1/* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15#include "hostapd_common_fuzzer.h" 16 17#define WLAN_FREQ_MAX_NUM 35 18#define ETH_ADDR_LEN 6 19#define BITS_NUM_24 24 20#define BITS_NUM_16 16 21#define BITS_NUM_8 8 22#define BUFFSIZE_REQUEST 4096 23 24static uint32_t g_wpaTestSize = 0; 25struct IHostapdCallback *g_hostapdCallbackObj = nullptr; 26 27uint32_t SetWpaDataSize(const uint32_t *dataSize) 28{ 29 if (dataSize != nullptr) { 30 g_wpaTestSize = *dataSize; 31 return HDF_SUCCESS; 32 } 33 HDF_LOGE("%{public}s: set data size failed!", __FUNCTION__); 34 return HDF_FAILURE; 35} 36 37uint32_t GetWpaDataSize(uint32_t *dataSize) 38{ 39 if (dataSize != nullptr) { 40 *dataSize = g_wpaTestSize; 41 return HDF_SUCCESS; 42 } 43 HDF_LOGE("%{public}s: get data size failed!", __FUNCTION__); 44 return HDF_FAILURE; 45} 46 47uint32_t Convert2Uint32(const uint8_t *ptr) 48{ 49 if (ptr == nullptr) { 50 return 0; 51 } 52 /* 53 * Move the 0th digit 24 to the left, the first digit 16 to the left, the second digit 8 to the left, 54 * and the third digit no left 55 */ 56 return (ptr[0] << BITS_NUM_24) | (ptr[1] << BITS_NUM_16) | (ptr[2] << BITS_NUM_8) | (ptr[3]); 57} 58 59bool PreProcessRawData(const uint8_t *rawData, size_t size, uint8_t *tmpRawData, size_t tmpRawDataSize) 60{ 61 if (rawData == nullptr || tmpRawData == nullptr) { 62 HDF_LOGE("%{public}s: rawData or tmpRawData is nullptr!", __FUNCTION__); 63 return false; 64 } 65 uint32_t dataSize = size - OFFSET; 66 if (memcpy_s(tmpRawData, tmpRawDataSize, rawData + OFFSET, dataSize) != EOK) { 67 HDF_LOGE("%{public}s: memcpy_s failed!", __FUNCTION__); 68 return false; 69 } 70 if (SetWpaDataSize(&dataSize) != HDF_SUCCESS) { 71 HDF_LOGE("%{public}s: set data size failed!", __FUNCTION__); 72 return false; 73 } 74 return true; 75} 76 77void FuzzHostapdInterfaceStartAp(struct IHostapdInterface *interface, const uint8_t *rawData) 78{ 79 interface->StartAp(interface); 80 HDF_LOGI("%{public}s: success", __FUNCTION__); 81} 82 83void FuzzHostapdInterfaceStopAp(struct IHostapdInterface *interface, const uint8_t *rawData) 84{ 85 interface->StopAp(interface); 86 HDF_LOGI("%{public}s: success", __FUNCTION__); 87} 88 89void FuzzHostapdInterfaceEnableAp(struct IHostapdInterface *interface, const uint8_t *rawData) 90{ 91 const char *ifName = reinterpret_cast<const char *>(rawData); 92 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 93 94 interface->EnableAp(interface, ifName, id); 95 HDF_LOGI("%{public}s: success", __FUNCTION__); 96} 97 98void FuzzHostapdInterfaceDisableAp(struct IHostapdInterface *interface, const uint8_t *rawData) 99{ 100 const char *ifName = reinterpret_cast<const char *>(rawData); 101 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 102 103 interface->DisableAp(interface, ifName, id); 104 HDF_LOGI("%{public}s: success", __FUNCTION__); 105} 106 107void FuzzHostapdInterfaceSetApPasswd(struct IHostapdInterface *interface, const uint8_t *rawData) 108{ 109 const char *ifName = reinterpret_cast<const char *>(rawData); 110 const char *pass = reinterpret_cast<const char *>(rawData); 111 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 112 113 interface->SetApPasswd(interface, ifName, pass, id); 114 HDF_LOGI("%{public}s: success", __FUNCTION__); 115} 116 117void FuzzHostapdInterfaceSetApName(struct IHostapdInterface *interface, const uint8_t *rawData) 118{ 119 const char *ifName = reinterpret_cast<const char *>(rawData); 120 const char *name = reinterpret_cast<const char *>(rawData); 121 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 122 123 interface->SetApName(interface, ifName, name, id); 124 HDF_LOGI("%{public}s: success", __FUNCTION__); 125} 126 127void FuzzHostapdInterfaceSetApBand(struct IHostapdInterface *interface, const uint8_t *rawData) 128{ 129 const char *ifName = reinterpret_cast<const char *>(rawData); 130 int32_t band = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 131 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 132 133 interface->SetApBand(interface, ifName, band, id); 134 HDF_LOGI("%{public}s: success", __FUNCTION__); 135} 136 137void FuzzHostapdInterfaceSetAp80211n(struct IHostapdInterface *interface, const uint8_t *rawData) 138{ 139 const char *ifName = reinterpret_cast<const char *>(rawData); 140 int32_t value = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 141 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 142 143 interface->SetAp80211n(interface, ifName, value, id); 144 HDF_LOGI("%{public}s: success", __FUNCTION__); 145} 146 147void FuzzHostapdInterfaceSetApWmm(struct IHostapdInterface *interface, const uint8_t *rawData) 148{ 149 const char *ifName = reinterpret_cast<const char *>(rawData); 150 int32_t value = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 151 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 152 153 interface->SetApWmm(interface, ifName, value, id); 154 HDF_LOGI("%{public}s: success", __FUNCTION__); 155} 156 157void FuzzHostapdInterfaceSetApChannel(struct IHostapdInterface *interface, const uint8_t *rawData) 158{ 159 const char *ifName = reinterpret_cast<const char *>(rawData); 160 int32_t channel = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 161 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 162 163 interface->SetApChannel(interface, ifName, channel, id); 164 HDF_LOGI("%{public}s: success", __FUNCTION__); 165} 166 167void FuzzHostapdInterfaceSetApMaxConn(struct IHostapdInterface *interface, const uint8_t *rawData) 168{ 169 const char *ifName = reinterpret_cast<const char *>(rawData); 170 int32_t maxConn = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 171 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 172 173 interface->SetApMaxConn(interface, ifName, maxConn, id); 174 HDF_LOGI("%{public}s: success", __FUNCTION__); 175} 176 177void FuzzHostapdInterfaceSetMacFilter(struct IHostapdInterface *interface, const uint8_t *rawData) 178{ 179 const char *ifName = reinterpret_cast<const char *>(rawData); 180 const char *mac = reinterpret_cast<const char *>(rawData); 181 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 182 183 interface->SetMacFilter(interface, ifName, mac, id); 184 HDF_LOGI("%{public}s: success", __FUNCTION__); 185} 186 187void FuzzHostapdInterfaceDelMacFilter(struct IHostapdInterface *interface, const uint8_t *rawData) 188{ 189 const char *ifName = reinterpret_cast<const char *>(rawData); 190 const char *mac = reinterpret_cast<const char *>(rawData); 191 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 192 193 interface->DelMacFilter(interface, ifName, mac, id); 194 HDF_LOGI("%{public}s: success", __FUNCTION__); 195} 196 197void FuzzHostapdInterfaceGetStaInfos(struct IHostapdInterface *interface, const uint8_t *rawData) 198{ 199 const char *ifName = reinterpret_cast<const char *>(rawData); 200 char buf[BUFFSIZE_REQUEST] = {0}; 201 uint32_t bufLen = *const_cast<uint32_t *>(reinterpret_cast<const uint32_t *>(rawData)); 202 int32_t size = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 203 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 204 205 interface->GetStaInfos(interface, ifName, buf, bufLen, size, id); 206 HDF_LOGI("%{public}s: success", __FUNCTION__); 207} 208 209void FuzzHostapdInterfaceDisassociateSta(struct IHostapdInterface *interface, const uint8_t *rawData) 210{ 211 const char *ifName = reinterpret_cast<const char *>(rawData); 212 const char *mac = reinterpret_cast<const char *>(rawData); 213 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 214 215 interface->DisassociateSta(interface, ifName, mac, id); 216 HDF_LOGI("%{public}s: success", __FUNCTION__); 217} 218 219void FuzzHostapdInterfaceRegisterEventCallback(struct IHostapdInterface *interface, const uint8_t *rawData) 220{ 221 const char *ifName = reinterpret_cast<const char *>(rawData); 222 223 interface->RegisterEventCallback(interface, g_hostapdCallbackObj, ifName); 224 HDF_LOGI("%{public}s: success", __FUNCTION__); 225} 226 227void FuzzHostapdInterfaceUnregisterEventCallback(struct IHostapdInterface *interface, const uint8_t *rawData) 228{ 229 const char *ifName = reinterpret_cast<const char *>(rawData); 230 231 interface->UnregisterEventCallback(interface, g_hostapdCallbackObj, ifName); 232 HDF_LOGI("%{public}s: success", __FUNCTION__); 233} 234 235void FuzzHostapdInterfaceReloadApConfigInfo(struct IHostapdInterface *interface, const uint8_t *rawData) 236{ 237 const char *ifName = reinterpret_cast<const char *>(rawData); 238 int32_t id = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 239 240 interface->ReloadApConfigInfo(interface, ifName, id); 241 HDF_LOGI("%{public}s: success", __FUNCTION__); 242} 243