diff --git a/frameworks/accesstoken/src/hap_policy_parcel.cpp b/frameworks/accesstoken/src/hap_policy_parcel.cpp index 0c14d15a3f7e6071cec75b31892685113ea889cd..fe2a079ce567b4c73a33b60a68480c8a9c4487da 100644 --- a/frameworks/accesstoken/src/hap_policy_parcel.cpp +++ b/frameworks/accesstoken/src/hap_policy_parcel.cpp @@ -36,7 +36,7 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(this->hapPolicyParameter.domain)); const std::vector& permList = this->hapPolicyParameter.permList; - int permListSize = permList.size(); + int32_t permListSize = (int32_t)permList.size(); RETURN_IF_FALSE(out.WriteInt32(permListSize)); for (int i = 0; i < permListSize; i++) { @@ -46,7 +46,7 @@ bool HapPolicyParcel::Marshalling(Parcel& out) const } const std::vector& permStateList = this->hapPolicyParameter.permStateList; - int permStateListSize = permStateList.size(); + int32_t permStateListSize = (int32_t)permStateList.size(); RETURN_IF_FALSE(out.WriteInt32(permStateListSize)); for (int i = 0; i < permStateListSize; i++) { diff --git a/frameworks/accesstoken/src/hap_token_info_parcel.cpp b/frameworks/accesstoken/src/hap_token_info_parcel.cpp index 5d5c2c519b97f1a957a1b0cde687d36f9a6e6f43..4a349518c03b3bdb005f771d049d14a4c02b69f1 100644 --- a/frameworks/accesstoken/src/hap_token_info_parcel.cpp +++ b/frameworks/accesstoken/src/hap_token_info_parcel.cpp @@ -49,10 +49,10 @@ HapTokenInfoParcel* HapTokenInfoParcel::Unmarshalling(Parcel& in) auto* hapTokenInfoParcel = new (std::nothrow) HapTokenInfoParcel(); RELEASE_IF_FALSE(hapTokenInfoParcel != nullptr, hapTokenInfoParcel); int apl; - int8_t ver; + uint8_t ver; RELEASE_IF_FALSE(in.ReadInt32(apl), hapTokenInfoParcel); hapTokenInfoParcel->hapTokenInfoParams.apl = ATokenAplEnum(apl); - RELEASE_IF_FALSE(in.ReadInt8(ver), hapTokenInfoParcel); + RELEASE_IF_FALSE(in.ReadUint8(ver), hapTokenInfoParcel); hapTokenInfoParcel->hapTokenInfoParams.ver = ver; RELEASE_IF_FALSE(in.ReadInt32(hapTokenInfoParcel->hapTokenInfoParams.userID), hapTokenInfoParcel); hapTokenInfoParcel->hapTokenInfoParams.bundleName = in.ReadString(); diff --git a/frameworks/accesstoken/src/native_token_info_parcel.cpp b/frameworks/accesstoken/src/native_token_info_parcel.cpp index f623cfd0b5b03779800e14af87cb544952c2bdc6..50795dc3639b7582487c11128d8cae684313bc98 100644 --- a/frameworks/accesstoken/src/native_token_info_parcel.cpp +++ b/frameworks/accesstoken/src/native_token_info_parcel.cpp @@ -38,11 +38,11 @@ bool NativeTokenInfoParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteUint32(this->nativeTokenInfoParams.tokenID)); RETURN_IF_FALSE(out.WriteUint32(this->nativeTokenInfoParams.tokenAttr)); - int dcapSize = (this->nativeTokenInfoParams.dcap).size(); + int dcapSize = (int)(this->nativeTokenInfoParams.dcap).size(); RETURN_IF_FALSE(out.WriteInt32(dcapSize)); - for (int i = 0; i < dcapSize; i++) { - RETURN_IF_FALSE(out.WriteString(this->nativeTokenInfoParams.dcap[i])); + for (auto dcapItem : this->nativeTokenInfoParams.dcap) { + RETURN_IF_FALSE(out.WriteString(dcapItem)); } return true; @@ -54,9 +54,9 @@ NativeTokenInfoParcel* NativeTokenInfoParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(nativeTokenInfoParcel != nullptr, nativeTokenInfoParcel); int32_t apl; - int8_t ver; + uint8_t ver; RELEASE_IF_FALSE(in.ReadInt32(apl), nativeTokenInfoParcel); - RELEASE_IF_FALSE(in.ReadInt8(ver), nativeTokenInfoParcel); + RELEASE_IF_FALSE(in.ReadUint8(ver), nativeTokenInfoParcel); nativeTokenInfoParcel->nativeTokenInfoParams.apl = ATokenAplEnum(apl); nativeTokenInfoParcel->nativeTokenInfoParams.ver = ver; @@ -68,7 +68,9 @@ NativeTokenInfoParcel* NativeTokenInfoParcel::Unmarshalling(Parcel& in) RELEASE_IF_FALSE(in.ReadInt32(dcapSize), nativeTokenInfoParcel); for (int i = 0; i < dcapSize; i++) { - nativeTokenInfoParcel->nativeTokenInfoParams.dcap[i] = in.ReadString(); + std::string dcapsItem; + RELEASE_IF_FALSE(in.ReadString(dcapsItem), nativeTokenInfoParcel); + nativeTokenInfoParcel->nativeTokenInfoParams.dcap.emplace_back(dcapsItem); } return nativeTokenInfoParcel; } diff --git a/frameworks/accesstoken/src/permission_state_full_parcel.cpp b/frameworks/accesstoken/src/permission_state_full_parcel.cpp index 50ce4bf2b09293e45639d0dbc7082fac5359ad74..2a5dd6fe5cdbf69db08a04302875af6572b34610 100644 --- a/frameworks/accesstoken/src/permission_state_full_parcel.cpp +++ b/frameworks/accesstoken/src/permission_state_full_parcel.cpp @@ -35,17 +35,17 @@ bool PermissionStateFullParcel::Marshalling(Parcel& out) const RETURN_IF_FALSE(out.WriteString(this->permStatFull.permissionName)); RETURN_IF_FALSE(out.WriteBool(this->permStatFull.isGeneral)); - RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.resDeviceID.size())); + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permStatFull.resDeviceID.size()))); for (auto devId : this->permStatFull.resDeviceID) { RETURN_IF_FALSE(out.WriteString(devId)); } - RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.grantStatus.size())); + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permStatFull.grantStatus.size()))); for (auto grantStat : this->permStatFull.grantStatus) { RETURN_IF_FALSE(out.WriteInt32(grantStat)); } - RETURN_IF_FALSE(out.WriteInt32(this->permStatFull.grantFlags.size())); + RETURN_IF_FALSE(out.WriteInt32((int32_t)(this->permStatFull.grantFlags.size()))); for (auto grantFlag : this->permStatFull.grantFlags) { RETURN_IF_FALSE(out.WriteInt32(grantFlag)); } diff --git a/frameworks/common/include/data_validator.h b/frameworks/common/include/data_validator.h index e5d8191e26baa355ba8272a85a321ec98b43c590..f9cb353d14d3feb4bd0c4d7e512784a00172ee2f 100644 --- a/frameworks/common/include/data_validator.h +++ b/frameworks/common/include/data_validator.h @@ -42,9 +42,11 @@ public: static bool IsDescValid(const std::string& desc); static bool IsPermissionFlagValid(int flag); + static bool IsDcapValid(const std::string& dcap); private: const static int MAX_LENGTH = 256; const static int MAX_APPIDDESC_LENGTH = 10240; + const static int MAX_DCAP_LENGTH = 1024; }; } // namespace AccessToken } // namespace Security diff --git a/frameworks/common/src/data_validator.cpp b/frameworks/common/src/data_validator.cpp index 9d359022ba97fa5afce92d531606245ff9d369ca..3eb3e0c67758bad7c3a3d7debbe709514ab2f83e 100644 --- a/frameworks/common/src/data_validator.cpp +++ b/frameworks/common/src/data_validator.cpp @@ -69,6 +69,11 @@ bool DataValidator::IsDeviceIdValid(const std::string& deviceId) return !deviceId.empty() && (deviceId.length() <= MAX_LENGTH); } +bool DataValidator::IsDcapValid(const std::string& dcap) +{ + return !dcap.empty() && (dcap.length() <= MAX_DCAP_LENGTH); +} + bool DataValidator::IsPermissionFlagValid(int flag) { return flag == DEFAULT_PERMISSION_FLAGS || diff --git a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp index 3a2f1aef06243cd2d9890c53523d633bb5384dca..336687a947aec2e08b13c13abe41ed5993177d38 100644 --- a/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp +++ b/interfaces/innerkits/accesstoken/src/accesstoken_kit.cpp @@ -85,6 +85,14 @@ ATokenTypeEnum AccessTokenKit::GetTokenType(AccessTokenID tokenID) int AccessTokenKit::CheckNativeDCap(AccessTokenID tokenID, const std::string& dcap) { ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called", __func__); + if (tokenID == 0) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: tokenID is invalid", __func__); + return RET_FAILED; + } + if (!DataValidator::IsDcapValid(dcap)) { + ACCESSTOKEN_LOG_ERROR(LABEL, "%{public}s: dcap is invalid", __func__); + return RET_FAILED; + } ACCESSTOKEN_LOG_INFO(LABEL, "tokenID=%{public}d, dcap=%{public}s", tokenID, dcap.c_str()); return AccessTokenManagerClient::GetInstance().CheckNativeDCap(tokenID, dcap); } diff --git a/interfaces/innerkits/accesstoken/test/BUILD.gn b/interfaces/innerkits/accesstoken/test/BUILD.gn index 1a7965889b02799cf25c6e2153d843adbabd9985..a39d7014d716d45ef0d06f779ea99e79fc3d941c 100755 --- a/interfaces/innerkits/accesstoken/test/BUILD.gn +++ b/interfaces/innerkits/accesstoken/test/BUILD.gn @@ -22,6 +22,7 @@ ohos_unittest("libaccesstoken_sdk_test") { "//utils/native/base/include", "//third_party/googletest/include", "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/access_token/interfaces/innerkits/nativetoken/include", ] sources = [ "unittest/src/accesstoken_kit_test.cpp" ] @@ -30,6 +31,7 @@ ohos_unittest("libaccesstoken_sdk_test") { deps = [ "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", "//utils/native/base:utils", ] } diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp index 6d38f1ee338867705fa2213abafbbe06d635828a..fa4fec5ea538f8c4ddd4071e1d58111ecc2643bd 100755 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.cpp @@ -17,6 +17,7 @@ #include #include "accesstoken_kit.h" +#include "nativetoken_kit.h" using namespace testing::ext; using namespace OHOS::Security::AccessToken; @@ -89,14 +90,14 @@ static HapPolicyParams g_infoManagerTestPolicyPrams = { .permStateList = {g_infoManagerTestState1, g_infoManagerTestState2} }; -static HapInfoParams g_infoManagerTestInfoParms_bak = { +static HapInfoParams g_infoManagerTestInfoParmsBak = { .bundleName = "accesstoken_test", .userID = 1, .instIndex = 0, .appIDDesc = "testtesttesttest" }; -static HapPolicyParams g_infoManagerTestPolicyPrams_bak = { +static HapPolicyParams g_infoManagerTestPolicyPramsBak = { .apl = APL_NORMAL, .domain = "test.domain", .permList = {g_infoManagerTestPermDef1, g_infoManagerTestPermDef2}, @@ -122,8 +123,8 @@ void AccessTokenKitTest::TearDownTestCase() void AccessTokenKitTest::SetUp() { - g_infoManagerTestInfoParms = g_infoManagerTestInfoParms_bak; - g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPrams_bak; + g_infoManagerTestInfoParms = g_infoManagerTestInfoParmsBak; + g_infoManagerTestPolicyPrams = g_infoManagerTestPolicyPramsBak; HapInfoParams info = { .userID = TEST_USER_ID, .bundleName = TEST_BUNDLE_NAME, @@ -180,6 +181,7 @@ void AccessTokenKitTest::SetUp() g_infoManagerTestInfoParms.bundleName, g_infoManagerTestInfoParms.instIndex); AccessTokenKit::DeleteToken(tokenID); + (void)remove("/data/token.json"); } void AccessTokenKitTest::TearDown() @@ -291,9 +293,9 @@ HWTEST_F(AccessTokenKitTest, GetDefPermissions001, TestSize.Level1) */ HWTEST_F(AccessTokenKitTest, GetDefPermissions002, TestSize.Level1) { - HapPolicyParams TestPolicyPrams = g_infoManagerTestPolicyPrams; - TestPolicyPrams.permList.clear(); - AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, TestPolicyPrams); + HapPolicyParams testPolicyPrams = g_infoManagerTestPolicyPrams; + testPolicyPrams.permList.clear(); + AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, testPolicyPrams); AccessTokenID tokenID = GetAccessTokenID(g_infoManagerTestInfoParms.userID, g_infoManagerTestInfoParms.bundleName, @@ -1343,6 +1345,8 @@ HWTEST_F(AccessTokenKitTest, AllocHapToken010, TestSize.Level1) AccessTokenID tokenID; int ret; bool exist = false; + int allocFlag = 0; + int deleteFlag = 0; DeleteTestToken(); vector obj; @@ -1353,12 +1357,18 @@ HWTEST_F(AccessTokenKitTest, AllocHapToken010, TestSize.Level1) g_infoManagerTestInfoParms.instIndex); exist = ExistInVector(obj, tokenID); - ASSERT_EQ(false, exist); + if (exist) { + allocFlag = 1; + } obj.push_back(tokenID); ret = AccessTokenKit::DeleteToken(tokenID); - ASSERT_EQ(RET_SUCCESS, ret); + if (RET_SUCCESS != ret) { + deleteFlag = 1; + } } + ASSERT_EQ(allocFlag, 0); + ASSERT_EQ(deleteFlag, 0); } /** @@ -1642,7 +1652,6 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) PermissionDef permDefResult; DeleteTestToken(); - g_infoManagerTestInfoParms.bundleName = "test_UpdateHapToken005"; AccessTokenIDEx tokenIdEx = AccessTokenKit::AllocHapToken(g_infoManagerTestInfoParms, g_infoManagerTestPolicyPrams); AccessTokenID tokenID = tokenIdEx.tokenIdExStruct.tokenID; ASSERT_NE(0, tokenID); @@ -1698,6 +1707,9 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken005, TestSize.Level1) */ HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1) { + int allocFlag = 0; + int updateFlag = 0; + int deleteFlag = 0; AccessTokenIDEx tokenIdEx = {0}; AccessTokenID tokenID; int ret; @@ -1714,7 +1726,10 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1) infoManagerTestInfo.instIndex); exist = ExistInVector(obj, tokenID); - ASSERT_EQ(false, exist); + if (exist) { + allocFlag = 1; + break; + } obj.push_back(tokenID); infoManagerTestInfo.userID++; } @@ -1723,14 +1738,22 @@ HWTEST_F(AccessTokenKitTest, UpdateHapToken006, TestSize.Level1) g_infoManagerTestPolicyPrams.apl = APL_SYSTEM_BASIC; for (int i = 0; i < obj.size(); i++) { ret = AccessTokenKit::UpdateHapToken(obj[i], appIDDesc, g_infoManagerTestPolicyPrams); - ASSERT_EQ(RET_SUCCESS, ret); + if (RET_SUCCESS != ret) { + updateFlag = 1; + break; + } } g_infoManagerTestPolicyPrams.apl = APL_NORMAL; for (int i = 0; i < obj.size(); i++) { ret = AccessTokenKit::DeleteToken(obj[i]); - ASSERT_EQ(RET_SUCCESS, ret); + if (RET_SUCCESS != ret) { + deleteFlag = 1; + } } + ASSERT_EQ(allocFlag, 0); + ASSERT_EQ(updateFlag, 0); + ASSERT_EQ(deleteFlag, 0); } /** @@ -1956,3 +1979,188 @@ HWTEST_F(AccessTokenKitTest, ConcurrencyTest001, TestSize.Level1) it->join(); } } + +/** + * @tc.name: CheckNativeDCap001 + * @tc.desc: cannot Check native dcap with invalid tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, CheckNativeDCap001, TestSize.Level1) +{ + AccessTokenID tokenID = 0; + const std::string dcap = "AT_CAP"; + int ret = AccessTokenKit::CheckNativeDCap(tokenID, dcap); + ASSERT_EQ(RET_FAILED, ret); + + tokenID = 1; + ret = AccessTokenKit::CheckNativeDCap(tokenID, dcap); + ASSERT_EQ(RET_FAILED, ret); +} + +/** + * @tc.name: CheckNativeDCap002 + * @tc.desc: cannot Check native dcap with invalid dcap. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, CheckNativeDCap002, TestSize.Level1) +{ + AccessTokenID tokenID = 0Xff; + const std::string invalidDcap (INVALID_DCAP_LEN, 'x'); + int ret = AccessTokenKit::CheckNativeDCap(tokenID, invalidDcap); + ASSERT_EQ(RET_FAILED, ret); +} + +static void ConcurrencyCheckNativeDCapTask(unsigned int tokenID) +{ + for (int i = 0; i < CYCLE_TIMES; i++) { + int ret = AccessTokenKit::CheckNativeDCap(tokenID, "AT_CAP_01"); + ASSERT_EQ(RET_SUCCESS, ret); + } +} + +/** + * @tc.name: CheckNativeDCap004 + * @tc.desc: Check native dcap multiple threads. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, CheckNativeDCap004, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 1); + dcaps[0] = "AT_CAP_01"; + int dcapNum = 1; + uint64_t tokenId; + tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + tokenId = GetAccessTokenId("CheckNativeDCap004", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + sleep(5); + AccessTokenID tokenID = tokenId & 0xffffffff; + std::vector threadVec; + for (int i = 0; i < THREAD_NUM; i++) { + threadVec.emplace_back(std::thread(ConcurrencyCheckNativeDCapTask, tokenID)); + } + for (auto it = threadVec.begin(); it != threadVec.end(); it++) { + it->join(); + } +} + +/** + * @tc.name: GetNativeTokenInfo001 + * @tc.desc: cannot get native token with invalid tokenID. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo001, TestSize.Level1) +{ + AccessTokenID tokenID = 0; + NativeTokenInfo findInfo; + int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(ret, RET_FAILED); + + tokenID = 0xff; + ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(ret, RET_FAILED); +} + +/** + * @tc.name: GetNativeTokenInfo002 + * @tc.desc: get native token successfully. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo002, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP_01"; + dcaps[1] = "ST_CAP_01"; + int dcapNum = 2; + uint64_t tokenId; + tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + tokenId = GetAccessTokenId("GetNativeTokenInfo002", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + sleep(5); + AccessTokenID tokenID = tokenId & 0xffffffff; + NativeTokenInfo findInfo; + int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "GetNativeTokenInfo002"); + ASSERT_EQ(findInfo.tokenID, tokenID); + ASSERT_EQ(findInfo.tokenAttr, 0); + std::vector dcap = {"AT_CAP_01", "ST_CAP_01"}; + ASSERT_EQ(findInfo.dcap, dcap); +} + +/** + * @tc.name: GetNativeTokenInfo003 + * @tc.desc: get native token successfully. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo003, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 2); + dcaps[0] = "AT_CAP_01"; + dcaps[1] = "ST_CAP_01"; + int dcapNum = 0; + uint64_t tokenId; + tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + tokenId = GetAccessTokenId("GetNativeTokenInfo003", nullptr, 0, "system_core"); + ASSERT_NE(tokenId, 0); + + sleep(5); + AccessTokenID tokenID = tokenId & 0xffffffff; + NativeTokenInfo findInfo; + int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(ret, RET_SUCCESS); + ASSERT_EQ(findInfo.apl, 3); + ASSERT_EQ(findInfo.ver, 1); + ASSERT_EQ(findInfo.processName, "GetNativeTokenInfo003"); + ASSERT_EQ(findInfo.tokenID, tokenID); + ASSERT_EQ(findInfo.tokenAttr, 0); +} + +static void ConcurrGetNativeTokenInfoTask(unsigned int tokenID) +{ + NativeTokenInfo findInfo; + for (int i = 0; i < CYCLE_TIMES; i++) { + int ret = AccessTokenKit::GetNativeTokenInfo(tokenID, findInfo); + ASSERT_EQ(RET_SUCCESS, ret); + } +} + +/** + * @tc.name: GetNativeTokenInfo004 + * @tc.desc: Concurrency testing. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(AccessTokenKitTest, GetNativeTokenInfo004, TestSize.Level1) +{ + const char **dcaps = (const char **)malloc(sizeof(char *) * 1); + dcaps[0] = "AT_CAP_01"; + int dcapNum = 1; + uint64_t tokenId; + tokenId = GetAccessTokenId("foundation", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + tokenId = GetAccessTokenId("GetNativeTokenInfo004", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + sleep(5); + AccessTokenID tokenID = tokenId & 0xffffffff; + std::vector threadVec; + for (int i = 0; i < THREAD_NUM; i++) { + threadVec.emplace_back(std::thread(ConcurrGetNativeTokenInfoTask, tokenID)); + } + for (auto it = threadVec.begin(); it != threadVec.end(); it++) { + it->join(); + } +} \ No newline at end of file diff --git a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h index 06eb17525accc67cea3d65e4d39dcb329b418b53..dfdd20e85dc3a510579e6cfac669ac0912a85a28 100644 --- a/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h +++ b/interfaces/innerkits/accesstoken/test/unittest/src/accesstoken_kit_test.h @@ -35,6 +35,7 @@ static const int INVALID_DESCRIPTION_LEN = 260; static const int INVALID_PERMNAME_LEN = 260; static const int CYCLE_TIMES = 100; static const int THREAD_NUM = 3; +static const int INVALID_DCAP_LEN = 1025; class AccessTokenKitTest : public testing::Test { public: static void SetUpTestCase(); diff --git a/interfaces/innerkits/nativetoken/include/nativetoken.h b/interfaces/innerkits/nativetoken/include/nativetoken.h index e40462310a4974af4fce575a84336c4e6429bf1b..ed40a070474eecd96def195c46d432ba78e85ff1 100644 --- a/interfaces/innerkits/nativetoken/include/nativetoken.h +++ b/interfaces/innerkits/nativetoken/include/nativetoken.h @@ -35,8 +35,6 @@ extern "C" { #define MAX_PROCESS_NAME_LEN 256 #define TOKEN_ID_CFG_PATH "/data/token.json" #define SOCKET_FILE "/data/system/token_unix_socket.socket" -#define ATRET_FAILED 1 -#define ATRET_SUCCESS 0 #define TOKEN_NATIVE_TYPE 1 #define DEFAULT_AT_VERSION 1 #define TRANSFER_KEY_WORDS "NativeTokenInfo" @@ -47,6 +45,13 @@ extern "C" { #define SYSTEM_PROP_NATIVE_RECEPTOR "rw.nativetoken.receptor.startup" #define PATH_MAX_LEN 4096 +#define FOUNDATION_NOT_STARTED 0 +#define FOUNDATION_STARTING 1 +#define ATM_SERVICE_STARTUP 2 + +#define ATRET_FAILED 1 +#define ATRET_SUCCESS 0 + typedef unsigned int NativeAtId; typedef unsigned int NativeAtAttr; @@ -64,7 +69,7 @@ typedef struct { typedef struct TokenList { NativeAtId tokenId; - char processName[MAX_PROCESS_NAME_LEN]; + char processName[MAX_PROCESS_NAME_LEN + 1]; struct TokenList *next; } NativeTokenList; @@ -87,7 +92,7 @@ typedef struct TokenQueue { (tmp).dcapsNum = (dacpNum); \ } while (0) -extern char *GetFileBuff(const char *cfg); +extern int32_t GetFileBuff(const char *cfg, char **retBuff); #ifdef __cplusplus } #endif diff --git a/interfaces/innerkits/nativetoken/src/nativetoken.c b/interfaces/innerkits/nativetoken/src/nativetoken.c index 74ab8c62b7251d650dd7ae4f6b94bdd74907ccab..5cedde57201c90c6fe0fe4bc8833e3cf730ae543 100644 --- a/interfaces/innerkits/nativetoken/src/nativetoken.c +++ b/interfaces/innerkits/nativetoken/src/nativetoken.c @@ -19,56 +19,64 @@ NativeTokenQueue *g_tokenQueueHead; NativeTokenList *g_tokenListHead; -int32_t g_isAtmExist; +int32_t g_tranferStatus; +int32_t g_isNativeTokenInited = 0; int32_t g_signalFd; static pthread_mutex_t g_tokenQueueHeadLock = PTHREAD_MUTEX_INITIALIZER; -char *GetFileBuff(const char *cfg) +int32_t GetFileBuff(const char *cfg, char **retBuff) { - char *buff = NULL; - FILE *cfgFd = NULL; struct stat fileStat; - int32_t fileSize; + int32_t ret; - if (stat(cfg, &fileStat) != 0) { + char filePath[PATH_MAX_LEN + 1] = {0}; + if (realpath(cfg, filePath) == NULL) { + if (errno == ENOENT) { + /* file doesn't exist */ + *retBuff = NULL; + return ATRET_SUCCESS; + } + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:invalid filePath.", __func__); + return ATRET_FAILED; + } + + if (stat(filePath, &fileStat) != 0) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat file failed.", __func__); - return NULL; + return ATRET_FAILED; } - fileSize = (int32_t)fileStat.st_size; + + int32_t fileSize = (int32_t)fileStat.st_size; if ((fileSize < 0) || (fileSize > MAX_JSON_FILE_LEN)) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:stat file size is invalid.", __func__); - return NULL; - } - - char filePath[PATH_MAX_LEN + 1] = {0}; - if (realpath(cfg, filePath) == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:invalid filePath.", __func__); - return NULL; + return ATRET_FAILED; } - cfgFd = fopen(filePath, "r"); + FILE *cfgFd = fopen(filePath, "r"); if (cfgFd == NULL) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fopen file failed.", __func__); - return NULL; + return ATRET_FAILED; } - buff = (char *)malloc((size_t)(fileSize + 1)); + char *buff = (char *)malloc((size_t)(fileSize + 1)); if (buff == NULL) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); fclose(cfgFd); - return NULL; + return ATRET_FAILED; } if (fread(buff, fileSize, 1, cfgFd) != 1) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:fread failed.", __func__); free(buff); buff = NULL; + ret = ATRET_FAILED; } else { buff[fileSize] = '\0'; + *retBuff = buff; + ret = ATRET_SUCCESS; } fclose(cfgFd); - return buff; + return ret; } int32_t GetTokenList(const cJSON *object) @@ -102,19 +110,19 @@ int32_t GetTokenList(const cJSON *object) ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); return ATRET_FAILED; } - if (strcpy_s(tmp->processName, MAX_PROCESS_NAME_LEN, processNameJson->valuestring) != EOK) { + if (strcpy_s(tmp->processName, MAX_PROCESS_NAME_LEN + 1, processNameJson->valuestring) != EOK) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); free(tmp); return ATRET_FAILED; } - tmp->tokenId = tokenIdJson->valueint; + tmp->tokenId = (NativeAtId)tokenIdJson->valueint; tmp->next = g_tokenListHead->next; g_tokenListHead->next = tmp; } return ATRET_SUCCESS; } -int32_t ParseTokenInfoCfg(const char *filename) +int32_t ParseTokenInfoFromCfg(const char *filename) { char *fileBuff = NULL; cJSON *record = NULL; @@ -123,9 +131,12 @@ int32_t ParseTokenInfoCfg(const char *filename) if (filename == NULL || filename[0] == '\0') { return ATRET_FAILED; } - fileBuff = GetFileBuff(filename); + ret = GetFileBuff(filename, &fileBuff); + if (ret != ATRET_SUCCESS) { + return ret; + } if (fileBuff == NULL) { - return ATRET_FAILED; + return ATRET_SUCCESS; } record = cJSON_Parse(fileBuff); free(fileBuff); @@ -154,9 +165,19 @@ int32_t AtlibInit(void) return ATRET_FAILED; } g_tokenQueueHead->next = NULL; - g_isAtmExist = 0; - return ParseTokenInfoCfg(TOKEN_ID_CFG_PATH); + int32_t ret = ParseTokenInfoFromCfg(TOKEN_ID_CFG_PATH); + if (ret != ATRET_SUCCESS) { + free(g_tokenListHead); + g_tokenListHead = NULL; + free(g_tokenQueueHead); + g_tokenQueueHead = NULL; + return ret; + } + g_tranferStatus = FOUNDATION_NOT_STARTED; + g_isNativeTokenInited = 1; + + return ATRET_SUCCESS; } NativeAtId CreateNativeTokenId(void) @@ -209,7 +230,7 @@ int32_t TokenInfoSave(const NativeTokenQueue *node) g_tokenQueueHead->next = curr; pthread_mutex_unlock(&g_tokenQueueHeadLock); - if (g_isAtmExist == 1) { + if (g_tranferStatus == ATM_SERVICE_STARTUP) { return TriggerTransfer(); } return ATRET_SUCCESS; @@ -217,6 +238,9 @@ int32_t TokenInfoSave(const NativeTokenQueue *node) int32_t GetAplLevel(const char *aplStr) { + if (aplStr == NULL) { + return 0; + } if (strcmp(aplStr, "system_core") == 0) { return 3; // system_core means apl level is 3 } @@ -297,17 +321,21 @@ void SaveTokenIdToCfg(const NativeTokenQueue *head) ACCESSTOKEN_LOG_INFO("[ATLIB-%s]:there is no new info.", __func__); return; } - fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); - if (fileBuff == NULL) { + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + if (ret != ATRET_SUCCESS) { return; } - record = cJSON_Parse(fileBuff); - free(fileBuff); - fileBuff = NULL; + if (fileBuff == NULL) { + record = cJSON_CreateArray(); + } else { + record = cJSON_Parse(fileBuff); + free(fileBuff); + fileBuff = NULL; + } if (record == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:cJSON_Parse failed.", __func__); + ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:get record failed.", __func__); return; } @@ -517,7 +545,7 @@ static int32_t SyncToAtm(void) void *ThreadTransferFunc(const void *args) { int32_t ret; - uint64_t result; + g_tranferStatus = FOUNDATION_STARTING; /* getpram */ while (1) { @@ -536,8 +564,9 @@ void *ThreadTransferFunc(const void *args) return NULL; } - g_isAtmExist = 1; + g_tranferStatus = ATM_SERVICE_STARTUP; + uint64_t result; while (1) { ret = read(g_signalFd, &result, sizeof(uint64_t)); if (ret == -1) { @@ -553,7 +582,8 @@ void *ThreadTransferFunc(const void *args) return NULL; } -int32_t CheckProcessInfo(const char *processname, const char **dcaps, int32_t dacpNum, const char *aplStr) +int32_t CheckProcessInfo(const char *processname, const char **dcaps, + int32_t dacpNum, const char *aplStr, int32_t *aplRet) { if ((processname == NULL) || strlen(processname) > MAX_PROCESS_NAME_LEN || strlen(processname) == 0) { @@ -561,7 +591,7 @@ int32_t CheckProcessInfo(const char *processname, const char **dcaps, int32_t da return ATRET_FAILED; } - if ((dcaps == NULL) || dacpNum > MAX_DCAPS_NUM || dacpNum < 0) { + if (((dcaps == NULL) && (dacpNum != 0)) || dacpNum > MAX_DCAPS_NUM || dacpNum < 0) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:dcaps is null or dacpNum is invalid.", __func__); return ATRET_FAILED; } @@ -572,24 +602,41 @@ int32_t CheckProcessInfo(const char *processname, const char **dcaps, int32_t da } } - if (aplStr == NULL) { - ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:aplStr is null.", __func__); + int32_t apl = GetAplLevel(aplStr); + if (apl == 0) { return ATRET_FAILED; } + *aplRet = apl; return ATRET_SUCCESS; } +int NativeTokenIdCheck(NativeAtId tokenId) +{ + NativeTokenList *tokenNode = g_tokenListHead; + while (tokenNode != NULL) { + if (tokenNode->tokenId == tokenId) { + return 1; + } + tokenNode = tokenNode->next; + } + return 0; +} static int32_t AddNewNativeTokenToList(const char *processname, NativeAtId *tokenId) { NativeTokenList *tokenNode; NativeAtId id; - id = CreateNativeTokenId(); + int32_t repeat; + do { + id = CreateNativeTokenId(); + repeat = NativeTokenIdCheck(id); + } while (repeat == 1); + tokenNode = (NativeTokenList *)malloc(sizeof(NativeTokenList)); if (tokenNode == NULL) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:memory alloc failed.", __func__); return ATRET_FAILED; } - if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN, processname) != EOK) { + if (strcpy_s(tokenNode->processName, MAX_PROCESS_NAME_LEN + 1, processname) != EOK) { ACCESSTOKEN_LOG_ERROR("[ATLIB-%s]:strcpy_s failed.", __func__); free(tokenNode); return ATRET_FAILED; @@ -605,26 +652,27 @@ static int32_t AddNewNativeTokenToList(const char *processname, NativeAtId *toke uint64_t GetAccessTokenId(const char *processname, const char **dcaps, int32_t dacpNum, const char *aplStr) { NativeAtId tokenId; - NativeTokenList *tokenNode = g_tokenListHead; NativeTokenQueue tmp = {0}; pthread_t tid; int32_t exist = 0; uint64_t result = 0; + int32_t apl; NativeAtIdEx *atPoint = (NativeAtIdEx *)(&result); - int32_t ret = CheckProcessInfo(processname, dcaps, dacpNum, aplStr); - if (ret != ATRET_SUCCESS) { + if ((g_isNativeTokenInited == 0) && (AtlibInit() != ATRET_SUCCESS)) { return 0; } - int32_t apl = GetAplLevel(aplStr); - if (apl == 0) { + + int32_t ret = CheckProcessInfo(processname, dcaps, dacpNum, aplStr, &apl); + if (ret != ATRET_SUCCESS) { return 0; } - if (strcmp("foundation", processname) == 0) { + if ((g_tranferStatus == FOUNDATION_NOT_STARTED) && strcmp("foundation", processname) == 0) { (void)pthread_create(&tid, 0, (void*)ThreadTransferFunc, NULL); } + NativeTokenList *tokenNode = g_tokenListHead; while (tokenNode != NULL) { if (strcmp(tokenNode->processName, processname) == 0) { exist = 1; diff --git a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp index ff107e66aa598e8a82d32ead0e0697cf4c6d746c..69fd15cf24f8366516cd5cb8adda84dd474b4083 100644 --- a/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp +++ b/interfaces/innerkits/nativetoken/test/unittest/src/nativetoken_kit_test.cpp @@ -23,7 +23,8 @@ using namespace OHOS::Security; extern NativeTokenQueue *g_tokenQueueHead; extern NativeTokenList *g_tokenListHead; -extern char *GetFileBuff(const char *cfg); +extern int32_t g_isNativeTokenInited; +extern int32_t GetFileBuff(const char *cfg, char **retBuff); namespace { static NativeTokenQueue g_readRes; static string g_jsonStr = "[" @@ -40,7 +41,7 @@ void TokenLibKitTest::TearDownTestCase() void TokenLibKitTest::SetUp() { - AtlibInit(); + g_isNativeTokenInited = 0; ResetFile(); g_readRes.next = nullptr; } @@ -124,6 +125,12 @@ int Start(const char *processName) return tokenId; } +/** + * @tc.name: GetAccessTokenId001 + * @tc.desc: cannot getAccessTokenId with invalid processName. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) { const char **dcaps = (const char **)malloc(sizeof(char *) * 2); @@ -135,11 +142,29 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId001, TestSize.Level1) ASSERT_EQ(tokenId, 0); tokenId = GetAccessTokenId(nullptr, dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); + + /* 257 is invalid processName length */ const std::string invalidProcName (257, 'x'); tokenId = GetAccessTokenId(invalidProcName.c_str(), dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); + + /* 255 is valid processName length */ + const std::string validProcName01 (255, 'x'); + tokenId = GetAccessTokenId(validProcName01.c_str(), dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + /* 256 is valid processName length */ + const std::string validProcName02 (256, 'x'); + tokenId = GetAccessTokenId(validProcName02.c_str(), dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); } +/** + * @tc.name: GetAccessTokenId002 + * @tc.desc: cannot getAccessTokenId with invalid dcapNum. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) { const char **dcaps = (const char **)malloc(sizeof(char *) * 2); @@ -150,11 +175,18 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId002, TestSize.Level1) tokenId = GetAccessTokenId("GetAccessTokenId002", dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); - dcapNum = 1025; - tokenId = GetAccessTokenId("GetAccessTokenId002", dcaps, dcapNum, "system_core"); + /* 33 is invalid dcapNum */ + dcapNum = 33; + tokenId = GetAccessTokenId("GetAccessTokenId002_00", dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); } +/** + * @tc.name: GetAccessTokenId003 + * @tc.desc: cannot getAccessTokenId with invalid dcaps. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1) { const char **dcaps = (const char **)malloc(sizeof(char *) * 2); @@ -165,12 +197,36 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId003, TestSize.Level1) tokenId = GetAccessTokenId("GetAccessTokenId003", nullptr, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); - const std::string invalidDcaps (1025, 'x'); - dcaps[0] = invalidDcaps.c_str(); - tokenId = GetAccessTokenId("GetAccessTokenId003", dcaps, dcapNum, "system_core"); + dcapNum = 0; + tokenId = GetAccessTokenId("GetAccessTokenId003_01", nullptr, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + dcapNum = 2; + /* 1025 is invalid dcap length */ + const std::string invalidDcap (1025, 'x'); + dcaps[0] = invalidDcap.c_str(); + tokenId = GetAccessTokenId("GetAccessTokenId003_02", dcaps, dcapNum, "system_core"); ASSERT_EQ(tokenId, 0); + + /* 1024 is valid dcap length */ + const std::string validDcap01 (1024, 'x'); + dcaps[0] = validDcap01.c_str(); + tokenId = GetAccessTokenId("GetAccessTokenId003_03", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); + + /* 1023 is valid dcap length */ + const std::string validDcap02 (1023, 'x'); + dcaps[0] = validDcap02.c_str(); + tokenId = GetAccessTokenId("GetAccessTokenId003_04", dcaps, dcapNum, "system_core"); + ASSERT_NE(tokenId, 0); } +/** + * @tc.name: GetAccessTokenId004 + * @tc.desc: cannot getAccessTokenId with invalid APL. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1) { const char **dcaps = (const char **)malloc(sizeof(char *) * 2); @@ -185,6 +241,12 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId004, TestSize.Level1) ASSERT_EQ(tokenId, 0); } +/** + * @tc.name: GetAccessTokenId005 + * @tc.desc: Get AccessTokenId successfully. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) { uint64_t tokenId01 = Start("GetAccessTokenId005"); @@ -195,6 +257,12 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId005, TestSize.Level1) ASSERT_EQ(tokenId01, tokenId02); } +/** + * @tc.name: GetAccessTokenId007 + * @tc.desc: Get AccessTokenId before ATM is prepared with new processName. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) { uint64_t tokenID; @@ -209,12 +277,20 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId007, TestSize.Level1) ASSERT_EQ(ret, 0); ASSERT_EQ(tokenIdEx->tokenId, g_tokenQueueHead->next->tokenId); - char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuff = nullptr; + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, ATRET_SUCCESS); string s = "GetAccessTokenId007"; char *pos = strstr(fileBuff, s.c_str()); ASSERT_EQ(pos, nullptr); } +/** + * @tc.name: GetAccessTokenId008 + * @tc.desc: Get AccessTokenId before ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) { uint64_t tokenID; @@ -227,9 +303,17 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId008, TestSize.Level1) ASSERT_EQ(tokenIdEx->tokenId, g_tokenQueueHead->next->tokenId); } +/** + * @tc.name: GetAccessTokenId009 + * @tc.desc: Get AccessTokenId after ATM is prepared with new processName. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) { - char *fileBuffBefore = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuffBefore = nullptr; + int32_t ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuffBefore); + ASSERT_EQ(ret, ATRET_SUCCESS); char *posMatch = strstr(fileBuffBefore, "GetAccessTokenId009"); ASSERT_NE(posMatch, nullptr); free(fileBuffBefore); @@ -247,7 +331,9 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) ASSERT_NE(tokenID009, 0); sleep(DELAY_ONE_SECONDS); - char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuff = nullptr; + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, ATRET_SUCCESS); char *pos = strstr(fileBuff, "GetAccessTokenId009"); ASSERT_NE(pos, nullptr); pos = strstr(fileBuff, "GetAccessTokenId009_01"); @@ -258,9 +344,18 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId009, TestSize.Level1) PthreadCloseTrigger(); } +/** + * @tc.name: GetAccessTokenId010 + * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) { - char *fileBuffBefore = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuffBefore = nullptr; + int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuffBefore); + ASSERT_EQ(ret, ATRET_SUCCESS); + char *posMatch = strstr(fileBuffBefore, "GetAccessTokenId010"); ASSERT_EQ(posMatch, nullptr); free(fileBuffBefore); @@ -272,15 +367,47 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) ASSERT_NE(tokenID010, 0); sleep(DELAY_ONE_SECONDS); - char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuff = nullptr; + ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, ATRET_SUCCESS); + char *pos = strstr(fileBuff, "GetAccessTokenId010"); ASSERT_NE(pos, nullptr); free(fileBuff); PthreadCloseTrigger(); } +/** + * @tc.name: GetAccessTokenId011 + * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) +{ + char processName[200][MAX_PROCESS_NAME_LEN]; + /* enable 200 process before fondation is prepared */ + for (int32_t i = 0; i < 200; i++) { + processName[i][0] = '\0'; + int ret = sprintf_s(processName[i], MAX_PROCESS_NAME_LEN, "processName_%d", i); + ASSERT_NE(ret, 0); + uint64_t tokenId = Start(processName[i]); + ASSERT_NE(tokenId, 0); + } + uint64_t tokenId011 = Start("foundation"); + ASSERT_NE(tokenId011, 0); + sleep(5); + tokenId011 = Start("process"); + ASSERT_NE(tokenId011, 0); +} - HWTEST_F(TokenLibKitTest, GetAccessTokenId011, TestSize.Level1) +/** + * @tc.name: GetAccessTokenId012 + * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) { Start("process1"); Start("process2"); @@ -305,7 +432,9 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) sleep(5); Start("process19"); sleep(5); - char *fileBuff = GetFileBuff(TOKEN_ID_CFG_PATH); + char *fileBuff = nullptr; + int ret = GetFileBuff(TOKEN_ID_CFG_PATH, &fileBuff); + ASSERT_EQ(ret, 0); char *pos = strstr(fileBuff, "process1"); ASSERT_NE(pos, nullptr); pos = strstr(fileBuff, "process2"); @@ -330,7 +459,13 @@ HWTEST_F(TokenLibKitTest, GetAccessTokenId010, TestSize.Level1) PthreadCloseTrigger(); } - HWTEST_F(TokenLibKitTest, GetAccessTokenId012, TestSize.Level1) +/** + * @tc.name: GetAccessTokenId013 + * @tc.desc: Get AccessTokenId after ATM is prepared with processName which has existed. + * @tc.type: FUNC + * @tc.require:AR000GK6TD + */ +HWTEST_F(TokenLibKitTest, GetAccessTokenId013, TestSize.Level1) { sleep(5); Start("process1"); diff --git a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp index b4ae1174ee9f70c5f8be33585ce4c767d025674a..800becd14d00f693719fe84b29d5e0c53e9815d5 100644 --- a/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp +++ b/interfaces/innerkits/tokensync/test/unittest/src/tokensync_kit_test.cpp @@ -42,10 +42,10 @@ void TokenSyncKitTest::TearDown() */ HWTEST_F(TokenSyncKitTest, VerifyPermission001, TestSize.Level1) { - const std::string TEST_BUNDLE_NAME = "ohos"; - const std::string TEST_PERMISSION_NAME_ALPHA = "ohos.permission.ALPHA"; - const int TEST_USER_ID = 0; - int ret = TokenSyncKit::VerifyPermission(TEST_BUNDLE_NAME, TEST_PERMISSION_NAME_ALPHA, TEST_USER_ID); + const std::string testBundleName = "ohos"; + const std::string testPermissionNameAlpha = "ohos.permission.ALPHA"; + const int testUserId = 0; + int ret = TokenSyncKit::VerifyPermission(testBundleName, testPermissionNameAlpha, testUserId); ASSERT_EQ(0, ret); } diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h index 1ad68ac8e8f643dbcb3adf48f7e14aebe85c8b7c..336228323a1b2a4ebd43a392d090c0bf51a7edab 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_id_manager.h @@ -26,7 +26,7 @@ namespace OHOS { namespace Security { namespace AccessToken { -static constexpr int TOKEN_RANDOM_MASK = (1 << 24) - 1; +static constexpr unsigned int TOKEN_RANDOM_MASK = (1 << 24) - 1; static const int MAX_CREATE_TOKEN_ID_RETRY = 2; class AccessTokenIDManager final { diff --git a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h index 40786992f72a6154e623441c243beaf45e803c01..c8a33735069094b7e5d808ae4b920acd23d9a68d 100644 --- a/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h +++ b/services/accesstokenmanager/main/cpp/include/token/accesstoken_info_manager.h @@ -75,9 +75,9 @@ private: OHOS::Utils::RWLock managerLock_; std::map> hapTokenInfoMap_; - std::map hapTokenIdMap_; + std::map hapTokenIdMap_; std::map> nativeTokenInfoMap_; - std::map nativeTokenIdMap_; + std::map nativeTokenIdMap_; }; } // namespace AccessToken } // namespace Security diff --git a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp index 148a9369a00dd65d87f2d36a5ed6ad877f5a5326..3647ab9766c6c47df9d1ca4c78ffdfe6d6e5fd08 100644 --- a/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp +++ b/services/accesstokenmanager/main/cpp/src/permission/permission_validator.cpp @@ -79,7 +79,7 @@ bool PermissionValidator::IsPermissionStateValid(const PermissionStateFull& perm return false; } - for (int i = 0; i < resDevIdSize; i++) { + for (uint32_t i = 0; i < resDevIdSize; i++) { if (!IsGrantStatusValid(permState.grantStatus[i]) || !IsPermissionFlagValid(permState.grantFlags[i])) { return false; diff --git a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp index 15a1a86abde9de6d488bf8472f7bb4d6252410c4..a9e0076e0111b3f4118d196f4020c08e2083a8ea 100644 --- a/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp +++ b/services/accesstokenmanager/main/cpp/src/service/accesstoken_manager_stub.cpp @@ -84,7 +84,7 @@ void AccessTokenManagerStub::GetDefPermissionsInner(MessageParcel& data, Message int result = this->GetDefPermissions(tokenID, permList); ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size()); - reply.WriteInt32(permList.size()); + reply.WriteInt32((int32_t)permList.size()); for (auto permDef : permList) { reply.WriteParcelable(&permDef); } @@ -99,7 +99,7 @@ void AccessTokenManagerStub::GetReqPermissionsInner(MessageParcel& data, Message int result = this->GetReqPermissions(tokenID, permList, isSystemGrant); ACCESSTOKEN_LOG_INFO(LABEL, "%{public}s called, permList size: %{public}d", __func__, (int) permList.size()); - reply.WriteInt32(permList.size()); + reply.WriteInt32((int32_t)permList.size()); for (auto permDef : permList) { reply.WriteParcelable(&permDef); } diff --git a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp index e08142fa1859d355c62c670b5038a517b3e0bbfb..34dd4f0c927f74d80233f65b164cd80a8e90e794 100644 --- a/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/hap_token_info_inner.cpp @@ -124,7 +124,7 @@ int HapTokenInfoInner::RestoreHapTokenBasicInfo(const GenericValues& inGenericVa "%{public}s called, tokenID: 0x%{public}x version is error, version %{public}d", __func__, tokenID_, ver_); return RET_FAILED; } - tokenAttr_ = inGenericValues.GetInt(FIELD_TOKEN_ATTR); + tokenAttr_ = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR); return RET_SUCCESS; } diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp index 0278b5eff61159b9490203938d23915f90495249..62a4e8cac67bd4675df5087972917710e0feec80 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_info_inner.cpp @@ -109,7 +109,7 @@ int NativeTokenInfoInner::RestoreNativeTokenInfo(AccessTokenID tokenId, const Ge } SetDcaps(inGenericValues.GetString(FIELD_DCAP)); - tokenAttr_ = inGenericValues.GetInt(FIELD_TOKEN_ATTR); + tokenAttr_ = (uint32_t)inGenericValues.GetInt(FIELD_TOKEN_ATTR); return RET_SUCCESS; } @@ -149,7 +149,7 @@ bool NativeTokenInfoInner::FromJsonString(const std::string& jsonString) } if (jsonObject.find(JSON_VERSION) != jsonObject.end()) { - ver_ = jsonObject.at(JSON_VERSION).get(); + ver_ = jsonObject.at(JSON_VERSION).get(); } if (jsonObject.find(JSON_TOKEN_ID) != jsonObject.end()) { @@ -184,7 +184,7 @@ std::string NativeTokenInfoInner::GetProcessName() const void NativeTokenInfoInner::SetDcaps(const std::string& dcapStr) { - int start = 0; + std::string::size_type start = 0; while (true) { std::string::size_type offset = dcapStr.find(',', start); if (offset == std::string::npos) { diff --git a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp index 815acd9f4569ad1abadb4a25408bf222c6e2be58..63b66da54ad45ce89f75ec18976f9167df187907 100644 --- a/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp +++ b/services/accesstokenmanager/main/cpp/src/token/native_token_receptor.cpp @@ -60,7 +60,7 @@ void from_json(const nlohmann::json& j, std::shared_ptr& p } if (j.find(JSON_VERSION) != j.end()) { - native.ver = j.at(JSON_VERSION).get(); + native.ver = (uint8_t)j.at(JSON_VERSION).get(); if (native.ver != DEFAULT_TOKEN_VERSION) { return; }