1/*
2 * Copyright (c) 2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include "addsimmessage_fuzzer.h"
17
18#define private public
19#include "addsmstoken_fuzzer.h"
20#include "core_manager_inner.h"
21#include "i_sms_service_interface.h"
22#include "sms_service.h"
23
24using namespace OHOS::Telephony;
25namespace OHOS {
26static bool g_isInited = false;
27constexpr int32_t SLOT_NUM = 2;
28static int32_t STATUS_COUNT = 4;
29
30bool IsServiceInited()
31{
32    if (!g_isInited) {
33        CoreManagerInner::GetInstance().isInitAllObj_ = true;
34        DelayedSingleton<SmsService>::GetInstance()->registerToService_ = true;
35        DelayedSingleton<SmsService>::GetInstance()->WaitCoreServiceToInit();
36        DelayedSingleton<SmsService>::GetInstance()->OnStart();
37        if (DelayedSingleton<SmsService>::GetInstance()->GetServiceRunningState() ==
38            static_cast<int32_t>(Telephony::ServiceRunningState::STATE_RUNNING)) {
39            g_isInited = true;
40        }
41    }
42    return g_isInited;
43}
44
45void OnRemoteRequest(const uint8_t *data, size_t size)
46{
47    if (!IsServiceInited()) {
48        return;
49    }
50
51    MessageParcel dataParcel;
52    if (!dataParcel.WriteInterfaceToken(SmsInterfaceStub::GetDescriptor())) {
53        TELEPHONY_LOGE("OnRemoteRequest WriteInterfaceToken is false");
54        return;
55    }
56
57    MessageParcel replyParcel;
58    MessageOption option(MessageOption::TF_SYNC);
59
60    dataParcel.WriteBuffer(data, size);
61    dataParcel.RewindRead(0);
62    uint32_t code = static_cast<uint32_t>(size);
63
64    DelayedSingleton<SmsService>::GetInstance()->OnRemoteRequest(code, dataParcel, replyParcel, option);
65    return;
66}
67
68void GetAllSimMessages(const uint8_t *data, size_t size)
69{
70    if (!IsServiceInited()) {
71        return;
72    }
73
74    MessageParcel dataParcel;
75    MessageParcel replyParcel;
76    MessageOption option(MessageOption::TF_SYNC);
77    int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
78    dataParcel.WriteInt32(slotId);
79    dataParcel.WriteBuffer(data, size);
80    dataParcel.RewindRead(0);
81    DelayedSingleton<SmsService>::GetInstance()->OnGetAllSimMessages(dataParcel, replyParcel, option);
82
83    std::shared_ptr<SmsInterfaceManager> interfaceManager = std::make_shared<SmsInterfaceManager>(slotId);
84    if (interfaceManager == nullptr) {
85        TELEPHONY_LOGE("interfaceManager nullptr");
86        return;
87    }
88
89    interfaceManager->InitInterfaceManager();
90    std::vector<ShortMessage> message;
91    interfaceManager->GetAllSimMessages(message);
92
93    std::shared_ptr<SmsMiscManager> smsMiscManager = std::make_shared<SmsMiscManager>(slotId);
94    if (smsMiscManager == nullptr) {
95        TELEPHONY_LOGE("smsMiscManager nullptr");
96        return;
97    }
98    smsMiscManager->GetAllSimMessages(message);
99}
100
101void AddSimMessage(const uint8_t *data, size_t size)
102{
103    if (!IsServiceInited()) {
104        return;
105    }
106
107    MessageParcel dataParcel;
108    MessageParcel replyParcel;
109    MessageOption option(MessageOption::TF_SYNC);
110
111    std::string smsc(reinterpret_cast<const char *>(data), size);
112    std::string pdu(reinterpret_cast<const char *>(data), size);
113    auto smscU16 = Str8ToStr16(smsc);
114    auto pduU16 = Str8ToStr16(pdu);
115    int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
116    auto status = static_cast<ISmsServiceInterface::SimMessageStatus>(size % STATUS_COUNT);
117
118    dataParcel.WriteInt32(slotId);
119    dataParcel.WriteString16(smscU16);
120    dataParcel.WriteString16(pduU16);
121    dataParcel.WriteUint32(status);
122    dataParcel.RewindRead(0);
123    DelayedSingleton<SmsService>::GetInstance()->OnAddSimMessage(dataParcel, replyParcel, option);
124
125    std::shared_ptr<SmsInterfaceManager> interfaceManager = std::make_shared<SmsInterfaceManager>(slotId);
126    if (interfaceManager == nullptr) {
127        TELEPHONY_LOGE("interfaceManager nullptr");
128        return;
129    }
130    interfaceManager->InitInterfaceManager();
131    interfaceManager->AddSimMessage(smsc, pdu, status);
132
133    std::shared_ptr<SmsMiscManager> smsMiscManager = std::make_shared<SmsMiscManager>(slotId);
134    if (smsMiscManager == nullptr) {
135        TELEPHONY_LOGE("smsMiscManager nullptr");
136        return;
137    }
138    smsMiscManager->AddSimMessage(smsc, pdu, status);
139}
140
141void DelSimMessage(const uint8_t *data, size_t size)
142{
143    if (!IsServiceInited()) {
144        return;
145    }
146
147    MessageParcel dataParcel;
148    MessageParcel replyParcel;
149    MessageOption option(MessageOption::TF_SYNC);
150    int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
151    uint32_t index = static_cast<uint32_t>(size);
152    dataParcel.WriteInt32(slotId);
153    dataParcel.WriteUint32(index);
154    dataParcel.RewindRead(0);
155    DelayedSingleton<SmsService>::GetInstance()->OnDelSimMessage(dataParcel, replyParcel, option);
156
157    std::shared_ptr<SmsInterfaceManager> interfaceManager = std::make_shared<SmsInterfaceManager>(slotId);
158    if (interfaceManager == nullptr) {
159        TELEPHONY_LOGE("interfaceManager nullptr");
160        return;
161    }
162    interfaceManager->InitInterfaceManager();
163    interfaceManager->DelSimMessage(index);
164
165    std::shared_ptr<SmsMiscManager> smsMiscManager = std::make_shared<SmsMiscManager>(slotId);
166    if (smsMiscManager == nullptr) {
167        TELEPHONY_LOGE("smsMiscManager nullptr");
168        return;
169    }
170    smsMiscManager->DelSimMessage(index);
171}
172
173void HasSmsCapability(const uint8_t *data, size_t size)
174{
175    if (!IsServiceInited()) {
176        return;
177    }
178
179    MessageParcel dataParcel;
180    MessageParcel replyParcel;
181    MessageOption option(MessageOption::TF_SYNC);
182
183    dataParcel.WriteBuffer(data, size);
184    dataParcel.RewindRead(0);
185    DelayedSingleton<SmsService>::GetInstance()->OnHasSmsCapability(dataParcel, replyParcel, option);
186
187    int32_t slotId = static_cast<int32_t>(size % SLOT_NUM);
188    std::shared_ptr<SmsInterfaceManager> interfaceManager = std::make_shared<SmsInterfaceManager>(slotId);
189    if (interfaceManager == nullptr) {
190        TELEPHONY_LOGE("interfaceManager nullptr error");
191        return;
192    }
193    interfaceManager->InitInterfaceManager();
194    interfaceManager->HasSmsCapability();
195}
196
197void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
198{
199    if (data == nullptr || size == 0) {
200        return;
201    }
202
203    OnRemoteRequest(data, size);
204    GetAllSimMessages(data, size);
205    AddSimMessage(data, size);
206    DelSimMessage(data, size);
207    HasSmsCapability(data, size);
208    DelayedSingleton<SmsService>::DestroyInstance();
209}
210} // namespace OHOS
211
212/* Fuzzer entry point */
213extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
214{
215    /* Run your code on data */
216    OHOS::AddSmsTokenFuzzer token;
217    OHOS::DoSomethingInterestingWithMyAPI(data, size);
218    return 0;
219}
220