t size)1049 bool HandleProcessCreatedFuzzTest(const uint8_t* data, size_t size)
1050 {
1051 if (data == nullptr) {
1052 return false;
1053 }
1054
1055 // initialize
1056 G_DATA = data;
1057 g_size = size;
1058 g_pos = 0;
1059
1060 // getdata
1061 uid_t uid = GetData<uid_t>();
1062 pid_t pid = GetData<pid_t>();
1063 std::string bundleName(std::to_string(*data));
1064 int32_t hostPid = GetData<int32_t>();
1065 int32_t processType = GetData<int32_t>();
1066 int32_t extensionType = GetData<int32_t>();
1067 auto cgroupEventHandler =
1068 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
1069
1070 cgroupEventHandler->HandleProcessCreated(uid, pid, hostPid, processType, bundleName, extensionType);
1071 cgroupEventHandler->SetSupervisor(g_supervisor);
1072 cgroupEventHandler->HandleProcessCreated(uid, pid, hostPid, processType, bundleName, extensionType);
1073
1074 return true;
1075 }
1076
HandleReportAudioStateFuzzTest(const uint8_t * data,size_t size)1077 bool HandleReportAudioStateFuzzTest(const uint8_t* data, size_t size)
1078 {
1079 if (data == nullptr) {
1080 return false;
1081 }
1082
1083 // initialize
1084 G_DATA = data;
1085 g_size = size;
1086 g_pos = 0;
1087
1088 // getdata
1089 uint32_t resType = GetData<uint32_t>();
1090 int64_t value = GetData<int64_t>();
1091 nlohmann::json payload;
1092 auto cgroupEventHandler =
1093 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
1094
1095 cgroupEventHandler->HandleReportAudioState(resType, value, payload);
1096 cgroupEventHandler->SetSupervisor(g_supervisor);
1097 cgroupEventHandler->HandleReportAudioState(resType, value, payload);
1098
1099 return true;
1100 }
1101
HandleWebviewScreenCaptureFuzzTest(const uint8_t * data,size_t size)1102 bool HandleWebviewScreenCaptureFuzzTest(const uint8_t* data, size_t size)
1103 {
1104 if (data == nullptr) {
1105 return false;
1106 }
1107
1108 // initialize
1109 G_DATA = data;
1110 g_size = size;
1111 g_pos = 0;
1112
1113 // getdata
1114 uint32_t resType = GetData<uint32_t>();
1115 int64_t value = GetData<int64_t>();
1116 nlohmann::json payload;
1117 auto cgroupEventHandler =
1118 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
1119
1120 cgroupEventHandler->HandleWebviewScreenCapture(resType, value, payload);
1121
1122 return true;
1123 }
1124
HandleReportWebviewVideoStateFuzzTest(const uint8_t * data,size_t size)1125 bool HandleReportWebviewVideoStateFuzzTest(const uint8_t* data, size_t size)
1126 {
1127 if (data == nullptr) {
1128 return false;
1129 }
1130
1131 // initialize
1132 G_DATA = data;
1133 g_size = size;
1134 g_pos = 0;
1135
1136 // getdata
1137 uint32_t resType = GetData<uint32_t>();
1138 int64_t value = GetData<int64_t>();
1139 nlohmann::json payload;
1140 auto cgroupEventHandler =
1141 std::make_shared<CgroupEventHandler>("CgroupEventHandler_fuzz");
1142
1143 cgroupEventHandler->HandleReportWebviewVideoState(resType, value, payload);
1144
1145 return true;
1146 }
1147
AdjustForkProcessGroupFuzzTest(const uint8_t * data,size_t size)1148 bool AdjustForkProcessGroupFuzzTest(const uint8_t* data, size_t size)
1149 {
1150 if (data == nullptr) {
1151 return false;
1152 }
1153
1154 // initialize
1155 G_DATA = data;
1156 g_size = size;
1157 g_pos = 0;
1158
1159 // getdata
1160 uid_t uid = GetData<uid_t>();
1161 pid_t pid = GetData<pid_t>();
1162 ProcessRecord pr(uid, pid);
1163 Application app(uid);
1164
1165 CgroupAdjuster::GetInstance().AdjustForkProcessGroup(app, pr);
1166
1167 return true;
1168 }
1169
AdjustProcessGroupFuzzTest(const uint8_t * data,size_t size)1170 bool AdjustProcessGroupFuzzTest(const uint8_t* data, size_t size)
1171 {
1172 if (data == nullptr) {
1173 return false;
1174 }
1175
1176 // initialize
1177 G_DATA = data;
1178 g_size = size;
1179 g_pos = 0;
1180
1181 // getdata
1182 uid_t uid = GetData<uid_t>();
1183 pid_t pid = GetData<pid_t>();
1184 ProcessRecord pr(uid, pid);
1185 Application app(uid);
1186
1187 CgroupAdjuster::GetInstance().AdjustProcessGroup(app, pr, AdjustSource::ADJS_FG_APP_CHANGE);
1188
1189 return true;
1190 }
1191
AdjustAllProcessGroupFuzzTest(const uint8_t * data,size_t size)1192 bool AdjustAllProcessGroupFuzzTest(const uint8_t* data, size_t size)
1193 {
1194 if (data == nullptr) {
1195 return false;
1196 }
1197
1198 // initialize
1199 G_DATA = data;
1200 g_size = size;
1201 g_pos = 0;
1202
1203 // getdata
1204 uid_t uid = GetData<uid_t>();
1205 Application app(uid);
1206
1207 CgroupAdjuster::GetInstance().AdjustAllProcessGroup(app, AdjustSource::ADJS_FG_APP_CHANGE);
1208
1209 return true;
1210 }
1211
ComputeProcessGroupFuzzTest(const uint8_t * data,size_t size)1212 bool ComputeProcessGroupFuzzTest(const uint8_t* data, size_t size)
1213 {
1214 if (data == nullptr) {
1215 return false;
1216 }
1217
1218 // initialize
1219 G_DATA = data;
1220 g_size = size;
1221 g_pos = 0;
1222
1223 // getdata
1224 uid_t uid = GetData<uid_t>();
1225 pid_t pid = GetData<pid_t>();
1226 ProcessRecord pr(uid, pid);
1227 Application app(uid);
1228
1229 CgroupAdjuster::GetInstance().ComputeProcessGroup(app, pr, AdjustSource::ADJS_FG_APP_CHANGE);
1230
1231 return true;
1232 }
1233
ApplyProcessGroupFuzzTest(const uint8_t * data,size_t size)1234 bool ApplyProcessGroupFuzzTest(const uint8_t* data, size_t size)
1235 {
1236 if (data == nullptr) {
1237 return false;
1238 }
1239
1240 // initialize
1241 G_DATA = data;
1242 g_size = size;
1243 g_pos = 0;
1244
1245 // getdata
1246 uid_t uid = GetData<uid_t>();
1247 pid_t pid = GetData<pid_t>();
1248 ProcessRecord pr(uid, pid);
1249 Application app(uid);
1250
1251 CgroupAdjuster::GetInstance().ApplyProcessGroup(app, pr);
1252
1253 return true;
1254 }
1255
UpdateAppStartupNumFuzzTest(const uint8_t * data,size_t size)1256 bool UpdateAppStartupNumFuzzTest(const uint8_t* data, size_t size)
1257 {
1258 if (data == nullptr) {
1259 return false;
1260 }
1261
1262 // initialize
1263 G_DATA = data;
1264 g_size = size;
1265 g_pos = 0;
1266
1267 // getdata
1268 int32_t uid = GetData<int32_t>();
1269 int32_t pid = GetData<int32_t>();
1270 std::string bundleName(std::to_string(*data));
1271 RmsApplicationStateObserver *appStateObserver = new (std::nothrow)RmsApplicationStateObserver();
1272 AppStateData appStateData;
1273 appStateData.uid = uid;
1274 appStateData.pid = pid;
1275 appStateData.bundleName = bundleName;
1276
1277 appStateObserver->OnForegroundApplicationChanged(appStateData);
1278
1279 return true;
1280 }
1281
OnProcessDiedFuzzTest(const uint8_t * data,size_t size)1282 bool OnProcessDiedFuzzTest(const uint8_t* data, size_t size)
1283 {
1284 if (data == nullptr) {
1285 return false;
1286 }
1287
1288 // initialize
1289 G_DATA = data;
1290 g_size = size;
1291 g_pos = 0;
1292
1293 // getdata
1294 int32_t uid = GetData<int32_t>();
1295 int32_t pid = GetData<int32_t>();
1296 std::string bundleName(std::to_string(*data));
1297 RmsApplicationStateObserver *appStateObserver = new (std::nothrow)RmsApplicationStateObserver();
1298 ProcessData processData;
1299 processData.uid = uid;
1300 processData.pid = pid;
1301 processData.bundleName = bundleName;
1302
1303 appStateObserver->OnProcessDied(processData);
1304
1305 return true;
1306 }
1307
OnApplicationStateChangedFuzzTest(const uint8_t * data,size_t size)1308 bool OnApplicationStateChangedFuzzTest(const uint8_t* data, size_t size)
1309 {
1310 if (data == nullptr) {
1311 return false;
1312 }
1313
1314 // initialize
1315 G_DATA = data;
1316 g_size = size;
1317 g_pos = 0;
1318
1319 // getdata
1320 int32_t uid = GetData<int32_t>();
1321 int32_t pid = GetData<int32_t>();
1322 int32_t state = GetData<int32_t>();
1323 std::string bundleName(std::to_string(*data));
1324 RmsApplicationStateObserver *appStateObserver = new (std::nothrow)RmsApplicationStateObserver();
1325 AppStateData appStateData;
1326 appStateData.uid = uid;
1327 appStateData.pid = pid;
1328 appStateData.state = state;
1329 appStateData.bundleName = bundleName;
1330
1331 appStateObserver->OnApplicationStateChanged(appStateData);
1332
1333 return true;
1334 }
1335
OnAppStateChangedFuzzTest(const uint8_t * data,size_t size)1336 bool OnAppStateChangedFuzzTest(const uint8_t* data, size_t size)
1337 {
1338 if (data == nullptr) {
1339 return false;
1340 }
1341
1342 // initialize
1343 G_DATA = data;
1344 g_size = size;
1345 g_pos = 0;
1346
1347 // getdata
1348 int32_t uid = GetData<int32_t>();
1349 int32_t pid = GetData<int32_t>();
1350 int32_t state = GetData<int32_t>();
1351 std::string bundleName(std::to_string(*data));
1352 RmsApplicationStateObserver *appStateObserver = new (std::nothrow)RmsApplicationStateObserver();
1353 AppStateData appStateData;
1354 appStateData.uid = uid;
1355 appStateData.pid = pid;
1356 appStateData.state = state;
1357 appStateData.bundleName = bundleName;
1358
1359 appStateObserver->OnAppStateChanged(appStateData);
1360
1361 return true;
1362 }
1363
OnAppCacheStateChangedFuzzTest(const uint8_t * data,size_t size)1364 bool OnAppCacheStateChangedFuzzTest(const uint8_t* data, size_t size)
1365 {
1366 if (data == nullptr) {
1367 return false;
1368 }
1369
1370 // initialize
1371 G_DATA = data;
1372 g_size = size;
1373 g_pos = 0;
1374
1375 // getdata
1376 int32_t uid = GetData<int32_t>();
1377 int32_t pid = GetData<int32_t>();
1378 int32_t state = GetData<int32_t>();
1379 std::string bundleName(std::to_string(*data));
1380 RmsApplicationStateObserver *appStateObserver = new (std::nothrow)RmsApplicationStateObserver();
1381 AppStateData appStateData;
1382 appStateData.uid = uid;
1383 appStateData.pid = pid;
1384 appStateData.state = state;
1385 appStateData.bundleName = bundleName;
1386
1387 appStateObserver->OnAppCacheStateChanged(appStateData);
1388
1389 return true;
1390 }
1391
BackgroundTaskObserverFuzzExecute(const uint8_t * data,size_t size)1392 void BackgroundTaskObserverFuzzExecute(const uint8_t* data, size_t size)
1393 {
1394 OHOS::ResourceSchedule::TransientTaskStartFuzzTest(data, size);
1395 OHOS::ResourceSchedule::TransientTaskEndFuzzTest(data, size);
1396 OHOS::ResourceSchedule::MarshallingContinuousTaskCallbackInfoFuzzTest(data, size);
1397 OHOS::ResourceSchedule::ContinuousTaskStartFuzzTest(data, size);
1398 OHOS::ResourceSchedule::ContinuousTaskStopFuzzTest(data, size);
1399 OHOS::ResourceSchedule::ContinuousTaskUpdateFuzzTest(data, size);
1400 OHOS::ResourceSchedule::RemoteDiedFuzzTest(data, size);
1401 }
1402
CgroupEventHandlerFuzzExecute(const uint8_t * data,size_t size)1403 void CgroupEventHandlerFuzzExecute(const uint8_t* data, size_t size)
1404 {
1405 OHOS::ResourceSchedule::ProcessEventFuzzTest(data, size);
1406 OHOS::ResourceSchedule::HandleAbilityAddedFuzzTest(data, size);
1407 OHOS::ResourceSchedule::HandleAbilityRemovedFuzzTest(data, size);
1408 OHOS::ResourceSchedule::HandleProcessDiedFuzzTest(data, size);
1409 OHOS::ResourceSchedule::HandleTransientTaskStartFuzzTest(data, size);
1410 OHOS::ResourceSchedule::HandleTransientTaskEndFuzzTest(data, size);
1411 OHOS::ResourceSchedule::HandleContinuousTaskUpdateFuzzTest(data, size);
1412 OHOS::ResourceSchedule::HandleContinuousTaskCancelFuzzTest(data, size);
1413 OHOS::ResourceSchedule::HandleReportMMIProcessFuzzTest(data, size);
1414 OHOS::ResourceSchedule::HandleReportRenderThreadFuzzTest(data, size);
1415 OHOS::ResourceSchedule::HandleReportKeyThreadFuzzTest(data, size);
1416 OHOS::ResourceSchedule::HandleReportWindowStateFuzzTest(data, size);
1417 OHOS::ResourceSchedule::HandleReportWebviewAudioStateFuzzTest(data, size);
1418 OHOS::ResourceSchedule::HandleReportRunningLockEventFuzzTest(data, size);
1419 OHOS::ResourceSchedule::HandleReportHisysEventFuzzTest(data, size);
1420 OHOS::ResourceSchedule::HandleReportScreenCaptureEventFuzzTest(data, size);
1421 OHOS::ResourceSchedule::CheckVisibilityForRenderProcessFuzzTest(data, size);
1422 OHOS::ResourceSchedule::ParsePayloadFuzzTest(data, size);
1423 OHOS::ResourceSchedule::HandleReportAvCodecEventFuzzTest(data, size);
1424 OHOS::ResourceSchedule::HandleSceneBoardStateFuzzTest(data, size);
1425 OHOS::ResourceSchedule::HandleWindowVisibilityChangedFuzzTest(data, size);
1426 OHOS::ResourceSchedule::HandleDrawingContentChangeWindowFuzzTest(data, size);
1427 OHOS::ResourceSchedule::HandleUnfocusedWindowFuzzTest(data, size);
1428 OHOS::ResourceSchedule::HandleFocusedWindowFuzzTest(data, size);
1429 OHOS::ResourceSchedule::HandleApplicationStateChangedFuzzTest(data, size);
1430 OHOS::ResourceSchedule::HandleProcessStateChangedFuzzTest(data, size);
1431 OHOS::ResourceSchedule::HandleAbilityStateChangedFuzzTest(data, size);
1432 OHOS::ResourceSchedule::HandleExtensionStateChangedFuzzTest(data, size);
1433 OHOS::ResourceSchedule::HandleReportAudioStateFuzzTest(data, size);
1434 OHOS::ResourceSchedule::HandleProcessCreatedFuzzTest(data, size);
1435 OHOS::ResourceSchedule::HandleWebviewScreenCaptureFuzzTest(data, size);
1436 OHOS::ResourceSchedule::HandleReportWebviewVideoStateFuzzTest(data, size);
1437 }
1438
CgroupAdjusterFuzzExecute(const uint8_t * data,size_t size)1439 void CgroupAdjusterFuzzExecute(const uint8_t* data, size_t size)
1440 {
1441 OHOS::ResourceSchedule::AdjustForkProcessGroupFuzzTest(data, size);
1442 OHOS::ResourceSchedule::AdjustProcessGroupFuzzTest(data, size);
1443 OHOS::ResourceSchedule::AdjustAllProcessGroupFuzzTest(data, size);
1444 OHOS::ResourceSchedule::ComputeProcessGroupFuzzTest(data, size);
1445 OHOS::ResourceSchedule::ApplyProcessGroupFuzzTest(data, size);
1446 }
1447
AppStateObserverFuzzExecute(const uint8_t * data,size_t size)1448 void AppStateObserverFuzzExecute(const uint8_t* data, size_t size)
1449 {
1450 OHOS::ResourceSchedule::UpdateAppStartupNumFuzzTest(data, size);
1451 OHOS::ResourceSchedule::OnProcessDiedFuzzTest(data, size);
1452 OHOS::ResourceSchedule::OnApplicationStateChangedFuzzTest(data, size);
1453 OHOS::ResourceSchedule::OnAppStateChangedFuzzTest(data, size);
1454 OHOS::ResourceSchedule::OnAppCacheStateChangedFuzzTest(data, size);
1455 }
1456
1457 } // namespace ResourceSchedule
1458 } // namespace OHOS
1459
1460 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)1461 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
1462 {
1463 /* Run your code on data */
1464 // background_task_observer.cpp
1465 OHOS::ResourceSchedule::BackgroundTaskObserverFuzzExecute(data, size);
1466 // background_task_observer.cpp end
1467
1468 // cgroup_event_handler.cpp
1469 OHOS::ResourceSchedule::CgroupEventHandlerFuzzExecute(data, size);
1470 // cgroup_event_handler.cpp end
1471
1472 // cgroup_adjuster.cpp
1473 OHOS::ResourceSchedule::CgroupAdjusterFuzzExecute(data, size);
1474 // cgroup_adjuster.cpp end
1475
1476 // app_state_observer.cpp
1477 OHOS::ResourceSchedule::AppStateObserverFuzzExecute(data, size);
1478 // app_state_observer.cpp end
1479
1480 return 0;
1481 }
1482