1eace7efcSopenharmony_ci/*
2eace7efcSopenharmony_ci * Copyright (c) 2024 Huawei Device Co., Ltd.
3eace7efcSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
4eace7efcSopenharmony_ci * you may not use this file except in compliance with the License.
5eace7efcSopenharmony_ci * You may obtain a copy of the License at
6eace7efcSopenharmony_ci *
7eace7efcSopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
8eace7efcSopenharmony_ci *
9eace7efcSopenharmony_ci * Unless required by applicable law or agreed to in writing, software
10eace7efcSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
11eace7efcSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12eace7efcSopenharmony_ci * See the License for the specific language governing permissions and
13eace7efcSopenharmony_ci * limitations under the License.
14eace7efcSopenharmony_ci */
15eace7efcSopenharmony_ci
16eace7efcSopenharmony_ci#include "pendingwantmanager_fuzzer.h"
17eace7efcSopenharmony_ci
18eace7efcSopenharmony_ci#include <cstddef>
19eace7efcSopenharmony_ci#include <cstdint>
20eace7efcSopenharmony_ci
21eace7efcSopenharmony_ci#define private public
22eace7efcSopenharmony_ci#include "pending_want_key.h"
23eace7efcSopenharmony_ci#include "pending_want_manager.h"
24eace7efcSopenharmony_ci#include "resident_process_manager.h"
25eace7efcSopenharmony_ci#include "sa_mgr_client.h"
26eace7efcSopenharmony_ci#include "task_data_persistence_mgr.h"
27eace7efcSopenharmony_ci#undef private
28eace7efcSopenharmony_ci
29eace7efcSopenharmony_ci#include "ability_record.h"
30eace7efcSopenharmony_ci
31eace7efcSopenharmony_ciusing namespace OHOS::AAFwk;
32eace7efcSopenharmony_ciusing namespace OHOS::AppExecFwk;
33eace7efcSopenharmony_ci
34eace7efcSopenharmony_cinamespace OHOS {
35eace7efcSopenharmony_cinamespace {
36eace7efcSopenharmony_ciconstexpr size_t FOO_MAX_LEN = 1024;
37eace7efcSopenharmony_ciconstexpr size_t U32_AT_SIZE = 4;
38eace7efcSopenharmony_ciconstexpr uint8_t ENABLE = 2;
39eace7efcSopenharmony_ci}
40eace7efcSopenharmony_ci
41eace7efcSopenharmony_ciuint32_t GetU32Data(const char* ptr)
42eace7efcSopenharmony_ci{
43eace7efcSopenharmony_ci    // convert fuzz input data to an integer
44eace7efcSopenharmony_ci    return (ptr[0] << 24) | (ptr[1] << 16) | (ptr[2] << 8) | ptr[3];
45eace7efcSopenharmony_ci}
46eace7efcSopenharmony_ci
47eace7efcSopenharmony_cisptr<Token> GetFuzzAbilityToken()
48eace7efcSopenharmony_ci{
49eace7efcSopenharmony_ci    AbilityRequest abilityRequest;
50eace7efcSopenharmony_ci    abilityRequest.appInfo.bundleName = "com.example.fuzzTest";
51eace7efcSopenharmony_ci    abilityRequest.abilityInfo.name = "MainAbility";
52eace7efcSopenharmony_ci    abilityRequest.abilityInfo.type = AbilityType::DATA;
53eace7efcSopenharmony_ci    std::shared_ptr<AbilityRecord> abilityRecord = AbilityRecord::CreateAbilityRecord(abilityRequest);
54eace7efcSopenharmony_ci    if (!abilityRecord) {
55eace7efcSopenharmony_ci        return nullptr;
56eace7efcSopenharmony_ci    }
57eace7efcSopenharmony_ci    return abilityRecord->GetToken();
58eace7efcSopenharmony_ci}
59eace7efcSopenharmony_ci
60eace7efcSopenharmony_cibool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
61eace7efcSopenharmony_ci{
62eace7efcSopenharmony_ci    bool boolParam = *data % ENABLE;
63eace7efcSopenharmony_ci    int intParam = static_cast<int>(GetU32Data(data));
64eace7efcSopenharmony_ci    int32_t int32Param = static_cast<int32_t>(GetU32Data(data));
65eace7efcSopenharmony_ci    size_t sizeParam = static_cast<size_t>(GetU32Data(data));
66eace7efcSopenharmony_ci    std::string stringParam(data, size);
67eace7efcSopenharmony_ci    Parcel wantParcel;
68eace7efcSopenharmony_ci    Want* want = nullptr;
69eace7efcSopenharmony_ci    if (wantParcel.WriteBuffer(data, size)) {
70eace7efcSopenharmony_ci        want = Want::Unmarshalling(wantParcel);
71eace7efcSopenharmony_ci        if (!want) {
72eace7efcSopenharmony_ci            return false;
73eace7efcSopenharmony_ci        }
74eace7efcSopenharmony_ci    }
75eace7efcSopenharmony_ci    sptr<IRemoteObject> token = GetFuzzAbilityToken();
76eace7efcSopenharmony_ci
77eace7efcSopenharmony_ci    // fuzz for PendingWantKey
78eace7efcSopenharmony_ci    auto pendingWantKey = std::make_shared<PendingWantKey>();
79eace7efcSopenharmony_ci    pendingWantKey->SetType(int32Param);
80eace7efcSopenharmony_ci    pendingWantKey->SetBundleName(stringParam);
81eace7efcSopenharmony_ci    pendingWantKey->SetRequestWho(stringParam);
82eace7efcSopenharmony_ci    pendingWantKey->SetRequestCode(int32Param);
83eace7efcSopenharmony_ci    pendingWantKey->SetRequestWant(*want);
84eace7efcSopenharmony_ci    pendingWantKey->SetRequestResolvedType(stringParam);
85eace7efcSopenharmony_ci    std::vector<WantsInfo> allWantsInfos;
86eace7efcSopenharmony_ci    pendingWantKey->SetAllWantsInfos(allWantsInfos);
87eace7efcSopenharmony_ci    pendingWantKey->SetFlags(int32Param);
88eace7efcSopenharmony_ci    pendingWantKey->SetCode(int32Param);
89eace7efcSopenharmony_ci    pendingWantKey->SetUserId(int32Param);
90eace7efcSopenharmony_ci    pendingWantKey->GetType();
91eace7efcSopenharmony_ci    pendingWantKey->GetBundleName();
92eace7efcSopenharmony_ci    pendingWantKey->GetRequestWho();
93eace7efcSopenharmony_ci    pendingWantKey->GetRequestCode();
94eace7efcSopenharmony_ci    pendingWantKey->GetRequestWant();
95eace7efcSopenharmony_ci    pendingWantKey->GetRequestResolvedType();
96eace7efcSopenharmony_ci    pendingWantKey->GetAllWantsInfos();
97eace7efcSopenharmony_ci    pendingWantKey->GetFlags();
98eace7efcSopenharmony_ci    pendingWantKey->GetCode();
99eace7efcSopenharmony_ci    pendingWantKey->GetUserId();
100eace7efcSopenharmony_ci
101eace7efcSopenharmony_ci    // fuzz for PendingWantManager
102eace7efcSopenharmony_ci    auto pendingWantManager = std::make_shared<PendingWantManager>();
103eace7efcSopenharmony_ci    WantSenderInfo wantSenderInfo;
104eace7efcSopenharmony_ci    pendingWantManager->GetWantSender(int32Param, int32Param, boolParam, wantSenderInfo, token);
105eace7efcSopenharmony_ci    pendingWantManager->GetWantSenderLocked(int32Param, int32Param, int32Param, wantSenderInfo, token);
106eace7efcSopenharmony_ci    PendingWantRecord pendingWantRecord;
107eace7efcSopenharmony_ci    pendingWantManager->MakeWantSenderCanceledLocked(pendingWantRecord);
108eace7efcSopenharmony_ci    pendingWantManager->GetPendingWantRecordByKey(pendingWantKey);
109eace7efcSopenharmony_ci    pendingWantManager->CheckPendingWantRecordByKey(pendingWantKey, pendingWantKey);
110eace7efcSopenharmony_ci    sptr<IWantSender> wantSenderPtr;
111eace7efcSopenharmony_ci    SenderInfo senderInfo;
112eace7efcSopenharmony_ci    pendingWantManager->SendWantSender(wantSenderPtr, senderInfo);
113eace7efcSopenharmony_ci    pendingWantManager->CancelWantSender(boolParam, wantSenderPtr);
114eace7efcSopenharmony_ci    pendingWantManager->CancelWantSenderLocked(pendingWantRecord, boolParam);
115eace7efcSopenharmony_ci    sptr<StartOptions> startoptions;
116eace7efcSopenharmony_ci    pendingWantManager->PendingWantStartAbilitys(allWantsInfos, startoptions,
117eace7efcSopenharmony_ci                                                 token, int32Param, int32Param, int32Param);
118eace7efcSopenharmony_ci    pendingWantManager->PendingWantPublishCommonEvent(*want, senderInfo, int32Param, int32Param);
119eace7efcSopenharmony_ci    pendingWantManager->PendingRecordIdCreate();
120eace7efcSopenharmony_ci    pendingWantManager->GetPendingWantRecordByCode(int32Param);
121eace7efcSopenharmony_ci    pendingWantManager->GetPendingWantUid(wantSenderPtr);
122eace7efcSopenharmony_ci    pendingWantManager->GetPendingWantUserId(wantSenderPtr);
123eace7efcSopenharmony_ci    pendingWantManager->GetPendingWantBundleName(wantSenderPtr);
124eace7efcSopenharmony_ci    pendingWantManager->GetPendingWantCode(wantSenderPtr);
125eace7efcSopenharmony_ci    pendingWantManager->GetPendingWantType(wantSenderPtr);
126eace7efcSopenharmony_ci    sptr<IWantReceiver> wantReceiverPtr;
127eace7efcSopenharmony_ci    pendingWantManager->RegisterCancelListener(wantSenderPtr, wantReceiverPtr);
128eace7efcSopenharmony_ci    pendingWantManager->UnregisterCancelListener(wantSenderPtr, wantReceiverPtr);
129eace7efcSopenharmony_ci    std::shared_ptr<Want> wantPtr;
130eace7efcSopenharmony_ci    pendingWantManager->GetPendingRequestWant(wantSenderPtr, wantPtr);
131eace7efcSopenharmony_ci    std::shared_ptr<WantSenderInfo> wantSenderInfoPtr;
132eace7efcSopenharmony_ci    pendingWantManager->GetWantSenderInfo(wantSenderPtr, wantSenderInfoPtr);
133eace7efcSopenharmony_ci    pendingWantManager->ClearPendingWantRecord(stringParam, int32Param);
134eace7efcSopenharmony_ci    pendingWantManager->ClearPendingWantRecordTask(stringParam, int32Param);
135eace7efcSopenharmony_ci
136eace7efcSopenharmony_ci    // fuzz for ResidentProcessManager
137eace7efcSopenharmony_ci    auto residentProcessManager = std::make_shared<ResidentProcessManager>();
138eace7efcSopenharmony_ci    std::vector<AppExecFwk::BundleInfo> bundleInfos;
139eace7efcSopenharmony_ci    residentProcessManager->StartResidentProcess(bundleInfos);
140eace7efcSopenharmony_ci    residentProcessManager->StartResidentProcessWithMainElement(bundleInfos, 0);
141eace7efcSopenharmony_ci    AppExecFwk::HapModuleInfo hapModuleInfo;
142eace7efcSopenharmony_ci    std::set<uint32_t> needEraseIndexSet;
143eace7efcSopenharmony_ci
144eace7efcSopenharmony_ci    // fuzz for SaMgrClient
145eace7efcSopenharmony_ci    auto saMgrClient = std::make_shared<SaMgrClient>();
146eace7efcSopenharmony_ci    saMgrClient->GetSystemAbility(int32Param);
147eace7efcSopenharmony_ci    saMgrClient->RegisterSystemAbility(int32Param, token);
148eace7efcSopenharmony_ci
149eace7efcSopenharmony_ci    // fuzz for TaskDataPersistenceMgr
150eace7efcSopenharmony_ci    auto taskDataPersistenceMgr = std::make_shared<TaskDataPersistenceMgr>();
151eace7efcSopenharmony_ci    std::list<InnerMissionInfo> missionInfoList;
152eace7efcSopenharmony_ci    taskDataPersistenceMgr->LoadAllMissionInfo(missionInfoList);
153eace7efcSopenharmony_ci    InnerMissionInfo innerMissionInfo;
154eace7efcSopenharmony_ci    taskDataPersistenceMgr->SaveMissionInfo(innerMissionInfo);
155eace7efcSopenharmony_ci    taskDataPersistenceMgr->DeleteMissionInfo(intParam);
156eace7efcSopenharmony_ci    taskDataPersistenceMgr->RemoveUserDir(int32Param);
157eace7efcSopenharmony_ci    MissionSnapshot missionSnapshot;
158eace7efcSopenharmony_ci    taskDataPersistenceMgr->SaveMissionSnapshot(intParam, missionSnapshot);
159eace7efcSopenharmony_ci    taskDataPersistenceMgr->GetSnapshot(intParam);
160eace7efcSopenharmony_ci    taskDataPersistenceMgr->GetMissionSnapshot(intParam, missionSnapshot, boolParam);
161eace7efcSopenharmony_ci    if (want) {
162eace7efcSopenharmony_ci        delete want;
163eace7efcSopenharmony_ci        want = nullptr;
164eace7efcSopenharmony_ci    }
165eace7efcSopenharmony_ci
166eace7efcSopenharmony_ci    return true;
167eace7efcSopenharmony_ci}
168eace7efcSopenharmony_ci}
169eace7efcSopenharmony_ci
170eace7efcSopenharmony_ci/* Fuzzer entry point */
171eace7efcSopenharmony_ciextern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
172eace7efcSopenharmony_ci{
173eace7efcSopenharmony_ci    /* Run your code on data */
174eace7efcSopenharmony_ci    if (data == nullptr) {
175eace7efcSopenharmony_ci        return 0;
176eace7efcSopenharmony_ci    }
177eace7efcSopenharmony_ci
178eace7efcSopenharmony_ci    /* Validate the length of size */
179eace7efcSopenharmony_ci    if (size < OHOS::U32_AT_SIZE || size > OHOS::FOO_MAX_LEN) {
180eace7efcSopenharmony_ci        return 0;
181eace7efcSopenharmony_ci    }
182eace7efcSopenharmony_ci
183eace7efcSopenharmony_ci    char* ch = (char*)malloc(size + 1);
184eace7efcSopenharmony_ci    if (ch == nullptr) {
185eace7efcSopenharmony_ci        std::cout << "malloc failed." << std::endl;
186eace7efcSopenharmony_ci        return 0;
187eace7efcSopenharmony_ci    }
188eace7efcSopenharmony_ci
189eace7efcSopenharmony_ci    (void)memset_s(ch, size + 1, 0x00, size + 1);
190eace7efcSopenharmony_ci    if (memcpy_s(ch, size, data, size) != EOK) {
191eace7efcSopenharmony_ci        std::cout << "copy failed." << std::endl;
192eace7efcSopenharmony_ci        free(ch);
193eace7efcSopenharmony_ci        ch = nullptr;
194eace7efcSopenharmony_ci        return 0;
195eace7efcSopenharmony_ci    }
196eace7efcSopenharmony_ci
197eace7efcSopenharmony_ci    OHOS::DoSomethingInterestingWithMyAPI(ch, size);
198eace7efcSopenharmony_ci    free(ch);
199eace7efcSopenharmony_ci    ch = nullptr;
200eace7efcSopenharmony_ci    return 0;
201eace7efcSopenharmony_ci}