diff --git a/BUILD.gn b/BUILD.gn
index a065506298a6923f4fbd7a4ab9b535005523fdd0..1a2830cf6c3c7a0df574a8b9f3bc7010862f62c7 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -1,4 +1,4 @@
-# Copyright (c) 2021 Huawei Device Co., Ltd.
+# Copyright (c) 2022 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
diff --git a/bundle.json b/bundle.json
index 93b2a0e87e354e540de48b651721fae76eb6ce85..273ff2eaf42e4198bd2cb2fe16d4ebe405fdb160 100644
--- a/bundle.json
+++ b/bundle.json
@@ -24,6 +24,9 @@
"build": {
"sub_component": [
"//foundation/filemanagement/app_file_service:libremotefileshare"
+ ],
+ "test": [
+ "//foundation/filemanagement/app_file_service/test/fuzztest:fuzztest"
]
}
}
diff --git a/test/fuzztest/BUILD.gn b/test/fuzztest/BUILD.gn
new file mode 100644
index 0000000000000000000000000000000000000000..dd4bc44e6660cef15cf1d2fdd82d6f119bb2debf
--- /dev/null
+++ b/test/fuzztest/BUILD.gn
@@ -0,0 +1,22 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+group("fuzztest") {
+ testonly = true
+ deps = []
+
+ deps += [
+ # deps file
+ "//foundation/filemanagement/app_file_service/test/fuzztest/remotefileshare_fuzzer:RemoteFileShareFuzzTest",
+ ]
+}
diff --git a/test/fuzztest/remotefileshare_fuzzer/BUILD.gn b/test/fuzztest/remotefileshare_fuzzer/BUILD.gn
new file mode 100644
index 0000000000000000000000000000000000000000..7ef62274cb66ac9b496984241d67cbc9f6d22238
--- /dev/null
+++ b/test/fuzztest/remotefileshare_fuzzer/BUILD.gn
@@ -0,0 +1,42 @@
+# Copyright (c) 2021 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#####################hydra-fuzz###################
+import("//build/config/features.gni")
+import("//build/test.gni")
+
+##############################fuzztest##########################################
+ohos_fuzztest("RemoteFileShareFuzzTest") {
+ module_out_path = "filemanagement/app_file_service"
+ fuzz_config_file = "//foundation/filemanagement/app_file_service/test/fuzztest/remotefileshare_fuzzer"
+ include_dirs = []
+ cflags = [
+ "-g",
+ "-O0",
+ "-Wno-unused-variable",
+ "-fno-omit-frame-pointer",
+ ]
+ sources = [ "remotefileshare_fuzzer.cpp" ]
+ deps = [
+ "//foundation/distributeddatamgr/distributedfile/utils/filemgmt_libn",
+ "//utils/native/base:utilsecurec",
+ ]
+ external_deps = [ "hiviewdfx_hilog_native:libhilog" ]
+ defines = [
+ "LOG_TAG=\"app_file_service\"",
+ "LOG_DOMAIN=0xD200000",
+ ]
+}
+
+###############################################################################
+
diff --git a/test/fuzztest/remotefileshare_fuzzer/corpus/init b/test/fuzztest/remotefileshare_fuzzer/corpus/init
new file mode 100644
index 0000000000000000000000000000000000000000..8eb5a7d6eb6b7d71f0c70c244e5768d62bee6ac5
--- /dev/null
+++ b/test/fuzztest/remotefileshare_fuzzer/corpus/init
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+FUZZ
\ No newline at end of file
diff --git a/test/fuzztest/remotefileshare_fuzzer/project.xml b/test/fuzztest/remotefileshare_fuzzer/project.xml
new file mode 100644
index 0000000000000000000000000000000000000000..85e7ef2c1cc6471e288306f6e3dcea5287a78b0e
--- /dev/null
+++ b/test/fuzztest/remotefileshare_fuzzer/project.xml
@@ -0,0 +1,25 @@
+
+
+
+
+
+ 1000
+
+ 300
+
+ 4096
+
+
diff --git a/test/fuzztest/remotefileshare_fuzzer/remotefileshare_fuzzer.cpp b/test/fuzztest/remotefileshare_fuzzer/remotefileshare_fuzzer.cpp
new file mode 100644
index 0000000000000000000000000000000000000000..90f909f0e4a89c63ad64fea32aec0436e7d79297
--- /dev/null
+++ b/test/fuzztest/remotefileshare_fuzzer/remotefileshare_fuzzer.cpp
@@ -0,0 +1,188 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "remotefileshare_fuzzer.h"
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "securec.h"
+
+namespace OHOS {
+namespace AppFileService {
+namespace ModuleRemoteFileShare {
+static constexpr int HMDFS_CID_SIZE = 64;
+static constexpr unsigned HMDFS_IOC = 0xf2;
+
+#define HMDFS_IOC_SET_SHARE_PATH _IOW(HMDFS_IOC, 1, struct hmdfs_share_control)
+
+struct hmdfs_share_control {
+ int src_fd;
+ char cid[HMDFS_CID_SIZE];
+};
+
+bool ShareFilePathIoctlFdAndCidFuzzTest(const uint8_t* data, size_t size)
+{
+ struct hmdfs_share_control sc;
+ int32_t ret = 0;
+ int32_t dirFd;
+ const char* sharePath = "/data/storage/el2/distributedfiles/.share";
+
+ if (size <= 0) {
+ return false;
+ }
+
+ if (access(sharePath, F_OK) != 0) {
+ ret = mkdir(sharePath, S_IRWXU | S_IRWXG | S_IXOTH);
+ if (ret < 0) {
+ return false;
+ }
+ }
+
+ char *realPath = realpath(sharePath, nullptr);
+ if (realPath == nullptr) {
+ return false;
+ }
+ dirFd = open(realPath, O_RDONLY);
+ free(realPath);
+ if (dirFd < 0) {
+ return false;
+ }
+
+ const char* cid = reinterpret_cast(data);
+ sc.src_fd = size;
+ if (memcpy_s(sc.cid, HMDFS_CID_SIZE, cid, size) != 0) {
+ close(dirFd);
+ return false;
+ }
+
+ ret = ioctl(dirFd, HMDFS_IOC_SET_SHARE_PATH, &sc);
+ if (ret < 0) {
+ close(dirFd);
+ return false;
+ }
+
+ return true;
+}
+
+bool ShareFilePathIoctlCidFuzzTest(const uint8_t* data, size_t size)
+{
+ struct hmdfs_share_control sc;
+ int32_t ret = 0;
+ int32_t dirFd;
+ const char* sharePath = "/data/storage/el2/distributedfiles/.share";
+
+ if (size <= 0) {
+ return false;
+ }
+
+ if (access(sharePath, F_OK) != 0) {
+ ret = mkdir(sharePath, S_IRWXU | S_IRWXG | S_IXOTH);
+ if (ret < 0) {
+ return false;
+ }
+ }
+
+ char *realPath = realpath(sharePath, nullptr);
+ if (realPath == nullptr) {
+ return false;
+ }
+ dirFd = open(realPath, O_RDONLY);
+ free(realPath);
+ if (dirFd < 0) {
+ return false;
+ }
+
+ const char* srcPath = "/data/service/el2/100/hmdfs/non_account/data/com.ohos.camera";
+ int32_t srcFd = open(srcPath, O_RDONLY);
+ if (srcFd < 0) {
+ return false;
+ }
+ sc.src_fd = size;
+ const char* cid = reinterpret_cast(data);
+ if (memcpy_s(sc.cid, HMDFS_CID_SIZE, cid, size) != 0) {
+ close(dirFd);
+ return false;
+ }
+
+ ret = ioctl(dirFd, HMDFS_IOC_SET_SHARE_PATH, &sc);
+ if (ret < 0) {
+ close(dirFd);
+ return false;
+ }
+
+ return true;
+}
+
+bool ShareFilePathIoctlFdFuzzTest(const uint8_t* data, size_t size)
+{
+ struct hmdfs_share_control sc;
+ int32_t ret = 0;
+ int32_t dirFd;
+ const char* sharePath = "/data/storage/el2/distributedfiles/.share";
+
+ if (size <= 0) {
+ return false;
+ }
+
+ if (access(sharePath, F_OK) != 0) {
+ ret = mkdir(sharePath, S_IRWXU | S_IRWXG | S_IXOTH);
+ if (ret < 0) {
+ return false;
+ }
+ }
+
+ char *realPath = realpath(sharePath, nullptr);
+ if (realPath == nullptr) {
+ return false;
+ }
+ dirFd = open(realPath, O_RDONLY);
+ free(realPath);
+ if (dirFd < 0) {
+ return false;
+ }
+
+ const char* cid = "remoteShareFileFuzzTestCidxxx";
+ if (memcpy_s(sc.cid, HMDFS_CID_SIZE, cid, strlen(cid)) != 0) {
+ close(dirFd);
+ return false;
+ }
+ sc.src_fd = size;
+
+ ret = ioctl(dirFd, HMDFS_IOC_SET_SHARE_PATH, &sc);
+ if (ret < 0) {
+ close(dirFd);
+ return false;
+ }
+
+ return true;
+}
+} // namespace ModuleRemoteFileShare
+} // namespace AppFileService
+} // namespace OHOS
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+ /* Run your code on data */
+ OHOS::AppFileService::ModuleRemoteFileShare::ShareFilePathIoctlFdFuzzTest(data, size);
+ OHOS::AppFileService::ModuleRemoteFileShare::ShareFilePathIoctlCidFuzzTest(data, size);
+ OHOS::AppFileService::ModuleRemoteFileShare::ShareFilePathIoctlFdAndCidFuzzTest(data, size);
+ return 0;
+}
diff --git a/test/fuzztest/remotefileshare_fuzzer/remotefileshare_fuzzer.h b/test/fuzztest/remotefileshare_fuzzer/remotefileshare_fuzzer.h
new file mode 100644
index 0000000000000000000000000000000000000000..433624e715733b7830d8862325e1c4bd3848c6b9
--- /dev/null
+++ b/test/fuzztest/remotefileshare_fuzzer/remotefileshare_fuzzer.h
@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2021 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef REMOTEFILESHARE_FUZZER_H
+#define REMOTEFILESHARE_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "remotefileshare_fuzzer"
+
+#endif
\ No newline at end of file