1/*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include "cdmasmsmessage_fuzzer.h"
17#ifdef FUZZTEST
18#define private public
19#define protected public
20#endif
21#include "addsmstoken_fuzzer.h"
22#include "cdma_sms_sub_parameter.h"
23#include "cdma_sms_transport_message.h"
24#include "cdma_sms_message.h"
25#include "sms_service.h"
26#include "securec.h"
27
28using namespace OHOS::Telephony;
29namespace OHOS {
30static bool g_isInited = false;
31static std::unique_ptr<CdmaSmsMessage> m_pCdmaSmsMessage;
32constexpr int32_t SLEEP_TIME_SECONDS = 1;
33
34bool IsServiceInited()
35{
36    if (!g_isInited) {
37        m_pCdmaSmsMessage = std::make_unique<CdmaSmsMessage>();
38        g_isInited = true;
39    }
40    return g_isInited;
41}
42
43void CreateMessageTest(const uint8_t *data, size_t size)
44{
45    if (!IsServiceInited()) {
46        return;
47    }
48    std::string pdu(reinterpret_cast<const char *>(data), size);
49    m_pCdmaSmsMessage->CreateMessage(pdu);
50    m_pCdmaSmsMessage->GetProtocolId();
51    m_pCdmaSmsMessage->IsReplaceMessage();
52    m_pCdmaSmsMessage->IsCphsMwi();
53    m_pCdmaSmsMessage->PduAnalysis(pdu);
54    m_pCdmaSmsMessage->GetTransMsgType();
55    m_pCdmaSmsMessage->GetTransTeleService();
56    m_pCdmaSmsMessage->IsWapPushMsg();
57    m_pCdmaSmsMessage->transMsg_ = std::make_unique<struct CdmaTransportMsg>();
58    m_pCdmaSmsMessage->transMsg_->type = CdmaTransportMsgType::BROADCAST;
59    m_pCdmaSmsMessage->PduAnalysis(pdu);
60    m_pCdmaSmsMessage->transMsg_->type = CdmaTransportMsgType::ACK;
61    m_pCdmaSmsMessage->PduAnalysis(pdu);
62    m_pCdmaSmsMessage->transMsg_->type = CdmaTransportMsgType::RESERVED;
63    m_pCdmaSmsMessage->PduAnalysis(pdu);
64    m_pCdmaSmsMessage->transMsg_->type = CdmaTransportMsgType::P2P;
65    m_pCdmaSmsMessage->IsWapPushMsg();
66    m_pCdmaSmsMessage->GetTransMsgType();
67    m_pCdmaSmsMessage->GetTransTeleService();
68    m_pCdmaSmsMessage->PduAnalysis(pdu);
69    m_pCdmaSmsMessage->IsWapPushMsg();
70    m_pCdmaSmsMessage->GetSpecialSmsInd();
71    m_pCdmaSmsMessage->IsStatusReport();
72    m_pCdmaSmsMessage->GetDestPort();
73    m_pCdmaSmsMessage->IsBroadcastMsg();
74    m_pCdmaSmsMessage->GetCMASCategory();
75    m_pCdmaSmsMessage->GetCMASResponseType();
76    m_pCdmaSmsMessage->GetCMASSeverity();
77    m_pCdmaSmsMessage->GetCMASUrgency();
78    m_pCdmaSmsMessage->GetCMASCertainty();
79    m_pCdmaSmsMessage->GetCMASMessageClass();
80    m_pCdmaSmsMessage->IsCMAS();
81    m_pCdmaSmsMessage->GetMessageId();
82    m_pCdmaSmsMessage->GetFormat();
83    m_pCdmaSmsMessage->GetLanguage();
84    m_pCdmaSmsMessage->GetCbInfo();
85    m_pCdmaSmsMessage->GetPriority();
86    m_pCdmaSmsMessage->IsEmergencyMsg();
87    m_pCdmaSmsMessage->GetServiceCategoty();
88    m_pCdmaSmsMessage->GetGeoScope();
89    m_pCdmaSmsMessage->GetReceTime();
90}
91
92void TestAnalysisP2pMsg(const uint8_t *data, size_t size)
93{
94    CdmaP2PMsg p2pMsg;
95    p2pMsg.teleserviceId = static_cast<uint16_t>(size);
96    p2pMsg.telesvcMsg.type = TeleserviceMsgType::DELIVER;
97    m_pCdmaSmsMessage->AnalysisP2pMsg(p2pMsg);
98    p2pMsg.telesvcMsg.type = TeleserviceMsgType::SUBMIT;
99    m_pCdmaSmsMessage->AnalysisP2pMsg(p2pMsg);
100    p2pMsg.telesvcMsg.type = TeleserviceMsgType::DELIVERY_ACK;
101    m_pCdmaSmsMessage->AnalysisP2pMsg(p2pMsg);
102    p2pMsg.telesvcMsg.type = TeleserviceMsgType::USER_ACK;
103    m_pCdmaSmsMessage->AnalysisP2pMsg(p2pMsg);
104    p2pMsg.telesvcMsg.type = TeleserviceMsgType::SUBMIT_REPORT;
105    m_pCdmaSmsMessage->AnalysisP2pMsg(p2pMsg);
106    p2pMsg.telesvcMsg.type = TeleserviceMsgType::DELIVERY_ACK;
107    m_pCdmaSmsMessage->AnalysisP2pMsg(p2pMsg);
108    p2pMsg.teleserviceId = static_cast<uint16_t>(SmsTransTelsvcId::RESERVED);
109    p2pMsg.telesvcMsg.type = TeleserviceMsgType::DELIVER;
110    m_pCdmaSmsMessage->AnalysisP2pMsg(p2pMsg);
111}
112
113void TestAnalysisDeliverMwi(const uint8_t *data, size_t size)
114{
115    CdmaP2PMsg p2pMsg;
116    p2pMsg.teleserviceId = static_cast<uint16_t>(size);
117    p2pMsg.telesvcMsg.type = TeleserviceMsgType::DELIVER;
118    m_pCdmaSmsMessage->AnalsisDeliverMwi(p2pMsg);
119    p2pMsg.teleserviceId = static_cast<uint16_t>(SmsTransTelsvcId::VMN_95);
120    p2pMsg.telesvcMsg.data.deliver.vmn.faxIncluded = true;
121    m_pCdmaSmsMessage->AnalsisDeliverMwi(p2pMsg);
122}
123
124
125void TestAnalysisDeliverMsg(const uint8_t *data, size_t size)
126{
127    TeleserviceDeliver deliverMsg;
128    deliverMsg.displayMode = SmsDisplayMode::IMMEDIATE;
129    m_pCdmaSmsMessage->AnalsisDeliverMsg(deliverMsg);
130    TeleserviceDeliverAck deliverAck;
131    m_pCdmaSmsMessage->AnalsisDeliverAck(deliverAck);
132    TeleserviceDeliverReport report;
133    m_pCdmaSmsMessage->AnalsisSubmitReport(report);
134    TeleserviceSubmit submit;
135    m_pCdmaSmsMessage->AnalsisSubmitMsg(submit);
136}
137
138void TestAnalsisUserData(const uint8_t *data, size_t size)
139{
140    SmsTeleSvcUserData userData;
141    userData.userData.headerCnt = 1;
142    userData.userData.header[0].udhType = UserDataHeadType::UDH_CONCAT_8BIT;
143    userData.encodeType = SmsEncodingType::GSM7BIT;
144    m_pCdmaSmsMessage->AnalsisUserData(userData);
145    userData.encodeType = SmsEncodingType::KOREAN;
146    m_pCdmaSmsMessage->AnalsisUserData(userData);
147    userData.encodeType = SmsEncodingType::LATIN;
148    m_pCdmaSmsMessage->AnalsisUserData(userData);
149    userData.encodeType = SmsEncodingType::SHIFT_JIS;
150    m_pCdmaSmsMessage->AnalsisUserData(userData);
151    TeleserviceDeliver deliver;
152    m_pCdmaSmsMessage->AnalsisCMASMsg(deliver);
153}
154
155void TestAnalysisCbMsg(const uint8_t *data, size_t size)
156{
157    CdmaBroadCastMsg cbMsg;
158    m_pCdmaSmsMessage->AnalysisCbMsg(cbMsg);
159    cbMsg.telesvcMsg.type = TeleserviceMsgType::DELIVER;
160    m_pCdmaSmsMessage->AnalysisCbMsg(cbMsg);
161    CdmaAckMsg ackMsg;
162    m_pCdmaSmsMessage->AnalsisAckMsg(ackMsg);
163}
164
165void TestAnalsisHeader(const uint8_t *data, size_t size)
166{
167    SmsUDH header;
168    m_pCdmaSmsMessage->AddUserDataHeader(header);
169    SmsTeleSvcUserData userData;
170    m_pCdmaSmsMessage->AnalsisHeader(userData);
171}
172
173void DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
174{
175    if (data == nullptr || size == 0) {
176        return;
177    }
178    CreateMessageTest(data, size);
179    TestAnalysisP2pMsg(data, size);
180    TestAnalysisDeliverMwi(data, size);
181    TestAnalysisDeliverMsg(data, size);
182    TestAnalsisUserData(data, size);
183    TestAnalysisCbMsg(data, size);
184    TestAnalsisHeader(data, size);
185    sleep(SLEEP_TIME_SECONDS);
186    DelayedSingleton<SmsService>::DestroyInstance();
187}
188
189} // namespace OHOS
190
191/* Fuzzer entry point */
192extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
193{
194    /* Run your code on data */
195    OHOS::AddSmsTokenFuzzer token;
196    OHOS::DoSomethingInterestingWithMyAPI(data, size);
197    return 0;
198}
199