diff --git a/test/fuzztest/arraylist_fuzzer/arraylist_fuzzer.cpp b/test/fuzztest/arraylist_fuzzer/arraylist_fuzzer.cpp index fb395a63a83c7184093033ca8776e851d53ff8a8..02b01f565fae5d22c76a75eb9b72cf827dd73332 100644 --- a/test/fuzztest/arraylist_fuzzer/arraylist_fuzzer.cpp +++ b/test/fuzztest/arraylist_fuzzer/arraylist_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "arraylist_fuzzer.h" #include "ecmascript/containers/containers_arraylist.h" @@ -947,10 +948,13 @@ namespace OHOS { JSNApi::DestroyJSVM(vm); } - void JSValueRefInstanceOfValueFuzzTest([[maybe_unused]] const uint8_t *data, [[maybe_unused]] size_t size) + void JSValueRefInstanceOfValueFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); diff --git a/test/fuzztest/bigintrefnew_fuzzer/bigintrefnew_fuzzer.cpp b/test/fuzztest/bigintrefnew_fuzzer/bigintrefnew_fuzzer.cpp index d3ff487259399f0b06572a1ead0f2b3b556a833d..8aeb5d79ad293a3b4814f853483a784e0c829a61 100644 --- a/test/fuzztest/bigintrefnew_fuzzer/bigintrefnew_fuzzer.cpp +++ b/test/fuzztest/bigintrefnew_fuzzer/bigintrefnew_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "bigintrefnew_fuzzer.h" #include "ecmascript/base/string_helper.h" #include "ecmascript/ecma_string-inl.h" @@ -24,18 +25,18 @@ using namespace panda; using namespace panda::ecmascript; namespace OHOS { -void BigIntRefNewFuzzTest([[maybe_unused]] const uint8_t *data, size_t size) +void BigIntRefNewFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (size <= 0) { - LOG_ECMA(ERROR) << "Parameter out of range."; - return; - } - uint64_t maxUint64 = std::numeric_limits::max(); - Local maxBigintUint64 = BigIntRef::New(vm, maxUint64); - maxBigintUint64->Undefined(vm); + const uint64_t input = fdp.ConsumeIntegralInRange(0, 1024); + Local bigint = BigIntRef::New(vm, input); + + int64_t cValue = 0; + bool lossless = false; + bigint->BigIntToInt64(vm, &cValue, &lossless); JSNApi::DestroyJSVM(vm); } } diff --git a/test/fuzztest/booleanrefnewbool_fuzzer/booleanrefnewbool_fuzzer.cpp b/test/fuzztest/booleanrefnewbool_fuzzer/booleanrefnewbool_fuzzer.cpp index d9d99d6db9c92374f92fa3c71f8d9ca78259f2ec..122171ed6b6a3f465e829478e84b6d6e1a01fd6b 100644 --- a/test/fuzztest/booleanrefnewbool_fuzzer/booleanrefnewbool_fuzzer.cpp +++ b/test/fuzztest/booleanrefnewbool_fuzzer/booleanrefnewbool_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "booleanrefnewbool_fuzzer.h" #include "ecmascript/napi/include/jsnapi.h" #include "ecmascript/ecma_string-inl.h" @@ -25,15 +26,14 @@ namespace OHOS { { RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); - auto vm = JSNApi::CreateJSVM(option); + EcmaVM *vm = JSNApi::CreateJSVM(option); if (size <= 0) { return; } - bool input = true; - if (size == 0 || data == nullptr) { - input = false; - } - [[maybe_unused]] Local ref = BooleanRef::New(vm, input); + FuzzedDataProvider fdp(data, size); + bool input = fdp.ConsumeBool(); + Local ref = BooleanRef::New(vm, input); + ref->IsFalse(); JSNApi::DestroyJSVM(vm); } } diff --git a/test/fuzztest/booleanrefvalue_fuzzer/booleanrefvalue_fuzzer.cpp b/test/fuzztest/booleanrefvalue_fuzzer/booleanrefvalue_fuzzer.cpp index 560807ab820df322c28c282bc26218d7be489584..b465c7089b626ca7c963334530ac5e64a2c7630c 100644 --- a/test/fuzztest/booleanrefvalue_fuzzer/booleanrefvalue_fuzzer.cpp +++ b/test/fuzztest/booleanrefvalue_fuzzer/booleanrefvalue_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "booleanrefvalue_fuzzer.h" #include "ecmascript/containers/containers_private.h" #include "ecmascript/ecma_string-inl.h" @@ -28,8 +29,7 @@ using namespace panda; using namespace panda::ecmascript; namespace OHOS { -constexpr size_t NODE_NUMBERS = 2; -void BooleanRefValueFuzzerTest([[maybe_unused]] const uint8_t *data, size_t size) +void BooleanRefValueFuzzerTest(const uint8_t *data, size_t size) { RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); @@ -38,7 +38,8 @@ void BooleanRefValueFuzzerTest([[maybe_unused]] const uint8_t *data, size_t size LOG_ECMA(ERROR) << "illegal input!"; return; } - bool input = size % NODE_NUMBERS ? true : false; + FuzzedDataProvider fdp(data, size); + bool input = fdp.ConsumeBool(); Local obj = BooleanRef::New(vm, input); obj->Value(); JSNApi::DestroyJSVM(vm); diff --git a/test/fuzztest/jsvaluerefbooleavalue_fuzzer/jsvaluerefbooleavalue_fuzzer.cpp b/test/fuzztest/jsvaluerefbooleavalue_fuzzer/jsvaluerefbooleavalue_fuzzer.cpp index 58426a67ecd95db73849b3ba5dbd8512137b8d8b..bcd88e0c1c177d079f1c9693ed4b4e1df837f3e4 100644 --- a/test/fuzztest/jsvaluerefbooleavalue_fuzzer/jsvaluerefbooleavalue_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefbooleavalue_fuzzer/jsvaluerefbooleavalue_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefbooleavalue_fuzzer.h" #include "ecmascript/ecma_string-inl.h" #include "ecmascript/napi/include/jsnapi.h" @@ -21,24 +22,16 @@ using namespace panda; using namespace panda::ecmascript; namespace OHOS { -constexpr size_t DIVIDEND = 2; -void BooleaValueFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void BooleaValueFuzztest(const uint8_t *data, size_t size) { RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + FuzzedDataProvider fdp(data, size); + bool input = fdp.ConsumeBool(); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - if (size % DIVIDEND == 0) { - Local tag = JSValueRef::False(vm); - tag->BooleaValue(vm); - } else { - Local tag = JSValueRef::True(vm); - tag->BooleaValue(vm); - } + Local tag = BooleanRef::New(vm, input); + tag->BooleaValue(vm); JSNApi::DestroyJSVM(vm); } } diff --git a/test/fuzztest/jsvaluerefintegervalue_fuzzer/jsvaluerefintegervalue_fuzzer.cpp b/test/fuzztest/jsvaluerefintegervalue_fuzzer/jsvaluerefintegervalue_fuzzer.cpp index aac8b389997296d6b3053cc3d822297da122ecad..68d4d47bf45e8d829ff558581d37b3d4e480e698 100644 --- a/test/fuzztest/jsvaluerefintegervalue_fuzzer/jsvaluerefintegervalue_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefintegervalue_fuzzer/jsvaluerefintegervalue_fuzzer.cpp @@ -12,7 +12,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - +#include #include "jsvaluerefintegervalue_fuzzer.h" #include "ecmascript/base/string_helper.h" #include "ecmascript/ecma_string-inl.h" @@ -31,11 +31,9 @@ void JSValueRefIntegerValueFuzzTest(const uint8_t *data, size_t size) RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - Local globalObject = NumberRef::New(vm, 0xffffffffffff); + FuzzedDataProvider fdp(data, size); + const int number = fdp.ConsumeIntegral(); + Local globalObject = NumberRef::New(vm, number); int64_t i64 = globalObject->IntegerValue(vm); UNUSED(i64); JSNApi::DestroyJSVM(vm); diff --git a/test/fuzztest/jsvaluerefisarraybuffer_fuzzer/jsvaluerefisarraybuffer_fuzzer.cpp b/test/fuzztest/jsvaluerefisarraybuffer_fuzzer/jsvaluerefisarraybuffer_fuzzer.cpp index fe420f703e7951e562fedbbf3e5e6b4d40ce730d..6f92f5fcedb8aeec4059c6c3587f19d5443df32b 100644 --- a/test/fuzztest/jsvaluerefisarraybuffer_fuzzer/jsvaluerefisarraybuffer_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefisarraybuffer_fuzzer/jsvaluerefisarraybuffer_fuzzer.cpp @@ -13,7 +13,7 @@ * limitations under the License. */ - +#include #include "ecmascript/ecma_string-inl.h" #include "ecmascript/log_wrapper.h" #include "ecmascript/napi/include/jsnapi.h" @@ -27,11 +27,9 @@ void JSValueRefIsArrayBufferFuzzerTest([[maybe_unused]]const uint8_t *data, size RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - Local arrayBufferRef = ArrayBufferRef::New(vm, (int32_t)size); + FuzzedDataProvider fdp(data, size); + const int32_t bufferSize = fdp.ConsumeIntegralInRange(0, 1024); + Local arrayBufferRef = ArrayBufferRef::New(vm, bufferSize); arrayBufferRef->IsArrayBuffer(vm); JSNApi::DestroyJSVM(vm); } diff --git a/test/fuzztest/jsvaluerefisasync_fuzzer/jsvaluerefisasync_fuzzer.cpp b/test/fuzztest/jsvaluerefisasync_fuzzer/jsvaluerefisasync_fuzzer.cpp index a8c9bf9a739263a1e2687511b7106229ac3391b4..c959a29ba9a5c81aac3ed2da5022551289be5f6e 100644 --- a/test/fuzztest/jsvaluerefisasync_fuzzer/jsvaluerefisasync_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefisasync_fuzzer/jsvaluerefisasync_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "ecmascript/base/string_helper.h" #include "ecmascript/global_env.h" #include "ecmascript/js_function.h" @@ -29,16 +30,13 @@ namespace OHOS { void JSValueRefIsAsyncGeneratorFunctionTrueFuzzTest(const uint8_t* data, size_t size) { RuntimeOption option; + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - uint8_t* ptr = nullptr; - ptr = const_cast(data); + option.SetArkProperties(arkProp); ObjectFactory *factory = vm->GetFactory(); MethodLiteral *methodLiteral = nullptr; JSHandle method = factory->NewSMethod(methodLiteral); @@ -52,34 +50,26 @@ namespace OHOS { void JSValueRefIsAsyncGeneratorFunctionFalseFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - uint8_t* ptr = nullptr; - ptr = const_cast(data); - int num = static_cast(size); - Local object = IntegerRef::New(vm, num); + Local object = IntegerRef::New(vm, arkProp); object->IsAsyncGeneratorFunction(vm); JSNApi::DestroyJSVM(vm); } void JSValueRefIsAsyncGeneratorObjectTrueFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - uint8_t* ptr = nullptr; - ptr = const_cast(data); + option.SetArkProperties(arkProp); ObjectFactory *factory = vm->GetFactory(); MethodLiteral *methodLiteral = nullptr; JSHandle method = factory->NewSMethod(methodLiteral); @@ -93,17 +83,12 @@ namespace OHOS { void JSValueRefIsAsyncGeneratorObjectFalseFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - uint8_t* ptr = nullptr; - ptr = const_cast(data); - int num = static_cast(size); - Local object = IntegerRef::New(vm, num); + Local object = IntegerRef::New(vm, arkProp); object->IsAsyncGeneratorObject(vm); JSNApi::DestroyJSVM(vm); } diff --git a/test/fuzztest/jsvaluerefiscontainer_fuzzer/jsvaluerefiscontainer_fuzzer.cpp b/test/fuzztest/jsvaluerefiscontainer_fuzzer/jsvaluerefiscontainer_fuzzer.cpp index daaca8acfd297bf4712c27df1c5051ab1ca964cc..0eaf876fc679f53d04cea883fd08c0770306f3f5 100644 --- a/test/fuzztest/jsvaluerefiscontainer_fuzzer/jsvaluerefiscontainer_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefiscontainer_fuzzer/jsvaluerefiscontainer_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefiscontainer_fuzzer.h" #include "common_components/base/utf_helper.h" #include "ecmascript/ecma_string-inl.h" @@ -33,16 +34,15 @@ using namespace panda::ecmascript; using namespace common::utf_helper; namespace OHOS { -void JSValueRefIsVectorFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) +void JSValueRefIsVectorFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - return; - } JSThread *thread = vm->GetJSThread(); ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); @@ -53,27 +53,30 @@ void JSValueRefIsVectorFuzzTest([[maybe_unused]]const uint8_t *data, size_t size JSHandle argumentTag = JSHandle::Cast(jsVector); Local isVector = JSNApiHelper::ToLocal(argumentTag); isVector->IsVector(vm); + option.SetArkProperties(arkProp); } JSNApi::DestroyJSVM(vm); return; } -void JSValueRefIsMapFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) +void JSValueRefIsMapFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (size <= 0) { - return; - } + option.SetArkProperties(arkProp); Local map = MapRef::New(vm); map->IsMap(vm); JSNApi::DestroyJSVM(vm); return; } -void JSValueRefIsRegExpFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) +void JSValueRefIsRegExpFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); @@ -93,6 +96,7 @@ void JSValueRefIsRegExpFuzzTest([[maybe_unused]]const uint8_t *data, size_t size jSRegExp->SetGroupName(thread, JSTaggedValue::Undefined()); jSRegExp->SetOriginalFlags(thread, JSTaggedValue(0)); jSRegExp->SetLength(0); + option.SetArkProperties(arkProp); JSHandle argumentTag = JSHandle::Cast(jSRegExp); Local regexp = JSNApiHelper::ToLocal(argumentTag); regexp->IsRegExp(vm); @@ -101,16 +105,15 @@ void JSValueRefIsRegExpFuzzTest([[maybe_unused]]const uint8_t *data, size_t size return; } -void JSValueRefIsSetFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) +void JSValueRefIsSetFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - return; - } JSThread *thread = vm->GetJSThread(); ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); JSHandle env = thread->GetEcmaVM()->GetGlobalEnv(); @@ -122,21 +125,21 @@ void JSValueRefIsSetFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) JSHandle setTag = JSHandle::Cast(set); Local isSet = JSNApiHelper::ToLocal(setTag); isSet->IsSet(vm); + option.SetArkProperties(arkProp); } JSNApi::DestroyJSVM(vm); return; } -void JSValueRefIsTreeMapFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) +void JSValueRefIsTreeMapFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - return; - } JSThread *thread = vm->GetJSThread(); ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); @@ -148,20 +151,20 @@ void JSValueRefIsTreeMapFuzzTest([[maybe_unused]]const uint8_t *data, size_t siz JSHandle argumentTag = JSHandle::Cast(jsTreeMap); Local isTreeMap = JSNApiHelper::ToLocal(argumentTag); isTreeMap->IsTreeMap(vm); + option.SetArkProperties(arkProp); } JSNApi::DestroyJSVM(vm); } -void JSValueRefIsTreeSetFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) +void JSValueRefIsTreeSetFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - return; - } JSThread *thread = vm->GetJSThread(); ObjectFactory *factory = thread->GetEcmaVM()->GetFactory(); auto globalEnv = thread->GetEcmaVM()->GetGlobalEnv(); @@ -173,6 +176,7 @@ void JSValueRefIsTreeSetFuzzTest([[maybe_unused]]const uint8_t *data, size_t siz JSHandle argumentTag = JSHandle::Cast(jsTreeSet); Local isTreeSet = JSNApiHelper::ToLocal(argumentTag); isTreeSet->IsTreeSet(vm); + option.SetArkProperties(arkProp); } JSNApi::DestroyJSVM(vm); } diff --git a/test/fuzztest/jsvaluerefiscorrect_fuzzer/jsvaluerefiscorrect_fuzzer.cpp b/test/fuzztest/jsvaluerefiscorrect_fuzzer/jsvaluerefiscorrect_fuzzer.cpp index 163b06010c005d4046e34d8412f8381e657acf13..707b2bf77f9cb395e230d105c26aaa41fbea3d87 100644 --- a/test/fuzztest/jsvaluerefiscorrect_fuzzer/jsvaluerefiscorrect_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefiscorrect_fuzzer/jsvaluerefiscorrect_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefiscorrect_fuzzer.h" #include "common_components/base/utf_helper.h" #include "ecmascript/ecma_string-inl.h" @@ -20,19 +21,17 @@ using namespace panda; using namespace panda::ecmascript; -using namespace common::utf_helper; namespace OHOS { -void JSValueRefIsFalseFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) +void JSValueRefIsFalseFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (size <= 0) { - return; - } - Local object = JSValueRef::False(vm); - object->IsFalse(); + bool input = fdp.ConsumeBool(); + Local ref = BooleanRef::New(vm, input); + ref->IsFalse(); JSNApi::DestroyJSVM(vm); return; } diff --git a/test/fuzztest/jsvaluerefisdataview_fuzzer/jsvaluerefisdataview_fuzzer.cpp b/test/fuzztest/jsvaluerefisdataview_fuzzer/jsvaluerefisdataview_fuzzer.cpp index 46867563546b238306d70457dee2a0b92d3bc156..588e58be567d213d87d41a5714f62ff2738e2316 100644 --- a/test/fuzztest/jsvaluerefisdataview_fuzzer/jsvaluerefisdataview_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefisdataview_fuzzer/jsvaluerefisdataview_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "ecmascript/ecma_string-inl.h" #include "ecmascript/log_wrapper.h" #include "ecmascript/napi/include/jsnapi.h" @@ -21,17 +22,16 @@ using namespace panda; using namespace panda::ecmascript; namespace OHOS { -void JSValueRefIsDataViewFuzzerTest([[maybe_unused]]const uint8_t *data, size_t size) +void JSValueRefIsDataViewFuzzerTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - Local arrayBuffer = ArrayBufferRef::New(vm, (int32_t)size); - Local dataView = DataViewRef::New(vm, arrayBuffer, 0, (int32_t)size - 1); + const int32_t bufferSize = fdp.ConsumeIntegralInRange(0, 1024); + const int32_t dataSize = fdp.ConsumeIntegralInRange(0, 1023); + Local arrayBuffer = ArrayBufferRef::New(vm, bufferSize); + Local dataView = DataViewRef::New(vm, arrayBuffer, 0, dataSize); dataView->IsDataView(vm); JSNApi::DestroyJSVM(vm); } diff --git a/test/fuzztest/jsvaluerefisgenerator_fuzzer/jsvaluerefisgenerator_fuzzer.cpp b/test/fuzztest/jsvaluerefisgenerator_fuzzer/jsvaluerefisgenerator_fuzzer.cpp index 203c6c97c4b3a91bdb9e05856bdab13478debef0..f84e394cc443b84c2452c07de16dd9844551870c 100644 --- a/test/fuzztest/jsvaluerefisgenerator_fuzzer/jsvaluerefisgenerator_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefisgenerator_fuzzer/jsvaluerefisgenerator_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefisgenerator_fuzzer.h" #include "ecmascript/base/string_helper.h" #include "ecmascript/ecma_vm.h" @@ -30,17 +31,16 @@ using namespace panda; using namespace panda::ecmascript; namespace OHOS { -void IsGeneratorObjectFuzzTest([[maybe_unused]]const uint8_t *data, size_t size) +void IsGeneratorObjectFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } ObjectFactory *factory = vm->GetFactory(); auto env = vm->GetGlobalEnv(); JSHandle genFunc = env->GetGeneratorFunctionFunction(); diff --git a/test/fuzztest/jsvaluerefishashmap_fuzzer/jsvaluerefishashmap_fuzzer.cpp b/test/fuzztest/jsvaluerefishashmap_fuzzer/jsvaluerefishashmap_fuzzer.cpp index 0414a8e4b0632dd04a38a01b5bda7e68b5fc983e..4963f1a8ae5a19f4e0b51eb82fee2b054b21f6b9 100644 --- a/test/fuzztest/jsvaluerefishashmap_fuzzer/jsvaluerefishashmap_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefishashmap_fuzzer/jsvaluerefishashmap_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefishashmap_fuzzer.h" #include "ecmascript/containers/containers_list.h" #include "ecmascript/containers/containers_private.h" @@ -115,17 +116,16 @@ JSHandle ConstructobjectHashMap(JSThread *thread) } -void JSValueRefIsHashMapFuzzTest([[maybe_unused]] const uint8_t *data, size_t size) +void JSValueRefIsHashMapFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "Parameter out of range.."; - return; - } auto thread = vm->GetAssociatedJSThread(); JSHandle map = ConstructobjectHashMap(thread); JSHandle jshashmap = JSHandle::Cast(map); diff --git a/test/fuzztest/jsvaluerefishashset_fuzzer/jsvaluerefishashset_fuzzer.cpp b/test/fuzztest/jsvaluerefishashset_fuzzer/jsvaluerefishashset_fuzzer.cpp index ed42600409cecc1db3f1eb4ea3ba8cb5ea30990e..373f918281df7f3f79f9c22b54de6a2339882060 100644 --- a/test/fuzztest/jsvaluerefishashset_fuzzer/jsvaluerefishashset_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefishashset_fuzzer/jsvaluerefishashset_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefishashset_fuzzer.h" #include "ecmascript/containers/containers_list.h" #include "ecmascript/containers/containers_private.h" @@ -137,10 +138,13 @@ JSHandle ConstructobjectHashSet(JSThread *thread) return setHandle; } -void JSValueRefIsHashSetFuzzTest([[maybe_unused]] const uint8_t *data, size_t size) +void JSValueRefIsHashSetFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); diff --git a/test/fuzztest/jsvaluerefisjsprimitive_fuzzer/jsvaluerefisjsprimitive_fuzzer.cpp b/test/fuzztest/jsvaluerefisjsprimitive_fuzzer/jsvaluerefisjsprimitive_fuzzer.cpp index ab8bd3fb843d33454c0839f6497c1fd0c2be2757..4b5c6d89cfa19b31c8c34d24b712fa29fbd4a352 100644 --- a/test/fuzztest/jsvaluerefisjsprimitive_fuzzer/jsvaluerefisjsprimitive_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefisjsprimitive_fuzzer/jsvaluerefisjsprimitive_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefisjsprimitive_fuzzer.h" #include "ecmascript/ecma_string-inl.h" #include "ecmascript/js_primitive_ref.h" @@ -24,10 +25,13 @@ using namespace panda; using namespace panda::ecmascript; namespace OHOS { -void IsJSPrimitiveSymbolFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSPrimitiveSymbolFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); @@ -45,10 +49,13 @@ void IsJSPrimitiveSymbolFuzztest([[maybe_unused]]const uint8_t *data, size_t siz JSNApi::DestroyJSVM(vm); } -void IsJSPrimitiveStringFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSPrimitiveStringFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); @@ -66,10 +73,13 @@ void IsJSPrimitiveStringFuzztest([[maybe_unused]]const uint8_t *data, size_t siz JSNApi::DestroyJSVM(vm); } -void IsJSPrimitiveIntFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSPrimitiveIntFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); diff --git a/test/fuzztest/jsvaluerefislightweightmapandset_fuzzer/jsvaluerefislightweightmapandset_fuzzer.cpp b/test/fuzztest/jsvaluerefislightweightmapandset_fuzzer/jsvaluerefislightweightmapandset_fuzzer.cpp index 572c87ab121810aed0c25104a6dc0b15e01ed1c2..cd61d3065b42d2cad7f0ba77014de649dd947d30 100644 --- a/test/fuzztest/jsvaluerefislightweightmapandset_fuzzer/jsvaluerefislightweightmapandset_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefislightweightmapandset_fuzzer/jsvaluerefislightweightmapandset_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefislightweightmapandset_fuzzer.h" #include "ecmascript/containers/containers_list.h" #include "ecmascript/containers/containers_private.h" @@ -163,17 +164,16 @@ JSHandle ConstructobjectLightWeightSet(JSThread *thread) return mapHandle; } -void JSValueRefIsLightWeightMapFuzzTest([[maybe_unused]] const uint8_t *data, size_t size) +void JSValueRefIsLightWeightMapFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "Parameter out of range.."; - return; - } auto thread = vm->GetAssociatedJSThread(); JSHandle mapHandle = ConstructobjectLightWeightMap(thread); JSHandle jshashmap = JSHandle::Cast(mapHandle); @@ -183,17 +183,16 @@ void JSValueRefIsLightWeightMapFuzzTest([[maybe_unused]] const uint8_t *data, si JSNApi::DestroyJSVM(vm); } -void JSValueRefIsLightWeightSetFuzzTest([[maybe_unused]] const uint8_t *data, size_t size) +void JSValueRefIsLightWeightSetFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "Parameter out of range.."; - return; - } auto thread = vm->GetAssociatedJSThread(); JSHandle mapHandle = ConstructobjectLightWeightSet(thread); JSHandle jshashmap = JSHandle::Cast(mapHandle); diff --git a/test/fuzztest/jsvaluerefismodulenamespace_fuzzer/jsvaluerefismodulenamespace_fuzzer.cpp b/test/fuzztest/jsvaluerefismodulenamespace_fuzzer/jsvaluerefismodulenamespace_fuzzer.cpp index ade4458a95f6f722a4e6052460feef87ed682d47..b8715b5b25d7cf3758236421b4e1e383b448832e 100644 --- a/test/fuzztest/jsvaluerefismodulenamespace_fuzzer/jsvaluerefismodulenamespace_fuzzer.cpp +++ b/test/fuzztest/jsvaluerefismodulenamespace_fuzzer/jsvaluerefismodulenamespace_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "jsvaluerefismodulenamespace_fuzzer.h" #include "ecmascript/containers/containers_private.h" #include "ecmascript/ecma_string-inl.h" @@ -33,17 +34,16 @@ using namespace panda::ecmascript; namespace OHOS { constexpr uint32_t ERROR_TYPE_LEN = 2; -void IsModuleNamespaceObjectFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsModuleNamespaceObjectFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } ObjectFactory *objectFactory = vm->GetFactory(); JSHandle module = objectFactory->NewSourceTextModule(); JSHandle localExportEntry1 = objectFactory->NewLocalExportEntry(); @@ -65,17 +65,16 @@ void IsModuleNamespaceObjectFuzztest([[maybe_unused]]const uint8_t *data, size_t JSNApi::DestroyJSVM(vm); } -void IsProxyFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsProxyFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } auto thread = vm->GetJSThread(); JSHandle globalEnv = vm->GetGlobalEnv(); JSHandle hclass(thread, globalEnv->GetObjectFunction().GetObject()); @@ -90,17 +89,16 @@ void IsProxyFuzztest([[maybe_unused]]const uint8_t *data, size_t size) JSNApi::DestroyJSVM(vm); } -void IsJSCollatorFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSCollatorFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } auto thread = vm->GetJSThread(); ObjectFactory *factory = vm->GetFactory(); JSHandle ctor = vm->GetGlobalEnv()->GetCollatorFunction(); @@ -117,17 +115,16 @@ void IsJSCollatorFuzztest([[maybe_unused]]const uint8_t *data, size_t size) JSNApi::DestroyJSVM(vm); } -void IsJSPluralRulesFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSPluralRulesFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } auto thread = vm->GetJSThread(); ObjectFactory *factory = vm->GetFactory(); JSHandle env = vm->GetGlobalEnv(); @@ -145,46 +142,43 @@ void IsJSPluralRulesFuzztest([[maybe_unused]]const uint8_t *data, size_t size) JSNApi::DestroyJSVM(vm); } -void IsStrictEqualsFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsStrictEqualsFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } Local object = ObjectRef::New(vm); Local object1 = ObjectRef::New(vm); object->IsStrictEquals(vm, object1); JSNApi::DestroyJSVM(vm); } -void IsJSListFormatFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSListFormatFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } Local object = ObjectRef::New(vm); object->IsJSListFormat(vm); JSNApi::DestroyJSVM(vm); } -void IsJSPrimitiveRefFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSPrimitiveRefFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } auto thread = vm->GetJSThread(); auto factory = vm->GetFactory(); JSHandle nullHandle(thread, JSTaggedValue::Null()); @@ -197,17 +191,16 @@ void IsJSPrimitiveRefFuzztest([[maybe_unused]]const uint8_t *data, size_t size) JSNApi::DestroyJSVM(vm); } -void IsDequeFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsDequeFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } auto thread = vm->GetJSThread(); auto factory = vm->GetFactory(); JSHandle proto = thread->GetEcmaVM()->GetGlobalEnv()->GetFunctionPrototype(); @@ -236,27 +229,29 @@ Local CreateJSValueRef(EcmaVM *vm, panda::ecmascript::JSType type) return JSNApiHelper::ToLocal(jsTaggedValue); } -void IsJSIntlFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSIntlFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } Local jsInt1 = CreateJSValueRef(vm, JSType::JS_INTL); jsInt1->IsJSIntl(vm); } JSNApi::DestroyJSVM(vm); } -void IsJSDateTimeFormatFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSDateTimeFormatFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); @@ -270,34 +265,32 @@ void IsJSDateTimeFormatFuzztest([[maybe_unused]]const uint8_t *data, size_t size JSNApi::DestroyJSVM(vm); } -void IsJSNumberFormatFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSNumberFormatFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } Local number = CreateJSValueRef(vm, JSType::JS_NUMBER_FORMAT); number->IsJSNumberFormat(vm); } JSNApi::DestroyJSVM(vm); } -void IsJSRelativeTimeFormatFuzztest([[maybe_unused]]const uint8_t *data, size_t size) +void IsJSRelativeTimeFormatFuzztest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); { JsiFastNativeScope scope(vm); - if (size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } Local relative = CreateJSValueRef(vm, JSType::JS_RELATIVE_TIME_FORMAT); relative->IsJSRelativeTimeFormat(vm); } diff --git a/test/fuzztest/objectgetinformation_fuzzer/objectgetinformation_fuzzer.cpp b/test/fuzztest/objectgetinformation_fuzzer/objectgetinformation_fuzzer.cpp index ac1b6828fba2d59e4762dc9fd2c0c8058971dde2..324930ccc5bb7e34f026c684f048df45b3fb666e 100644 --- a/test/fuzztest/objectgetinformation_fuzzer/objectgetinformation_fuzzer.cpp +++ b/test/fuzztest/objectgetinformation_fuzzer/objectgetinformation_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "objectgetinformation_fuzzer.h" #include "ecmascript/base/string_helper.h" #include "ecmascript/napi/include/jsnapi.h" @@ -23,59 +24,29 @@ using namespace panda::ecmascript; namespace OHOS { void ObjectGetAllPropertyNamesFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - int32_t index = 0; - size_t maxByteLen1 = 4; - if (size > maxByteLen1) { - size = maxByteLen1; - } - if (memcpy_s(&index, maxByteLen1, data, size) != EOK) { - LOG_ECMA(ERROR) << "memcpy_s failed !"; - UNREACHABLE(); - } - uint32_t filter = 0; - size_t maxByteLen2 = 4; - if (size > maxByteLen2) { - size = maxByteLen2; - } - if (memcpy_s(&filter, maxByteLen2, data, size) != EOK) { - LOG_ECMA(ERROR) << "memcpy_s failed !"; - UNREACHABLE(); - } + std::string str1 = fdp.ConsumeRandomLengthString(1024); + void *ptr1 = static_cast(const_cast(str1.data())); + std::string str2 = fdp.ConsumeRandomLengthString(1024); + void *ptr2 = static_cast(const_cast(str2.data())); + const int32_t index = fdp.ConsumeIntegralInRange(0, 1024); Local object = ObjectRef::New(vm); NativePointerCallback callBack = nullptr; - object->SetNativePointerField(vm, index, (void *)data, callBack, (void *)data); - object->GetAllPropertyNames(vm, filter); + object->SetNativePointerField(vm, index, ptr1, callBack, ptr2); + object->GetAllPropertyNames(vm, index); JSNApi::DestroyJSVM(vm); } void ObjectGetNativePointerFieldCountFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - int32_t key = 0; - size_t maxByteLen = 4; - if (size > maxByteLen) { - size = maxByteLen; - } - if (memcpy_s(&key, maxByteLen, data, size) != EOK) { - LOG_ECMA(ERROR) << "memcpy_s failed !"; - UNREACHABLE(); - } - if (key <= 0 || key > 1024) { // 1024 : 1M in size - key = 1024; // 1024 : 1M in size - } + const int32_t key = fdp.ConsumeIntegralInRange(0, 1024); Local object = ObjectRef::New(vm); object->SetNativePointerFieldCount(vm, key); object->GetNativePointerFieldCount(vm); @@ -84,50 +55,36 @@ void ObjectGetNativePointerFieldCountFuzzTest(const uint8_t *data, size_t size) void ObjectGetOwnEnumerablePropertyNamesFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - int32_t index = 0; - size_t maxByteLen = 4; - if (size > maxByteLen) { - size = maxByteLen; - } - if (memcpy_s(&index, maxByteLen, data, size) != EOK) { - LOG_ECMA(ERROR) << "memcpy_s failed !"; - UNREACHABLE(); - } + std::string str1 = fdp.ConsumeRandomLengthString(1024); + void *ptr1 = static_cast(const_cast(str1.data())); + std::string str2 = fdp.ConsumeRandomLengthString(1024); + void *ptr2 = static_cast(const_cast(str2.data())); + const int32_t index = fdp.ConsumeIntegralInRange(0, 1024); Local object = ObjectRef::New(vm); NativePointerCallback callBack = nullptr; - object->SetNativePointerField(vm, index, (void *)data, callBack, (void *)data); + object->SetNativePointerField(vm, index, ptr1, callBack, ptr2); object->GetOwnEnumerablePropertyNames(vm); JSNApi::DestroyJSVM(vm); } void ObjectGetOwnPropertyNamesFuzzTest(const uint8_t *data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - int32_t index = 0; - size_t maxByteLen = 4; - if (size > maxByteLen) { - size = maxByteLen; - } - if (memcpy_s(&index, maxByteLen, data, size) != EOK) { - LOG_ECMA(ERROR) << "memcpy_s failed !"; - UNREACHABLE(); - } + std::string str1 = fdp.ConsumeRandomLengthString(1024); + void *ptr1 = static_cast(const_cast(str1.data())); + std::string str2 = fdp.ConsumeRandomLengthString(1024); + void *ptr2 = static_cast(const_cast(str2.data())); + const int32_t index = fdp.ConsumeIntegralInRange(0, 1024); Local object = ObjectRef::New(vm); NativePointerCallback callBack = nullptr; - object->SetNativePointerField(vm, index, (void *)data, callBack, (void *)data); + object->SetNativePointerField(vm, index, ptr1, callBack, ptr2); object->GetOwnPropertyNames(vm); JSNApi::DestroyJSVM(vm); } diff --git a/test/fuzztest/objectrefall_fuzzer/objectrefall_fuzzer.cpp b/test/fuzztest/objectrefall_fuzzer/objectrefall_fuzzer.cpp index db737c84bce99370c1d8196b4cbf8a58dcda4412..599d7ee9c74c6588e899007346b442ac26c4569a 100644 --- a/test/fuzztest/objectrefall_fuzzer/objectrefall_fuzzer.cpp +++ b/test/fuzztest/objectrefall_fuzzer/objectrefall_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "ecmascript/base/string_helper.h" #include "ecmascript/napi/include/jsnapi.h" #include "objectrefall_fuzzer.h" @@ -23,17 +24,12 @@ using namespace panda::ecmascript; namespace OHOS { void ObjectGetPrototypeFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - uint8_t *ptr = nullptr; - size_t temp = 0; - ptr = const_cast(data); - temp = size; Local object = ObjectRef::New(vm); object->GetPrototype(vm); JSNApi::DestroyJSVM(vm); @@ -41,17 +37,12 @@ namespace OHOS { void ObjectSealFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - uint8_t *ptr = nullptr; - size_t temp = 0; - ptr = const_cast(data); - temp = size; Local object = ObjectRef::New(vm); object->Seal(vm); JSNApi::DestroyJSVM(vm); @@ -59,17 +50,12 @@ namespace OHOS { void ObjectFreezeFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); + const int arkProp = fdp.ConsumeIntegral(); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); + option.SetArkProperties(arkProp); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - uint8_t *ptr = nullptr; - size_t temp = 0; - ptr = const_cast(data); - temp = size; Local object = ObjectRef::New(vm); object->Freeze(vm); JSNApi::DestroyJSVM(vm); diff --git a/test/fuzztest/promiserejectinfo_fuzzer/promiserejectinfo_fuzzer.cpp b/test/fuzztest/promiserejectinfo_fuzzer/promiserejectinfo_fuzzer.cpp index a2f6ae7af01a083114463f1438dd33ddd4b530ca..fd93c5c097988f8d1cc1b5f3f15dbf61838d484a 100644 --- a/test/fuzztest/promiserejectinfo_fuzzer/promiserejectinfo_fuzzer.cpp +++ b/test/fuzztest/promiserejectinfo_fuzzer/promiserejectinfo_fuzzer.cpp @@ -13,6 +13,7 @@ * limitations under the License. */ +#include #include "promiserejectinfo_fuzzer.h" #include "ecmascript/base/string_helper.h" #include "common_components/base/utf_helper.h" @@ -25,16 +26,16 @@ using namespace common::utf_helper; namespace OHOS { void PromiseRejectInfoNewFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - Local promiseStirng = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + std::string str = fdp.ConsumeRandomLengthString(1024); + char *stringData = str.data(); + const int length = fdp.ConsumeIntegralInRange(0, 1024); + Local promiseStirng = StringRef::NewFromUtf8(vm, stringData, length); Local promise(promiseStirng); - Local reasonString = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + Local reasonString = StringRef::NewFromUtf8(vm, stringData, length); Local reason(reasonString); void *data2 = static_cast(new std::string("test")); [[maybe_unused]]PromiseRejectInfo promiseReject(promise, reason, @@ -44,35 +45,36 @@ namespace OHOS { void GetDataFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - Local promiseStirng = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + std::string str = fdp.ConsumeRandomLengthString(1024); + char *stringData = str.data(); + const int length = fdp.ConsumeIntegralInRange(0, 1024); + Local promiseStirng = StringRef::NewFromUtf8(vm, stringData, length); Local promise(promiseStirng); - Local reasonString = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + Local reasonString = StringRef::NewFromUtf8(vm, stringData, length); Local reason(reasonString); + void *data2 = static_cast(new std::string("test")); PromiseRejectInfo promiseReject(promise, reason, - PromiseRejectInfo::PROMISE_REJECTION_EVENT::REJECT, (void*)data); + PromiseRejectInfo::PROMISE_REJECTION_EVENT::REJECT, data2); promiseReject.GetData(); JSNApi::DestroyJSVM(vm); } void PromiseRejectInfoGetPromiseFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - Local promiseStirng = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + std::string str = fdp.ConsumeRandomLengthString(1024); + char *stringData = str.data(); + const int length = fdp.ConsumeIntegralInRange(0, 1024); + Local promiseStirng = StringRef::NewFromUtf8(vm, stringData, length); Local promise(promiseStirng); - Local reasonString = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + Local reasonString = StringRef::NewFromUtf8(vm, stringData, length); Local reason(reasonString); void *newdata = static_cast(new std::string("test")); PromiseRejectInfo promiseReject(promise, reason, PromiseRejectInfo::PROMISE_REJECTION_EVENT::REJECT, newdata); @@ -82,16 +84,16 @@ namespace OHOS { void PromiseRejectInfoGetReasonFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - Local promiseStirng = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + std::string str = fdp.ConsumeRandomLengthString(1024); + char *stringData = str.data(); + const int length = fdp.ConsumeIntegralInRange(0, 1024); + Local promiseStirng = StringRef::NewFromUtf8(vm, stringData, length); Local promise(promiseStirng); - Local reasonString = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + Local reasonString = StringRef::NewFromUtf8(vm, stringData, length); Local reason(reasonString); void *data2 = static_cast(new std::string("test")); PromiseRejectInfo promiseReject(promise, reason, PromiseRejectInfo::PROMISE_REJECTION_EVENT::REJECT, data2); @@ -101,16 +103,16 @@ namespace OHOS { void PromiseRejectInfoGetOperationFuzzTest(const uint8_t* data, size_t size) { + FuzzedDataProvider fdp(data, size); RuntimeOption option; option.SetLogLevel(common::LOG_LEVEL::ERROR); EcmaVM *vm = JSNApi::CreateJSVM(option); - if (data == nullptr || size <= 0) { - LOG_ECMA(ERROR) << "illegal input!"; - return; - } - Local promiseStirng = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + std::string str = fdp.ConsumeRandomLengthString(1024); + char *stringData = str.data(); + const int length = fdp.ConsumeIntegralInRange(0, 1024); + Local promiseStirng = StringRef::NewFromUtf8(vm, stringData, length); Local promise(promiseStirng); - Local reasonString = StringRef::NewFromUtf8(vm, (char*)data, (int)size); + Local reasonString = StringRef::NewFromUtf8(vm, stringData, length); Local reason(reasonString); void *data2 = static_cast(new std::string("test")); PromiseRejectInfo promiseReject(promise, reason, PromiseRejectInfo::PROMISE_REJECTION_EVENT::REJECT, data2);