133eb0b6dSopenharmony_ci/*
233eb0b6dSopenharmony_ci * Copyright (c) 2023 Huawei Device Co., Ltd.
333eb0b6dSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License");
433eb0b6dSopenharmony_ci * you may not use this file except in compliance with the License.
533eb0b6dSopenharmony_ci * You may obtain a copy of the License at
633eb0b6dSopenharmony_ci *
733eb0b6dSopenharmony_ci *     http://www.apache.org/licenses/LICENSE-2.0
833eb0b6dSopenharmony_ci *
933eb0b6dSopenharmony_ci * Unless required by applicable law or agreed to in writing, software
1033eb0b6dSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS,
1133eb0b6dSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1233eb0b6dSopenharmony_ci * See the License for the specific language governing permissions and
1333eb0b6dSopenharmony_ci * limitations under the License.
1433eb0b6dSopenharmony_ci */
1533eb0b6dSopenharmony_ci
1633eb0b6dSopenharmony_ci#include "runscriptbuffer_fuzzer.h"
1733eb0b6dSopenharmony_ci#include "native_engine/impl/ark/ark_native_engine.h"
1833eb0b6dSopenharmony_ci#include "securec.h"
1933eb0b6dSopenharmony_ci
2033eb0b6dSopenharmony_ciusing namespace panda;
2133eb0b6dSopenharmony_ciusing namespace panda::ecmascript;
2233eb0b6dSopenharmony_ciusing panda::RuntimeOption;
2333eb0b6dSopenharmony_ci
2433eb0b6dSopenharmony_ci
2533eb0b6dSopenharmony_ci#define MAXBYTELEN sizeof(uint32_t)
2633eb0b6dSopenharmony_ci
2733eb0b6dSopenharmony_ciclass Engine {
2833eb0b6dSopenharmony_cipublic:
2933eb0b6dSopenharmony_ci    Engine()
3033eb0b6dSopenharmony_ci    {
3133eb0b6dSopenharmony_ci        RuntimeOption option;
3233eb0b6dSopenharmony_ci        option.SetLogLevel(RuntimeOption::LOG_LEVEL::ERROR);
3333eb0b6dSopenharmony_ci        vm_ = JSNApi::CreateJSVM(option);
3433eb0b6dSopenharmony_ci        arkNativeEngine_ = new ArkNativeEngine(vm_, nullptr);
3533eb0b6dSopenharmony_ci    }
3633eb0b6dSopenharmony_ci
3733eb0b6dSopenharmony_ci    void RunScriptBuffer(const char* path, std::vector<uint8_t>& buffer, bool isBundle)
3833eb0b6dSopenharmony_ci    {
3933eb0b6dSopenharmony_ci        arkNativeEngine_->RunScriptBuffer(path, buffer, isBundle);
4033eb0b6dSopenharmony_ci    }
4133eb0b6dSopenharmony_ci
4233eb0b6dSopenharmony_ci    void RunScriptBuffer(const std::string& path, uint8_t* buffer, size_t size, bool isBundle)
4333eb0b6dSopenharmony_ci    {
4433eb0b6dSopenharmony_ci        arkNativeEngine_->RunScriptBuffer(path, buffer, size, isBundle);
4533eb0b6dSopenharmony_ci    }
4633eb0b6dSopenharmony_ci
4733eb0b6dSopenharmony_ci    ~Engine()
4833eb0b6dSopenharmony_ci    {
4933eb0b6dSopenharmony_ci        if (arkNativeEngine_ != nullptr) {
5033eb0b6dSopenharmony_ci            delete arkNativeEngine_;
5133eb0b6dSopenharmony_ci            arkNativeEngine_ = nullptr;
5233eb0b6dSopenharmony_ci        }
5333eb0b6dSopenharmony_ci        if (vm_ != nullptr) {
5433eb0b6dSopenharmony_ci            JSNApi::DestroyJSVM(vm_);
5533eb0b6dSopenharmony_ci            vm_ = nullptr;
5633eb0b6dSopenharmony_ci        }
5733eb0b6dSopenharmony_ci    }
5833eb0b6dSopenharmony_ciprivate:
5933eb0b6dSopenharmony_ci    EcmaVM* vm_ {nullptr};
6033eb0b6dSopenharmony_ci    ArkNativeEngine* arkNativeEngine_ {nullptr};
6133eb0b6dSopenharmony_ci};
6233eb0b6dSopenharmony_ci
6333eb0b6dSopenharmony_cistatic Engine g_nativeEngine;
6433eb0b6dSopenharmony_ci
6533eb0b6dSopenharmony_cinamespace OHOS {
6633eb0b6dSopenharmony_ci    void RunScriptBufferFuzzTest(const uint8_t* data, size_t size)
6733eb0b6dSopenharmony_ci    {
6833eb0b6dSopenharmony_ci        const std::string path = "test.abc";
6933eb0b6dSopenharmony_ci        if (size <= 0) {
7033eb0b6dSopenharmony_ci            return;
7133eb0b6dSopenharmony_ci        }
7233eb0b6dSopenharmony_ci        double input = 0;
7333eb0b6dSopenharmony_ci        if (size > MAXBYTELEN) {
7433eb0b6dSopenharmony_ci            size = MAXBYTELEN;
7533eb0b6dSopenharmony_ci        }
7633eb0b6dSopenharmony_ci        if (memcpy_s(&input, MAXBYTELEN, data, size) != 0) {
7733eb0b6dSopenharmony_ci            std::cout << "memcpy_s failed!" << std::endl;
7833eb0b6dSopenharmony_ci            UNREACHABLE();
7933eb0b6dSopenharmony_ci        }
8033eb0b6dSopenharmony_ci
8133eb0b6dSopenharmony_ci        std::vector<uint8_t> vec(size, *data);
8233eb0b6dSopenharmony_ci        g_nativeEngine.RunScriptBuffer(path.c_str(), vec, true);
8333eb0b6dSopenharmony_ci        g_nativeEngine.RunScriptBuffer(path.c_str(), vec, false);
8433eb0b6dSopenharmony_ci        uint8_t* buffer = const_cast<uint8_t*>(data);
8533eb0b6dSopenharmony_ci        g_nativeEngine.RunScriptBuffer(path, buffer, size, true);
8633eb0b6dSopenharmony_ci        g_nativeEngine.RunScriptBuffer(path, buffer, size, false);
8733eb0b6dSopenharmony_ci    }
8833eb0b6dSopenharmony_ci}
8933eb0b6dSopenharmony_ci
9033eb0b6dSopenharmony_ci// Fuzzer entry point.
9133eb0b6dSopenharmony_ciextern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
9233eb0b6dSopenharmony_ci{
9333eb0b6dSopenharmony_ci    // Run your code on data.
9433eb0b6dSopenharmony_ci    OHOS::RunScriptBufferFuzzTest(data, size);
9533eb0b6dSopenharmony_ci    return 0;
9633eb0b6dSopenharmony_ci}