diff --git a/test/fuzztest/BUILD.gn b/test/fuzztest/BUILD.gn index 8805c01582c4c7b14f52d52293ee061cd5808b2c..f9274481641f20ae5a854fe137a76d35e9aad283 100644 --- a/test/fuzztest/BUILD.gn +++ b/test/fuzztest/BUILD.gn @@ -67,6 +67,7 @@ group("fuzztest") { "ipc/native/src/core/hitraceinvoker_fuzzer:HitraceInvokerFuzzTest", "ipc/native/src/mock/acquirehandle_fuzzer:AcquireHandleFuzzTest", "ipc/native/src/mock/dbinderremotelistenermock_fuzzer:DBinderRemoteListenerMockFuzzTest", + "ipc/native/src/mock/ipcskeletonmock_fuzzer:IPCSkeletonMockFuzzTest", "ipc/native/src/mock/dbinderservicemock:dbinderservicemockfuzz", "dbinder/dbinder_service/src/dbinderservicenew_fuzzer:DBinderServiceNewFuzzTest", "dbinder/dbinder_service/src/socket/dbinderremotelistener_fuzzer:DBinderRemoteListenerFuzzTest", diff --git a/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/BUILD.gn b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..df655051e8507c46b3b89888cfebe85097eb9805 --- /dev/null +++ b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/BUILD.gn @@ -0,0 +1,37 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/test.gni") + +##############################fuzztest########################################## +ohos_fuzztest("IPCSkeletonMockFuzzTest") { + module_out_path = "ipc/ipc" + fuzz_config_file = "../ipcskeletonmock_fuzzer" + defines = [ + "private = public", + "protected = public", + ] + + sources = [ "ipcskeletonmock_fuzzer.cpp" ] + + deps = [ "../../../../../../../interfaces/innerkits/ipc_single:ipc_single_test" ] + + external_deps = [ + "c_utils:utils", + "hilog:libhilog", + "googletest:gmock", + "googletest:gtest", + ] +} diff --git a/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/corpus/init b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..7ade8a0faafeaedba7241e7d4a97b8e1f9691932 --- /dev/null +++ b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/corpus/init @@ -0,0 +1,16 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +FUZZ \ No newline at end of file diff --git a/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/ipcskeletonmock_fuzzer.cpp b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/ipcskeletonmock_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..f6089938c4096083f08d7157e1638dda580613fa --- /dev/null +++ b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/ipcskeletonmock_fuzzer.cpp @@ -0,0 +1,144 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "ipcskeletonmock_fuzzer.h" + +#include +#include +#include + +#include "ipc_object_proxy.h" +#include "ipc_skeleton.h" +#include "ipc_thread_skeleton.h" +#include "string_ex.h" + +using namespace testing; +using namespace testing::ext; + +namespace OHOS { +static constexpr size_t MAX_STR_LEN = 100; +class IPCSkeletonInterface { +public: + IPCSkeletonInterface() {}; + virtual ~IPCSkeletonInterface() {}; + + virtual IRemoteInvoker *GetProxyInvoker(IRemoteObject *object) = 0; + virtual IRemoteInvoker *GetActiveInvoker() = 0; + virtual IRemoteInvoker *GetDefaultInvoker() = 0; +}; + +class IPCSkeletonInterfaceMock : public IPCSkeletonInterface { +public: + IPCSkeletonInterfaceMock(); + ~IPCSkeletonInterfaceMock() override; + MOCK_METHOD(IRemoteInvoker *, GetProxyInvoker, (IRemoteObject * object), (override)); + MOCK_METHOD(IRemoteInvoker *, GetActiveInvoker, (), (override)); + MOCK_METHOD(IRemoteInvoker *, GetDefaultInvoker, (), (override)); +}; + +static void *g_interface = nullptr; + +IPCSkeletonInterfaceMock::IPCSkeletonInterfaceMock() +{ + g_interface = reinterpret_cast(this); +} + +IPCSkeletonInterfaceMock::~IPCSkeletonInterfaceMock() +{ + g_interface = nullptr; +} + +static IPCSkeletonInterface *GetIPCSkeletonInterface() +{ + return reinterpret_cast(g_interface); +} + +extern "C" { +IRemoteInvoker *IPCThreadSkeleton::GetProxyInvoker(IRemoteObject *object) +{ + if (g_interface == nullptr) { + return nullptr; + } + return GetIPCSkeletonInterface()->GetProxyInvoker(object); +} +IRemoteInvoker *IPCThreadSkeleton::GetActiveInvoker() +{ + if (g_interface == nullptr) { + return nullptr; + } + return GetIPCSkeletonInterface()->GetActiveInvoker(); +} + +IRemoteInvoker *IPCThreadSkeleton::GetDefaultInvoker() +{ + if (g_interface == nullptr) { + return nullptr; + } + return GetIPCSkeletonInterface()->GetDefaultInvoker(); +} +} + +static void FlushCommandsFuzzTest(FuzzedDataProvider &provider) +{ + int handle = provider.ConsumeIntegral(); + std::string descriptor = provider.ConsumeRandomLengthString(MAX_STR_LEN); + std::u16string descriptor16 = Str8ToStr16(descriptor); + sptr object = + new (std::nothrow) IPCObjectProxy(handle, descriptor16, IRemoteObject::IF_PROT_BINDER); + std::shared_ptr invoker = std::make_shared(); + if (invoker == nullptr || object == nullptr) { + return; + } + + NiceMock mock; + EXPECT_CALL(mock, GetProxyInvoker(object.GetRefPtr())).WillOnce(Return(invoker.get())); + IPCSkeleton &ipcSkeleton = IPCSkeleton::GetInstance(); + ipcSkeleton.FlushCommands(object.GetRefPtr()); +} + +static void SetCallingIdentityFuzzTest(FuzzedDataProvider &provider) +{ + std::shared_ptr invoker = std::make_shared(); + if (invoker == nullptr) { + return; + } + NiceMock mock; + EXPECT_CALL(mock, GetActiveInvoker()).WillOnce(Return(invoker.get())); + std::string identity = provider.ConsumeRandomLengthString(MAX_STR_LEN); + bool flag = provider.ConsumeBool(); + IPCSkeleton &ipcSkeleton = IPCSkeleton::GetInstance(); + ipcSkeleton.SetCallingIdentity(identity, flag); +} + +static void EnableIPCThreadReclaimFuzzTest(FuzzedDataProvider &provider) +{ + NiceMock mock; + EXPECT_CALL(mock, GetDefaultInvoker()).WillOnce(Return(nullptr)); + bool enable = provider.ConsumeBool(); + IPCSkeleton &ipcSkeleton = IPCSkeleton::GetInstance(); + ipcSkeleton.EnableIPCThreadReclaim(enable); +} +} // namespace OHOS + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + /* Run your code on data */ + FuzzedDataProvider provider(data, size); + OHOS::FlushCommandsFuzzTest(provider); + OHOS::SetCallingIdentityFuzzTest(provider); + OHOS::EnableIPCThreadReclaimFuzzTest(provider); + return 0; +} diff --git a/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/ipcskeletonmock_fuzzer.h b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/ipcskeletonmock_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..5a3a31ab2fc3b1cdb361f44fd7c3a8c9b1d494fe --- /dev/null +++ b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/ipcskeletonmock_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef IPCSKELETONMOCK_FUZZER_H +#define IPCSKELETONMOCK_FUZZER_H + +#define FUZZ_PROJECT_NAME "ipcskeletonmock_fuzzer" + +#endif // IPCSKELETONMOCK_FUZZER_H diff --git a/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/project.xml b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..226522bd2ad3eaf2db4f710f1924d82d2912c235 --- /dev/null +++ b/test/fuzztest/ipc/native/src/mock/ipcskeletonmock_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 10000 + + 300 + + 4096 + +