1c7afe287Sopenharmony_ci/* 2c7afe287Sopenharmony_ci * Copyright (c) 2023 Huawei Device Co., Ltd. 3c7afe287Sopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4c7afe287Sopenharmony_ci * you may not use this file except in compliance with the License. 5c7afe287Sopenharmony_ci * You may obtain a copy of the License at 6c7afe287Sopenharmony_ci * 7c7afe287Sopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8c7afe287Sopenharmony_ci * 9c7afe287Sopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10c7afe287Sopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11c7afe287Sopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12c7afe287Sopenharmony_ci * See the License for the specific language governing permissions and 13c7afe287Sopenharmony_ci * limitations under the License. 14c7afe287Sopenharmony_ci */ 15c7afe287Sopenharmony_ci 16c7afe287Sopenharmony_ci#include "oaid_fuzzer.h" 17c7afe287Sopenharmony_ci 18c7afe287Sopenharmony_ci#include <string> 19c7afe287Sopenharmony_ci#include <vector> 20c7afe287Sopenharmony_ci#include "oaid_service_stub.h" 21c7afe287Sopenharmony_ci#include "oaid_service.h" 22c7afe287Sopenharmony_ci#include "oaid_hilog_wreapper.h" 23c7afe287Sopenharmony_ci#include "oaid_service_ipc_interface_code.h" 24c7afe287Sopenharmony_ci#include "accesstoken_kit.h" 25c7afe287Sopenharmony_ci#include "nativetoken_kit.h" 26c7afe287Sopenharmony_ci#include "token_setproc.h" 27c7afe287Sopenharmony_ci#undef private 28c7afe287Sopenharmony_ci 29c7afe287Sopenharmony_ciusing namespace std; 30c7afe287Sopenharmony_ciusing namespace OHOS::Cloud; 31c7afe287Sopenharmony_ci 32c7afe287Sopenharmony_cinamespace OHOS { 33c7afe287Sopenharmony_ci const std::u16string OAID_INTERFACE_TOKEN = u"ohos.cloud.oaid.IOAIDService"; 34c7afe287Sopenharmony_ci const std::string OAID_TRACKING_CONSENT_PERMISSION = "ohos.permission.APP_TRACKING_CONSENT"; 35c7afe287Sopenharmony_ci const std::string OAID_TRUSTLIST_EXTENSION_CONFIG_PATH = "/etc/advertising/oaid/oaid_service_config_ext.json"; 36c7afe287Sopenharmony_ci 37c7afe287Sopenharmony_ci bool g_isGrant = false; 38c7afe287Sopenharmony_ci 39c7afe287Sopenharmony_ci void AddPermission() 40c7afe287Sopenharmony_ci { 41c7afe287Sopenharmony_ci (void)remove(OAID_TRUSTLIST_EXTENSION_CONFIG_PATH.c_str()); 42c7afe287Sopenharmony_ci 43c7afe287Sopenharmony_ci if (!g_isGrant) { 44c7afe287Sopenharmony_ci Security::AccessToken::PermissionDef testPermDef = { 45c7afe287Sopenharmony_ci .permissionName = OAID_TRACKING_CONSENT_PERMISSION, 46c7afe287Sopenharmony_ci .bundleName = "test_oaid", 47c7afe287Sopenharmony_ci .grantMode = Security::AccessToken::GrantMode::USER_GRANT, 48c7afe287Sopenharmony_ci .availableLevel = Security::AccessToken::APL_SYSTEM_BASIC, 49c7afe287Sopenharmony_ci .label = "label", 50c7afe287Sopenharmony_ci .labelId = 1, 51c7afe287Sopenharmony_ci .description = "test oaid", 52c7afe287Sopenharmony_ci .descriptionId = 1, 53c7afe287Sopenharmony_ci }; 54c7afe287Sopenharmony_ci 55c7afe287Sopenharmony_ci Security::AccessToken::PermissionStateFull testState = { 56c7afe287Sopenharmony_ci .isGeneral = true, 57c7afe287Sopenharmony_ci .grantStatus = {Security::AccessToken::PermissionState::PERMISSION_GRANTED}, 58c7afe287Sopenharmony_ci .permissionName = OAID_TRACKING_CONSENT_PERMISSION, 59c7afe287Sopenharmony_ci .grantFlags = {Security::AccessToken::PermissionFlag::PERMISSION_USER_FIXED}, 60c7afe287Sopenharmony_ci .resDeviceID = {"local"}, 61c7afe287Sopenharmony_ci }; 62c7afe287Sopenharmony_ci 63c7afe287Sopenharmony_ci Security::AccessToken::HapInfoParams testInfoParms = { 64c7afe287Sopenharmony_ci .userID = 1, 65c7afe287Sopenharmony_ci .bundleName = "test_oaid", 66c7afe287Sopenharmony_ci .instIndex = 0, 67c7afe287Sopenharmony_ci .appIDDesc = "test", 68c7afe287Sopenharmony_ci .isSystemApp = true 69c7afe287Sopenharmony_ci }; 70c7afe287Sopenharmony_ci 71c7afe287Sopenharmony_ci Security::AccessToken::HapPolicyParams testPolicyPrams = { 72c7afe287Sopenharmony_ci .apl = Security::AccessToken::APL_SYSTEM_BASIC, 73c7afe287Sopenharmony_ci .domain = "test.domain", 74c7afe287Sopenharmony_ci .permList = {testPermDef}, 75c7afe287Sopenharmony_ci .permStateList = {testState}, 76c7afe287Sopenharmony_ci }; 77c7afe287Sopenharmony_ci 78c7afe287Sopenharmony_ci auto tokenID = Security::AccessToken::AccessTokenKit::AllocHapToken(testInfoParms, testPolicyPrams); 79c7afe287Sopenharmony_ci SetSelfTokenID(tokenID.tokenIDEx); 80c7afe287Sopenharmony_ci 81c7afe287Sopenharmony_ci g_isGrant = true; 82c7afe287Sopenharmony_ci } 83c7afe287Sopenharmony_ci } 84c7afe287Sopenharmony_ci 85c7afe287Sopenharmony_ci bool OAIDFuzzTest(const uint8_t* rawData, size_t size) 86c7afe287Sopenharmony_ci { 87c7afe287Sopenharmony_ci uint32_t startCode = static_cast<uint32_t>(OHOS::Cloud::OAIDInterfaceCode::GET_OAID); 88c7afe287Sopenharmony_ci uint32_t endCode = static_cast<uint32_t>(OHOS::Cloud::OAIDInterfaceCode::RESET_OAID); 89c7afe287Sopenharmony_ci for (uint32_t code = startCode; code <= endCode; code++) { 90c7afe287Sopenharmony_ci MessageParcel data; 91c7afe287Sopenharmony_ci data.WriteInterfaceToken(OAID_INTERFACE_TOKEN); 92c7afe287Sopenharmony_ci MessageParcel reply; 93c7afe287Sopenharmony_ci MessageOption option; 94c7afe287Sopenharmony_ci auto oaidService = 95c7afe287Sopenharmony_ci sptr<Cloud::OAIDService>(new (std::nothrow) Cloud::OAIDService()); 96c7afe287Sopenharmony_ci oaidService->OnRemoteRequest(code, data, reply, option); 97c7afe287Sopenharmony_ci } 98c7afe287Sopenharmony_ci 99c7afe287Sopenharmony_ci return true; 100c7afe287Sopenharmony_ci } 101c7afe287Sopenharmony_ci} 102c7afe287Sopenharmony_ci 103c7afe287Sopenharmony_ci/* Fuzzer entry point */ 104c7afe287Sopenharmony_ciextern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) 105c7afe287Sopenharmony_ci{ 106c7afe287Sopenharmony_ci /* Run your code on data */ 107c7afe287Sopenharmony_ci OHOS::AddPermission(); 108c7afe287Sopenharmony_ci OHOS::OAIDFuzzTest(data, size); 109c7afe287Sopenharmony_ci return 0; 110c7afe287Sopenharmony_ci} 111c7afe287Sopenharmony_ci 112