15b8fca66Sopenharmony_ci/* 25b8fca66Sopenharmony_ci * Copyright (c) 2023 Huawei Device Co., Ltd. 35b8fca66Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 45b8fca66Sopenharmony_ci * you may not use this file except in compliance with the License. 55b8fca66Sopenharmony_ci * You may obtain a copy of the License at 65b8fca66Sopenharmony_ci * 75b8fca66Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 85b8fca66Sopenharmony_ci * 95b8fca66Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 105b8fca66Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 115b8fca66Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 125b8fca66Sopenharmony_ci * See the License for the specific language governing permissions and 135b8fca66Sopenharmony_ci * limitations under the License. 145b8fca66Sopenharmony_ci */ 155b8fca66Sopenharmony_ci 165b8fca66Sopenharmony_ci#include "telephonystateregistry_fuzzer.h" 175b8fca66Sopenharmony_ci 185b8fca66Sopenharmony_ci#include <cstddef> 195b8fca66Sopenharmony_ci#include <cstdint> 205b8fca66Sopenharmony_ci#define private public 215b8fca66Sopenharmony_ci#define protected public 225b8fca66Sopenharmony_ci#include "addstateregistrytoken_fuzzer.h" 235b8fca66Sopenharmony_ci#include "if_system_ability_manager.h" 245b8fca66Sopenharmony_ci#include "iservice_registry.h" 255b8fca66Sopenharmony_ci#include "securec.h" 265b8fca66Sopenharmony_ci#include "system_ability_definition.h" 275b8fca66Sopenharmony_ci#include "telephony_observer.h" 285b8fca66Sopenharmony_ci#include "telephony_state_registry_service.h" 295b8fca66Sopenharmony_ci#include "telephony_state_registry_stub.h" 305b8fca66Sopenharmony_ci 315b8fca66Sopenharmony_ciusing namespace OHOS::Telephony; 325b8fca66Sopenharmony_cinamespace OHOS { 335b8fca66Sopenharmony_cistatic bool g_isInited = false; 345b8fca66Sopenharmony_ciconstexpr int32_t BOOL_NUM = 2; 355b8fca66Sopenharmony_ciconstexpr int32_t SLOT_NUM = 2; 365b8fca66Sopenharmony_ciconstexpr int32_t ROAMING_NUM = 4; 375b8fca66Sopenharmony_ciconstexpr int32_t REG_NUM = 6; 385b8fca66Sopenharmony_ciconstexpr int32_t CELL_NUM = 7; 395b8fca66Sopenharmony_ciconstexpr int32_t SIGNAL_NUM = 6; 405b8fca66Sopenharmony_ciconstexpr int32_t SIGNAL_PLUS = 1; 415b8fca66Sopenharmony_ciconstexpr int32_t NR_NUM = 7; 425b8fca66Sopenharmony_ciconstexpr int32_t RADIO_NUM = 13; 435b8fca66Sopenharmony_ci 445b8fca66Sopenharmony_cibool IsServiceInited() 455b8fca66Sopenharmony_ci{ 465b8fca66Sopenharmony_ci if (!g_isInited) { 475b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnStart(); 485b8fca66Sopenharmony_ci if (DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->GetServiceRunningState() == 495b8fca66Sopenharmony_ci static_cast<int32_t>(ServiceRunningState::STATE_RUNNING)) { 505b8fca66Sopenharmony_ci g_isInited = true; 515b8fca66Sopenharmony_ci } 525b8fca66Sopenharmony_ci } 535b8fca66Sopenharmony_ci return g_isInited; 545b8fca66Sopenharmony_ci} 555b8fca66Sopenharmony_ci 565b8fca66Sopenharmony_civoid OnRemoteRequest(const uint8_t *data, size_t size) 575b8fca66Sopenharmony_ci{ 585b8fca66Sopenharmony_ci if (!IsServiceInited()) { 595b8fca66Sopenharmony_ci return; 605b8fca66Sopenharmony_ci } 615b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 625b8fca66Sopenharmony_ci if (!dataMessageParcel.WriteInterfaceToken(TelephonyStateRegistryStub::GetDescriptor())) { 635b8fca66Sopenharmony_ci return; 645b8fca66Sopenharmony_ci } 655b8fca66Sopenharmony_ci dataMessageParcel.WriteBuffer(data, size); 665b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 675b8fca66Sopenharmony_ci uint32_t code = static_cast<uint32_t>(size); 685b8fca66Sopenharmony_ci MessageParcel reply; 695b8fca66Sopenharmony_ci MessageOption option; 705b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnRemoteRequest( 715b8fca66Sopenharmony_ci code, dataMessageParcel, reply, option); 725b8fca66Sopenharmony_ci} 735b8fca66Sopenharmony_ci 745b8fca66Sopenharmony_civoid CreateGsmCellInfo(std::unique_ptr<GsmCellInformation> &cell, const uint8_t *data, size_t size) 755b8fca66Sopenharmony_ci{ 765b8fca66Sopenharmony_ci if (cell == nullptr) { 775b8fca66Sopenharmony_ci return; 785b8fca66Sopenharmony_ci } 795b8fca66Sopenharmony_ci cell->lac_ = static_cast<int32_t>(size); 805b8fca66Sopenharmony_ci cell->bsic_ = static_cast<int32_t>(size); 815b8fca66Sopenharmony_ci cell->arfcn_ = static_cast<int32_t>(size); 825b8fca66Sopenharmony_ci std::string mcc(reinterpret_cast<const char *>(data), size); 835b8fca66Sopenharmony_ci cell->mcc_ = mcc; 845b8fca66Sopenharmony_ci std::string mnc(reinterpret_cast<const char *>(data), size); 855b8fca66Sopenharmony_ci cell->mnc_ = mnc; 865b8fca66Sopenharmony_ci cell->cellId_ = static_cast<int32_t>(size); 875b8fca66Sopenharmony_ci cell->timeStamp_ = static_cast<uint64_t>(size); 885b8fca66Sopenharmony_ci cell->signalIntensity_ = static_cast<int32_t>(size); 895b8fca66Sopenharmony_ci cell->signalLevel_ = static_cast<int32_t>(size); 905b8fca66Sopenharmony_ci cell->isCamped_ = static_cast<int32_t>(size % BOOL_NUM); 915b8fca66Sopenharmony_ci} 925b8fca66Sopenharmony_ci 935b8fca66Sopenharmony_civoid CreateLteCellInfo(std::unique_ptr<LteCellInformation> &cell, const uint8_t *data, size_t size) 945b8fca66Sopenharmony_ci{ 955b8fca66Sopenharmony_ci if (cell == nullptr) { 965b8fca66Sopenharmony_ci return; 975b8fca66Sopenharmony_ci } 985b8fca66Sopenharmony_ci cell->pci_ = static_cast<int32_t>(size); 995b8fca66Sopenharmony_ci cell->tac_ = static_cast<int32_t>(size); 1005b8fca66Sopenharmony_ci cell->earfcn_ = static_cast<int32_t>(size); 1015b8fca66Sopenharmony_ci std::string mcc(reinterpret_cast<const char *>(data), size); 1025b8fca66Sopenharmony_ci cell->mcc_ = mcc; 1035b8fca66Sopenharmony_ci std::string mnc(reinterpret_cast<const char *>(data), size); 1045b8fca66Sopenharmony_ci cell->mnc_ = mnc; 1055b8fca66Sopenharmony_ci cell->cellId_ = static_cast<int32_t>(size); 1065b8fca66Sopenharmony_ci cell->timeStamp_ = static_cast<uint64_t>(size); 1075b8fca66Sopenharmony_ci cell->signalIntensity_ = static_cast<int32_t>(size); 1085b8fca66Sopenharmony_ci cell->signalLevel_ = static_cast<int32_t>(size); 1095b8fca66Sopenharmony_ci cell->isCamped_ = static_cast<int32_t>(size % BOOL_NUM); 1105b8fca66Sopenharmony_ci} 1115b8fca66Sopenharmony_ci 1125b8fca66Sopenharmony_civoid UpdateCellInfo(const uint8_t *data, size_t size) 1135b8fca66Sopenharmony_ci{ 1145b8fca66Sopenharmony_ci if (!IsServiceInited()) { 1155b8fca66Sopenharmony_ci return; 1165b8fca66Sopenharmony_ci } 1175b8fca66Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 1185b8fca66Sopenharmony_ci int32_t loopSize = static_cast<int32_t>(size); 1195b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 1205b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(slotId); 1215b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(loopSize); 1225b8fca66Sopenharmony_ci for (int32_t i = 0; i < loopSize; i++) { 1235b8fca66Sopenharmony_ci CellInformation::CellType type = static_cast<CellInformation::CellType>(size % CELL_NUM); 1245b8fca66Sopenharmony_ci if (type == CellInformation::CellType::CELL_TYPE_GSM) { 1255b8fca66Sopenharmony_ci std::unique_ptr<GsmCellInformation> cell = std::make_unique<GsmCellInformation>(); 1265b8fca66Sopenharmony_ci if (cell == nullptr) { 1275b8fca66Sopenharmony_ci return; 1285b8fca66Sopenharmony_ci } 1295b8fca66Sopenharmony_ci CreateGsmCellInfo(cell, data, size); 1305b8fca66Sopenharmony_ci cell->Marshalling(dataMessageParcel); 1315b8fca66Sopenharmony_ci } 1325b8fca66Sopenharmony_ci if (type == CellInformation::CellType::CELL_TYPE_LTE) { 1335b8fca66Sopenharmony_ci std::unique_ptr<LteCellInformation> cell = std::make_unique<LteCellInformation>(); 1345b8fca66Sopenharmony_ci if (cell == nullptr) { 1355b8fca66Sopenharmony_ci return; 1365b8fca66Sopenharmony_ci } 1375b8fca66Sopenharmony_ci CreateLteCellInfo(cell, data, size); 1385b8fca66Sopenharmony_ci cell->Marshalling(dataMessageParcel); 1395b8fca66Sopenharmony_ci } 1405b8fca66Sopenharmony_ci } 1415b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 1425b8fca66Sopenharmony_ci MessageParcel reply; 1435b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateCellInfo(dataMessageParcel, reply); 1445b8fca66Sopenharmony_ci} 1455b8fca66Sopenharmony_ci 1465b8fca66Sopenharmony_civoid UpdateCallState(const uint8_t *data, size_t size) 1475b8fca66Sopenharmony_ci{ 1485b8fca66Sopenharmony_ci if (!IsServiceInited()) { 1495b8fca66Sopenharmony_ci return; 1505b8fca66Sopenharmony_ci } 1515b8fca66Sopenharmony_ci int32_t callState = static_cast<int32_t>(size); 1525b8fca66Sopenharmony_ci std::string phoneNumber(reinterpret_cast<const char *>(data), size); 1535b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 1545b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(callState); 1555b8fca66Sopenharmony_ci dataMessageParcel.WriteString16(Str8ToStr16(phoneNumber)); 1565b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 1575b8fca66Sopenharmony_ci MessageParcel reply; 1585b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateCallState(dataMessageParcel, reply); 1595b8fca66Sopenharmony_ci} 1605b8fca66Sopenharmony_ci 1615b8fca66Sopenharmony_civoid UpdateCallStateForSlotId(const uint8_t *data, size_t size) 1625b8fca66Sopenharmony_ci{ 1635b8fca66Sopenharmony_ci if (!IsServiceInited()) { 1645b8fca66Sopenharmony_ci return; 1655b8fca66Sopenharmony_ci } 1665b8fca66Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 1675b8fca66Sopenharmony_ci int32_t callState = static_cast<int32_t>(size); 1685b8fca66Sopenharmony_ci std::string incomingNumber(reinterpret_cast<const char *>(data), size); 1695b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 1705b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(slotId); 1715b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(callState); 1725b8fca66Sopenharmony_ci dataMessageParcel.WriteString16(Str8ToStr16(incomingNumber)); 1735b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 1745b8fca66Sopenharmony_ci MessageParcel reply; 1755b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateCallStateForSlotId( 1765b8fca66Sopenharmony_ci dataMessageParcel, reply); 1775b8fca66Sopenharmony_ci} 1785b8fca66Sopenharmony_ci 1795b8fca66Sopenharmony_civoid CreateGsmSignalInfo(std::unique_ptr<GsmSignalInformation> &signal, const uint8_t *data, size_t size) 1805b8fca66Sopenharmony_ci{ 1815b8fca66Sopenharmony_ci if (signal == nullptr) { 1825b8fca66Sopenharmony_ci return; 1835b8fca66Sopenharmony_ci } 1845b8fca66Sopenharmony_ci int32_t offset = 0; 1855b8fca66Sopenharmony_ci signal->signalBar_ = static_cast<int32_t>(*data + offset); 1865b8fca66Sopenharmony_ci offset += sizeof(int32_t); 1875b8fca66Sopenharmony_ci signal->gsmRxlev_ = static_cast<int32_t>(*data + offset); 1885b8fca66Sopenharmony_ci offset += sizeof(int32_t); 1895b8fca66Sopenharmony_ci signal->gsmBer_ = static_cast<int32_t>(*data + offset); 1905b8fca66Sopenharmony_ci} 1915b8fca66Sopenharmony_ci 1925b8fca66Sopenharmony_civoid CreateCDMASignalInfo(std::unique_ptr<CdmaSignalInformation> &signal, const uint8_t *data, size_t size) 1935b8fca66Sopenharmony_ci{ 1945b8fca66Sopenharmony_ci if (signal == nullptr) { 1955b8fca66Sopenharmony_ci return; 1965b8fca66Sopenharmony_ci } 1975b8fca66Sopenharmony_ci int32_t offset = 0; 1985b8fca66Sopenharmony_ci signal->signalBar_ = static_cast<int32_t>(*data + offset); 1995b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2005b8fca66Sopenharmony_ci signal->cdmaRssi_ = static_cast<int32_t>(*data + offset); 2015b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2025b8fca66Sopenharmony_ci signal->cdmaEcno_ = static_cast<int32_t>(*data + offset); 2035b8fca66Sopenharmony_ci} 2045b8fca66Sopenharmony_ci 2055b8fca66Sopenharmony_civoid CreateLTESignalInfo(std::unique_ptr<LteSignalInformation> &signal, const uint8_t *data, size_t size) 2065b8fca66Sopenharmony_ci{ 2075b8fca66Sopenharmony_ci if (signal == nullptr) { 2085b8fca66Sopenharmony_ci return; 2095b8fca66Sopenharmony_ci } 2105b8fca66Sopenharmony_ci int32_t offset = 0; 2115b8fca66Sopenharmony_ci signal->signalBar_ = static_cast<int32_t>(*data + offset); 2125b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2135b8fca66Sopenharmony_ci signal->rxlev_ = static_cast<int32_t>(*data + offset); 2145b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2155b8fca66Sopenharmony_ci signal->lteRsrp_ = static_cast<int32_t>(*data + offset); 2165b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2175b8fca66Sopenharmony_ci signal->lteRsrq_ = static_cast<int32_t>(*data + offset); 2185b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2195b8fca66Sopenharmony_ci signal->lteSnr_ = static_cast<int32_t>(*data + offset); 2205b8fca66Sopenharmony_ci} 2215b8fca66Sopenharmony_ci 2225b8fca66Sopenharmony_civoid CreateWCDMASignalInfo(std::unique_ptr<WcdmaSignalInformation> &signal, const uint8_t *data, size_t size) 2235b8fca66Sopenharmony_ci{ 2245b8fca66Sopenharmony_ci if (signal == nullptr) { 2255b8fca66Sopenharmony_ci return; 2265b8fca66Sopenharmony_ci } 2275b8fca66Sopenharmony_ci int32_t offset = 0; 2285b8fca66Sopenharmony_ci signal->signalBar_ = static_cast<int32_t>(*data + offset); 2295b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2305b8fca66Sopenharmony_ci signal->wcdmaRxlev_ = static_cast<int32_t>(*data + offset); 2315b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2325b8fca66Sopenharmony_ci signal->wcdmaRscp_ = static_cast<int32_t>(*data + offset); 2335b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2345b8fca66Sopenharmony_ci signal->wcdmaEcio_ = static_cast<int32_t>(*data + offset); 2355b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2365b8fca66Sopenharmony_ci signal->wcdmaBer_ = static_cast<int32_t>(*data + offset); 2375b8fca66Sopenharmony_ci} 2385b8fca66Sopenharmony_ci 2395b8fca66Sopenharmony_civoid CreateNRSignalInfo(std::unique_ptr<NrSignalInformation> &signal, const uint8_t *data, size_t size) 2405b8fca66Sopenharmony_ci{ 2415b8fca66Sopenharmony_ci if (signal == nullptr) { 2425b8fca66Sopenharmony_ci return; 2435b8fca66Sopenharmony_ci } 2445b8fca66Sopenharmony_ci int32_t offset = 0; 2455b8fca66Sopenharmony_ci signal->signalBar_ = static_cast<int32_t>(*data + offset); 2465b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2475b8fca66Sopenharmony_ci signal->nrRsrp_ = static_cast<int32_t>(*data + offset); 2485b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2495b8fca66Sopenharmony_ci signal->nrRsrq_ = static_cast<int32_t>(*data + offset); 2505b8fca66Sopenharmony_ci offset += sizeof(int32_t); 2515b8fca66Sopenharmony_ci signal->nrSinr_ = static_cast<int32_t>(*data + offset); 2525b8fca66Sopenharmony_ci} 2535b8fca66Sopenharmony_ci 2545b8fca66Sopenharmony_civoid UpdateLteNrSignalInfo(const uint8_t *data, size_t size, MessageParcel &dataMessageParcel, 2555b8fca66Sopenharmony_ci SignalInformation::NetworkType type) 2565b8fca66Sopenharmony_ci{ 2575b8fca66Sopenharmony_ci if (type == SignalInformation::NetworkType::LTE) { 2585b8fca66Sopenharmony_ci std::unique_ptr<LteSignalInformation> signal = std::make_unique<LteSignalInformation>(); 2595b8fca66Sopenharmony_ci if (signal == nullptr) { 2605b8fca66Sopenharmony_ci return; 2615b8fca66Sopenharmony_ci } 2625b8fca66Sopenharmony_ci CreateLTESignalInfo(signal, data, size); 2635b8fca66Sopenharmony_ci signal->Marshalling(dataMessageParcel); 2645b8fca66Sopenharmony_ci } 2655b8fca66Sopenharmony_ci if (type == SignalInformation::NetworkType::NR) { 2665b8fca66Sopenharmony_ci std::unique_ptr<NrSignalInformation> signal = std::make_unique<NrSignalInformation>(); 2675b8fca66Sopenharmony_ci if (signal == nullptr) { 2685b8fca66Sopenharmony_ci return; 2695b8fca66Sopenharmony_ci } 2705b8fca66Sopenharmony_ci CreateNRSignalInfo(signal, data, size); 2715b8fca66Sopenharmony_ci signal->Marshalling(dataMessageParcel); 2725b8fca66Sopenharmony_ci } 2735b8fca66Sopenharmony_ci} 2745b8fca66Sopenharmony_ci 2755b8fca66Sopenharmony_civoid UpdateSignalInfo(const uint8_t *data, size_t size) 2765b8fca66Sopenharmony_ci{ 2775b8fca66Sopenharmony_ci if (!IsServiceInited()) { 2785b8fca66Sopenharmony_ci return; 2795b8fca66Sopenharmony_ci } 2805b8fca66Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 2815b8fca66Sopenharmony_ci int32_t loopSize = static_cast<int32_t>(size); 2825b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 2835b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(slotId); 2845b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(loopSize); 2855b8fca66Sopenharmony_ci for (int32_t i = 0; i < loopSize; i++) { 2865b8fca66Sopenharmony_ci SignalInformation::NetworkType type = 2875b8fca66Sopenharmony_ci static_cast<SignalInformation::NetworkType>(size % SIGNAL_NUM + SIGNAL_PLUS); 2885b8fca66Sopenharmony_ci if (type == SignalInformation::NetworkType::GSM) { 2895b8fca66Sopenharmony_ci std::unique_ptr<GsmSignalInformation> signal = std::make_unique<GsmSignalInformation>(); 2905b8fca66Sopenharmony_ci if (signal == nullptr) { 2915b8fca66Sopenharmony_ci return; 2925b8fca66Sopenharmony_ci } 2935b8fca66Sopenharmony_ci CreateGsmSignalInfo(signal, data, size); 2945b8fca66Sopenharmony_ci signal->Marshalling(dataMessageParcel); 2955b8fca66Sopenharmony_ci } 2965b8fca66Sopenharmony_ci if (type == SignalInformation::NetworkType::CDMA) { 2975b8fca66Sopenharmony_ci std::unique_ptr<CdmaSignalInformation> signal = std::make_unique<CdmaSignalInformation>(); 2985b8fca66Sopenharmony_ci if (signal == nullptr) { 2995b8fca66Sopenharmony_ci return; 3005b8fca66Sopenharmony_ci } 3015b8fca66Sopenharmony_ci CreateCDMASignalInfo(signal, data, size); 3025b8fca66Sopenharmony_ci signal->Marshalling(dataMessageParcel); 3035b8fca66Sopenharmony_ci } 3045b8fca66Sopenharmony_ci if (type == SignalInformation::NetworkType::LTE || type == SignalInformation::NetworkType::NR) { 3055b8fca66Sopenharmony_ci UpdateLteNrSignalInfo(data, size, dataMessageParcel, type); 3065b8fca66Sopenharmony_ci } 3075b8fca66Sopenharmony_ci if (type == SignalInformation::NetworkType::WCDMA) { 3085b8fca66Sopenharmony_ci std::unique_ptr<WcdmaSignalInformation> signal = std::make_unique<WcdmaSignalInformation>(); 3095b8fca66Sopenharmony_ci if (signal == nullptr) { 3105b8fca66Sopenharmony_ci return; 3115b8fca66Sopenharmony_ci } 3125b8fca66Sopenharmony_ci CreateWCDMASignalInfo(signal, data, size); 3135b8fca66Sopenharmony_ci signal->Marshalling(dataMessageParcel); 3145b8fca66Sopenharmony_ci } 3155b8fca66Sopenharmony_ci } 3165b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 3175b8fca66Sopenharmony_ci MessageParcel reply; 3185b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateSignalInfo(dataMessageParcel, reply); 3195b8fca66Sopenharmony_ci} 3205b8fca66Sopenharmony_ci 3215b8fca66Sopenharmony_civoid UpdateNetworkState(const uint8_t *data, size_t size) 3225b8fca66Sopenharmony_ci{ 3235b8fca66Sopenharmony_ci if (!IsServiceInited()) { 3245b8fca66Sopenharmony_ci return; 3255b8fca66Sopenharmony_ci } 3265b8fca66Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 3275b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 3285b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(slotId); 3295b8fca66Sopenharmony_ci auto networkState = std::make_unique<NetworkState>(); 3305b8fca66Sopenharmony_ci if (networkState == nullptr) { 3315b8fca66Sopenharmony_ci return; 3325b8fca66Sopenharmony_ci } 3335b8fca66Sopenharmony_ci networkState->isEmergency_ = static_cast<int32_t>(size % BOOL_NUM); 3345b8fca66Sopenharmony_ci std::string mOperatorNumeric(reinterpret_cast<const char *>(data), size); 3355b8fca66Sopenharmony_ci std::string mFullName(reinterpret_cast<const char *>(data), size); 3365b8fca66Sopenharmony_ci std::string mShortName(reinterpret_cast<const char *>(data), size); 3375b8fca66Sopenharmony_ci networkState->psOperatorInfo_.operatorNumeric = mOperatorNumeric; 3385b8fca66Sopenharmony_ci networkState->psOperatorInfo_.fullName = mFullName; 3395b8fca66Sopenharmony_ci networkState->psOperatorInfo_.shortName = mShortName; 3405b8fca66Sopenharmony_ci networkState->csOperatorInfo_.operatorNumeric = mOperatorNumeric; 3415b8fca66Sopenharmony_ci networkState->csOperatorInfo_.fullName = mFullName; 3425b8fca66Sopenharmony_ci networkState->csOperatorInfo_.shortName = mShortName; 3435b8fca66Sopenharmony_ci networkState->csRoaming_ = static_cast<RoamingType>(size % ROAMING_NUM); 3445b8fca66Sopenharmony_ci networkState->psRoaming_ = static_cast<RoamingType>(size % ROAMING_NUM); 3455b8fca66Sopenharmony_ci networkState->psRegStatus_ = static_cast<RegServiceState>(size % REG_NUM); 3465b8fca66Sopenharmony_ci networkState->csRegStatus_ = static_cast<RegServiceState>(size % REG_NUM); 3475b8fca66Sopenharmony_ci networkState->psRadioTech_ = static_cast<RadioTech>(size % RADIO_NUM); 3485b8fca66Sopenharmony_ci networkState->lastPsRadioTech_ = static_cast<RadioTech>(size % RADIO_NUM); 3495b8fca66Sopenharmony_ci networkState->lastCfgTech_ = static_cast<RadioTech>(size % RADIO_NUM); 3505b8fca66Sopenharmony_ci networkState->csRadioTech_ = static_cast<RadioTech>(size % RADIO_NUM); 3515b8fca66Sopenharmony_ci networkState->cfgTech_ = static_cast<RadioTech>(size % RADIO_NUM); 3525b8fca66Sopenharmony_ci networkState->nrState_ = static_cast<NrState>(size % NR_NUM); 3535b8fca66Sopenharmony_ci networkState->Marshalling(dataMessageParcel); 3545b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 3555b8fca66Sopenharmony_ci MessageParcel reply; 3565b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateNetworkState(dataMessageParcel, reply); 3575b8fca66Sopenharmony_ci} 3585b8fca66Sopenharmony_ci 3595b8fca66Sopenharmony_civoid UpdateCellularDataConnectState(const uint8_t *data, size_t size) 3605b8fca66Sopenharmony_ci{ 3615b8fca66Sopenharmony_ci if (!IsServiceInited()) { 3625b8fca66Sopenharmony_ci return; 3635b8fca66Sopenharmony_ci } 3645b8fca66Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 3655b8fca66Sopenharmony_ci int32_t offset = 0; 3665b8fca66Sopenharmony_ci int32_t dataState = static_cast<int32_t>(*data + offset); 3675b8fca66Sopenharmony_ci offset += sizeof(int32_t); 3685b8fca66Sopenharmony_ci int32_t networkType = static_cast<int32_t>(*data + offset); 3695b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 3705b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(slotId); 3715b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(dataState); 3725b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(networkType); 3735b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 3745b8fca66Sopenharmony_ci MessageParcel reply; 3755b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateCellularDataConnectState( 3765b8fca66Sopenharmony_ci dataMessageParcel, reply); 3775b8fca66Sopenharmony_ci} 3785b8fca66Sopenharmony_ci 3795b8fca66Sopenharmony_civoid UpdateCellularDataFlow(const uint8_t *data, size_t size) 3805b8fca66Sopenharmony_ci{ 3815b8fca66Sopenharmony_ci if (!IsServiceInited()) { 3825b8fca66Sopenharmony_ci return; 3835b8fca66Sopenharmony_ci } 3845b8fca66Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 3855b8fca66Sopenharmony_ci int32_t flowData = static_cast<int32_t>(size); 3865b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 3875b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(slotId); 3885b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(flowData); 3895b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 3905b8fca66Sopenharmony_ci MessageParcel reply; 3915b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateCellularDataFlow(dataMessageParcel, reply); 3925b8fca66Sopenharmony_ci} 3935b8fca66Sopenharmony_ci 3945b8fca66Sopenharmony_civoid UpdateCfuIndicator(const uint8_t *data, size_t size) 3955b8fca66Sopenharmony_ci{ 3965b8fca66Sopenharmony_ci if (!IsServiceInited()) { 3975b8fca66Sopenharmony_ci return; 3985b8fca66Sopenharmony_ci } 3995b8fca66Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 4005b8fca66Sopenharmony_ci bool cfuResult = static_cast<bool>(size % BOOL_NUM); 4015b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 4025b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(slotId); 4035b8fca66Sopenharmony_ci dataMessageParcel.WriteBool(cfuResult); 4045b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 4055b8fca66Sopenharmony_ci MessageParcel reply; 4065b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateCfuIndicator(dataMessageParcel, reply); 4075b8fca66Sopenharmony_ci} 4085b8fca66Sopenharmony_ci 4095b8fca66Sopenharmony_civoid UpdateVoiceMailMsgIndicator(const uint8_t *data, size_t size) 4105b8fca66Sopenharmony_ci{ 4115b8fca66Sopenharmony_ci if (!IsServiceInited()) { 4125b8fca66Sopenharmony_ci return; 4135b8fca66Sopenharmony_ci } 4145b8fca66Sopenharmony_ci int32_t slotId = static_cast<int32_t>(size % SLOT_NUM); 4155b8fca66Sopenharmony_ci bool voiceMailMsgResult = static_cast<bool>(size % BOOL_NUM); 4165b8fca66Sopenharmony_ci MessageParcel dataMessageParcel; 4175b8fca66Sopenharmony_ci dataMessageParcel.WriteInt32(slotId); 4185b8fca66Sopenharmony_ci dataMessageParcel.WriteBool(voiceMailMsgResult); 4195b8fca66Sopenharmony_ci dataMessageParcel.RewindRead(0); 4205b8fca66Sopenharmony_ci MessageParcel reply; 4215b8fca66Sopenharmony_ci DelayedSingleton<TelephonyStateRegistryService>::GetInstance()->OnUpdateVoiceMailMsgIndicator( 4225b8fca66Sopenharmony_ci dataMessageParcel, reply); 4235b8fca66Sopenharmony_ci} 4245b8fca66Sopenharmony_ci 4255b8fca66Sopenharmony_civoid DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size) 4265b8fca66Sopenharmony_ci{ 4275b8fca66Sopenharmony_ci if (data == nullptr || size == 0) { 4285b8fca66Sopenharmony_ci return; 4295b8fca66Sopenharmony_ci } 4305b8fca66Sopenharmony_ci OnRemoteRequest(data, size); 4315b8fca66Sopenharmony_ci UpdateCellInfo(data, size); 4325b8fca66Sopenharmony_ci UpdateCallState(data, size); 4335b8fca66Sopenharmony_ci UpdateCallStateForSlotId(data, size); 4345b8fca66Sopenharmony_ci UpdateSignalInfo(data, size); 4355b8fca66Sopenharmony_ci UpdateNetworkState(data, size); 4365b8fca66Sopenharmony_ci UpdateCellularDataConnectState(data, size); 4375b8fca66Sopenharmony_ci UpdateCellularDataFlow(data, size); 4385b8fca66Sopenharmony_ci UpdateCfuIndicator(data, size); 4395b8fca66Sopenharmony_ci UpdateVoiceMailMsgIndicator(data, size); 4405b8fca66Sopenharmony_ci return; 4415b8fca66Sopenharmony_ci} 4425b8fca66Sopenharmony_ci} // namespace OHOS 4435b8fca66Sopenharmony_ci 4445b8fca66Sopenharmony_ci/* Fuzzer entry point */ 4455b8fca66Sopenharmony_ciextern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) 4465b8fca66Sopenharmony_ci{ 4475b8fca66Sopenharmony_ci OHOS::AddStateRegistryTokenFuzzer token; 4485b8fca66Sopenharmony_ci /* Run your code on data */ 4495b8fca66Sopenharmony_ci OHOS::DoSomethingInterestingWithMyAPI(data, size); 4505b8fca66Sopenharmony_ci return 0; 4515b8fca66Sopenharmony_ci} 4525b8fca66Sopenharmony_ci 453