diff --git a/test/fuzztest/innerkits/accesstoken/getpermissionsstatus_fuzzer/getpermissionsstatus_fuzzer.cpp b/test/fuzztest/innerkits/accesstoken/getpermissionsstatus_fuzzer/getpermissionsstatus_fuzzer.cpp index 7ee5ee4656a39ef52141e5ce33fc2f4d0dd2e3c4..d204548cb7d829a472db59500f56eb67d348a49a 100644 --- a/test/fuzztest/innerkits/accesstoken/getpermissionsstatus_fuzzer/getpermissionsstatus_fuzzer.cpp +++ b/test/fuzztest/innerkits/accesstoken/getpermissionsstatus_fuzzer/getpermissionsstatus_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -15,34 +15,30 @@ #include "getpermissionsstatus_fuzzer.h" -#include -#include #include -#include -#undef private #include "access_token.h" #include "accesstoken_kit.h" #include "fuzzer/FuzzedDataProvider.h" -#include "nativetoken_kit.h" -#include "securec.h" -#include "token_setproc.h" using namespace std; using namespace OHOS::Security::AccessToken; namespace OHOS { - - bool GetPermissionsStatusFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - FuzzedDataProvider provider(data, size); - std::vector permList; - return AccessTokenKit::GetPermissionsStatus(provider.ConsumeIntegral(), permList) == RET_SUCCESS; +bool GetPermissionsStatusFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; } + + FuzzedDataProvider provider(data, size); + PermissionListState perm = { + .permissionName = provider.ConsumeRandomLengthString(), + .state = SETTING_OPER, + }; + std::vector permList = { perm }; + return AccessTokenKit::GetPermissionsStatus(provider.ConsumeIntegral(), permList) == RET_SUCCESS; +} } /* Fuzzer entry point */ diff --git a/test/fuzztest/innerkits/privacy/BUILD.gn b/test/fuzztest/innerkits/privacy/BUILD.gn index 8d25a97a46d812eb9fb41fcb2b75e70d915b8d49..b7f4aa215b76955bc8df290d627be2ef511a1af7 100644 --- a/test/fuzztest/innerkits/privacy/BUILD.gn +++ b/test/fuzztest/innerkits/privacy/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2024 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -25,6 +25,7 @@ group("fuzztest") { "isallowedusingpermission_fuzzer:IsAllowedUsingPermissionFuzzTest", "registerpermactivestatuscallback_fuzzer:RegisterPermActiveStatusCallbackFuzzTest", "removepermissionusedrecords_fuzzer:RemovePermissionUsedRecordsFuzzTest", + "sethapwithfgreminder_fuzzer:SetHapWithFGReminderFuzzTest", "setmutepolicy_fuzzer:SetMutePolicyFuzzTest", "setpermissionusedrecordtogglestatus_fuzzer:SetPermissionUsedRecordToggleStatusFuzzTest", "startusingpermission001_fuzzer:StartUsingPermission001FuzzTest", diff --git a/test/fuzztest/innerkits/privacy/addpermissionusedrecord_fuzzer/addpermissionusedrecord_fuzzer.cpp b/test/fuzztest/innerkits/privacy/addpermissionusedrecord_fuzzer/addpermissionusedrecord_fuzzer.cpp index 4de8f5dd0f55957b1af774874d9a2fbe9628478e..40d59866fb9c0ddc357920e6eb7d565758ee463b 100644 --- a/test/fuzztest/innerkits/privacy/addpermissionusedrecord_fuzzer/addpermissionusedrecord_fuzzer.cpp +++ b/test/fuzztest/innerkits/privacy/addpermissionusedrecord_fuzzer/addpermissionusedrecord_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -15,30 +15,23 @@ #include "addpermissionusedrecord_fuzzer.h" -#include -#include -#include -#include - #include "fuzzer/FuzzedDataProvider.h" -#undef private #include "privacy_kit.h" -using namespace std; using namespace OHOS::Security::AccessToken; namespace OHOS { - bool AddPermissionUsedRecordFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - FuzzedDataProvider provider(data, size); - return PrivacyKit::AddPermissionUsedRecord(provider.ConsumeIntegral(), - provider.ConsumeRandomLengthString(), provider.ConsumeIntegral(), - provider.ConsumeIntegral(), provider.ConsumeBool()) == 0; +bool AddPermissionUsedRecordFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; } + + FuzzedDataProvider provider(data, size); + return PrivacyKit::AddPermissionUsedRecord(provider.ConsumeIntegral(), + provider.ConsumeRandomLengthString(), provider.ConsumeIntegral(), + provider.ConsumeIntegral(), provider.ConsumeBool()) == 0; +} } /* Fuzzer entry point */ diff --git a/test/fuzztest/innerkits/privacy/getpermissionusedrecords_fuzzer/BUILD.gn b/test/fuzztest/innerkits/privacy/getpermissionusedrecords_fuzzer/BUILD.gn index 944df99b987536937e4f5f12c05d94ffb9f5ac34..4ba905d1b056b9937e5f2eaf09f05a76329fb9f9 100644 --- a/test/fuzztest/innerkits/privacy/getpermissionusedrecords_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/privacy/getpermissionusedrecords_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2023 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -21,6 +21,8 @@ ohos_fuzztest("GetPermissionUsedRecordsFuzzTest") { include_dirs = [ "${access_token_path}/interfaces/innerkits/accesstoken/include", "${access_token_path}/test/fuzztest/common", + "${access_token_path}/frameworks/common/include", + "${access_token_path}/interfaces/innerkits/privacy/src", ] cflags = [ "-g", diff --git a/test/fuzztest/innerkits/privacy/getpermissionusedrecords_fuzzer/getpermissionusedrecords_fuzzer.cpp b/test/fuzztest/innerkits/privacy/getpermissionusedrecords_fuzzer/getpermissionusedrecords_fuzzer.cpp index 0db2ddeba95d86b04e112626d1461e664b098160..9a90870d422dea8a02d51d7d5ea329505549e35f 100644 --- a/test/fuzztest/innerkits/privacy/getpermissionusedrecords_fuzzer/getpermissionusedrecords_fuzzer.cpp +++ b/test/fuzztest/innerkits/privacy/getpermissionusedrecords_fuzzer/getpermissionusedrecords_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2024 Huawei Device Co., Ltd. + * Copyright (c) 2024-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,35 +21,50 @@ #include #include "fuzzer/FuzzedDataProvider.h" -#undef private +#include "on_permission_used_record_callback_stub.h" #include "privacy_kit.h" using namespace std; using namespace OHOS::Security::AccessToken; +class TestCallBack : public OnPermissionUsedRecordCallbackStub { +public: + TestCallBack() = default; + virtual ~TestCallBack() = default; + + void OnQueried(OHOS::ErrCode code, PermissionUsedResult& result) + {} +}; + namespace OHOS { - bool GetPermissionUsedRecordsFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - FuzzedDataProvider provider(data, size); - PermissionUsedRequest request = { - .tokenId = provider.ConsumeIntegral(), - .isRemote = provider.ConsumeBool(), - .deviceId = provider.ConsumeRandomLengthString(), - .bundleName = provider.ConsumeRandomLengthString(), - .permissionList = {provider.ConsumeRandomLengthString()}, - .beginTimeMillis = provider.ConsumeIntegral(), - .endTimeMillis = provider.ConsumeIntegral(), - .flag = static_cast(provider.ConsumeIntegralInRange( - 0, static_cast(PermissionUsageFlag::FLAG_PERMISSION_USAGE_SUMMARY_IN_SCREEN_UNLOCKED))) - }; - - PermissionUsedResult res; - return PrivacyKit::GetPermissionUsedRecords(request, res) == 0; +bool GetPermissionUsedRecordsFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; + } + + FuzzedDataProvider provider(data, size); + PermissionUsedRequest request = { + .tokenId = provider.ConsumeIntegral(), + .isRemote = provider.ConsumeBool(), + .deviceId = provider.ConsumeRandomLengthString(), + .bundleName = provider.ConsumeRandomLengthString(), + .permissionList = {provider.ConsumeRandomLengthString()}, + .beginTimeMillis = provider.ConsumeIntegral(), + .endTimeMillis = provider.ConsumeIntegral(), + .flag = static_cast(provider.ConsumeIntegralInRange( + 0, static_cast(PermissionUsageFlag::FLAG_PERMISSION_USAGE_SUMMARY_IN_SCREEN_UNLOCKED))) + }; + + sptr callback(new (std::nothrow) TestCallBack()); + if (callback == nullptr) { + return false; } + (void)PrivacyKit::GetPermissionUsedRecords(request, callback); + + PermissionUsedResult res; + return PrivacyKit::GetPermissionUsedRecords(request, res) == 0; +} } /* Fuzzer entry point */ diff --git a/test/fuzztest/innerkits/privacy/registerpermactivestatuscallback_fuzzer/BUILD.gn b/test/fuzztest/innerkits/privacy/registerpermactivestatuscallback_fuzzer/BUILD.gn index f5d76f26c48bac7d5b5f2e8a0a2b946c0520a5b8..9ca547f6150b3127343875d913ed182af232d63f 100644 --- a/test/fuzztest/innerkits/privacy/registerpermactivestatuscallback_fuzzer/BUILD.gn +++ b/test/fuzztest/innerkits/privacy/registerpermactivestatuscallback_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022-2023 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -20,7 +20,10 @@ ohos_fuzztest("RegisterPermActiveStatusCallbackFuzzTest") { fuzz_config_file = "." include_dirs = [ + "${access_token_path}/frameworks/privacy/include", "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/interfaces/innerkits/privacy/src", + "${access_token_path}/services/common/proxy_death/include", "${access_token_path}/test/fuzztest/common", ] cflags = [ diff --git a/test/fuzztest/innerkits/privacy/registerpermactivestatuscallback_fuzzer/registerpermactivestatuscallback_fuzzer.cpp b/test/fuzztest/innerkits/privacy/registerpermactivestatuscallback_fuzzer/registerpermactivestatuscallback_fuzzer.cpp index f3b9ad439445624900390870c76ea4bc84cd4343..8dfdf423a7a348058a719b67560a1b1cedd6732a 100644 --- a/test/fuzztest/innerkits/privacy/registerpermactivestatuscallback_fuzzer/registerpermactivestatuscallback_fuzzer.cpp +++ b/test/fuzztest/innerkits/privacy/registerpermactivestatuscallback_fuzzer/registerpermactivestatuscallback_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,8 +21,11 @@ #include #include "fuzzer/FuzzedDataProvider.h" -#undef private +#include "perm_active_status_change_callback.h" #include "privacy_kit.h" +#define private public +#include "privacy_manager_client.h" +#undef private using namespace std; using namespace OHOS::Security::AccessToken; @@ -46,20 +49,26 @@ public: }; namespace OHOS { - bool RegisterPermActiveStatusCallbackFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } +bool RegisterPermActiveStatusCallbackFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; + } - FuzzedDataProvider provider(data, size); - std::vector permList = {provider.ConsumeRandomLengthString()}; - auto callback = std::make_shared(permList); - callback->type_ = PERM_INACTIVE; - (void)PrivacyKit::RegisterPermActiveStatusCallback(callback); - (void)PrivacyKit::UnRegisterPermActiveStatusCallback(callback); - return true; + FuzzedDataProvider provider(data, size); + std::vector permList = {provider.ConsumeRandomLengthString()}; + auto callback = std::make_shared(permList); + callback->type_ = PERM_INACTIVE; + (void)PrivacyKit::RegisterPermActiveStatusCallback(callback); + (void)PrivacyKit::UnRegisterPermActiveStatusCallback(callback); + auto callbackWrap = new (std::nothrow) PermActiveStatusChangeCallback(callback); + if (callbackWrap == nullptr) { + return false; } + PrivacyManagerClient::GetInstance().activeCbkMap_[callback] = callbackWrap; + (void)PrivacyKit::UnRegisterPermActiveStatusCallback(callback); + return true; +} } /* Fuzzer entry point */ diff --git a/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/BUILD.gn b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..16bfce886f2ce402dac3c8103df354934a583d6e --- /dev/null +++ b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/BUILD.gn @@ -0,0 +1,42 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") +import("../../../../../access_token.gni") + +ohos_fuzztest("SetHapWithFGReminderFuzzTest") { + module_out_path = module_output_path_interface_privacy + fuzz_config_file = "." + include_dirs = [ + "${access_token_path}/interfaces/innerkits/accesstoken/include", + "${access_token_path}/test/fuzztest/common", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ "sethapwithfgreminder_fuzzer.cpp" ] + + deps = [ "${access_token_path}/interfaces/innerkits/privacy:libprivacy_sdk" ] + + configs = [ "${access_token_path}/config:coverage_flags" ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "ipc:ipc_core", + ] +} diff --git a/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/corpus/init b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..5769eb4e980bae53e8a6c490d1441f71bd4cf133 --- /dev/null +++ b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +020021DA0000 \ No newline at end of file diff --git a/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/project.xml b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/sethapwithfgreminder_fuzzer.cpp b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/sethapwithfgreminder_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..ba9c7d0720a62e41d8875314501ef20c65ba348b --- /dev/null +++ b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/sethapwithfgreminder_fuzzer.cpp @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "sethapwithfgreminder_fuzzer.h" + +#include "fuzzer/FuzzedDataProvider.h" +#include "privacy_kit.h" + +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +bool SetHapWithFGReminderFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; + } + + FuzzedDataProvider provider(data, size); + return PrivacyKit::SetHapWithFGReminder(provider.ConsumeIntegral(), provider.ConsumeBool()) == 0; +} +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + (void)OHOS::SetHapWithFGReminderFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/sethapwithfgreminder_fuzzer.h b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/sethapwithfgreminder_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..6841776d3e5203fd51c1cce807661ab8c2aa553d --- /dev/null +++ b/test/fuzztest/innerkits/privacy/sethapwithfgreminder_fuzzer/sethapwithfgreminder_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_SETHAPWITHFGREMINDER_FUZZER_H +#define TEST_FUZZTEST_SETHAPWITHFGREMINDER_FUZZER_H + +#define FUZZ_PROJECT_NAME "sethapwithfgreminder_fuzzer" + +#endif // TEST_FUZZTEST_SETHAPWITHFGREMINDER_FUZZER_H diff --git a/test/fuzztest/services/accesstoken/BUILD.gn b/test/fuzztest/services/accesstoken/BUILD.gn index cc218dfb2527d724bceb9ee7e9729a0afc27ae55..e8f7fef4c83435273f7d8d67c14e0a17ea7fbb00 100644 --- a/test/fuzztest/services/accesstoken/BUILD.gn +++ b/test/fuzztest/services/accesstoken/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2023-2024 Huawei Device Co., Ltd. +# Copyright (c) 2023-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -47,6 +47,7 @@ group("fuzztest") { "grantpermissionstub_fuzzer:GrantPermissionStubFuzzTest", "inithaptokenstub_fuzzer:InitHapTokenStubFuzzTest", "inituserpolicystub_fuzzer:InitUserPolicyStubFuzzTest", + "istoastshownneededstub_fuzzer:IsToastShownNeededStubFuzzTest", "registerpermstatechangecallbackstub_fuzzer:RegisterPermStateChangeCallbackStubFuzzTest", "registerselfpermstatechangecallbackstub_fuzzer:RegisterSelfPermStateChangeCallbackStubFuzzTest", "requestapppermonsettingstub_fuzzer:RequestAppPermOnSettingStubFuzzTest", diff --git a/test/fuzztest/services/accesstoken/accesstokenstubcoverage_fuzzer/accesstokenstubcoverage_fuzzer.cpp b/test/fuzztest/services/accesstoken/accesstokenstubcoverage_fuzzer/accesstokenstubcoverage_fuzzer.cpp index bf4fd15198bc996ddeb63478b4582ebf20cb49fc..bfd382a4847abfd12721debe29036f9f86f0e1d9 100644 --- a/test/fuzztest/services/accesstoken/accesstokenstubcoverage_fuzzer/accesstokenstubcoverage_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/accesstokenstubcoverage_fuzzer/accesstokenstubcoverage_fuzzer.cpp @@ -128,6 +128,19 @@ void ReloadNativeTokenInfo() #endif } +void GetPermissionManagerInfo() +{ + MessageParcel data; + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + + if (!data.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { + return; + } + DelayedSingleton::GetInstance()->OnRemoteRequest( + static_cast(IAccessTokenManagerIpcCode::COMMAND_GET_PERMISSION_MANAGER_INFO), data, reply, option); +} + bool AccessTokenStubCoverageFuzzTest(FuzzedDataProvider &provider) { if (g_selfTokenId == 0) { @@ -137,6 +150,7 @@ bool AccessTokenStubCoverageFuzzTest(FuzzedDataProvider &provider) GetVersion(); RegisterTokenSyncCallback(); UnRegisterTokenSyncCallback(); + GetPermissionManagerInfo(); (void)SetSelfTokenID(g_selfTokenId); if (g_executionNum < 1) { g_executionNum++; diff --git a/test/fuzztest/services/accesstoken/deleteremotehaptokeninfostub_fuzzer/deleteremotehaptokeninfostub_fuzzer.cpp b/test/fuzztest/services/accesstoken/deleteremotehaptokeninfostub_fuzzer/deleteremotehaptokeninfostub_fuzzer.cpp index 59b671366d4021c5cfe1a3bd01517e55cea0b19b..afa6f19b4342bb09dd5851915f5095c00f0223ea 100644 --- a/test/fuzztest/services/accesstoken/deleteremotehaptokeninfostub_fuzzer/deleteremotehaptokeninfostub_fuzzer.cpp +++ b/test/fuzztest/services/accesstoken/deleteremotehaptokeninfostub_fuzzer/deleteremotehaptokeninfostub_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023 Huawei Device Co., Ltd. + * Copyright (c) 2023-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -15,12 +15,8 @@ #include "deleteremotehaptokeninfostub_fuzzer.h" -#include -#include -#include - -#undef private #include "fuzzer/FuzzedDataProvider.h" +#include "hap_token_info_for_sync_parcel.h" #include "i_token_sync_manager.h" #include "token_sync_manager_service.h" @@ -28,32 +24,54 @@ using namespace std; using namespace OHOS::Security::AccessToken; namespace OHOS { - bool DeleteRemoteHapTokenInfoStubFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } +void UpdateRemoteHapTokenInfo() +{ + MessageParcel data; + if (!data.WriteInterfaceToken(ITokenSyncManager::GetDescriptor())) { + return; + } + HapTokenInfoForSyncParcel tokenInfoParcel; - FuzzedDataProvider provider(data, size); - AccessTokenID tokenID = provider.ConsumeIntegral(); - - MessageParcel datas; - datas.WriteInterfaceToken(ITokenSyncManager::GetDescriptor()); + if (!data.WriteParcelable(&tokenInfoParcel)) { + return; + } - if (!datas.WriteUint32(tokenID)) { - return false; - } - - uint32_t code = static_cast( - TokenSyncInterfaceCode::DELETE_REMOTE_HAP_TOKEN_INFO); + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + DelayedSingleton::GetInstance()->SendRequest(static_cast( + TokenSyncInterfaceCode::UPDATE_REMOTE_HAP_TOKEN_INFO), data, reply, option); +} - MessageParcel reply; - MessageOption option(MessageOption::TF_SYNC); +bool DeleteRemoteHapTokenInfoStubFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; + } - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); + FuzzedDataProvider provider(data, size); + AccessTokenID tokenID = provider.ConsumeIntegral(); + + UpdateRemoteHapTokenInfo(); - return true; + MessageParcel datas; + if (!datas.WriteInterfaceToken(ITokenSyncManager::GetDescriptor())) { + return false; } + + if (!datas.WriteUint32(tokenID)) { + return false; + } + + uint32_t code = static_cast( + TokenSyncInterfaceCode::DELETE_REMOTE_HAP_TOKEN_INFO); + + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + + DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); + + return true; +} } // namespace OHOS /* Fuzzer entry point */ diff --git a/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/BUILD.gn b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..e3fc634106fe3e65db1552883a5e8dfac9f025f1 --- /dev/null +++ b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/BUILD.gn @@ -0,0 +1,49 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") +import("../../../../../access_token.gni") +import("../access_token_service_fuzz.gni") + +ohos_fuzztest("IsToastShownNeededStubFuzzTest") { + module_out_path = module_output_path_service_access_token + fuzz_config_file = "." + + sources = [ "istoastshownneededstub_fuzzer.cpp" ] + + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + include_dirs = access_token_include_dirs + + deps = access_token_deps + + configs = [ + "${access_token_path}/config:coverage_flags", + "${access_token_path}/services/accesstokenmanager/idl:access_token_manager_gen_config", + ] + + external_deps = access_token_external_deps + + include_dirs += access_token_impl_include_dirs + + cflags_cc = access_token_cflags_cc + + sources += access_token_sources + + sources += access_token_impl_sources +} diff --git a/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/corpus/init b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..2aea1356e3c3b3ee6e12ad3f72640897d769d02e --- /dev/null +++ b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/corpus/init @@ -0,0 +1,14 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FUZZ diff --git a/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/istoastshownneededstub_fuzzer.cpp b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/istoastshownneededstub_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..e898545d64387c588cf63b8a8a6c2b13b6a368ce --- /dev/null +++ b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/istoastshownneededstub_fuzzer.cpp @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "istoastshownneededstub_fuzzer.h" + +#include "accesstoken_manager_service.h" +#include "fuzzer/FuzzedDataProvider.h" +#include "iaccess_token_manager.h" + +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +bool IsToastShownNeededStubFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; + } + + FuzzedDataProvider provider(data, size); + + MessageParcel datas; + if (!datas.WriteInterfaceToken(IAccessTokenManager::GetDescriptor())) { + return false; + } + + int32_t pid = provider.ConsumeIntegral(); + if (!datas.WriteInt32(pid)) { + return false; + } + + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + DelayedSingleton::GetInstance()->OnRemoteRequest( + static_cast(IAccessTokenManagerIpcCode::COMMAND_IS_TOAST_SHOWN_NEEDED), datas, reply, option); + + return true; +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::IsToastShownNeededStubFuzzTest(data, size); + return 0; +} diff --git a/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/istoastshownneededstub_fuzzer.h b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/istoastshownneededstub_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..defe4acae2f0674edf5648b4412f17518fef65a0 --- /dev/null +++ b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/istoastshownneededstub_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_ISTOASTSHOWNNEEDEDSTUB_FUZZER_H +#define TEST_FUZZTEST_ISTOASTSHOWNNEEDEDSTUB_FUZZER_H + +#define FUZZ_PROJECT_NAME "istoastshownneededstub_fuzzer" + +#endif // TEST_FUZZTEST_ISTOASTSHOWNNEEDEDSTUB_FUZZER_H diff --git a/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/project.xml b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/services/accesstoken/istoastshownneededstub_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn index e61cf194dc47605a6aaed5e473e225a11cec4f28..bafaf7970bdc82d4e429a302e04b560ed924b1fa 100644 --- a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/BUILD.gn @@ -20,7 +20,10 @@ ohos_fuzztest("StartUsingPermissionCallbackStubFuzzTest") { module_out_path = module_output_path_service_privacy fuzz_config_file = "." - sources = [ "startusingpermissioncallbackstub_fuzzer.cpp" ] + sources = [ + "${access_token_path}/services/common/proxy_death/src/proxy_death_callback_stub.cpp", + "startusingpermissioncallbackstub_fuzzer.cpp", + ] cflags = [ "-g", diff --git a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp index 936bc0aada5d5f7fb2f016cee53c701fb8096429..e123996b9fa1b0f9fa5abd3a6023f347415af6f9 100644 --- a/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/startusingpermissioncallbackstub_fuzzer/startusingpermissioncallbackstub_fuzzer.cpp @@ -15,19 +15,18 @@ #include "startusingpermissioncallbackstub_fuzzer.h" -#include -#include -#include - -#undef private +#include "constant.h" #include "fuzzer/FuzzedDataProvider.h" #include "iprivacy_manager.h" +#include "permission_used_type.h" +#include "proxy_death_callback_stub.h" #include "state_change_callback.h" #include "state_customized_cbk.h" #include "privacy_manager_service.h" using namespace std; using namespace OHOS::Security::AccessToken; +static int32_t g_permSize = static_cast(Constant::PERMISSION_OPCODE_MAP.size()); class CbCustomizeTest : public StateCustomizedCbk { public: @@ -47,46 +46,84 @@ public: }; namespace OHOS { - bool StartUsingPermissionCallbackStubFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } - - FuzzedDataProvider provider(data, size); - - sptr callbackWrap = nullptr; - auto callback = std::make_shared(); - callbackWrap = new (std::nothrow) StateChangeCallback(callback); - - MessageParcel datas; - datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!datas.WriteUint32(provider.ConsumeIntegral())) { - return false; - } - if (!datas.WriteString(provider.ConsumeRandomLengthString())) { - return false; - } - if (!datas.WriteInt32(provider.ConsumeIntegral())) { - return false; - } - uint32_t type = static_cast(provider.ConsumeIntegralInRange( - 0, static_cast(PermissionUsedType::PERM_USED_TYPE_BUTT))); - if (!datas.WriteUint32(type)) { - return false; - } - if (!datas.WriteRemoteObject(callbackWrap->AsObject())) { - return false; - } - - uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_START_USING_PERMISSION_CALLBACK); - - MessageParcel reply; - MessageOption option; - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); - - return true; +void StartUsingPermissionCallbackStub(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) +{ + MessageParcel data; + if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { + return; + } + + PermissionUsedTypeInfoParcel infoParcel; + infoParcel.info.tokenId = tokenID; + infoParcel.info.pid = pid; + infoParcel.info.permissionName = permissionName; + infoParcel.info.type = NORMAL_TYPE; + + auto anonyStub = sptr::MakeSptr(); + if (!data.WriteParcelable(&infoParcel)) { + return; + } + + sptr callbackWrap = nullptr; + auto callback = std::make_shared(); + callbackWrap = new (std::nothrow) StateChangeCallback(callback); + if (callbackWrap == nullptr) { + return; + } + if (!data.WriteRemoteObject(callbackWrap->AsObject())) { + return; + } + + if (!data.WriteRemoteObject(anonyStub)) { + return; + } + + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + DelayedSingleton::GetInstance()->OnRemoteRequest( + static_cast(IPrivacyManagerIpcCode::COMMAND_START_USING_PERMISSION_CALLBACK), data, reply, option); +} + +void StopUsingPermissionStub(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) +{ + MessageParcel datas; + if (!datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { + return; + } + if (!datas.WriteUint32(tokenID)) { + return; + } + if (!datas.WriteInt32(pid)) { + return; + } + if (!datas.WriteString(permissionName)) { + return; + } + + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + DelayedSingleton::GetInstance()->OnRemoteRequest( + static_cast(IPrivacyManagerIpcCode::COMMAND_STOP_USING_PERMISSION), datas, reply, option); +} + +bool StartUsingPermissionCallbackStubFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; } + + FuzzedDataProvider provider(data, size); + AccessTokenID tokenID = provider.ConsumeIntegral(); + int32_t pid = provider.ConsumeIntegral(); + std::string permissionName; + int32_t opCode = provider.ConsumeIntegral() % g_permSize; + Constant::TransferOpcodeToPermission(opCode, permissionName); + + StartUsingPermissionCallbackStub(tokenID, pid, permissionName); + StopUsingPermissionStub(tokenID, pid, permissionName); + + return true; +} } // namespace OHOS /* Fuzzer entry point */ diff --git a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn index ed318f6e2f9c19e20b3a32088e6daad4b26b7116..2cfd99945a7d1e5329b7297b2cf6cd8cd9226c25 100644 --- a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn +++ b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/BUILD.gn @@ -20,7 +20,10 @@ ohos_fuzztest("StartUsingPermissionStubFuzzTest") { module_out_path = module_output_path_service_privacy fuzz_config_file = "." - sources = [ "startusingpermissionstub_fuzzer.cpp" ] + sources = [ + "${access_token_path}/services/common/proxy_death/src/proxy_death_callback_stub.cpp", + "startusingpermissionstub_fuzzer.cpp", + ] cflags = [ "-g", diff --git a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp index 2e09748d1810c9e59f36f06ffa893c1f97d67dfe..658295ce4efab9278d0e2e3876af638503550496 100644 --- a/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp +++ b/test/fuzztest/services/privacy/startusingpermissionstub_fuzzer/startusingpermissionstub_fuzzer.cpp @@ -15,47 +15,84 @@ #include "startusingpermissionstub_fuzzer.h" -#include -#include -#include - -#undef private +#include "constant.h" #include "fuzzer/FuzzedDataProvider.h" #include "iprivacy_manager.h" +#include "permission_used_type.h" #include "privacy_manager_service.h" +#include "proxy_death_callback_stub.h" using namespace std; using namespace OHOS::Security::AccessToken; +static int32_t g_permSize = static_cast(Constant::PERMISSION_OPCODE_MAP.size()); namespace OHOS { - bool StartUsingPermissionStubFuzzTest(const uint8_t* data, size_t size) - { - if ((data == nullptr) || (size == 0)) { - return false; - } +void StartUsingPermissionStub(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) +{ + MessageParcel data; + if (!data.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { + return; + } - FuzzedDataProvider provider(data, size); + PermissionUsedTypeInfoParcel infoParcel; + infoParcel.info.tokenId = tokenID; + infoParcel.info.pid = pid; + infoParcel.info.permissionName = permissionName; + infoParcel.info.type = NORMAL_TYPE; - MessageParcel datas; - datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor()); - if (!datas.WriteUint32(provider.ConsumeIntegral())) { - return false; - } - if (!datas.WriteString(provider.ConsumeRandomLengthString())) { - return false; - } - if (!datas.WriteInt32(provider.ConsumeIntegral())) { - return false; - } + auto anonyStub = sptr::MakeSptr(); + if (!data.WriteParcelable(&infoParcel)) { + return; + } + if (!data.WriteRemoteObject(anonyStub)) { + return; + } - uint32_t code = static_cast(IPrivacyManagerIpcCode::COMMAND_START_USING_PERMISSION); + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + DelayedSingleton::GetInstance()->OnRemoteRequest( + static_cast(IPrivacyManagerIpcCode::COMMAND_START_USING_PERMISSION), data, reply, option); +} - MessageParcel reply; - MessageOption option; - DelayedSingleton::GetInstance()->OnRemoteRequest(code, datas, reply, option); +void StopUsingPermissionStub(AccessTokenID tokenID, int32_t pid, const std::string& permissionName) +{ + MessageParcel datas; + if (!datas.WriteInterfaceToken(IPrivacyManager::GetDescriptor())) { + return; + } + if (!datas.WriteUint32(tokenID)) { + return; + } + if (!datas.WriteInt32(pid)) { + return; + } + if (!datas.WriteString(permissionName)) { + return; + } + + MessageParcel reply; + MessageOption option(MessageOption::TF_SYNC); + DelayedSingleton::GetInstance()->OnRemoteRequest( + static_cast(IPrivacyManagerIpcCode::COMMAND_STOP_USING_PERMISSION), datas, reply, option); +} - return true; +bool StartUsingPermissionStubFuzzTest(const uint8_t* data, size_t size) +{ + if ((data == nullptr) || (size == 0)) { + return false; } + + FuzzedDataProvider provider(data, size); + AccessTokenID tokenID = provider.ConsumeIntegral(); + int32_t pid = provider.ConsumeIntegral(); + std::string permissionName; + int32_t opCode = provider.ConsumeIntegral() % g_permSize; + Constant::TransferOpcodeToPermission(opCode, permissionName); + + StartUsingPermissionStub(tokenID, pid, permissionName); + StopUsingPermissionStub(tokenID, pid, permissionName); + return true; +} } // namespace OHOS /* Fuzzer entry point */