1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "ipcprocessskeleton_fuzzer.h"
17
18 #include <cstddef>
19 #include <cstdint>
20 #include <cstring>
21 #include <securec.h>
22 #include "fuzz_data_generator.h"
23 #include "iremote_object.h"
24 #include "ipc_process_skeleton.h"
25
26 namespace OHOS {
AttachToDetachAppInfoToStubIndexTest001()27 bool AttachToDetachAppInfoToStubIndexTest001()
28 {
29 uint32_t pid;
30 uint32_t uid;
31 uint32_t tokenId;
32 uint64_t stubIndex;
33 int32_t listenFd;
34 std::string deviceId;
35 if (!GenerateUint32(pid) || !GenerateUint32(uid) || !GenerateUint32(tokenId) || !GenerateInt32(listenFd) ||
36 !GenerateUint64(stubIndex) || !GenerateString(deviceId)) {
37 return false;
38 }
39 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
40 if (current == nullptr) {
41 return false;
42 }
43 current->AttachAppInfoToStubIndex(pid, uid, tokenId, deviceId, stubIndex, listenFd);
44 current->QueryAppInfoToStubIndex(pid, uid, tokenId, deviceId, stubIndex, listenFd);
45 current->DetachAppInfoToStubIndex(stubIndex);
46 current->AttachAppInfoToStubIndex(pid, uid, tokenId, deviceId, stubIndex, listenFd);
47 current->DetachAppInfoToStubIndex(pid, uid, tokenId, deviceId, stubIndex, listenFd);
48 return true;
49 }
50
AttachToDetachAppInfoToStubIndexTest002()51 bool AttachToDetachAppInfoToStubIndexTest002()
52 {
53 uint32_t pid;
54 uint32_t uid;
55 uint32_t tokenId;
56 int32_t listenFd;
57 std::string deviceId;
58 if (!GenerateUint32(pid) || !GenerateUint32(uid) || !GenerateUint32(tokenId) || !GenerateInt32(listenFd) ||
59 !GenerateString(deviceId)) {
60 return false;
61 }
62 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
63 if (current == nullptr) {
64 return false;
65 }
66 current->AttachAppInfoToStubIndex(pid, uid, tokenId, deviceId, listenFd);
67 current->DetachAppInfoToStubIndex(listenFd);
68 current->AttachAppInfoToStubIndex(pid, uid, tokenId, deviceId, listenFd);
69 current->DetachAppInfoToStubIndex(pid, uid, tokenId, deviceId, listenFd);
70 return true;
71 }
72
SetIPCProxyLimitTest()73 bool SetIPCProxyLimitTest()
74 {
75 std::function<void(uint64_t num)> callback;
76 uint64_t num;
77 if (!GenerateUint64(num)) {
78 return false;
79 }
80 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
81 if (current == nullptr) {
82 return false;
83 }
84 current->SetIPCProxyLimit(num, callback);
85 return true;
86 }
87
SetMaxWorkThreadTest()88 bool SetMaxWorkThreadTest()
89 {
90 int maxThreadNum = 16;
91 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
92 if (current == nullptr) {
93 return false;
94 }
95 current->SetMaxWorkThread(maxThreadNum);
96 return true;
97 }
98
MakeHandleDescriptorTest()99 bool MakeHandleDescriptorTest()
100 {
101 int handle;
102 if (!GenerateInt32(handle)) {
103 return false;
104 }
105 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
106 if (current == nullptr) {
107 return false;
108 }
109 current->MakeHandleDescriptor(handle);
110 return true;
111 }
112
OnThreadTerminatedTest()113 bool OnThreadTerminatedTest()
114 {
115 std::string threadName;
116 if (!GenerateString(threadName)) {
117 return false;
118 }
119 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
120 if (current == nullptr) {
121 return false;
122 }
123 current->OnThreadTerminated(threadName);
124 return true;
125 }
126
SpawnThreadTest()127 bool SpawnThreadTest()
128 {
129 int32_t policy;
130 int32_t proto;
131 if (!GenerateInt32(policy) || !GenerateInt32(proto)) {
132 return false;
133 }
134
135 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
136 if (current == nullptr) {
137 return false;
138 }
139 current->SpawnThread(policy, proto);
140 return true;
141 }
142
FindOrNewObjectTest()143 bool FindOrNewObjectTest()
144 {
145 int handle;
146 if (!GenerateInt32(handle)) {
147 return false;
148 }
149
150 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
151 if (current == nullptr) {
152 return false;
153 }
154 current->FindOrNewObject(handle);
155 return true;
156 }
157
IsContainsObjectTest001()158 bool IsContainsObjectTest001()
159 {
160 sptr<IRemoteObject> object = new IPCObjectProxy(0, u"proxyTest", 0);
161
162 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
163 if (current == nullptr) {
164 return false;
165 }
166 current->IsContainsObject(object);
167 return true;
168 }
169
IsContainsObjectTest002()170 bool IsContainsObjectTest002()
171 {
172 sptr<IRemoteObject> object = nullptr;
173 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
174 if (current == nullptr) {
175 return false;
176 }
177 current->IsContainsObject(object);
178 return true;
179 }
180
AttachObjectTest001()181 bool AttachObjectTest001()
182 {
183 sptr<IRemoteObject> object = nullptr;
184 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
185 if (current == nullptr) {
186 return false;
187 }
188 current->AttachObject(object);
189 return true;
190 }
191
AttachObjectTest002()192 bool AttachObjectTest002()
193 {
194 sptr<IRemoteObject> object = new IPCObjectProxy(0, u"proxyTest", 0);
195 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
196 if (current == nullptr) {
197 return false;
198 }
199 current->AttachObject(object);
200 current->DetachObject(object);
201 return true;
202 }
203
QueryObjectTest001()204 bool QueryObjectTest001()
205 {
206 int handle;
207 if (!GenerateInt32(handle)) {
208 return false;
209 }
210 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
211 if (current == nullptr) {
212 return false;
213 }
214 std::u16string descriptor = current->MakeHandleDescriptor(handle);
215 current->QueryObject(descriptor);
216 return true;
217 }
218
QueryObjectTest002()219 bool QueryObjectTest002()
220 {
221 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
222 if (current == nullptr) {
223 return false;
224 }
225 current->QueryObject(u"");
226 return true;
227 }
DetachObjectTest001()228 bool DetachObjectTest001()
229 {
230 sptr<IRemoteObject> object = nullptr;
231 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
232 if (current == nullptr) {
233 return false;
234 }
235 current->DetachObject(object);
236 return true;
237 }
238
DetachObjectTest002()239 bool DetachObjectTest002()
240 {
241 sptr<IRemoteObject> object = new IPCObjectProxy(0, u"proxyTest", 0);
242 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
243 if (current == nullptr) {
244 return false;
245 }
246 current->DetachObject(object);
247 return true;
248 }
249
GetProxyObjectTest()250 bool GetProxyObjectTest()
251 {
252 int handle;
253 bool newFlag;
254 if (!GenerateInt32(handle) || !GenerateBool(newFlag)) {
255 return false;
256 }
257 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
258 if (current == nullptr) {
259 return false;
260 }
261 sptr<IRemoteObject> object = current->GetProxyObject(handle, newFlag);
262 current->DetachObject(object);
263 return true;
264 }
265
SetRegistryObjectTest001()266 bool SetRegistryObjectTest001()
267 {
268 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
269 if (current == nullptr) {
270 return false;
271 }
272 sptr<IRemoteObject> object = nullptr;
273 current->SetRegistryObject(object);
274 return true;
275 }
276
SetRegistryObjectTest002()277 bool SetRegistryObjectTest002()
278 {
279 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
280 if (current == nullptr) {
281 return false;
282 }
283 sptr<IRemoteObject> proxy = new IPCObjectProxy(0, u"", 0);
284 current->SetRegistryObject(proxy);
285 return true;
286 }
287
GetRegistryObjectTest()288 bool GetRegistryObjectTest()
289 {
290 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
291 if (current == nullptr) {
292 return false;
293 }
294 current->GetRegistryObject();
295 return true;
296 }
297
BlockUntilThreadAvailableTest()298 bool BlockUntilThreadAvailableTest()
299 {
300 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
301 if (current == nullptr) {
302 return false;
303 }
304 current->BlockUntilThreadAvailable();
305 return true;
306 }
307
LockForNumExecutingTest()308 bool LockForNumExecutingTest()
309 {
310 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
311 if (current == nullptr) {
312 return false;
313 }
314 current->LockForNumExecuting();
315 return true;
316 }
317
UnlockForNumExecutingTest()318 bool UnlockForNumExecutingTest()
319 {
320 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
321 if (current == nullptr) {
322 return false;
323 }
324 current->UnlockForNumExecuting();
325 return true;
326 }
327
AttachToDetachRawDataTest()328 bool AttachToDetachRawDataTest()
329 {
330 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
331 if (current == nullptr) {
332 return false;
333 }
334 int32_t socketId;
335 uint32_t rawDataSize;
336 if (!GenerateUint32(rawDataSize) || !GenerateInt32(socketId)) {
337 return false;
338 }
339 std::shared_ptr<InvokerRawData> rawData = std::make_shared<InvokerRawData>(rawDataSize);
340 current->AttachRawData(socketId, rawData);
341 current->QueryRawData(socketId);
342 current->DetachRawData(socketId);
343 return true;
344 }
345
GetSAMgrObjectTest()346 bool GetSAMgrObjectTest()
347 {
348 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
349 if (current == nullptr) {
350 return false;
351 }
352 current->GetSAMgrObject();
353 return true;
354 }
355
ProxyAttachToDetachDBinderSessionTest()356 bool ProxyAttachToDetachDBinderSessionTest()
357 {
358 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
359 if (current == nullptr) {
360 return false;
361 }
362 uint32_t handle;
363 std::string serviceName;
364 uint64_t stubIndex;
365 uint32_t tokenId;
366 std::string serverDeviceId;
367
368 if (!GenerateUint32(handle) || !GenerateUint64(stubIndex) || !GenerateUint32(tokenId) ||
369 !GenerateString(serviceName) || !GenerateString(serverDeviceId)) {
370 return false;
371 }
372 std::shared_ptr<DBinderSessionObject> object = std::make_shared<DBinderSessionObject>(
373 serviceName, serverDeviceId, stubIndex, nullptr, tokenId);
374 current->ProxyAttachDBinderSession(handle, object);
375 current->ProxyQueryDBinderSession(handle);
376 current->ProxyDetachDBinderSession(handle, object->GetProxy());
377 return true;
378 }
379
ProxyQueryDBinderSessionTest()380 bool ProxyQueryDBinderSessionTest()
381 {
382 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
383 if (current == nullptr) {
384 return false;
385 }
386 uint32_t handle;
387 if (!GenerateUint32(handle)) {
388 return false;
389 }
390 current->ProxyQueryDBinderSession(handle);
391 return true;
392 }
393
ProxyMoveDBinderSessionTest()394 bool ProxyMoveDBinderSessionTest()
395 {
396 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
397 if (current == nullptr) {
398 return false;
399 }
400 uint32_t handle;
401 std::string serviceName;
402 uint64_t stubIndex;
403 uint32_t tokenId;
404 std::string serverDeviceId;
405 if (!GenerateUint32(handle) || !GenerateUint64(stubIndex) || !GenerateUint32(tokenId) ||
406 !GenerateString(serviceName) || !GenerateString(serverDeviceId)) {
407 return false;
408 }
409 sptr<IPCObjectProxy> remoteObj = new IPCObjectProxy(0, u"proxyTest", 0);
410 IPCObjectProxy* proxy = remoteObj.GetRefPtr();
411 std::shared_ptr<DBinderSessionObject> object = std::make_shared<DBinderSessionObject>(
412 serviceName, serverDeviceId, stubIndex, proxy, tokenId);
413 current->ProxyAttachDBinderSession(handle, object);
414 current->ProxyMoveDBinderSession(handle, proxy);
415 current->ProxyDetachDBinderSession(handle, object->GetProxy());
416 return true;
417 }
418
QueryProxyBySocketIdTest001()419 bool QueryProxyBySocketIdTest001()
420 {
421 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
422 if (current == nullptr) {
423 return false;
424 }
425 uint32_t handle;
426 std::string serviceName;
427 uint64_t stubIndex;
428 uint32_t tokenId;
429 std::string serverDeviceId;
430 if (!GenerateUint32(handle) || !GenerateUint64(stubIndex) || !GenerateUint32(tokenId) ||
431 !GenerateString(serviceName) || !GenerateString(serverDeviceId)) {
432 return false;
433 }
434 sptr<IPCObjectProxy> remoteObj = new IPCObjectProxy(0, u"proxyTest", 0);
435 IPCObjectProxy* proxy = remoteObj.GetRefPtr();
436
437 std::shared_ptr<DBinderSessionObject> object = std::make_shared<DBinderSessionObject>(
438 serviceName, serverDeviceId, stubIndex, proxy, tokenId);
439 current->ProxyAttachDBinderSession(handle, object);
440 std::vector<uint32_t> proxyHandle;
441 current->QueryProxyBySocketId(handle, proxyHandle);
442 current->ProxyDetachDBinderSession(handle, object->GetProxy());
443 return true;
444 }
445
QueryProxyBySocketIdTest002()446 bool QueryProxyBySocketIdTest002()
447 {
448 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
449 if (current == nullptr) {
450 return false;
451 }
452 int32_t socketId;
453 if (!GenerateInt32(socketId)) {
454 return false;
455 }
456 std::vector<uint32_t> proxyHandle;
457 current->QueryProxyBySocketId(socketId, proxyHandle);
458 return true;
459 }
460
QuerySessionByInfoTest()461 bool QuerySessionByInfoTest()
462 {
463 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
464 if (current == nullptr) {
465 return false;
466 }
467 std::string name;
468 std::string deviceId;
469 if (!GenerateString(name) || !GenerateString(deviceId)) {
470 return false;
471 }
472 current->QuerySessionByInfo(name, deviceId);
473 return true;
474 }
475
AttachThreadLockInfoTest()476 bool AttachThreadLockInfoTest()
477 {
478 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
479 if (current == nullptr) {
480 return false;
481 }
482 std::shared_ptr<SocketThreadLockInfo> object = std::make_shared<SocketThreadLockInfo>();
483 std::thread::id threadId = std::this_thread::get_id();
484 current->AttachThreadLockInfo(object, threadId);
485 current->QueryThreadLockInfo(threadId);
486 current->DetachThreadLockInfo(threadId);
487 return true;
488 }
489
EraseThreadBySeqNumberTest()490 bool EraseThreadBySeqNumberTest()
491 {
492 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
493 if (current == nullptr) {
494 return false;
495 }
496 uint64_t seqNumber;
497 if (!GenerateUint64(seqNumber)) {
498 return false;
499 }
500 std::shared_ptr<ThreadMessageInfo> messageInfo = std::make_shared<ThreadMessageInfo>();
501 current->AddThreadBySeqNumber(seqNumber, messageInfo);
502 current->QueryThreadBySeqNumber(seqNumber);
503 current->EraseThreadBySeqNumber(seqNumber);
504 return true;
505 }
506
QueryThreadBySeqNumberTest001()507 bool QueryThreadBySeqNumberTest001()
508 {
509 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
510 if (current == nullptr) {
511 return false;
512 }
513 uint64_t seqNumber;
514 if (!GenerateUint64(seqNumber)) {
515 return false;
516 }
517 current->QueryThreadBySeqNumber(seqNumber);
518 return true;
519 }
520
AddSendThreadInWaitTest001()521 bool AddSendThreadInWaitTest001()
522 {
523 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
524 if (current == nullptr) {
525 return false;
526 }
527 uint64_t seqNumber;
528 if (!GenerateUint64(seqNumber)) {
529 return false;
530 }
531 std::shared_ptr<ThreadMessageInfo> messageInfo = std::make_shared<ThreadMessageInfo>();
532 current->AddSendThreadInWait(seqNumber, messageInfo, 1);
533 return true;
534 }
535
AddSendThreadInWaitTest002()536 bool AddSendThreadInWaitTest002()
537 {
538 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
539 if (current == nullptr) {
540 return false;
541 }
542 std::shared_ptr<ThreadMessageInfo> messageInfo = std::make_shared<ThreadMessageInfo>();
543 if (messageInfo == nullptr) {
544 return false;
545 }
546 uint64_t seqNumber;
547 int handle;
548 if (!GenerateUint64(seqNumber) || !GenerateBool(messageInfo->ready) || !GenerateInt32(handle)) {
549 return false;
550 }
551 messageInfo->socketId = handle;
552 current->AddSendThreadInWait(seqNumber, messageInfo, 1);
553 current->WakeUpThreadBySeqNumber(seqNumber, handle);
554 current->EraseThreadBySeqNumber(seqNumber);
555 return true;
556 }
557
GetSocketIdleThreadNumTest()558 bool GetSocketIdleThreadNumTest()
559 {
560 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
561 if (current == nullptr) {
562 return false;
563 }
564 current->GetSocketIdleThreadNum();
565 return true;
566 }
567
GetSocketTotalThreadNumTest()568 bool GetSocketTotalThreadNumTest()
569 {
570 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
571 if (current == nullptr) {
572 return false;
573 }
574 current->GetSocketTotalThreadNum();
575 return true;
576 }
577
WakeUpThreadBySeqNumberTest002()578 bool WakeUpThreadBySeqNumberTest002()
579 {
580 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
581 if (current == nullptr) {
582 return false;
583 }
584 uint64_t seqNumber;
585 uint32_t handle;
586 if (!GenerateUint64(seqNumber) || !GenerateUint32(handle)) {
587 return false;
588 }
589 current->WakeUpThreadBySeqNumber(seqNumber, handle);
590 return true;
591 }
592
WakeUpThreadBySeqNumberTest003()593 bool WakeUpThreadBySeqNumberTest003()
594 {
595 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
596 if (current == nullptr) {
597 return false;
598 }
599 uint64_t seqNumber;
600 uint32_t handle;
601 if (!GenerateUint64(seqNumber) || !GenerateUint32(handle)) {
602 return false;
603 }
604 std::shared_ptr<ThreadMessageInfo> messageInfo = std::make_shared<ThreadMessageInfo>();
605 messageInfo->socketId = handle;
606 current->AddThreadBySeqNumber(seqNumber, messageInfo);
607 current->WakeUpThreadBySeqNumber(seqNumber, handle);
608 current->EraseThreadBySeqNumber(seqNumber);
609 return true;
610 }
611
AddStubByIndexTest001()612 bool AddStubByIndexTest001()
613 {
614 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
615 if (current == nullptr) {
616 return false;
617 }
618 uint32_t handle;
619 if (!GenerateUint32(handle)) {
620 return false;
621 }
622 IRemoteObject *stubObject = reinterpret_cast<IPCObjectStub *>(handle);
623
624 current->AddStubByIndex(stubObject);
625 current->EraseStubIndex(stubObject);
626 return true;
627 }
628
QueryStubByIndexTest001()629 bool QueryStubByIndexTest001()
630 {
631 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
632 if (current == nullptr) {
633 return false;
634 }
635 uint64_t stubIndex;
636 uint32_t handle;
637 if (!GenerateUint64(stubIndex) || !GenerateUint32(handle)) {
638 return false;
639 }
640 IRemoteObject *stubObject = reinterpret_cast<IPCObjectStub *>(handle);
641 current->AddStubByIndex(stubObject);
642 current->QueryStubByIndex(1);
643 current->EraseStubIndex(stubObject);
644 return true;
645 }
646
QueryStubByIndexTest002()647 bool QueryStubByIndexTest002()
648 {
649 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
650 if (current == nullptr) {
651 return false;
652 }
653 current->QueryStubByIndex(0);
654 return true;
655 }
656
QueryStubIndexTest001()657 bool QueryStubIndexTest001()
658 {
659 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
660 if (current == nullptr) {
661 return false;
662 }
663 uint32_t handle;
664 if (!GenerateUint32(handle)) {
665 return false;
666 }
667 IRemoteObject *stubObject = reinterpret_cast<IPCObjectStub *>(handle);
668 current->QueryStubIndex(stubObject);
669 return true;
670 }
671
QueryStubIndexTest002()672 bool QueryStubIndexTest002()
673 {
674 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
675 if (current == nullptr) {
676 return false;
677 }
678 uint32_t handle;
679 if (!GenerateUint32(handle)) {
680 return false;
681 }
682 IRemoteObject *stubObject = reinterpret_cast<IPCObjectStub *>(handle);
683
684 current->AddStubByIndex(stubObject);
685 current->QueryStubIndex(stubObject);
686 current->EraseStubIndex(stubObject);
687 return true;
688 }
689
EraseStubIndexTest()690 bool EraseStubIndexTest()
691 {
692 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
693 if (current == nullptr) {
694 return false;
695 }
696 uint32_t handle;
697 if (!GenerateUint32(handle)) {
698 return false;
699 }
700 IRemoteObject *stubObject = reinterpret_cast<IPCObjectStub *>(handle);
701 current->EraseStubIndex(stubObject);
702 return true;
703 }
704
GetSeqNumberTest()705 bool GetSeqNumberTest()
706 {
707 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
708 if (current == nullptr) {
709 return false;
710 }
711 current->GetSeqNumber();
712 return true;
713 }
714
GetLocalDeviceIDTest()715 bool GetLocalDeviceIDTest()
716 {
717 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
718 if (current == nullptr) {
719 return false;
720 }
721 current->GetLocalDeviceID();
722 return true;
723 }
724
AttachToDetachCallbackStubTest()725 bool AttachToDetachCallbackStubTest()
726 {
727 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
728 if (current == nullptr) {
729 return false;
730 }
731 sptr<IPCObjectStub> callbackStub = new IPCObjectStub(u"stubTest");
732 sptr<IPCObjectProxy> remoteObj = new IPCObjectProxy(0, u"proxyTest", 0);
733 IPCObjectProxy* ipcProxy = remoteObj.GetRefPtr();
734 current->AttachCallbackStub(ipcProxy, callbackStub);
735 current->QueryCallbackStub(ipcProxy);
736 current->QueryCallbackProxy(callbackStub);
737 current->DetachCallbackStub(ipcProxy);
738 return true;
739 }
740
QueryHandleByDatabusSessionTest()741 bool QueryHandleByDatabusSessionTest()
742 {
743 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
744 if (current == nullptr) {
745 return false;
746 }
747 uint32_t handle;
748 std::string serviceName;
749 uint64_t stubIndex;
750 uint32_t tokenId;
751 std::string serverDeviceId;
752
753 if (!GenerateUint32(handle) || !GenerateUint64(stubIndex) || !GenerateUint32(tokenId) ||
754 !GenerateString(serviceName) || !GenerateString(serverDeviceId)) {
755 return false;
756 }
757 sptr<IPCObjectProxy> remoteObj = new IPCObjectProxy(0, u"proxyTest", 0);
758 IPCObjectProxy* proxy = remoteObj.GetRefPtr();
759 std::shared_ptr<DBinderSessionObject> object = std::make_shared<DBinderSessionObject>(
760 serviceName, serverDeviceId, stubIndex, proxy, tokenId);
761 current->ProxyAttachDBinderSession(handle, object);
762 current->QueryHandleByDatabusSession(serviceName, serverDeviceId, stubIndex);
763 current->ProxyDetachDBinderSession(handle, object->GetProxy());
764 return true;
765 }
766
StubAttachToDetachDBinderSessionTest()767 bool StubAttachToDetachDBinderSessionTest()
768 {
769 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
770 if (current == nullptr) {
771 return false;
772 }
773 uint32_t handle;
774 std::string serviceName;
775 uint64_t stubIndex;
776 uint32_t tokenId;
777 std::string serverDeviceId;
778
779 if (!GenerateUint32(handle) || !GenerateUint64(stubIndex) || !GenerateUint32(tokenId) ||
780 !GenerateString(serviceName) || !GenerateString(serverDeviceId)) {
781 return false;
782 }
783 sptr<IPCObjectProxy> remoteObj = new IPCObjectProxy(0, u"proxyTest", 0);
784 IPCObjectProxy* proxy = remoteObj.GetRefPtr();
785 std::shared_ptr<DBinderSessionObject> object = std::make_shared<DBinderSessionObject>(
786 serviceName, serverDeviceId, stubIndex, proxy, tokenId);
787 current->StubAttachDBinderSession(handle, object);
788 current->StubQueryDBinderSession(handle);
789 current->StubDetachDBinderSession(handle, tokenId);
790 return true;
791 }
792
GetDatabusNameTest()793 bool GetDatabusNameTest()
794 {
795 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
796 if (current == nullptr) {
797 return false;
798 }
799 current->GetDatabusName();
800 return true;
801 }
802
CreateSoftbusServerTest()803 bool CreateSoftbusServerTest()
804 {
805 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
806 if (current == nullptr) {
807 return false;
808 }
809 std::string serverName;
810 if (!GenerateString(serverName)) {
811 return false;
812 }
813 current->CreateSoftbusServer(serverName);
814 return true;
815 }
816
DetachCommAuthInfoBySocketIdTest()817 bool DetachCommAuthInfoBySocketIdTest()
818 {
819 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
820 if (current == nullptr) {
821 return false;
822 }
823 int pid;
824 int uid;
825 uint32_t tokenId;
826 std::string deviceId;
827 int32_t socketId;
828 sptr<IRemoteObject> remoteObj = new IPCObjectProxy(0, u"proxyTest", 0);
829 IRemoteObject *stub = remoteObj.GetRefPtr();
830 if (!GenerateInt32(pid) || !GenerateInt32(uid) || !GenerateUint32(tokenId) ||
831 !GenerateString(deviceId) || !GenerateInt32(socketId)) {
832 return false;
833 }
834 current->QueryCommAuthInfo(pid, uid, tokenId, deviceId);
835 current->AttachCommAuthInfo(stub, pid, uid, tokenId, deviceId);
836 current->QueryCommAuthInfo(pid, uid, tokenId, deviceId);
837 current->UpdateCommAuthSocketInfo(pid, uid, tokenId, deviceId, socketId);
838 current->DetachCommAuthInfoBySocketId(socketId);
839 return true;
840 }
841
DetachCommAuthInfoByStubTest()842 bool DetachCommAuthInfoByStubTest()
843 {
844 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
845 if (current == nullptr) {
846 return false;
847 }
848 int pid;
849 int uid;
850 uint32_t tokenId;
851 std::string deviceId;
852 int32_t socketId;
853 sptr<IRemoteObject> remoteObj = new IPCObjectProxy(0, u"proxyTest", 0);
854 IRemoteObject *stub = remoteObj.GetRefPtr();
855 if (!GenerateInt32(pid) || !GenerateInt32(uid) || !GenerateUint32(tokenId) ||
856 !GenerateString(deviceId) || !GenerateInt32(socketId)) {
857 return false;
858 }
859 current->AttachCommAuthInfo(stub, pid, uid, tokenId, deviceId);
860 current->DetachCommAuthInfoByStub(stub);
861 return true;
862 }
863
DetachCommAuthInfoTest()864 bool DetachCommAuthInfoTest()
865 {
866 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
867 if (current == nullptr) {
868 return false;
869 }
870 int pid;
871 int uid;
872 uint32_t tokenId;
873 std::string deviceId;
874 int32_t socketId;
875 sptr<IRemoteObject> remoteObj = new IPCObjectProxy(0, u"proxyTest", 0);
876 IRemoteObject *stub = remoteObj.GetRefPtr();
877 if (!GenerateInt32(pid) || !GenerateInt32(uid) || !GenerateUint32(tokenId) ||
878 !GenerateString(deviceId) || !GenerateInt32(socketId)) {
879 return false;
880 }
881 current->AttachCommAuthInfo(stub, pid, uid, tokenId, deviceId);
882 current->DetachCommAuthInfo(stub, pid, uid, tokenId, deviceId);
883 return true;
884 }
885
AddToDeleteDataThreadToIdleTest()886 bool AddToDeleteDataThreadToIdleTest()
887 {
888 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
889 if (current == nullptr) {
890 return false;
891 }
892 std::thread::id threadId = std::this_thread::get_id();
893 current->GetIdleDataThread();
894 current->DeleteDataThreadFromIdle(threadId);
895 current->AddDataThreadToIdle(threadId);
896 current->GetIdleDataThread();
897 current->DeleteDataThreadFromIdle(threadId);
898 return true;
899 }
900
AddToPopDataInfoToThreadTest()901 bool AddToPopDataInfoToThreadTest()
902 {
903 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
904 if (current == nullptr) {
905 return false;
906 }
907 std::thread::id threadId = std::this_thread::get_id();
908 std::shared_ptr<ThreadProcessInfo> processInfo = std::make_shared<ThreadProcessInfo>();
909 current->PopDataInfoFromThread(threadId);
910 current->AddDataInfoToThread(threadId, processInfo);
911 current->PopDataInfoFromThread(threadId);
912 return true;
913 }
914
AttachToDetachDBinderCallbackStubTest()915 bool AttachToDetachDBinderCallbackStubTest()
916 {
917 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
918 if (current == nullptr) {
919 return false;
920 }
921 std::string service;
922 std::string device;
923 std::string localDevice;
924 uint64_t stubIndex;
925 uint32_t handle;
926 uint32_t tokenId;
927 if (!GenerateString(service) || !GenerateString(device) || !GenerateString(localDevice) ||
928 !GenerateUint64(stubIndex) || !GenerateUint32(handle) || !GenerateUint32(tokenId)) {
929 return false;
930 }
931 sptr<IRemoteObject> proxy = new IPCObjectProxy(handle, u"proxyTest", tokenId);
932 sptr<DBinderCallbackStub> stub = new DBinderCallbackStub(service, device, localDevice, stubIndex,
933 handle, tokenId);
934 current->AttachDBinderCallbackStub(proxy, stub);
935 current->QueryDBinderCallbackStub(proxy);
936 current->QueryDBinderCallbackProxy(stub);
937 current->DetachDBinderCallbackStubByProxy(proxy);
938 current->AttachDBinderCallbackStub(proxy, stub);
939 current->DetachDBinderCallbackStub(stub);
940 return true;
941 }
942
GetDBinderIdleHandleTest()943 bool GetDBinderIdleHandleTest()
944 {
945 IPCProcessSkeleton *current = IPCProcessSkeleton::GetCurrent();
946 if (current == nullptr) {
947 return false;
948 }
949 std::shared_ptr<DBinderSessionObject> session = nullptr;
950 current->GetDBinderIdleHandle(session);
951 return true;
952 }
953
FuzzerTestInner1(const uint8_t * data,size_t size)954 void FuzzerTestInner1(const uint8_t* data, size_t size)
955 {
956 DataGenerator::Write(data, size);
957 AttachToDetachAppInfoToStubIndexTest001();
958 AttachToDetachAppInfoToStubIndexTest002();
959 SetIPCProxyLimitTest();
960 SetMaxWorkThreadTest();
961 MakeHandleDescriptorTest();
962 OnThreadTerminatedTest();
963 SpawnThreadTest();
964 FindOrNewObjectTest();
965 IsContainsObjectTest001();
966 IsContainsObjectTest002();
967 QueryObjectTest001();
968 QueryObjectTest002();
969 AttachObjectTest001();
970 AttachObjectTest002();
971 DetachObjectTest001();
972 DetachObjectTest002();
973 GetProxyObjectTest();
974 GetRegistryObjectTest();
975 SetRegistryObjectTest001();
976 SetRegistryObjectTest002();
977 DataGenerator::Clear();
978 }
979
FuzzerTestInner2(const uint8_t * data,size_t size)980 void FuzzerTestInner2(const uint8_t* data, size_t size)
981 {
982 DataGenerator::Write(data, size);
983 BlockUntilThreadAvailableTest();
984 LockForNumExecutingTest();
985 UnlockForNumExecutingTest();
986 AttachToDetachRawDataTest();
987 GetSAMgrObjectTest();
988 ProxyAttachToDetachDBinderSessionTest();
989 ProxyQueryDBinderSessionTest();
990 ProxyMoveDBinderSessionTest();
991 QueryProxyBySocketIdTest001();
992 QueryProxyBySocketIdTest002();
993 QuerySessionByInfoTest();
994 AttachThreadLockInfoTest();
995 EraseThreadBySeqNumberTest();
996 QueryThreadBySeqNumberTest001();
997 AddSendThreadInWaitTest001();
998 AddSendThreadInWaitTest002();
999 GetSocketIdleThreadNumTest();
1000 GetSocketTotalThreadNumTest();
1001 WakeUpThreadBySeqNumberTest002();
1002 WakeUpThreadBySeqNumberTest003();
1003 DataGenerator::Clear();
1004 }
1005
FuzzerTestInner3(const uint8_t * data,size_t size)1006 void FuzzerTestInner3(const uint8_t* data, size_t size)
1007 {
1008 DataGenerator::Write(data, size);
1009 QueryStubByIndexTest001();
1010 QueryStubByIndexTest002();
1011 QueryStubIndexTest001();
1012 QueryStubIndexTest002();
1013 AddStubByIndexTest001();
1014 EraseStubIndexTest();
1015 GetSeqNumberTest();
1016 GetDBinderIdleHandleTest();
1017 GetLocalDeviceIDTest();
1018 AttachToDetachCallbackStubTest();
1019 QueryHandleByDatabusSessionTest();
1020 StubAttachToDetachDBinderSessionTest();
1021 GetDatabusNameTest();
1022 CreateSoftbusServerTest();
1023 DetachCommAuthInfoBySocketIdTest();
1024 DetachCommAuthInfoByStubTest();
1025 DetachCommAuthInfoTest();
1026 AddToDeleteDataThreadToIdleTest();
1027 AddToPopDataInfoToThreadTest();
1028 AttachToDetachDBinderCallbackStubTest();
1029 DataGenerator::Clear();
1030 }
1031 }
1032
1033 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)1034 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
1035 {
1036 /* Run your code on data */
1037 OHOS::FuzzerTestInner1(data, size);
1038 OHOS::FuzzerTestInner2(data, size);
1039 OHOS::FuzzerTestInner3(data, size);
1040 return 0;
1041 }