1/* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15#include "wlan_common_fuzzer.h" 16 17#define WLAN_FREQ_MAX_NUM 35 18#define ETH_ADDR_LEN 6 19#define BITS_NUM_24 24 20#define BITS_NUM_16 16 21#define BITS_NUM_8 8 22 23static uint32_t g_wlanTestSize = 0; 24 25uint32_t SetWlanDataSize(const uint32_t *dataSize) 26{ 27 if (dataSize != nullptr) { 28 g_wlanTestSize = *dataSize; 29 return HDF_SUCCESS; 30 } 31 HDF_LOGE("%{public}s: set data size failed!", __FUNCTION__); 32 return HDF_FAILURE; 33} 34 35uint32_t GetWlanDataSize(uint32_t *dataSize) 36{ 37 if (dataSize != nullptr) { 38 *dataSize = g_wlanTestSize; 39 return HDF_SUCCESS; 40 } 41 HDF_LOGE("%{public}s: get data size failed!", __FUNCTION__); 42 return HDF_FAILURE; 43} 44 45uint32_t Convert2Uint32(const uint8_t *ptr) 46{ 47 if (ptr == nullptr) { 48 return 0; 49 } 50 /* 51 * Move the 0th digit 24 to the left, the first digit 16 to the left, the second digit 8 to the left, 52 * and the third digit no left 53 */ 54 return (ptr[0] << BITS_NUM_24) | (ptr[1] << BITS_NUM_16) | (ptr[2] << BITS_NUM_8) | (ptr[3]); 55} 56 57bool PreProcessRawData(const uint8_t *rawData, size_t size, uint8_t *tmpRawData, size_t tmpRawDataSize) 58{ 59 if (rawData == nullptr || tmpRawData == nullptr) { 60 HDF_LOGE("%{public}s: rawData or tmpRawData is nullptr!", __FUNCTION__); 61 return false; 62 } 63 uint32_t dataSize = size - OFFSET; 64 if (memcpy_s(tmpRawData, tmpRawDataSize, rawData + OFFSET, dataSize) != EOK) { 65 HDF_LOGE("%{public}s: memcpy_s failed!", __FUNCTION__); 66 return false; 67 } 68 if (SetWlanDataSize(&dataSize) != HDF_SUCCESS) { 69 HDF_LOGE("%{public}s: set data size failed!", __FUNCTION__); 70 return false; 71 } 72 return true; 73} 74 75void FuzzGetChipId(struct IWlanInterface *interface, const uint8_t *rawData) 76{ 77 uint8_t chipId = 0; 78 struct HdfFeatureInfo feature; 79 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 80 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 81 82 interface->GetChipId(interface, &feature, &chipId); 83 HDF_LOGI("%{public}s: success", __FUNCTION__); 84} 85 86void FuzzGetDeviceMacAddress(struct IWlanInterface *interface, const uint8_t *rawData) 87{ 88 uint8_t mac[ETH_ADDR_LEN] = {0}; 89 uint32_t macLen = ETH_ADDR_LEN; 90 struct HdfFeatureInfo feature; 91 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 92 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 93 94 interface->GetDeviceMacAddress(interface, &feature, mac, &macLen, 95 *const_cast<uint8_t *>(reinterpret_cast<const uint8_t *>(rawData))); 96 HDF_LOGI("%{public}s: success", __FUNCTION__); 97} 98 99void FuzzGetFeatureType(struct IWlanInterface *interface, const uint8_t *rawData) 100{ 101 int32_t featureType; 102 struct HdfFeatureInfo feature; 103 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 104 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 105 106 interface->GetFeatureType(interface, &feature, &featureType); 107 HDF_LOGI("%{public}s: success", __FUNCTION__); 108} 109 110void FuzzGetFreqsWithBand(struct IWlanInterface *interface, const uint8_t *rawData) 111{ 112 struct HdfFeatureInfo feature; 113 struct HdfWifiInfo wifiInfo; 114 int32_t freq[WLAN_FREQ_MAX_NUM] = {0}; 115 uint32_t freqLen = WLAN_FREQ_MAX_NUM; 116 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 117 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 118 wifiInfo.band = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 119 wifiInfo.size = *const_cast<uint32_t *>(reinterpret_cast<const uint32_t *>(rawData)); 120 121 interface->GetFreqsWithBand(interface, &feature, &wifiInfo, freq, &freqLen); 122 HDF_LOGI("%{public}s: success", __FUNCTION__); 123} 124 125void FuzzGetNetworkIfaceName(struct IWlanInterface *interface, const uint8_t *rawData) 126{ 127 char ifNames[IFNAMSIZ] = {0}; 128 struct HdfFeatureInfo feature; 129 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 130 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 131 132 interface->GetNetworkIfaceName(interface, &feature, ifNames, IFNAMSIZ); 133 HDF_LOGI("%{public}s: success", __FUNCTION__); 134} 135 136void FuzzSetMacAddress(struct IWlanInterface *interface, const uint8_t *rawData) 137{ 138 struct HdfFeatureInfo feature; 139 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 140 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 141 const uint8_t *mac = rawData; 142 uint32_t macLen = ETH_ADDR_LEN; 143 144 interface->SetMacAddress(interface, &feature, mac, macLen); 145 HDF_LOGI("%{public}s: success", __FUNCTION__); 146} 147 148void FuzzSetTxPower(struct IWlanInterface *interface, const uint8_t *rawData) 149{ 150 struct HdfFeatureInfo feature; 151 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 152 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 153 int32_t power = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 154 155 interface->SetTxPower(interface, &feature, power); 156 HDF_LOGI("%{public}s: success", __FUNCTION__); 157} 158 159void FuzzGetPowerMode(struct IWlanInterface *interface, const uint8_t *rawData) 160{ 161 uint8_t mode = 0; 162 struct HdfFeatureInfo feature; 163 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 164 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 165 166 interface->GetPowerMode(interface, &feature, &mode); 167 HDF_LOGI("%{public}s: success", __FUNCTION__); 168} 169 170void FuzzSetPowerMode(struct IWlanInterface *interface, const uint8_t *rawData) 171{ 172 struct HdfFeatureInfo feature; 173 feature.ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 174 feature.type = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 175 uint8_t mode = *const_cast<uint8_t *>(rawData); 176 177 interface->SetPowerMode(interface, &feature, mode); 178 HDF_LOGI("%{public}s: success", __FUNCTION__); 179} 180 181void FuzzGetIfNamesByChipId(struct IWlanInterface *interface, const uint8_t *rawData) 182{ 183 uint32_t num = 0; 184 char ifNames[IFNAMSIZ] = {0}; 185 uint8_t chipId = *const_cast<uint8_t *>(rawData); 186 187 interface->GetIfNamesByChipId(interface, chipId, ifNames, IFNAMSIZ, &num); 188 HDF_LOGI("%{public}s: success", __FUNCTION__); 189} 190 191void FuzzResetDriver(struct IWlanInterface *interface, const uint8_t *rawData) 192{ 193 uint8_t chipId = *const_cast<uint8_t *>(rawData); 194 const char *ifName = reinterpret_cast<const char *>(rawData); 195 196 interface->ResetDriver(interface, chipId, ifName); 197 HDF_LOGI("%{public}s: success", __FUNCTION__); 198} 199 200void FuzzStartChannelMeas(struct IWlanInterface *interface, const uint8_t *rawData) 201{ 202 const char *ifName = reinterpret_cast<const char *>(rawData); 203 struct MeasChannelParam measChannelParam; 204 measChannelParam.channelId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 205 measChannelParam.measTime = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 206 207 interface->StartChannelMeas(interface, ifName, &measChannelParam); 208 HDF_LOGI("%{public}s: success", __FUNCTION__); 209} 210 211void FuzzSetProjectionScreenParam(struct IWlanInterface *interface, const uint8_t *rawData) 212{ 213 const char *ifName = reinterpret_cast<const char *>(rawData); 214 struct ProjectionScreenCmdParam param; 215 param.buf = const_cast<int8_t *>(reinterpret_cast<const int8_t *>(rawData)); 216 param.bufLen = g_wlanTestSize; 217 param.cmdId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 218 219 interface->SetProjectionScreenParam(interface, ifName, ¶m); 220 HDF_LOGI("%{public}s: success", __FUNCTION__); 221} 222 223void FuzzWifiSendCmdIoctl(struct IWlanInterface *interface, const uint8_t *rawData) 224{ 225 const char *ifName = reinterpret_cast<const char *>(rawData); 226 int32_t cmdId = *const_cast<int32_t *>(reinterpret_cast<const int32_t *>(rawData)); 227 int8_t *paramBuf = const_cast<int8_t *>(reinterpret_cast<const int8_t *>(rawData)); 228 229 interface->WifiSendCmdIoctl(interface, ifName, cmdId, paramBuf, g_wlanTestSize); 230 HDF_LOGI("%{public}s: success", __FUNCTION__); 231} 232 233void FuzzGetFeatureByIfName(struct IWlanInterface *interface, const uint8_t *rawData) 234{ 235 struct HdfFeatureInfo featureInfo; 236 const char *ifName = reinterpret_cast<const char *>(rawData); 237 238 interface->GetFeatureByIfName(interface, ifName, &featureInfo); 239 HDF_LOGI("%{public}s: success", __FUNCTION__); 240} 241 242void FuzzGetStaInfo(struct IWlanInterface *interface, const uint8_t *rawData) 243{ 244 struct WifiStationInfo info; 245 const char *ifName = reinterpret_cast<const char *>(rawData); 246 const uint8_t *mac = rawData; 247 uint32_t macLen = ETH_ADDR_LEN; 248 249 interface->GetStaInfo(interface, ifName, &info, mac, macLen); 250 HDF_LOGI("%{public}s: success", __FUNCTION__); 251} 252 253void FuzzResetToFactoryMacAddress(struct IWlanInterface *interface, const uint8_t *rawData) 254{ 255 const char *ifName = const_cast<char *>(reinterpret_cast<const char *>(rawData)); 256 interface->ResetToFactoryMacAddress(interface, ifName); 257 HDF_LOGI("%{public}s: success", __FUNCTION__); 258} 259 260void FuzzGetChannelMeasResult(struct IWlanInterface *interface, const uint8_t *rawData) 261{ 262 const char *ifName = reinterpret_cast<const char *>(rawData); 263 struct MeasChannelResult measChannelResult = {0}; 264 265 interface->GetChannelMeasResult(interface, ifName, &measChannelResult); 266 HDF_LOGI("%{public}s: success", __FUNCTION__); 267} 268