1 /*
2 * Copyright (c) 2024 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #ifdef FUZZTEST
17 #define private public
18 #define protected public
19 #endif
20
21 #include "unittesttwo_fuzzer.h"
22
23 #include "addsmstoken_fuzzer.h"
24 #include "gsm_cb_codec.h"
25 #include "mms_network_manager.h"
26 #include "mms_receive_manager.h"
27 #include "mms_send_manager.h"
28 #include "sms_interface_manager.h"
29 #include "string_utils.h"
30
31 namespace OHOS {
32 using namespace Telephony;
33
34 class Fuzzer {
35 public:
Fuzzer(const uint8_t* data, size_t size)36 Fuzzer(const uint8_t* data, size_t size):g_data(data), g_size(size) {}
~Fuzzer()37 virtual ~Fuzzer() {};
38 virtual void StartFuzzerTest() = 0;
39
40 protected:
GetString(size_t size = 0)41 std::string GetString(size_t size = 0)
42 {
43 std::string str(reinterpret_cast<const char*>(g_data), g_size);
44 if (size != 0 && size < str.size()) {
45 str.resize(size);
46 }
47 return str;
48 }
GetNumRandom(size_t minNum = 0, size_t RangeStart = 0)49 size_t GetNumRandom(size_t minNum = 0, size_t RangeStart = 0)
50 {
51 return g_size % (++RangeStart) + minNum;
52 }
GetPduVect()53 std::vector<unsigned char> GetPduVect()
54 {
55 std::string strData = GetString(50);
56 std::vector<unsigned char> vectUnsignedChar(strData.begin(), strData.end());
57 return vectUnsignedChar;
58 }
59
60 protected:
61 const uint8_t* g_data;
62 const size_t g_size;
63 const int32_t g_slotId = 1;
64 };
65
66 class MmsNetworkManagerFuzzer final : public Fuzzer {
67 public:
68 using Fuzzer::Fuzzer;
69 ~MmsNetworkManagerFuzzer() final {}
70 public:
71 void StartFuzzerTest() override
72 {
73 if (!CreateObject()) {
74 return;
75 }
76 TestAcquireNetwork();
77 TestGetOrCreateHttpClient();
78 TestReleaseNetwork();
79 DestoryObject();
80 }
81 protected:
CreateObject()82 bool CreateObject()
83 {
84 m_pMmsNetworkManager = std::make_unique<MmsNetworkManager>();
85 return m_pMmsNetworkManager != nullptr;
86 }
DestoryObject()87 void DestoryObject()
88 {
89 m_pMmsNetworkManager.reset();
90 }
TestAcquireNetwork()91 void TestAcquireNetwork()
92 {
93 uint8_t requestId = static_cast<uint8_t>(GetNumRandom(0, 10));
94 m_pMmsNetworkManager->AcquireNetwork(g_slotId, requestId);
95 }
TestGetOrCreateHttpClient()96 void TestGetOrCreateHttpClient()
97 {
98 m_pMmsNetworkManager->GetOrCreateHttpClient(g_slotId);
99 }
TestReleaseNetwork()100 void TestReleaseNetwork()
101 {
102 uint8_t requestId = static_cast<uint8_t>(GetNumRandom(0, 10));
103 bool shouldRelease = false;
104 m_pMmsNetworkManager->ReleaseNetwork(requestId, shouldRelease);
105 }
106 private:
107 std::unique_ptr<MmsNetworkManager> m_pMmsNetworkManager;
108 };
109
110 class MmsSendAndReceiveManagerFuzzer final : public Fuzzer {
111 public:
112 using Fuzzer::Fuzzer;
113 ~MmsSendAndReceiveManagerFuzzer() final {}
114 public:
115 void StartFuzzerTest() override
116 {
117 if (!CreateObject()) {
118 return;
119 }
120 TestSendMms();
121 TestDownloadMms();
122 DestoryObject();
123 }
124 protected:
CreateObject()125 bool CreateObject()
126 {
127 m_pMmsSendManager = std::make_unique<MmsSendManager>(g_slotId);
128 m_pMmsReceiveManager = std::make_unique<MmsReceiveManager>(g_slotId);
129 return m_pMmsSendManager != nullptr && m_pMmsReceiveManager != nullptr;
130 }
DestoryObject()131 void DestoryObject()
132 {
133 m_pMmsSendManager.reset();
134 m_pMmsReceiveManager.reset();
135 }
TestSendMms()136 void TestSendMms()
137 {
138 std::u16string mmsc = StringUtils::ToUtf16(GetString(10));
139 std::u16string data = StringUtils::ToUtf16(GetString(20));
140 std::u16string ua = StringUtils::ToUtf16("ua");
141 std::u16string uaprof = StringUtils::ToUtf16("uaprof");
142 m_pMmsSendManager->SendMms(mmsc, data, ua, uaprof);
143 }
TestDownloadMms()144 void TestDownloadMms()
145 {
146 std::u16string mmsc = StringUtils::ToUtf16(GetString(10));
147 std::u16string data = StringUtils::ToUtf16(GetString(20));
148 std::u16string ua = StringUtils::ToUtf16("ua");
149 std::u16string uaprof = StringUtils::ToUtf16("uaprof");
150 m_pMmsReceiveManager->DownloadMms(mmsc, data, ua, uaprof);
151 }
152 private:
153 std::unique_ptr<MmsSendManager> m_pMmsSendManager;
154 std::unique_ptr<MmsReceiveManager> m_pMmsReceiveManager;
155 };
156
157 class GsmCbCodecFuzzer final : public Fuzzer {
158 public:
159 using Fuzzer::Fuzzer;
160 ~GsmCbCodecFuzzer() final {}
161 public:
162 void StartFuzzerTest() override
163 {
164 if (!CreateObject()) {
165 return;
166 }
167 TestOperator();
168 TestEncodeCbSerialNum();
169 TestCMASClass();
170 TestGetSomething();
171 TestISSomething();
172 TestToString();
173 DestoryObject();
174 }
175 protected:
CreateObject()176 bool CreateObject()
177 {
178 m_pGsmCbCodec = std::make_unique<GsmCbCodec>();
179 return m_pGsmCbCodec != nullptr;
180 }
DestoryObject()181 void DestoryObject()
182 {
183 m_pGsmCbCodec.reset();
184 }
TestOperator()185 void TestOperator()
186 {
187 GsmCbCodec first;
188 GsmCbCodec second;
189 first.ParamsCheck(GetPduVect());
190 auto result = (second == first);
191 second.ParamsCheck(GetPduVect());
192 result = (second == first);
193 }
TestCMASClass()194 void TestCMASClass()
195 {
196 std::vector<GsmCbCodec::CmasMsgType> messageIds = {
197 GsmCbCodec::CmasMsgType::PRESIDENTIAL_SPANISH,
198 GsmCbCodec::CmasMsgType::EXTREME_LIKELY_SPANISH,
199 GsmCbCodec::CmasMsgType::EXPECTED_LIKELY_SPANISH,
200 GsmCbCodec::CmasMsgType::AMBER_ALERT_SPANISH,
201 GsmCbCodec::CmasMsgType::MONTHLY_ALERT_SPANISH,
202 GsmCbCodec::CmasMsgType::EXERCISE_ALERT_SPANISH,
203 GsmCbCodec::CmasMsgType::OPERATOR_ALERT_SPANISH};
204 for (auto messageId : messageIds) {
205 m_pGsmCbCodec->CMASClass(static_cast<uint16_t>(messageId));
206 }
207 }
TestEncodeCbSerialNum()208 void TestEncodeCbSerialNum()
209 {
210 GsmCbCodec::GsmCBMsgSerialNum serialNum;
211 m_pGsmCbCodec->EncodeCbSerialNum(serialNum);
212 }
TestGetSomething()213 void TestGetSomething()
214 {
215 int8_t cbFormat = static_cast<int8_t>(GetNumRandom(1, 10));
216 m_pGsmCbCodec->GetFormat(cbFormat);
217 int8_t cbPriority = static_cast<int8_t>(GetNumRandom(1, 10));
218 m_pGsmCbCodec->GetPriority(cbPriority);
219 uint8_t geoScope = static_cast<uint8_t>(GetNumRandom(1, 10));
220 m_pGsmCbCodec->GetGeoScope(geoScope);
221 uint16_t cbSerial = static_cast<uint16_t>(GetNumRandom(1, 10));
222 m_pGsmCbCodec->GetSerialNum(cbSerial);
223 uint16_t cbCategoty = static_cast<uint16_t>(GetNumRandom(1, 10));
224 m_pGsmCbCodec->GetServiceCategory(cbCategoty);
225 uint8_t severity = static_cast<uint8_t>(GetNumRandom(1, 10));
226 m_pGsmCbCodec->GetCmasSeverity(severity);
227 uint8_t urgency = static_cast<uint8_t>(GetNumRandom(1, 10));
228 m_pGsmCbCodec->GetCmasUrgency(urgency);
229 uint8_t certainty = static_cast<uint8_t>(GetNumRandom(1, 10));
230 m_pGsmCbCodec->GetCmasCertainty(certainty);
231 uint8_t cmasCategory = static_cast<uint8_t>(GetNumRandom(1, 10));
232 m_pGsmCbCodec->GetCmasCategory(cmasCategory);
233 uint8_t cmasRes = static_cast<uint8_t>(GetNumRandom(1, 10));
234 m_pGsmCbCodec->GetCmasResponseType(cmasRes);
235 uint16_t msgId = static_cast<uint16_t>(GetNumRandom(1, 10));
236 m_pGsmCbCodec->GetMessageId(msgId);
237 uint8_t cmasClass = static_cast<uint8_t>(GetNumRandom(1, 10));
238 m_pGsmCbCodec->GetCmasMessageClass(cmasClass);
239 uint8_t msgType = static_cast<uint8_t>(GetNumRandom(1, 10));
240 m_pGsmCbCodec->GetMsgType(msgType);
241 uint8_t lan = static_cast<uint8_t>(GetNumRandom(1, 10));
242 m_pGsmCbCodec->GetLangType(lan);
243 uint8_t dcs = static_cast<uint8_t>(GetNumRandom(1, 10));
244 m_pGsmCbCodec->GetDcs(dcs);
245 int64_t receiveTime = static_cast<int64_t>(GetNumRandom(1, 10));
246 m_pGsmCbCodec->GetReceiveTime(receiveTime);
247
248 m_pGsmCbCodec->ParamsCheck(GetPduVect());
249
250 m_pGsmCbCodec->GetPriority(cbPriority);
251 m_pGsmCbCodec->GetGeoScope(geoScope);
252 m_pGsmCbCodec->GetSerialNum(cbSerial);
253 m_pGsmCbCodec->GetServiceCategory(cbCategoty);
254 m_pGsmCbCodec->GetCmasSeverity(severity);
255 m_pGsmCbCodec->GetCmasUrgency(urgency);
256 m_pGsmCbCodec->GetCmasCertainty(certainty);
257 m_pGsmCbCodec->GetMessageId(msgId);
258 m_pGsmCbCodec->GetCmasMessageClass(cmasClass);
259 m_pGsmCbCodec->GetMsgType(msgType);
260 m_pGsmCbCodec->GetLangType(lan);
261 m_pGsmCbCodec->GetDcs(dcs);
262 m_pGsmCbCodec->GetReceiveTime(receiveTime);
263 }
TestISSomething()264 void TestISSomething()
265 {
266 GsmCbCodec codec;
267 bool result = false;
268 codec.IsEtwsPrimary(result);
269 codec.IsCmasMessage(result);
270 codec.IsEtwsEmergencyUserAlert(result);
271 codec.IsEtwsPopupAlert(result);
272
273 codec.ParamsCheck(GetPduVect());
274
275 codec.IsEtwsPrimary(result);
276 codec.IsCmasMessage(result);
277 codec.IsEtwsEmergencyUserAlert(result);
278 codec.IsEtwsPopupAlert(result);
279 }
TestToString()280 void TestToString()
281 {
282 GsmCbCodec codec;
283 codec.ToString();
284
285 codec.ParamsCheck(GetPduVect());
286
287 codec.ToString();
288 }
289
290 private:
291 std::unique_ptr<GsmCbCodec> m_pGsmCbCodec;
292 };
293
294 class SmsInterfaceManagerFuzzer final : public Fuzzer {
295 public:
296 using Fuzzer::Fuzzer;
297 ~SmsInterfaceManagerFuzzer() final {}
298 public:
299 void StartFuzzerTest() override
300 {
301 if (!CreateObject()) {
302 return;
303 }
304 TestTextBasedSmsDelivery();
305 TestDataBasedSmsDelivery();
306 TestSimMessage();
307 TestGetAndSet();
308 TestSplitMessage();
309 TestIsImsSmsSupported();
310 TestOnRilAdapterHostDied();
311 TestSendAndDownloadMms();
312 DestoryObject();
313 }
314 protected:
CreateObject()315 bool CreateObject()
316 {
317 m_pSmsInterfaceManager = std::make_unique<SmsInterfaceManager>(g_slotId);
318 return m_pSmsInterfaceManager != nullptr;
319 }
DestoryObject()320 void DestoryObject()
321 {
322 m_pSmsInterfaceManager.reset();
323 }
TestTextBasedSmsDelivery()324 void TestTextBasedSmsDelivery()
325 {
326 std::string desAddr = GetString(10);
327 std::string scAddr = GetString(10);
328 std::string text = GetString(50);
329 uint16_t dataBaseId = static_cast<uint16_t>(GetNumRandom(0, 10));
330 m_pSmsInterfaceManager->TextBasedSmsDelivery(desAddr, scAddr, text, nullptr, nullptr, dataBaseId);
331 }
TestDataBasedSmsDelivery()332 void TestDataBasedSmsDelivery()
333 {
334 std::string desAddr = GetString(10);
335 std::string scAddr = GetString(10);
336 uint16_t port = static_cast<uint16_t>(GetNumRandom(0, 10));
337 uint16_t dataLen = static_cast<uint16_t>(g_size);
338 m_pSmsInterfaceManager->DataBasedSmsDelivery(desAddr, scAddr, port, nullptr, dataLen, nullptr, nullptr);
339 m_pSmsInterfaceManager->DataBasedSmsDelivery(desAddr, scAddr, port, g_data, dataLen, nullptr, nullptr);
340 }
TestSimMessage()341 void TestSimMessage()
342 {
343 std::string smsc = GetString(10);
344 std::string pdu = GetString(50);
345 ISmsServiceInterface::SimMessageStatus status =
346 static_cast<ISmsServiceInterface::SimMessageStatus>(GetNumRandom(0, 3));
347 m_pSmsInterfaceManager->AddSimMessage(smsc, pdu, status);
348 uint32_t msgIndex = static_cast<uint32_t>(GetNumRandom(0, 5));
349 m_pSmsInterfaceManager->DelSimMessage(msgIndex);
350 m_pSmsInterfaceManager->UpdateSimMessage(msgIndex, status, pdu, smsc);
351 std::vector<ShortMessage> message;
352 m_pSmsInterfaceManager->GetAllSimMessages(message);
353 }
TestGetAndSet()354 void TestGetAndSet()
355 {
356 std::string scAddr = GetString(10);
357 std::u16string smscAddress = StringUtils::ToUtf16(GetString(10));
358 m_pSmsInterfaceManager->SetSmscAddr(scAddr);
359 m_pSmsInterfaceManager->GetSmscAddr(smscAddress);
360 bool enable = static_cast<bool>(GetNumRandom(0, 1));
361 uint32_t fromMsgId = static_cast<uint32_t>(GetNumRandom(0, 10));
362 uint32_t toMsgId = static_cast<uint32_t>(GetNumRandom(0, 10));
363 uint8_t netType = static_cast<uint8_t>(GetNumRandom(0, 10));
364 m_pSmsInterfaceManager->SetCBConfig(enable, fromMsgId, toMsgId, netType);
365 m_pSmsInterfaceManager->SetImsSmsConfig(g_slotId, fromMsgId);
366 m_pSmsInterfaceManager->SetDefaultSmsSlotId(g_slotId);
367 m_pSmsInterfaceManager->GetDefaultSmsSlotId();
368 int32_t simId;
369 m_pSmsInterfaceManager->GetDefaultSmsSimId(simId);
370 std::string message = GetString();
371 LengthInfo outInfo;
372 m_pSmsInterfaceManager->GetSmsSegmentsInfo(message, enable, outInfo);
373 std::u16string format = StringUtils::ToUtf16(GetString(100));
374 m_pSmsInterfaceManager->GetImsShortMessageFormat(format);
375 }
376
TestSplitMessage()377 void TestSplitMessage()
378 {
379 std::string message = GetString(100);
380 std::vector<std::u16string> splitMessage;
381 std::u16string uMessage = StringUtils::ToUtf16(GetString(10));
382 splitMessage.emplace_back(uMessage);
383 m_pSmsInterfaceManager->SplitMessage(message, splitMessage);
384 }
385
TestIsImsSmsSupported()386 void TestIsImsSmsSupported()
387 {
388 bool isSupported = static_cast<bool>(GetNumRandom(0, 1));
389 m_pSmsInterfaceManager->IsImsSmsSupported(g_slotId, isSupported);
390 }
391
TestOnRilAdapterHostDied()392 void TestOnRilAdapterHostDied()
393 {
394 m_pSmsInterfaceManager->OnRilAdapterHostDied();
395 }
TestSendAndDownloadMms()396 void TestSendAndDownloadMms()
397 {
398 std::u16string mmsc = StringUtils::ToUtf16(GetString(10));
399 std::u16string data = StringUtils::ToUtf16(GetString(20));
400 std::u16string ua = StringUtils::ToUtf16("ua");
401 std::u16string uaprof = StringUtils::ToUtf16("uaprof");
402 m_pSmsInterfaceManager->SendMms(mmsc, data, ua, uaprof);
403 m_pSmsInterfaceManager->DownloadMms(mmsc, data, ua, uaprof);
404 }
405 private:
406 std::unique_ptr<SmsInterfaceManager> m_pSmsInterfaceManager;
407 };
408
409 class SmsMiscManagerFuzzer final : public Fuzzer {
410 public:
411 using Fuzzer::Fuzzer;
412 ~SmsMiscManagerFuzzer() final {}
413 public:
414 void StartFuzzerTest() override
415 {
416 if (!CreateObject()) {
417 return;
418 }
419 TestGetRangeInfo();
420 TestSplit();
421 TestIsEmpty();
422 DestoryObject();
423 }
424 protected:
CreateObject()425 bool CreateObject()
426 {
427 m_pSmsMiscManager = std::make_unique<SmsMiscManager>(g_slotId);
428 return m_pSmsMiscManager != nullptr;
429 }
DestoryObject()430 void DestoryObject()
431 {
432 m_pSmsMiscManager.reset();
433 }
TestGetRangeInfo()434 void TestGetRangeInfo()
435 {
436 m_pSmsMiscManager->GetRangeInfo();
437 }
TestSplit()438 void TestSplit()
439 {
440 uint32_t fromMsgId = static_cast<uint32_t>(GetNumRandom(0, 10));
441 uint32_t toMsgId = static_cast<uint32_t>(GetNumRandom(0, 10));
442 std::list<SmsMiscManager::gsmCBRangeInfo> listInfo;
443 uint32_t fromId = static_cast<uint32_t>(GetNumRandom(0, 100));
444 uint32_t toId = static_cast<uint32_t>(GetNumRandom(0, 100));
445 SmsMiscManager::gsmCBRangeInfo info(fromId, toId);
446 listInfo.emplace_back(info);
447 m_pSmsMiscManager->SplitMsgId(fromMsgId, toMsgId, listInfo.begin());
448 std::string src = GetString(100);
449 std::vector<std::string> dest;
450 std::string delimiter = "FuzzerTest";
451 src += delimiter;
452 m_pSmsMiscManager->SplitMids(src, dest, delimiter);
453 std::string value = GetString(100);
454 std::string start;
455 std::string end;
456 m_pSmsMiscManager->SplitMidValue(value, start, end, delimiter);
457 value = delimiter + value;
458 m_pSmsMiscManager->SplitMidValue(value, start, end, delimiter);
459 value.clear();
460 m_pSmsMiscManager->SplitMidValue(value, start, end, delimiter);
461 }
TestIsEmpty()462 void TestIsEmpty()
463 {
464 m_pSmsMiscManager->IsEmpty();
465 }
466 private:
467 std::unique_ptr<SmsMiscManager> m_pSmsMiscManager;
468 };
469
470 class SmsSendManagerFuzzer final : public Fuzzer {
471 public:
472 using Fuzzer::Fuzzer;
473 ~SmsSendManagerFuzzer() final {}
474 public:
475 void StartFuzzerTest() override
476 {
477 if (!CreateObject()) {
478 return;
479 }
480 TestTextBasedSmsDelivery();
481 TestDataBasedSmsDelivery();
482 TestRetriedSmsDelivery();
483 TestSplitMessage();
484 TestGetSmsSegmentsInfo();
485 TestIsImsSmsSupported();
486 TestSetImsSmsConfig();
487 TestGetImsShortMessageFormat();
488 TestOnRilAdapterHostDied();
489 DestoryObject();
490 }
491 protected:
CreateObject()492 bool CreateObject()
493 {
494 m_pSmsSendManager = std::make_unique<SmsSendManager>(g_slotId);
495 return m_pSmsSendManager != nullptr;
496 }
DestoryObject()497 void DestoryObject()
498 {
499 m_pSmsSendManager.reset();
500 }
Reset(bool isNetwork)501 void Reset(bool isNetwork)
502 {
503 if (isNetwork) {
504 m_pSmsSendManager->networkManager_ = nullptr;
505 }
506 m_pSmsSendManager->gsmSmsSender_ = nullptr;
507 m_pSmsSendManager->cdmaSmsSender_ = nullptr;
508 }
TestTextBasedSmsDelivery()509 void TestTextBasedSmsDelivery()
510 {
511 std::string desAddr = GetString(10);
512 std::string scAddr = GetString(10);
513 std::string text = GetString(50);
514 uint16_t dataBaseId = static_cast<uint16_t>(GetNumRandom(0, 10));
515 m_pSmsSendManager->TextBasedSmsDelivery(desAddr, scAddr, text, nullptr, nullptr, dataBaseId);
516 desAddr.clear();
517 m_pSmsSendManager->TextBasedSmsDelivery(desAddr, scAddr, text, nullptr, nullptr, dataBaseId);
518 desAddr = scAddr;
519 m_pSmsSendManager->Init();
520 m_pSmsSendManager->TextBasedSmsDelivery(desAddr, scAddr, text, nullptr, nullptr, dataBaseId);
521 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_CDMA;
522 m_pSmsSendManager->TextBasedSmsDelivery(desAddr, scAddr, text, nullptr, nullptr, dataBaseId);
523 Reset(false);
524 m_pSmsSendManager->TextBasedSmsDelivery(desAddr, scAddr, text, nullptr, nullptr, dataBaseId);
525 Reset(true);
526 }
TestDataBasedSmsDelivery()527 void TestDataBasedSmsDelivery()
528 {
529 std::string desAddr = GetString(10);
530 std::string scAddr = GetString(10);
531 uint16_t port = static_cast<uint16_t>(GetNumRandom(0, 10));
532 uint16_t dataLen = static_cast<uint16_t>(g_size);
533 m_pSmsSendManager->DataBasedSmsDelivery(desAddr, scAddr, port, g_data, dataLen, nullptr, nullptr);
534 m_pSmsSendManager->DataBasedSmsDelivery(desAddr, scAddr, port, nullptr, dataLen, nullptr, nullptr);
535 m_pSmsSendManager->Init();
536 m_pSmsSendManager->DataBasedSmsDelivery(desAddr, scAddr, port, g_data, dataLen, nullptr, nullptr);
537 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_CDMA;
538 m_pSmsSendManager->DataBasedSmsDelivery(desAddr, scAddr, port, g_data, dataLen, nullptr, nullptr);
539 Reset(false);
540 m_pSmsSendManager->DataBasedSmsDelivery(desAddr, scAddr, port, g_data, dataLen, nullptr, nullptr);
541 Reset(true);
542 }
TestRetriedSmsDelivery()543 void TestRetriedSmsDelivery()
544 {
545 std::string desAddr = GetString(10);
546 std::string scAddr = GetString(10);
547 std::string text = GetString(50);
548 auto smsIndexer = std::make_shared<SmsSendIndexer>(desAddr, scAddr, text, nullptr, nullptr);
549 m_pSmsSendManager->RetriedSmsDelivery(nullptr);
550 m_pSmsSendManager->RetriedSmsDelivery(smsIndexer);
551 m_pSmsSendManager->Init();
552 smsIndexer->SetNetWorkType(NetWorkType::NET_TYPE_CDMA);
553 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_GSM;
554 m_pSmsSendManager->RetriedSmsDelivery(smsIndexer);
555 smsIndexer->SetNetWorkType(NetWorkType::NET_TYPE_GSM);
556 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_CDMA;
557 m_pSmsSendManager->RetriedSmsDelivery(smsIndexer);
558 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_UNKNOWN;
559 m_pSmsSendManager->RetriedSmsDelivery(smsIndexer);
560 Reset(true);
561 }
TestSplitMessage()562 void TestSplitMessage()
563 {
564 std::string message = GetString(100);
565 std::vector<std::u16string> splitMessage;
566 std::u16string uMessage = StringUtils::ToUtf16(GetString(10));
567 splitMessage.emplace_back(uMessage);
568 m_pSmsSendManager->SplitMessage(message, splitMessage);
569 m_pSmsSendManager->Init();
570 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_UNKNOWN;
571 m_pSmsSendManager->SplitMessage(message, splitMessage);
572 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_CDMA;
573 m_pSmsSendManager->SplitMessage(message, splitMessage);
574 Reset(true);
575 }
TestGetSmsSegmentsInfo()576 void TestGetSmsSegmentsInfo()
577 {
578 std::string message = GetString();
579 bool force7BitCode = static_cast<bool>(GetNumRandom(0, 1));
580 LengthInfo outInfo;
581 m_pSmsSendManager->GetSmsSegmentsInfo(message, force7BitCode, outInfo);
582 m_pSmsSendManager->Init();
583 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_UNKNOWN;
584 m_pSmsSendManager->GetSmsSegmentsInfo(message, force7BitCode, outInfo);
585 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_CDMA;
586 m_pSmsSendManager->GetSmsSegmentsInfo(message, force7BitCode, outInfo);
587 Reset(true);
588 }
TestIsImsSmsSupported()589 void TestIsImsSmsSupported()
590 {
591 bool isSupported = static_cast<bool>(GetNumRandom(0, 1));
592 m_pSmsSendManager->IsImsSmsSupported(g_slotId, isSupported);
593 m_pSmsSendManager->Init();
594 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_UNKNOWN;
595 m_pSmsSendManager->IsImsSmsSupported(g_slotId, isSupported);
596 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_CDMA;
597 m_pSmsSendManager->IsImsSmsSupported(g_slotId, isSupported);
598 Reset(true);
599 }
TestSetImsSmsConfig()600 void TestSetImsSmsConfig()
601 {
602 int32_t enable = static_cast<int32_t>(GetNumRandom(0, 1));
603 m_pSmsSendManager->SetImsSmsConfig(g_slotId, enable);
604 m_pSmsSendManager->Init();
605 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_UNKNOWN;
606 m_pSmsSendManager->SetImsSmsConfig(g_slotId, enable);
607 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_CDMA;
608 m_pSmsSendManager->SetImsSmsConfig(g_slotId, enable);
609 Reset(true);
610 }
TestGetImsShortMessageFormat()611 void TestGetImsShortMessageFormat()
612 {
613 std::u16string format = StringUtils::ToUtf16(GetString(10));
614 m_pSmsSendManager->GetImsShortMessageFormat(format);
615 m_pSmsSendManager->Init();
616 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_UNKNOWN;
617 m_pSmsSendManager->GetImsShortMessageFormat(format);
618 m_pSmsSendManager->networkManager_->netWorkType_ = NetWorkType::NET_TYPE_CDMA;
619 m_pSmsSendManager->GetImsShortMessageFormat(format);
620 Reset(true);
621 }
TestOnRilAdapterHostDied()622 void TestOnRilAdapterHostDied()
623 {
624 m_pSmsSendManager->Init();
625 m_pSmsSendManager->OnRilAdapterHostDied();
626 Reset(true);
627 }
628 private:
629 std::unique_ptr<SmsSendManager> m_pSmsSendManager;
630 };
631
632 class SmsReceiveHandlerFuzzer final : public Fuzzer {
633 public:
634 using Fuzzer::Fuzzer;
635 ~SmsReceiveHandlerFuzzer() final {}
636 public:
637 void StartFuzzerTest() override
638 {
639 if (!CreateObject()) {
640 return;
641 }
642 TestReduceRunningLock();
643 TestReleaseRunningLock();
644 TestUpdateAndCombineMultiPageMessage();
645 DestoryObject();
646 }
647 protected:
CreateObject()648 bool CreateObject()
649 {
650 m_pSmsReceiveHandler = std::make_unique<CdmaSmsReceiveHandler>(g_slotId);
651 return m_pSmsReceiveHandler != nullptr;
652 }
DestoryObject()653 void DestoryObject()
654 {
655 m_pSmsReceiveHandler.reset();
656 }
TestReduceRunningLock()657 void TestReduceRunningLock()
658 {
659 m_pSmsReceiveHandler->ReduceRunningLock();
660 }
TestReleaseRunningLock()661 void TestReleaseRunningLock()
662 {
663 m_pSmsReceiveHandler->ReleaseRunningLock();
664 }
TestUpdateAndCombineMultiPageMessage()665 void TestUpdateAndCombineMultiPageMessage()
666 {
667 auto indexer = std::make_shared<SmsReceiveIndexer>();
668 auto reliabilityHandler = std::make_shared<SmsReceiveReliabilityHandler>(g_slotId);
669 auto pdus = std::make_shared<std::vector<std::string>>();
670 std::string pud = GetString(20);
671 pdus->push_back(pud);
672 m_pSmsReceiveHandler->CombineMultiPageMessage(indexer, pdus, reliabilityHandler);
673 m_pSmsReceiveHandler->UpdateMultiPageMessage(indexer, pdus);
674 pud.clear();
675 m_pSmsReceiveHandler->UpdateMultiPageMessage(indexer, pdus);
676 pdus->clear();
677 m_pSmsReceiveHandler->UpdateMultiPageMessage(indexer, pdus);
678 }
679 private:
680 std::unique_ptr<CdmaSmsReceiveHandler> m_pSmsReceiveHandler;
681 };
682
683 class SmsSendIndexerFuzzer final : public Fuzzer {
684 public:
685 using Fuzzer::Fuzzer;
686 ~SmsSendIndexerFuzzer() final {}
687 public:
688 void StartFuzzerTest() override
689 {
690 if (!CreateObject()) {
691 return;
692 }
693 TestSetAndGet();
694 TestIsImsSmsForCdma();
695 TestUpdatePduForResend();
696 DestoryObject();
697 }
698 protected:
CreateObject()699 bool CreateObject()
700 {
701 std::string desAddr = GetString(10);
702 std::string scAddr = GetString(10);
703 std::string text = GetString(50);
704 m_pSmsSendIndexer = std::make_unique<SmsSendIndexer>(desAddr, scAddr, text, nullptr, nullptr);
705 return m_pSmsSendIndexer != nullptr;
706 }
DestoryObject()707 void DestoryObject()
708 {
709 m_pSmsSendIndexer.reset();
710 }
TestSetAndGet()711 void TestSetAndGet()
712 {
713 auto smca = static_cast<uint8_t>(GetNumRandom(0, 1));
714 std::vector<uint8_t> smcas;
715 smcas.emplace_back(smca);
716 m_pSmsSendIndexer->SetEncodeSmca(smcas);
717 bool isImsSms = static_cast<bool>(GetNumRandom(0, 1));
718 m_pSmsSendIndexer->SetImsSmsForCdma(isImsSms);
719 std::string destAddr = GetString(10);
720 m_pSmsSendIndexer->SetDestAddr(destAddr);
721 bool isFailure = static_cast<bool>(GetNumRandom(0, 1));
722 m_pSmsSendIndexer->SetIsFailure(isFailure);
723 std::string text = GetString(10);
724 m_pSmsSendIndexer->SetText(text);
725 m_pSmsSendIndexer->SetDeliveryCallback(nullptr);
726 m_pSmsSendIndexer->SetSendCallback(nullptr);
727 int16_t destPort = static_cast<int16_t>(GetNumRandom(0, 10));
728 m_pSmsSendIndexer->SetDestPort(destPort);
729 std::string smcaAddr = GetString(10);
730 m_pSmsSendIndexer->SetSmcaAddr(smcaAddr);
731 auto errorCode = static_cast<uint8_t>(GetNumRandom(0, 1));
732 m_pSmsSendIndexer->SetErrorCode(errorCode);
733 auto data = static_cast<uint8_t>(GetNumRandom(0, 100));
734 std::vector<uint8_t> datum;
735 datum.emplace_back(data);
736 m_pSmsSendIndexer->SetData(datum);
737 m_pSmsSendIndexer->SetData(std::move(datum));
738 auto ackPdu = static_cast<uint8_t>(GetNumRandom(0, 100));
739 std::vector<uint8_t> ackPduData;
740 ackPduData.emplace_back(ackPdu);
741 m_pSmsSendIndexer->SetAckPdu(ackPduData);
742 m_pSmsSendIndexer->SetAckPdu(std::move(ackPduData));
743 auto msgRefId64Bit = static_cast<int64_t>(GetNumRandom(0, 100));
744 m_pSmsSendIndexer->SetMsgRefId64Bit(msgRefId64Bit);
745
746 m_pSmsSendIndexer->GetPsResendCount();
747 m_pSmsSendIndexer->GetMsgId();
748 m_pSmsSendIndexer->GetIsText();
749 m_pSmsSendIndexer->GetAckPdu();
750 m_pSmsSendIndexer->GetTimeStamp();
751 }
TestIsImsSmsForCdma()752 void TestIsImsSmsForCdma()
753 {
754 m_pSmsSendIndexer->IsImsSmsForCdma();
755 }
TestUpdatePduForResend()756 void TestUpdatePduForResend()
757 {
758 m_pSmsSendIndexer->UpdatePduForResend();
759 auto pdu = static_cast<uint8_t>(g_slotId);
760 std::vector<uint8_t> pduData;
761 pduData.emplace_back(pdu++);
762 pduData.emplace_back(pdu);
763 m_pSmsSendIndexer->SetEncodePdu(pduData);
764 m_pSmsSendIndexer->UpdatePduForResend();
765 }
766 private:
767 std::unique_ptr<SmsSendIndexer> m_pSmsSendIndexer;
768 };
769 } // namespace OHOS
770
771 template<typename TY>
RunFuzzer(const uint8_t* data, size_t size)772 void RunFuzzer(const uint8_t* data, size_t size)
773 {
774 if (data == nullptr || size == 0) {
775 return;
776 }
777 std::unique_ptr<OHOS::Fuzzer> p = std::make_unique<TY>(data, size);
778 p->StartFuzzerTest();
779 }
780
781 /* Fuzzer entry point */
LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)782 extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
783 {
784 /* Run your code on data */
785 OHOS::AddSmsTokenFuzzer token;
786
787 RunFuzzer<OHOS::MmsNetworkManagerFuzzer>(data, size);
788 RunFuzzer<OHOS::MmsSendAndReceiveManagerFuzzer>(data, size);
789 RunFuzzer<OHOS::GsmCbCodecFuzzer>(data, size);
790 RunFuzzer<OHOS::SmsInterfaceManagerFuzzer>(data, size);
791 RunFuzzer<OHOS::SmsMiscManagerFuzzer>(data, size);
792 RunFuzzer<OHOS::SmsSendManagerFuzzer>(data, size);
793 RunFuzzer<OHOS::SmsReceiveHandlerFuzzer>(data, size);
794 RunFuzzer<OHOS::SmsSendIndexerFuzzer>(data, size);
795 return 0;
796 }