1/* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16#include "cdmasmsencode_fuzzer.h" 17 18#include "addsmstoken_fuzzer.h" 19#include "cdma_sms_sub_parameter.h" 20#include "cdma_sms_transport_message.h" 21#include "securec.h" 22 23using namespace OHOS::Telephony; 24namespace OHOS { 25bool g_flag = false; 26constexpr int32_t BOOL_NUM = 2; 27 28void TeleserviceIdEncode(const uint8_t *data, size_t size) 29{ 30 uint16_t value; 31 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 32 return; 33 } 34 auto parameter = std::make_unique<CdmaSmsTeleserviceId>(value); 35 if (parameter == nullptr) { 36 return; 37 } 38 SmsWriteBuffer pdu; 39 parameter->Encode(pdu); 40 auto pduBuffer = pdu.GetPduBuffer(); 41} 42 43void ServiceCategoryEncode(const uint8_t *data, size_t size) 44{ 45 uint16_t value; 46 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 47 return; 48 } 49 auto parameter = std::make_unique<CdmaSmsServiceCategory>(value); 50 if (parameter == nullptr) { 51 return; 52 } 53 SmsWriteBuffer pdu; 54 parameter->Encode(pdu); 55 auto pduBuffer = pdu.GetPduBuffer(); 56} 57 58void BearerReplyEncode(const uint8_t *data, size_t size) 59{ 60 uint8_t value; 61 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 62 return; 63 } 64 auto parameter = std::make_unique<CdmaSmsBearerReply>(value); 65 if (parameter == nullptr) { 66 return; 67 } 68 SmsWriteBuffer pdu; 69 parameter->Encode(pdu); 70 auto pduBuffer = pdu.GetPduBuffer(); 71} 72 73void CauseCodesEncode(const uint8_t *data, size_t size) 74{ 75 TransportCauseCode value; 76 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 77 return; 78 } 79 auto parameter = std::make_unique<CdmaSmsCauseCodes>(value); 80 if (parameter == nullptr) { 81 return; 82 } 83 SmsWriteBuffer pdu; 84 parameter->Encode(pdu); 85 auto pduBuffer = pdu.GetPduBuffer(); 86} 87 88void AddressParameterEncode(const uint8_t *data, size_t size) 89{ 90 TransportAddr value; 91 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 92 return; 93 } 94 value.digitMode = static_cast<bool>(size % BOOL_NUM); 95 value.numberMode = static_cast<bool>(size % BOOL_NUM); 96 auto parameter = std::make_unique<CdmaSmsAddressParameter>(value, CdmaSmsParameterRecord::ORG_ADDRESS); 97 if (parameter == nullptr) { 98 return; 99 } 100 SmsWriteBuffer pdu; 101 parameter->Encode(pdu); 102 auto pduBuffer = pdu.GetPduBuffer(); 103} 104 105void SubaddressEncode(const uint8_t *data, size_t size) 106{ 107 TransportSubAddr value; 108 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 109 return; 110 } 111 value.odd = static_cast<bool>(size % BOOL_NUM); 112 auto parameter = std::make_unique<CdmaSmsSubaddress>(value, CdmaSmsParameterRecord::ORG_SUB_ADDRESS); 113 if (parameter == nullptr) { 114 return; 115 } 116 SmsWriteBuffer pdu; 117 parameter->Encode(pdu); 118 auto pduBuffer = pdu.GetPduBuffer(); 119} 120 121void BearerDataEncode(const uint8_t *data, size_t size) 122{ 123 CdmaTeleserviceMsg value; 124 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 125 return; 126 } 127 auto parameter = std::make_unique<CdmaSmsBearerData>(value); 128 if (parameter == nullptr) { 129 return; 130 } 131 SmsWriteBuffer pdu; 132 parameter->Encode(pdu); 133 auto pduBuffer = pdu.GetPduBuffer(); 134} 135 136void BaseParameterEncode(const uint8_t *data, size_t size) 137{ 138 uint8_t value; 139 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 140 return; 141 } 142 auto parameter = std::make_unique<CdmaSmsBaseParameter>(CdmaSmsSubParameter::MESSAGE_IDENTIFIER, value); 143 if (parameter == nullptr) { 144 return; 145 } 146 SmsWriteBuffer pdu; 147 parameter->Encode(pdu); 148 auto pduBuffer = pdu.GetPduBuffer(); 149} 150 151void ReservedParameterEncode(const uint8_t *data, size_t size) 152{ 153 auto parameter = std::make_unique<CdmaSmsReservedParameter>(CdmaSmsSubParameter::MESSAGE_IDENTIFIER); 154 if (parameter == nullptr) { 155 return; 156 } 157 SmsWriteBuffer pdu; 158 parameter->Encode(pdu); 159 auto pduBuffer = pdu.GetPduBuffer(); 160} 161 162void MessageIdEncode(const uint8_t *data, size_t size) 163{ 164 SmsTeleSvcMsgId value; 165 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 166 return; 167 } 168 value.headerInd = static_cast<bool>(size % BOOL_NUM); 169 auto parameter = std::make_unique<CdmaSmsMessageId>(value, CdmaSmsTeleserviceMessage::DELIVER); 170 if (parameter == nullptr) { 171 return; 172 } 173 SmsWriteBuffer pdu; 174 parameter->Encode(pdu); 175 auto pduBuffer = pdu.GetPduBuffer(); 176} 177 178void AbsoluteTimeEncode(const uint8_t *data, size_t size) 179{ 180 SmsTimeAbs value; 181 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 182 return; 183 } 184 auto parameter = std::make_unique<CdmaSmsAbsoluteTime>(CdmaSmsSubParameter::VALIDITY_PERIOD_ABSOLUTE, value); 185 if (parameter == nullptr) { 186 return; 187 } 188 SmsWriteBuffer pdu; 189 parameter->Encode(pdu); 190 auto pduBuffer = pdu.GetPduBuffer(); 191} 192 193void PriorityIndEncode(const uint8_t *data, size_t size) 194{ 195 SmsPriorityIndicator value; 196 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 197 return; 198 } 199 auto parameter = std::make_unique<CdmaSmsPriorityInd>(value); 200 if (parameter == nullptr) { 201 return; 202 } 203 SmsWriteBuffer pdu; 204 parameter->Encode(pdu); 205 auto pduBuffer = pdu.GetPduBuffer(); 206} 207 208void PrivacyIndEncode(const uint8_t *data, size_t size) 209{ 210 SmsPrivacyIndicator value; 211 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 212 return; 213 } 214 auto parameter = std::make_unique<CdmaSmsPrivacyInd>(value); 215 if (parameter == nullptr) { 216 return; 217 } 218 SmsWriteBuffer pdu; 219 parameter->Encode(pdu); 220 auto pduBuffer = pdu.GetPduBuffer(); 221} 222 223void ReplyOptionEncode(const uint8_t *data, size_t size) 224{ 225 SmsReplyOption value; 226 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 227 return; 228 } 229 auto parameter = std::make_unique<CdmaSmsReplyOption>(value); 230 if (parameter == nullptr) { 231 return; 232 } 233 SmsWriteBuffer pdu; 234 parameter->Encode(pdu); 235 auto pduBuffer = pdu.GetPduBuffer(); 236} 237 238void UserDataEncode(const uint8_t *data, size_t size) 239{ 240 SmsTeleSvcUserData value; 241 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 242 return; 243 } 244 bool headerInd = false; 245 auto parameter = std::make_unique<CdmaSmsUserData>(value, headerInd); 246 if (parameter == nullptr) { 247 return; 248 } 249 SmsWriteBuffer pdu; 250 parameter->Encode(pdu); 251 auto pduBuffer = pdu.GetPduBuffer(); 252} 253 254void CmasDataEncode(const uint8_t *data, size_t size) 255{ 256 SmsTeleSvcCmasData value; 257 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 258 return; 259 } 260 auto parameter = std::make_unique<CdmaSmsCmasData>(value); 261 if (parameter == nullptr) { 262 return; 263 } 264 SmsWriteBuffer pdu; 265 parameter->Encode(pdu); 266 auto pduBuffer = pdu.GetPduBuffer(); 267} 268 269void AlertPriorityEncode(const uint8_t *data, size_t size) 270{ 271 SmsAlertPriority value; 272 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 273 return; 274 } 275 auto parameter = std::make_unique<CdmaSmsAlertPriority>(value); 276 if (parameter == nullptr) { 277 return; 278 } 279 SmsWriteBuffer pdu; 280 parameter->Encode(pdu); 281 auto pduBuffer = pdu.GetPduBuffer(); 282} 283void LanguageIndEncode(const uint8_t *data, size_t size) 284{ 285 SmsLanguageType value; 286 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 287 return; 288 } 289 auto parameter = std::make_unique<CdmaSmsLanguageInd>(value); 290 if (parameter == nullptr) { 291 return; 292 } 293 SmsWriteBuffer pdu; 294 parameter->Encode(pdu); 295 auto pduBuffer = pdu.GetPduBuffer(); 296} 297void CallbackNumberEncode(const uint8_t *data, size_t size) 298{ 299 SmsTeleSvcAddr value; 300 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 301 return; 302 } 303 value.digitMode = static_cast<bool>(size % BOOL_NUM); 304 auto parameter = std::make_unique<CdmaSmsCallbackNumber>(value); 305 if (parameter == nullptr) { 306 return; 307 } 308 SmsWriteBuffer pdu; 309 parameter->Encode(pdu); 310 auto pduBuffer = pdu.GetPduBuffer(); 311} 312void DepositIndexEncode(const uint8_t *data, size_t size) 313{ 314 uint16_t value; 315 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 316 return; 317 } 318 auto parameter = std::make_unique<CdmaSmsDepositIndex>(value); 319 if (parameter == nullptr) { 320 return; 321 } 322 SmsWriteBuffer pdu; 323 parameter->Encode(pdu); 324 auto pduBuffer = pdu.GetPduBuffer(); 325} 326void DisplayModeEncode(const uint8_t *data, size_t size) 327{ 328 SmsDisplayMode value; 329 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 330 return; 331 } 332 auto parameter = std::make_unique<CdmaSmsDisplayMode>(value); 333 if (parameter == nullptr) { 334 return; 335 } 336 SmsWriteBuffer pdu; 337 parameter->Encode(pdu); 338 auto pduBuffer = pdu.GetPduBuffer(); 339} 340void MessageStatusEncode(const uint8_t *data, size_t size) 341{ 342 SmsStatusCode value; 343 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 344 return; 345 } 346 auto parameter = std::make_unique<CdmaSmsMessageStatus>(value); 347 if (parameter == nullptr) { 348 return; 349 } 350 SmsWriteBuffer pdu; 351 parameter->Encode(pdu); 352 auto pduBuffer = pdu.GetPduBuffer(); 353} 354void NumberMessagesEncode(const uint8_t *data, size_t size) 355{ 356 uint32_t value; 357 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 358 return; 359 } 360 auto parameter = std::make_unique<CdmaSmsNumberMessages>(value); 361 if (parameter == nullptr) { 362 return; 363 } 364 SmsWriteBuffer pdu; 365 parameter->Encode(pdu); 366 auto pduBuffer = pdu.GetPduBuffer(); 367} 368void EnhancedVmnEncode(const uint8_t *data, size_t size) 369{ 370 SmsEnhancedVmn value; 371 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 372 return; 373 } 374 auto parameter = std::make_unique<CdmaSmsEnhancedVmn>(value); 375 if (parameter == nullptr) { 376 return; 377 } 378 SmsWriteBuffer pdu; 379 parameter->Encode(pdu); 380 auto pduBuffer = pdu.GetPduBuffer(); 381} 382void EnhancedVmnAckEncode(const uint8_t *data, size_t size) 383{ 384 SmsEnhancedVmnAck value; 385 if (memcpy_s(&value, sizeof(value), data, size) != EOK) { 386 return; 387 } 388 auto parameter = std::make_unique<CdmaSmsEnhancedVmnAck>(value); 389 if (parameter == nullptr) { 390 return; 391 } 392 SmsWriteBuffer pdu; 393 parameter->Encode(pdu); 394 auto pduBuffer = pdu.GetPduBuffer(); 395} 396 397void TransportMessageEncode(const uint8_t *data, size_t size) 398{ 399 SmsWriteBuffer pdu; 400 CdmaTransportMsg msg; 401 if (memcpy_s(&msg, sizeof(msg), data, size) != EOK) { 402 return; 403 } 404 auto message = CdmaSmsTransportMessage::CreateTransportMessage(msg); 405 if (message == nullptr) { 406 return; 407 } 408 message->Encode(pdu); 409 auto pduBuffer = pdu.GetPduBuffer(); 410 411 SmsWriteBuffer wBuffer1; 412 msg.type = CdmaTransportMsgType::P2P; 413 auto message1 = CdmaSmsTransportMessage::CreateTransportMessage(msg); 414 if (message1 == nullptr) { 415 return; 416 } 417 message1->Encode(wBuffer1); 418 auto pduBuffer1 = wBuffer1.GetPduBuffer(); 419 420 SmsWriteBuffer wBuffer2; 421 msg.type = CdmaTransportMsgType::BROADCAST; 422 auto message2 = CdmaSmsTransportMessage::CreateTransportMessage(msg); 423 if (message2 == nullptr) { 424 return; 425 } 426 message2->Encode(wBuffer2); 427 auto pduBuffer2 = wBuffer2.GetPduBuffer(); 428 429 SmsWriteBuffer wBuffer3; 430 msg.type = CdmaTransportMsgType::ACK; 431 auto message3 = CdmaSmsTransportMessage::CreateTransportMessage(msg); 432 if (message3 == nullptr) { 433 return; 434 } 435 message3->Encode(wBuffer3); 436 auto pduBuffer3 = wBuffer3.GetPduBuffer(); 437} 438 439void ParameterRecordEncode(const uint8_t *data, size_t size) 440{ 441 TeleserviceIdEncode(data, size); 442 ServiceCategoryEncode(data, size); 443 BearerReplyEncode(data, size); 444 CauseCodesEncode(data, size); 445 AddressParameterEncode(data, size); 446 SubaddressEncode(data, size); 447 BearerDataEncode(data, size); 448} 449 450void SubParameterEncode(const uint8_t *data, size_t size) 451{ 452 BaseParameterEncode(data, size); 453 ReservedParameterEncode(data, size); 454 MessageIdEncode(data, size); 455 AbsoluteTimeEncode(data, size); 456 PriorityIndEncode(data, size); 457 PrivacyIndEncode(data, size); 458 ReplyOptionEncode(data, size); 459 UserDataEncode(data, size); 460 CmasDataEncode(data, size); 461 AlertPriorityEncode(data, size); 462 LanguageIndEncode(data, size); 463 CallbackNumberEncode(data, size); 464 DepositIndexEncode(data, size); 465 DisplayModeEncode(data, size); 466 MessageStatusEncode(data, size); 467 NumberMessagesEncode(data, size); 468 EnhancedVmnEncode(data, size); 469 EnhancedVmnAckEncode(data, size); 470} 471 472void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size) 473{ 474 if (data == nullptr || size == 0) { 475 return; 476 } 477 478 if (g_flag) { 479 return; 480 } 481 g_flag = true; 482 483 TransportMessageEncode(data, size); 484 ParameterRecordEncode(data, size); 485 SubParameterEncode(data, size); 486} 487 488} // namespace OHOS 489 490/* Fuzzer entry point */ 491extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) 492{ 493 /* Run your code on data */ 494 OHOS::AddSmsTokenFuzzer token; 495 OHOS::DoSomethingInterestingWithMyAPI(data, size); 496 return 0; 497} 498