1/*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include "dsoftbusadapter_fuzzer.h"
17
18#include "singleton.h"
19
20#include "devicestatus_define.h"
21#include "dsoftbus_adapter_impl.h"
22#include "socket_session_manager.h"
23
24#include "message_parcel.h"
25
26#undef LOG_TAG
27#define LOG_TAG "DsoftbusAdapterFuzzTest"
28namespace OHOS {
29namespace Msdp {
30namespace DeviceStatus {
31#define SERVER_SESSION_NAME "ohos.msdp.device_status.intention.serversession"
32const uint8_t *g_baseFuzzData = nullptr;
33size_t g_baseFuzzSize = 0;
34size_t g_baseFuzzPos = 0;
35constexpr size_t STR_LEN = 255;
36constexpr size_t PKG_NAME_SIZE_MAX { 65 };
37constexpr size_t DEVICE_NAME_SIZE_MAX { 256 };
38
39template <class T> T GetData()
40{
41    T objetct{};
42    size_t objetctSize = sizeof(objetct);
43    if (g_baseFuzzData == nullptr || objetctSize > g_baseFuzzSize - g_baseFuzzPos) {
44        return objetct;
45    }
46    errno_t ret = memcpy_s(&objetct, objetctSize, g_baseFuzzData + g_baseFuzzPos, objetctSize);
47    if (ret != EOK) {
48        return {};
49    }
50    g_baseFuzzPos += objetctSize;
51    return objetct;
52}
53
54void SetGlobalFuzzData(const uint8_t *data, size_t size)
55{
56    g_baseFuzzData = data;
57    g_baseFuzzSize = size;
58    g_baseFuzzPos = 0;
59}
60
61std::string GetStringFromData(int strlen)
62{
63    if (strlen < 1) {
64        return "";
65    }
66
67    char cstr[strlen];
68    cstr[strlen - 1] = '\0';
69    for (int i = 0; i < strlen - 1; i++) {
70        cstr[i] = GetData<char>();
71    }
72    std::string str(cstr);
73    return str;
74}
75
76class DSoftbusObserver final : public IDSoftbusObserver {
77public:
78    DSoftbusObserver() = default;
79    ~DSoftbusObserver() = default;
80
81    void OnBind(const std::string &networkId) {}
82    void OnShutdown(const std::string &networkId) {}
83    void OnConnected(const std::string &networkId) {}
84    bool OnPacket(const std::string &networkId, NetPacket &packet)
85    {
86        return true;
87    }
88    bool OnRawData(const std::string &networkId, const void *data, uint32_t dataLen)
89    {
90        return true;
91    }
92};
93
94bool EnableFuzzTest(const uint8_t* data, size_t size)
95{
96    if ((data == nullptr) || (size < 1)) {
97        return false;
98    }
99    SetGlobalFuzzData(data, size);
100
101    DSoftbusAdapterImpl::GetInstance()->Enable();
102    DSoftbusAdapterImpl::GetInstance()->SetupServer();
103    DSoftbusAdapterImpl::GetInstance()->ShutdownServer();
104    DSoftbusAdapterImpl::GetInstance()->CloseAllSessions();
105    DSoftbusAdapterImpl::GetInstance()->CloseAllSessionsLocked();
106    DSoftbusAdapterImpl::GetInstance()->Disable();
107    return true;
108}
109
110bool AddObserverFuzzTest(const uint8_t* data, size_t size)
111{
112    if ((data == nullptr) || (size < 1)) {
113        return false;
114    }
115    SetGlobalFuzzData(data, size);
116
117    std::shared_ptr<IDSoftbusObserver> observer = std::make_shared<DSoftbusObserver>();
118    DSoftbusAdapterImpl::GetInstance()->AddObserver(observer);
119    DSoftbusAdapterImpl::GetInstance()->RemoveObserver(observer);
120    return true;
121}
122
123bool CheckDeviceOnlineFuzzTest(const uint8_t* data, size_t size)
124{
125    if ((data == nullptr) || (size < 1)) {
126        return false;
127    }
128    SetGlobalFuzzData(data, size);
129
130    std::string networkId = GetStringFromData(STR_LEN);
131    CircleStreamBuffer circleBuffer;
132
133    DSoftbusAdapterImpl::GetInstance()->CheckDeviceOnline(networkId);
134    DSoftbusAdapterImpl::GetInstance()->CloseSession(networkId);
135    DSoftbusAdapterImpl::GetInstance()->HandleSessionData(networkId, circleBuffer);
136    DSoftbusAdapterImpl::GetInstance()->OpenSessionLocked(networkId);
137    DSoftbusAdapterImpl::GetInstance()->OnConnectedLocked(networkId);
138    return true;
139}
140
141bool OpenSessionFuzzTest(const uint8_t* data, size_t size)
142{
143    if ((data == nullptr) || (size < 1)) {
144        return false;
145    }
146    SetGlobalFuzzData(data, size);
147
148    std::string networkId = GetStringFromData(STR_LEN);
149    DSoftbusAdapterImpl::GetInstance()->OpenSession(networkId);
150    DSoftbusAdapterImpl::GetInstance()->FindConnection(networkId);
151    DSoftbusAdapterImpl::GetInstance()->CloseSession(networkId);
152    DSoftbusAdapterImpl::GetInstance()->CloseAllSessions();
153    return true;
154}
155
156
157bool SendPacketFuzzTest(const uint8_t* data, size_t size)
158{
159    if ((data == nullptr) || (size < 1)) {
160        return false;
161    }
162    SetGlobalFuzzData(data, size);
163
164    Parcel parcel;
165    NetPacket packet(MessageId::DSOFTBUS_START_COOPERATE);
166    std::string networkId = GetStringFromData(STR_LEN);
167    DSoftbusAdapterImpl::GetInstance()->SendPacket(networkId, packet);
168    DSoftbusAdapterImpl::GetInstance()->SendParcel(networkId, parcel);
169    DSoftbusAdapterImpl::GetInstance()->BroadcastPacket(packet);
170    DSoftbusAdapterImpl::GetInstance()->HandlePacket(networkId, packet);
171    return true;
172}
173
174bool InitSocketFuzzTest(const uint8_t* data, size_t size)
175{
176    if ((data == nullptr) || (size < 1)) {
177        return false;
178    }
179    SetGlobalFuzzData(data, size);
180
181    int32_t socket = GetData<int32_t>();
182    uint32_t dataLen = GetData<uint32_t>();
183    std::string networkId = GetStringFromData(STR_LEN);
184    int32_t *g_data = new int32_t(socket);
185
186    char name[DEVICE_NAME_SIZE_MAX] { SERVER_SESSION_NAME };
187    char pkgName[PKG_NAME_SIZE_MAX] { FI_PKG_NAME };
188    SocketInfo info {
189        .name = name,
190        .pkgName = pkgName,
191        .dataType = DATA_TYPE_BYTES
192    };
193
194    DSoftbusAdapterImpl::GetInstance()->InitSocket(info, socket, socket);
195    DSoftbusAdapterImpl::GetInstance()->ConfigTcpAlive(socket);
196    DSoftbusAdapterImpl::GetInstance()->OnShutdown(socket, SHUTDOWN_REASON_UNKNOWN);
197    DSoftbusAdapterImpl::GetInstance()->OnBytes(socket, g_data, dataLen);
198    DSoftbusAdapterImpl::GetInstance()->HandleRawData(networkId, g_data, dataLen);
199    return true;
200}
201
202extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
203{
204    /* Run your code on data */
205    if (data == nullptr) {
206        return 0;
207    }
208
209    OHOS::Msdp::DeviceStatus::EnableFuzzTest(data, size);
210    OHOS::Msdp::DeviceStatus::AddObserverFuzzTest(data, size);
211    OHOS::Msdp::DeviceStatus::CheckDeviceOnlineFuzzTest(data, size);
212    OHOS::Msdp::DeviceStatus::OpenSessionFuzzTest(data, size);
213    OHOS::Msdp::DeviceStatus::SendPacketFuzzTest(data, size);
214    OHOS::Msdp::DeviceStatus::InitSocketFuzzTest(data, size);
215    return 0;
216}
217} // namespace DeviceStatus
218} // namespace Msdp
219} // namespace OHOS