1/*
2 * Copyright (C) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *    http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include "gethighestseclevel_fuzzer.h"
17
18#include <cstddef>
19#include <cstdint>
20
21#include "file_ex.h"
22#include "securec.h"
23#include "parameter.h"
24#include "nativetoken_kit.h"
25#include "token_setproc.h"
26#include "accesstoken_kit.h"
27
28#include "dev_slinfo_mgr.h"
29
30namespace OHOS {
31static bool g_isForcingFuzz2 = false;
32
33static void NativeTokenGetFuzz2(void)
34{
35    uint64_t tokenId2;
36    const char **permsFuzz2 = new const char *[1];
37    permsFuzz2[0] = "ohos.permission.DISTRIBUTED_DATASYNC";
38    NativeTokenInfoParams infoInstanceFuzz1 = {
39        .dcapsNum = 0,
40        .permsNum = 1,
41        .aclsNum = 0,
42        .dcaps = nullptr,
43        .perms = permsFuzz2,
44        .acls = nullptr,
45        .aplStr = "system_basic",
46    };
47
48    infoInstanceFuzz1.processName = "DevSLMgrTest";
49    tokenId2 = GetAccessTokenId(&infoInstanceFuzz1);
50    SetSelfTokenID(tokenId2);
51    OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo();
52    delete[] permsFuzz2;
53}
54
55static void BeginFuzzCase2(void)
56{
57    std::string isEnforcing;
58    OHOS::LoadStringFromFile("/sys/fs/selinux/enforce", isEnforcing);
59    if (isEnforcing.compare("1") == 0) {
60        g_isForcingFuzz2 = true;
61        OHOS::SaveStringToFile("/sys/fs/selinux/enforce", "0");
62    }
63    NativeTokenGetFuzz2();
64}
65
66static void EndFuzzCase2(void)
67{
68    if (g_isForcingFuzz2) {
69        OHOS::SaveStringToFile("/sys/fs/selinux/enforce", "1");
70    }
71}
72
73static int32_t GetLocalUdidFuzz2(DEVSLQueryParams *queryParams)
74{
75    char udid[MAX_UDID_LENGTH + 1] = {0};
76    int32_t ret = GetDevUdid(udid, MAX_UDID_LENGTH + 1);
77    if (ret != DEVSL_SUCCESS) {
78        return DEVSL_ERROR;
79    }
80
81    (void)memcpy_s(queryParams->udid, MAX_UDID_LENGTH, udid, MAX_UDID_LENGTH);
82    queryParams->udidLen = MAX_UDID_LENGTH;
83    return ret;
84}
85
86void FuzzDoGetHighestSecLevel(const uint8_t *data, size_t size)
87{
88    if (data == nullptr || size <= MAX_UDID_LENGTH) {
89        return;
90    }
91
92    uint32_t levelInfo = 0;
93    DEVSLQueryParams queryParams;
94    (void)memset_s(&queryParams, sizeof(DEVSLQueryParams), 0, sizeof(DEVSLQueryParams));
95    queryParams.udidLen = MAX_UDID_LENGTH;
96    (void)memcpy_s(queryParams.udid, MAX_UDID_LENGTH, data, MAX_UDID_LENGTH);
97    BeginFuzzCase2();
98    (void)DATASL_OnStart();
99    (void)DATASL_GetHighestSecLevel(&queryParams, &levelInfo);
100    (void)DATASL_GetHighestSecLevel(nullptr, &levelInfo);
101    (void)DATASL_GetHighestSecLevel(&queryParams, nullptr);
102
103    (void)GetLocalUdidFuzz2(&queryParams);
104
105    (void)DATASL_GetHighestSecLevel(&queryParams, &levelInfo);
106    DATASL_OnStop();
107    EndFuzzCase2();
108}
109}
110
111/* Fuzzer entry point */
112extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
113{
114    /* Run your code on data */
115    OHOS::FuzzDoGetHighestSecLevel(data, size);
116    return 0;
117}