1e5d0e473Sopenharmony_ci/* 2e5d0e473Sopenharmony_ci * Copyright (c) 2022 Huawei Device Co., Ltd. 3e5d0e473Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4e5d0e473Sopenharmony_ci * you may not use this file except in compliance with the License. 5e5d0e473Sopenharmony_ci * You may obtain a copy of the License at 6e5d0e473Sopenharmony_ci * 7e5d0e473Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8e5d0e473Sopenharmony_ci * 9e5d0e473Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10e5d0e473Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11e5d0e473Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12e5d0e473Sopenharmony_ci * See the License for the specific language governing permissions and 13e5d0e473Sopenharmony_ci * limitations under the License. 14e5d0e473Sopenharmony_ci */ 15e5d0e473Sopenharmony_ci 16e5d0e473Sopenharmony_ci#include "sendmessage_fuzzer.h" 17e5d0e473Sopenharmony_ci 18e5d0e473Sopenharmony_ci#define private public 19e5d0e473Sopenharmony_ci 20e5d0e473Sopenharmony_ci#include "addsmstoken_fuzzer.h" 21e5d0e473Sopenharmony_ci#include "core_manager_inner.h" 22e5d0e473Sopenharmony_ci#include "delivery_short_message_callback_stub.h" 23e5d0e473Sopenharmony_ci#include "send_short_message_callback_stub.h" 24e5d0e473Sopenharmony_ci#include "sms_service.h" 25e5d0e473Sopenharmony_ci 26e5d0e473Sopenharmony_ciusing namespace OHOS::Telephony; 27e5d0e473Sopenharmony_cinamespace OHOS { 28e5d0e473Sopenharmony_cistatic bool g_isInited = false; 29e5d0e473Sopenharmony_ciconstexpr int32_t SLOT_NUM = 2; 30e5d0e473Sopenharmony_ciconstexpr int32_t SLEEP_TIME_SECONDS = 2; 31e5d0e473Sopenharmony_ci 32e5d0e473Sopenharmony_cibool IsServiceInited() 33e5d0e473Sopenharmony_ci{ 34e5d0e473Sopenharmony_ci if (!g_isInited) { 35e5d0e473Sopenharmony_ci CoreManagerInner::GetInstance().isInitAllObj_ = true; 36e5d0e473Sopenharmony_ci DelayedSingleton<SmsService>::GetInstance()->registerToService_ = true; 37e5d0e473Sopenharmony_ci DelayedSingleton<SmsService>::GetInstance()->WaitCoreServiceToInit(); 38e5d0e473Sopenharmony_ci DelayedSingleton<SmsService>::GetInstance()->OnStart(); 39e5d0e473Sopenharmony_ci if (DelayedSingleton<SmsService>::GetInstance()->GetServiceRunningState() == 40e5d0e473Sopenharmony_ci static_cast<int32_t>(Telephony::ServiceRunningState::STATE_RUNNING)) { 41e5d0e473Sopenharmony_ci g_isInited = true; 42e5d0e473Sopenharmony_ci } 43e5d0e473Sopenharmony_ci } 44e5d0e473Sopenharmony_ci return g_isInited; 45e5d0e473Sopenharmony_ci} 46e5d0e473Sopenharmony_ci 47e5d0e473Sopenharmony_civoid SendSmsTextRequest(const uint8_t *data, size_t size) 48e5d0e473Sopenharmony_ci{ 49e5d0e473Sopenharmony_ci if (!IsServiceInited()) { 50e5d0e473Sopenharmony_ci return; 51e5d0e473Sopenharmony_ci } 52e5d0e473Sopenharmony_ci 53e5d0e473Sopenharmony_ci MessageParcel dataParcel; 54e5d0e473Sopenharmony_ci MessageParcel replyParcel; 55e5d0e473Sopenharmony_ci MessageOption option(MessageOption::TF_SYNC); 56e5d0e473Sopenharmony_ci 57e5d0e473Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 58e5d0e473Sopenharmony_ci std::string text(reinterpret_cast<const char *>(data), size); 59e5d0e473Sopenharmony_ci auto desAddrU16 = Str8ToStr16("123456"); 60e5d0e473Sopenharmony_ci auto scAddrU16 = Str8ToStr16("123456"); 61e5d0e473Sopenharmony_ci auto textU16 = Str8ToStr16(text); 62e5d0e473Sopenharmony_ci 63e5d0e473Sopenharmony_ci std::unique_ptr<SendShortMessageCallbackStub> sendCallback = std::make_unique<SendShortMessageCallbackStub>(); 64e5d0e473Sopenharmony_ci std::unique_ptr<DeliveryShortMessageCallbackStub> deliveryCallback = 65e5d0e473Sopenharmony_ci std::make_unique<DeliveryShortMessageCallbackStub>(); 66e5d0e473Sopenharmony_ci 67e5d0e473Sopenharmony_ci dataParcel.WriteInt32(slotId); 68e5d0e473Sopenharmony_ci dataParcel.WriteString16(desAddrU16); 69e5d0e473Sopenharmony_ci dataParcel.WriteString16(scAddrU16); 70e5d0e473Sopenharmony_ci dataParcel.WriteString16(textU16); 71e5d0e473Sopenharmony_ci if (sendCallback != nullptr) { 72e5d0e473Sopenharmony_ci dataParcel.WriteRemoteObject(sendCallback.release()->AsObject().GetRefPtr()); 73e5d0e473Sopenharmony_ci } 74e5d0e473Sopenharmony_ci if (deliveryCallback != nullptr) { 75e5d0e473Sopenharmony_ci dataParcel.WriteRemoteObject(deliveryCallback.release()->AsObject().GetRefPtr()); 76e5d0e473Sopenharmony_ci } 77e5d0e473Sopenharmony_ci dataParcel.RewindRead(0); 78e5d0e473Sopenharmony_ci 79e5d0e473Sopenharmony_ci DelayedSingleton<SmsService>::GetInstance()->OnSendSmsTextRequest(dataParcel, replyParcel, option); 80e5d0e473Sopenharmony_ci} 81e5d0e473Sopenharmony_ci 82e5d0e473Sopenharmony_civoid GetDefaultSmsSlotId(const uint8_t *data, size_t size) 83e5d0e473Sopenharmony_ci{ 84e5d0e473Sopenharmony_ci if (!IsServiceInited()) { 85e5d0e473Sopenharmony_ci return; 86e5d0e473Sopenharmony_ci } 87e5d0e473Sopenharmony_ci 88e5d0e473Sopenharmony_ci MessageParcel dataParcel; 89e5d0e473Sopenharmony_ci MessageParcel replyParcel; 90e5d0e473Sopenharmony_ci MessageOption option(MessageOption::TF_SYNC); 91e5d0e473Sopenharmony_ci 92e5d0e473Sopenharmony_ci dataParcel.WriteBuffer(data, size); 93e5d0e473Sopenharmony_ci dataParcel.RewindRead(0); 94e5d0e473Sopenharmony_ci DelayedSingleton<SmsService>::GetInstance()->OnGetDefaultSmsSlotId(dataParcel, replyParcel, option); 95e5d0e473Sopenharmony_ci return; 96e5d0e473Sopenharmony_ci} 97e5d0e473Sopenharmony_ci 98e5d0e473Sopenharmony_civoid SmsServiceInterfaceTest(const uint8_t *data, size_t size) 99e5d0e473Sopenharmony_ci{ 100e5d0e473Sopenharmony_ci if (!IsServiceInited()) { 101e5d0e473Sopenharmony_ci return; 102e5d0e473Sopenharmony_ci } 103e5d0e473Sopenharmony_ci uint16_t id = 0; 104e5d0e473Sopenharmony_ci int32_t fd = static_cast<int32_t>(data[0]); 105e5d0e473Sopenharmony_ci auto service = DelayedSingleton<SmsService>::GetInstance(); 106e5d0e473Sopenharmony_ci std::vector<std::u16string> args; 107e5d0e473Sopenharmony_ci service->Dump(-1, args); 108e5d0e473Sopenharmony_ci service->Dump(fd, args); 109e5d0e473Sopenharmony_ci std::string argsStr(reinterpret_cast<const char *>(data), size); 110e5d0e473Sopenharmony_ci std::u16string argsStrU16 = StringUtils::ToUtf16(argsStr); 111e5d0e473Sopenharmony_ci args.push_back(argsStrU16); 112e5d0e473Sopenharmony_ci service->Dump(fd, args); 113e5d0e473Sopenharmony_ci service->GetBindTime(); 114e5d0e473Sopenharmony_ci 115e5d0e473Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 116e5d0e473Sopenharmony_ci service->InsertSessionAndDetail(slotId, argsStr, argsStr, id); 117e5d0e473Sopenharmony_ci uint16_t num = static_cast<uint16_t>(size); 118e5d0e473Sopenharmony_ci service->QuerySessionByTelephone(argsStr, num, num); 119e5d0e473Sopenharmony_ci service->InsertSmsMmsInfo(slotId, num, argsStr, argsStr, id); 120e5d0e473Sopenharmony_ci bool value = slotId == 0 ? true : false; 121e5d0e473Sopenharmony_ci service->InsertSession(value, num, argsStr, argsStr); 122e5d0e473Sopenharmony_ci service->IsImsSmsSupported(slotId, value); 123e5d0e473Sopenharmony_ci service->GetImsShortMessageFormat(argsStrU16); 124e5d0e473Sopenharmony_ci service->HasSmsCapability(); 125e5d0e473Sopenharmony_ci service->SetSmscAddr(slotId, argsStrU16); 126e5d0e473Sopenharmony_ci service->TrimSmscAddr(argsStr); 127e5d0e473Sopenharmony_ci service->GetSmscAddr(slotId, argsStrU16); 128e5d0e473Sopenharmony_ci uint32_t index = static_cast<uint32_t>(size); 129e5d0e473Sopenharmony_ci service->CheckSimMessageIndexValid(slotId, index); 130e5d0e473Sopenharmony_ci service->SetImsSmsConfig(slotId, value); 131e5d0e473Sopenharmony_ci service->SetDefaultSmsSlotId(slotId); 132e5d0e473Sopenharmony_ci service->GetDefaultSmsSlotId(); 133e5d0e473Sopenharmony_ci int32_t simId; 134e5d0e473Sopenharmony_ci service->GetDefaultSmsSimId(simId); 135e5d0e473Sopenharmony_ci service->GetServiceRunningState(); 136e5d0e473Sopenharmony_ci service->GetEndTime(); 137e5d0e473Sopenharmony_ci service->ValidDestinationAddress(argsStr); 138e5d0e473Sopenharmony_ci service->GetSpendTime(); 139e5d0e473Sopenharmony_ci service->GetBase64Encode(argsStr, argsStr); 140e5d0e473Sopenharmony_ci service->GetBase64Decode(argsStr, argsStr); 141e5d0e473Sopenharmony_ci service->GetEncodeStringFunc(argsStr, index, index, argsStr); 142e5d0e473Sopenharmony_ci int64_t timeStamp = 0; 143e5d0e473Sopenharmony_ci service->SendMms(slotId, argsStrU16, argsStrU16, argsStrU16, argsStrU16, timeStamp); 144e5d0e473Sopenharmony_ci service->DownloadMms(slotId, argsStrU16, argsStrU16, argsStrU16, argsStrU16); 145e5d0e473Sopenharmony_ci} 146e5d0e473Sopenharmony_ci 147e5d0e473Sopenharmony_civoid DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size) 148e5d0e473Sopenharmony_ci{ 149e5d0e473Sopenharmony_ci if (data == nullptr || size == 0) { 150e5d0e473Sopenharmony_ci return; 151e5d0e473Sopenharmony_ci } 152e5d0e473Sopenharmony_ci 153e5d0e473Sopenharmony_ci SendSmsTextRequest(data, size); 154e5d0e473Sopenharmony_ci GetDefaultSmsSlotId(data, size); 155e5d0e473Sopenharmony_ci SmsServiceInterfaceTest(data, size); 156e5d0e473Sopenharmony_ci DelayedSingleton<ImsSmsClient>::GetInstance()->UnInit(); 157e5d0e473Sopenharmony_ci DelayedSingleton<ImsSmsClient>::DestroyInstance(); 158e5d0e473Sopenharmony_ci sleep(SLEEP_TIME_SECONDS); 159e5d0e473Sopenharmony_ci DelayedSingleton<SmsService>::DestroyInstance(); 160e5d0e473Sopenharmony_ci} 161e5d0e473Sopenharmony_ci} // namespace OHOS 162e5d0e473Sopenharmony_ci 163e5d0e473Sopenharmony_ci/* Fuzzer entry point */ 164e5d0e473Sopenharmony_ciextern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) 165e5d0e473Sopenharmony_ci{ 166e5d0e473Sopenharmony_ci /* Run your code on data */ 167e5d0e473Sopenharmony_ci OHOS::AddSmsTokenFuzzer token; 168e5d0e473Sopenharmony_ci OHOS::DoSomethingInterestingWithMyAPI(data, size); 169e5d0e473Sopenharmony_ci return 0; 170e5d0e473Sopenharmony_ci} 171