1/*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include "locationswitchcallbackhost_fuzzer.h"
17
18#include "accesstoken_kit.h"
19#include "if_system_ability_manager.h"
20#include "iservice_registry.h"
21#include "message_option.h"
22#include "message_parcel.h"
23#include "nativetoken_kit.h"
24#include "system_ability_definition.h"
25#include "token_setproc.h"
26#include "locator_ability.h"
27
28#include "location_switch_callback_napi.h"
29
30namespace OHOS {
31using namespace OHOS::Location;
32const int32_t MAX_MEM_SIZE = 4 * 1024 * 1024;
33
34char* ParseData(const uint8_t* data, size_t size)
35{
36    if (data == nullptr) {
37        return nullptr;
38    }
39
40    if (size > MAX_MEM_SIZE) {
41        return nullptr;
42    }
43
44    char* ch = (char *)malloc(size + 1);
45    if (ch == nullptr) {
46        return nullptr;
47    }
48
49    (void)memset_s(ch, size + 1, 0x00, size + 1);
50    if (memcpy_s(ch, size, data, size) != EOK) {
51        free(ch);
52        ch = nullptr;
53        return nullptr;
54    }
55    return ch;
56}
57
58bool LocationSwitchCallbackHostFuzzTest(const char* data, size_t size)
59{
60    MessageParcel requestParcel;
61    requestParcel.WriteInterfaceToken(u"location.ISwitchCallback");
62    requestParcel.WriteBuffer(data, size);
63    requestParcel.RewindRead(0);
64
65    MessageParcel reply;
66    MessageOption option;
67    auto callback = sptr<LocationSwitchCallbackNapi>(new (std::nothrow) LocationSwitchCallbackNapi());
68    callback->OnRemoteRequest(ISwitchCallback::RECEIVE_SWITCH_STATE_EVENT, requestParcel, reply, option);
69    return true;
70}
71} // namespace OHOS
72
73/* Fuzzer entry point */
74extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
75{
76    char* ch = OHOS::ParseData(data, size);
77    if (ch != nullptr) {
78        OHOS::LocationSwitchCallbackHostFuzzTest(ch, size);
79        free(ch);
80        ch = nullptr;
81    }
82    return 0;
83}
84
85