!6433 包管理fuzz测试覆盖率0719

Merge pull request !6433 from sunjiakun/fuzz_coverage2

test/fuzztest/BUILD.gn

@@ -136,6 +136,7 @@ group("fuzztest") {
     "fuzztest_others/beforeaddextresource_fuzzer:BeforeAddExtResourceFuzzTest",
     "fuzztest_others/bmsextensionclient_fuzzer:BmsExtensionClientFuzzTest",
     "fuzztest_others/bundlecloneinstaller_fuzzer:BundlecloneinstallerFuzzTest",
+    "fuzztest_others/bundleconnectabilitymgr_fuzzer:BundleConnectAbilityMgrFuzzerTest",
     "fuzztest_others/checkfileparam_fuzzer:CheckFileParamFuzzTest",
     "fuzztest_others/checkmoduleexist_fuzzer:CheckModuleExistFuzzTest",
     "fuzztest_others/commonevent_fuzzer:CommonEventFuzzTest",
@@ -143,7 +144,10 @@ group("fuzztest") {
     "fuzztest_others/copytotempdir_fuzzer:CopyToTempDirFuzzTest",
     "fuzztest_others/createfd_fuzzer:CreateFdFuzzTest",
     "fuzztest_others/defaultapphost_fuzzer:DefaultAppHostFuzzerTest",
+    "fuzztest_others/defaultapphostimpl_fuzzer:DefaultAppHostImplFuzzerTest",
+    "fuzztest_others/defaultappmgr_fuzzer:DefaultAppMgrFuzzerTest",
     "fuzztest_others/defaultappproxy_fuzzer:DefaultAppProxyFuzzerTest",
+    "fuzztest_others/defaultapprdb_fuzzer:DefaultAppRdbFuzzerTest",
     "fuzztest_others/deleteappjumpcontrolrule_fuzzer:DeleteAppJumpControlRuleFuzzTest",
     "fuzztest_others/deletequickfix_fuzzer:DeleteQuickFixFuzzTest",
     "fuzztest_others/deleterulebycallerbundlename_fuzzer:DeleteRuleByCallerBundleNameFuzzTest",
@@ -167,6 +171,9 @@ group("fuzztest") {
     "fuzztest_others/parsesyscap_fuzzer:ParseSysCapFuzzTest",
     "fuzztest_others/permissiondef_fuzzer:PermissionDefFuzzTest",
     "fuzztest_others/processaddextresource_fuzzer:ProcessAddExtResourceFuzzTest",
+    "fuzztest_others/quickfixbootscanner_fuzzer:QuickFixBootScannerFuzzerTest",
+    "fuzztest_others/quickfixchecker_fuzzer:QuickFixCheckerFuzzerTest",
+    "fuzztest_others/quickfixdeployer_fuzzer:QuickFixDeployerFuzzerTest",
     "fuzztest_others/quickfixmanagerhost_fuzzer:QuickFixManagerHost",
     "fuzztest_others/quickfixstatuscallbackproxy_fuzzer:QuickFixStatusCallbackProxy",
     "fuzztest_others/removeextresourcesdb_fuzzer:RemoveExtResourcesDbFuzzTest",

test/fuzztest/fuzztest_application/bundleinstalldhost_fuzzer/bundleinstalldhost_fuzzer.cpp

@@ -13,6 +13,7 @@
  * limitations under the License.
  */
 
+#define private public
 #include "bundleinstalldhost_fuzzer.h"
 
 #include <cstddef>
@@ -26,26 +27,22 @@ using namespace OHOS::AppExecFwk;
 namespace OHOS {
 constexpr size_t FOO_MAX_LEN = 1024;
 constexpr size_t U32_AT_SIZE = 4;
-constexpr size_t MESSAGE_SIZE = 24;
+constexpr uint32_t CODE_MAX = 50;
 static InstalldHost installdHost;
 
-uint32_t GetU32Data(const char* ptr)
-{
-    return (ptr[0] << 24) | (ptr[1] << 16) | (ptr[2] << 8) | (ptr[3]);
-}
-
 bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
 {
-    uint32_t code = (GetU32Data(data) % MESSAGE_SIZE);
-    MessageParcel datas;
-    std::u16string descriptor = InstalldHost::GetDescriptor();
-    datas.WriteInterfaceToken(descriptor);
-    datas.WriteBuffer(data, size);
-    datas.RewindRead(0);
-    MessageParcel reply;
-    MessageOption option;
-    DelayedSingleton<BundleMgrService>::GetInstance()->OnStop();
-    installdHost.OnRemoteRequest(code, datas, reply, option);
+    for (uint32_t code = 0; code <= CODE_MAX; code++) {
+        MessageParcel datas;
+        std::u16string descriptor = InstalldHost::GetDescriptor();
+        datas.WriteInterfaceToken(descriptor);
+        datas.WriteBuffer(data, size);
+        datas.RewindRead(0);
+        MessageParcel reply;
+        MessageOption option;
+        DelayedSingleton<BundleMgrService>::GetInstance()->OnStop();
+        installdHost.OnRemoteRequest(code, datas, reply, option);
+    }
     return true;
 }
 }

test/fuzztest/fuzztest_others/bundlecloneinstaller_fuzzer/bundlecloneinstaller_fuzzer.cpp

@@ -60,12 +60,19 @@ namespace OHOS {
         InnerBundleInfo info;
         int32_t userId = static_cast<int32_t>(GetU32Data(data));
         int32_t appIndex = static_cast<int32_t>(GetU32Data(data));
+
         SetBundleDataMgr();
         bundleCloneInstall.InstallCloneApp(bundleName, userId, appIndex);
         bundleCloneInstall.UninstallCloneApp(bundleName, userId, appIndex);
         bundleCloneInstall.UninstallAllCloneApps(bundleName, userId);
+
+        bundleCloneInstall.ProcessCloneBundleInstall(bundleName, userId, appIndex);
+        bundleCloneInstall.ProcessCloneBundleUninstall(bundleName, userId, appIndex);
+        bundleCloneInstall.ResetInstallProperties();
+
         bundleCloneInstall.CreateCloneDataDir(info, userId, UID, appIndex);
         bundleCloneInstall.RemoveCloneDataDir(bundleName, userId, appIndex);
+        bundleCloneInstall.GetDataMgr();
         return true;
     }
 }

test/fuzztest/fuzztest_others/bundleconnectabilitymgr_fuzzer/BUILD.gn

@@ -0,0 +1,183 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import("//build/test.gni")
+import("../../../../appexecfwk.gni")
+import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni")
+
+module_output_path = "bundle_framework/bundle_framework"
+
+ohos_fuzztest("BundleConnectAbilityMgrFuzzerTest") {
+  fuzz_config_file =
+      "../../../fuzztest/fuzztest_others/bundleconnectabilitymgr_fuzzer"
+  use_exceptions = true
+  module_out_path = module_output_path
+  include_dirs = [
+    "//third_party/jsoncpp/include",
+    "//third_party/json/include",
+  ]
+  sources = bundle_mgr_source
+  sources -= [ "${services_path}/bundlemgr/src/bms_param.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/bms_param.cpp" ]
+  sources -= [ "${services_path}/bundlemgr/src/system_ability_helper.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/aot/aot_executor.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_operator.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_service.cpp",
+  ]
+
+  sources += [
+    "${services_path}/bundlemgr/test/mock/src/accesstoken_kit.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_permission_mgr.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_bundle_status.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_clean_cache.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_quick_fix_callback.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_status_receiver.cpp",
+    "${services_path}/bundlemgr/test/mock/src/system_ability_helper.cpp",
+  ]
+
+  sources += bundle_install_sources
+  sources -= [ "${services_path}/bundlemgr/src/installd_client.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/installd_client.cpp" ]
+  configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+
+  deps = [
+    "${bundle_framework_path}/test/sceneProject/unittest/driver_test/driver_feature:driver_feature_hap",
+    "${bundle_framework_path}/test/sceneProject/unittest/ohos_test:copy_ohos_test",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/bmsAccessTokentest1:bmsAccessTokentest1",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/bmsAccessTokentest3:bmsAccessTokentest3",
+    "${core_path}:appexecfwk_core",
+  ]
+  deps += bundle_install_deps
+
+  external_deps = [
+    "ability_base:want",
+    "ability_runtime:app_manager",
+    "access_token:el5_filekey_manager_sdk",
+    "access_token:libprivacy_sdk",
+    "access_token:libtokenid_sdk",
+    "appspawn:hnpapi",
+    "appverify:libhapverify",
+    "bounds_checking_function:libsec_shared",
+    "common_event_service:cesfwk_innerkits",
+    "eventhandler:libeventhandler",
+    "hilog:libhilog",
+    "hitrace:hitrace_meter",
+    "init:libbegetutil",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+  ]
+  external_deps += bundle_install_external_deps
+  defines = []
+  if (code_signature_enable) {
+    sources += [
+      "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp",
+      "${services_path}/bundlemgr/src/code_sign_helper.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include" ]
+    external_deps += [
+      "bounds_checking_function:libsec_shared",
+      "code_signature:libcode_sign_utils",
+      "ets_runtime:libcompiler_service",
+    ]
+    defines += [ "CODE_SIGNATURE_ENABLE" ]
+  }
+  if (configpolicy_enable) {
+    external_deps += [ "config_policy:configpolicy_util" ]
+    defines += [ "CONFIG_POLOCY_ENABLE" ]
+  }
+  if (account_enable) {
+    external_deps += [ "os_account:os_account_innerkits" ]
+    defines += [ "ACCOUNT_ENABLE" ]
+  }
+  if (bundle_framework_quick_fix) {
+    include_dirs += [ "${services_path}/bundlemgr/src/include/quick_fix" ]
+    sources += quick_fix
+    sources += [ "bundleconnectabilitymgr_fuzzer.cpp" ]
+    defines += [ "BUNDLE_FRAMEWORK_QUICK_FIX" ]
+  }
+  if (bundle_framework_free_install) {
+    sources += aging
+    sources += free_install
+    sources += distributed_manager
+    external_deps += [
+      "ability_runtime:ability_manager",
+      "ability_runtime:app_manager",
+      "battery_manager:batterysrv_client",
+      "device_usage_statistics:usagestatsinner",
+      "display_manager:displaymgr",
+      "power_manager:powermgr_client",
+      "syscap_codec:syscap_interface_shared",
+    ]
+    defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ]
+  }
+  if (global_resmgr_enable) {
+    defines += [ "GLOBAL_RESMGR_ENABLE" ]
+    external_deps += [ "resource_management:global_resmgr" ]
+  }
+  if (hicollie_enable) {
+    external_deps += [ "hicollie:libhicollie" ]
+    defines += [ "HICOLLIE_ENABLE" ]
+  }
+
+  if (hisysevent_enable) {
+    sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ]
+    external_deps += [ "hisysevent:libhisysevent" ]
+    defines += [ "HISYSEVENT_ENABLE" ]
+  }
+  if (storage_service_enable) {
+    external_deps += [ "storage_service:storage_manager_sa_proxy" ]
+    defines += [ "STORAGE_SERVICE_ENABLE" ]
+  }
+  configs += [ "../../../../services/bundlemgr:rdb_config" ]
+  external_deps += [ "relational_store:native_rdb" ]
+  sources -=
+      [ "${services_path}/bundlemgr/src/quick_fix/quick_fix_manager_rdb.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp",
+    "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp",
+    "${services_path}/bundlemgr/test/mock/src/bundle_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/test/mock/src/quick_fix_manager_rdb.cpp",
+  ]
+  if (bundle_framework_app_control) {
+    defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ]
+    sources += [
+      "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include/app_control" ]
+    external_deps += [ "c_utils:utils" ]
+  }
+  if (udmf_enabled) {
+    defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ]
+    external_deps += [ "udmf:utd_client" ]
+  }
+
+  if (bms_device_info_manager_part_enabled) {
+    external_deps += [
+      "device_info_manager:distributed_device_profile_common",
+      "device_info_manager:distributed_device_profile_sdk",
+    ]
+    defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ]
+  }
+}

test/fuzztest/fuzztest_others/bundleconnectabilitymgr_fuzzer/bundleconnectabilitymgr_fuzzer.cpp

@@ -0,0 +1,169 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "bundleconnectabilitymgr_fuzzer.h"
+
+#include <cstddef>
+#include <cstdint>
+
+#define private public
+#include "bundle_connect_ability_mgr.h"
+#include "securec.h"
+void DoSomething2(const char* data, size_t size){};
+using Want = OHOS::AAFwk::Want;
+using namespace OHOS::AppExecFwk;
+namespace OHOS {
+constexpr size_t FOO_MAX_LEN = 1024;
+constexpr size_t U32_AT_SIZE = 4;
+constexpr size_t MESSAGE_SIZE = 4;
+constexpr size_t DCAMERA_SHIFT_24 = 24;
+constexpr size_t DCAMERA_SHIFT_16 = 16;
+constexpr size_t DCAMERA_SHIFT_8 = 8;
+
+
+uint32_t GetU32Data(const char* ptr)
+{
+    return (ptr[0] << DCAMERA_SHIFT_24) | (ptr[1] << DCAMERA_SHIFT_16) | (ptr[2] << DCAMERA_SHIFT_8) | (ptr[3]);
+}
+
+bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
+{
+    BundleConnectAbilityMgr bundleConnectAbilityMgr;
+    Want want;
+    int32_t userId = reinterpret_cast<uintptr_t>(data);
+    int32_t flags = reinterpret_cast<uintptr_t>(data);
+    AbilityInfo abilityInfo;
+    sptr<IRemoteObject> callBack = nullptr;
+    bundleConnectAbilityMgr.QueryAbilityInfo(want, flags, userId, abilityInfo, callBack);
+    bundleConnectAbilityMgr.SilentInstall(want, userId, callBack);
+    bundleConnectAbilityMgr.UpgradeAtomicService(want, userId);
+    bundleConnectAbilityMgr.UpgradeAtomicService(want, userId);
+    bundleConnectAbilityMgr.UpgradeAtomicService(want, userId);
+    std::string installResult(data, size);
+    bundleConnectAbilityMgr.OnServiceCenterCall(installResult);
+    bundleConnectAbilityMgr.OnDelayedHeartbeat(installResult);
+    bundleConnectAbilityMgr.DeathRecipientSendCallback();
+    sptr<IRemoteObject> callerToken = nullptr;
+    bundleConnectAbilityMgr.ConnectAbility(want, callerToken);
+    bundleConnectAbilityMgr.ProcessPreload(want);
+    bundleConnectAbilityMgr.DisconnectAbility();
+    int32_t code = reinterpret_cast<uintptr_t>(data);
+    MessageParcel datas;
+    datas.WriteBuffer(data, size);
+    datas.RewindRead(0);
+    MessageParcel reply;
+    bundleConnectAbilityMgr.SendRequest(code, datas, reply);
+    TargetAbilityInfo targetAbilityInfo1;
+    FreeInstallParams freeInstallParams;
+    bundleConnectAbilityMgr.SilentInstall(targetAbilityInfo1, want, freeInstallParams, userId);
+    bundleConnectAbilityMgr.UpgradeCheck(targetAbilityInfo1, want, freeInstallParams, userId);
+    int32_t callingUid = reinterpret_cast<uintptr_t>(data);
+    std::vector<std::string> bundleNames = { std::string(data, size) };
+    std::vector<std::string> callingAppIds = { std::string(data, size) };
+    bundleConnectAbilityMgr.GetCallingInfo(userId, callingUid, bundleNames, callingAppIds);
+    InnerBundleInfo innerBundleInfo;
+    sptr<TargetAbilityInfo> targetAbilityInfo = nullptr;
+    bundleConnectAbilityMgr.GetTargetAbilityInfo(want, userId, innerBundleInfo, targetAbilityInfo);
+    bundleConnectAbilityMgr.CheckIsModuleNeedUpdate(innerBundleInfo, want, userId, callBack);
+    int32_t resultCode = reinterpret_cast<uintptr_t>(data);
+    std::string transactId(data, size);
+    bundleConnectAbilityMgr.SendCallBack(resultCode, want, userId, transactId);
+    freeInstallParams.callback = nullptr;
+    bundleConnectAbilityMgr.SendCallBack(transactId, freeInstallParams);
+    bundleConnectAbilityMgr.SendRequestToServiceCenter(flags, targetAbilityInfo1, want,
+        userId, freeInstallParams);
+    DoSomething2(data, size);
+    return true;
+}
+void DoSomething2(const char* data, size_t size)
+{
+    BundleConnectAbilityMgr bundleConnectAbilityMgr;
+    OHOS::sptr<OHOS::IRemoteObject> callBack = nullptr;
+    Want want;
+    int32_t userId = reinterpret_cast<uintptr_t>(data);
+    int32_t flags = reinterpret_cast<uintptr_t>(data);
+    TargetAbilityInfo targetAbilityInfo;
+    FreeInstallParams freeInstallParams;
+    freeInstallParams.callback = nullptr;
+    bundleConnectAbilityMgr.SendRequest(flags, targetAbilityInfo, want, userId,
+        freeInstallParams);
+    std::string transactId(data, size);
+    bundleConnectAbilityMgr.GetAbilityManagerServiceCallBack(transactId);
+    bundleConnectAbilityMgr.OutTimeMonitor(transactId);
+    bundleConnectAbilityMgr.GetTransactId();
+    int32_t resultCode = reinterpret_cast<uintptr_t>(data);
+    bundleConnectAbilityMgr.CallAbilityManager(resultCode, want, userId, callBack);
+    AbilityInfo abilityInfo;
+    InnerBundleInfo innerBundleInfo;
+    bundleConnectAbilityMgr.IsObtainAbilityInfo(want, flags, userId, abilityInfo,
+        callBack, innerBundleInfo);
+    bundleConnectAbilityMgr.GetAbilityMgrProxy();
+    std::mutex mutex_;
+    std::unique_lock<std::mutex> lock(mutex_);
+    bundleConnectAbilityMgr.WaitFromConnecting(lock);
+    bundleConnectAbilityMgr.WaitFromConnected(lock);
+    bundleConnectAbilityMgr.DisconnectDelay();
+    bundleConnectAbilityMgr.PreloadRequest(flags, targetAbilityInfo);
+    bundleConnectAbilityMgr.ProcessPreloadCheck(targetAbilityInfo);
+    ErmsCallerInfo callerInfo;
+    bundleConnectAbilityMgr.GetEcologicalCallerInfo(want, callerInfo, userId);
+    bundleConnectAbilityMgr.GetPreloadFlag();
+    std::string moduleName(data, size);
+    std::string bundleName(data, size);
+    OHOS::sptr<TargetAbilityInfo> targetAbilityInfo1 = nullptr;
+    bundleConnectAbilityMgr.GetPreloadList(bundleName, moduleName, userId, targetAbilityInfo1);
+    bundleConnectAbilityMgr.LoadDownloadService();
+    BmsExperienceRule rule;
+    bundleConnectAbilityMgr.CheckEcologicalRule(want, callerInfo, rule);
+    bundleConnectAbilityMgr.CheckIsOnDemandLoad(targetAbilityInfo);
+    bundleConnectAbilityMgr.GetModuleName(innerBundleInfo, want, moduleName);
+    bundleConnectAbilityMgr.CheckIsModuleNeedUpdateWrap(innerBundleInfo, want, userId, callBack);
+    bundleConnectAbilityMgr.CheckSubPackageName(innerBundleInfo, want);
+}
+}
+
+// Fuzzer entry point.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    if (data == nullptr) {
+        return 0;
+    }
+
+    if (size < OHOS::U32_AT_SIZE) {
+        return 0;
+    }
+
+    /* Validate the length of size */
+    if (size > OHOS::FOO_MAX_LEN) {
+        return 0;
+    }
+
+    char* ch = static_cast<char*>(malloc(size + 1));
+    if (ch == nullptr) {
+        return 0;
+    }
+
+    (void)memset_s(ch, size + 1, 0x00, size + 1);
+    if (memcpy_s(ch, size, data, size) != EOK) {
+        free(ch);
+        ch = nullptr;
+        return 0;
+    }
+    OHOS::DoSomethingInterestingWithMyAPI(ch, size);
+    free(ch);
+    ch = nullptr;
+    return 0;
+}

test/fuzztest/fuzztest_others/bundleconnectabilitymgr_fuzzer/bundleconnectabilitymgr_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_BUNDLECONNECTABILITYMGR_FUZZER_H
+#define TEST_FUZZTEST_BUNDLECONNECTABILITYMGR_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "bundleconnectabilitymgr_fuzzer"
+
+#endif

test/fuzztest/fuzztest_others/bundleconnectabilitymgr_fuzzer/corpus/init

@@ -0,0 +1,14 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ

test/fuzztest/fuzztest_others/bundleconnectabilitymgr_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>

test/fuzztest/fuzztest_others/defaultapphostimpl_fuzzer/BUILD.gn

@@ -0,0 +1,186 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import("//build/test.gni")
+import("../../../../appexecfwk.gni")
+import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni")
+
+module_output_path = "bundle_framework/bundle_framework"
+
+ohos_fuzztest("DefaultAppHostImplFuzzerTest") {
+  fuzz_config_file =
+      "../../../fuzztest/fuzztest_others/defaultapphostimpl_fuzzer"
+  use_exceptions = true
+  module_out_path = module_output_path
+  include_dirs = [
+    "//third_party/jsoncpp/include",
+    "//third_party/json/include",
+  ]
+  sources = bundle_mgr_source
+  sources -= [ "${services_path}/bundlemgr/src/bms_param.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/bms_param.cpp" ]
+  sources -= [ "${services_path}/bundlemgr/src/system_ability_helper.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/aot/aot_executor.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_operator.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_service.cpp",
+  ]
+
+  sources += [
+    "${services_path}/bundlemgr/test/mock/src/accesstoken_kit.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_permission_mgr.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_bundle_status.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_clean_cache.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_status_receiver.cpp",
+    "${services_path}/bundlemgr/test/mock/src/system_ability_helper.cpp",
+  ]
+
+  sources += bundle_install_sources
+  sources -= [ "${services_path}/bundlemgr/src/installd_client.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/installd_client.cpp" ]
+  sources += [ "defaultapphostimpl_fuzzer.cpp" ]
+
+  configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  if (target_cpu == "arm") {
+    cflags += [ "-DBINDER_IPC_32BIT" ]
+  }
+  deps = [
+    "${bundle_framework_path}/test/sceneProject/unittest/ohos_test:copy_ohos_test",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/defaultAppTest:defaultAppTest",
+    "${core_path}:appexecfwk_core",
+  ]
+  deps += bundle_install_deps
+
+  external_deps = [
+    "ability_base:want",
+    "ability_runtime:app_manager",
+    "access_token:el5_filekey_manager_sdk",
+    "access_token:libprivacy_sdk",
+    "access_token:libtokenid_sdk",
+    "appspawn:hnpapi",
+    "appverify:libhapverify",
+    "bounds_checking_function:libsec_shared",
+    "common_event_service:cesfwk_innerkits",
+    "eventhandler:libeventhandler",
+    "hilog:libhilog",
+    "hitrace:hitrace_meter",
+    "init:libbegetutil",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+  ]
+  external_deps += bundle_install_external_deps
+  defines = []
+  if (code_signature_enable) {
+    sources += [
+      "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp",
+      "${services_path}/bundlemgr/src/code_sign_helper.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include" ]
+    external_deps += [
+      "bounds_checking_function:libsec_shared",
+      "code_signature:libcode_sign_utils",
+      "ets_runtime:libcompiler_service",
+    ]
+    defines += [ "CODE_SIGNATURE_ENABLE" ]
+  }
+  if (configpolicy_enable) {
+    external_deps += [ "config_policy:configpolicy_util" ]
+    defines += [ "CONFIG_POLOCY_ENABLE" ]
+  }
+  if (build_selinux) {
+    external_deps += [ "selinux_adapter:libhap_restorecon" ]
+    cflags += [ "-DWITH_SELINUX" ]
+  }
+  if (account_enable) {
+    external_deps += [ "os_account:os_account_innerkits" ]
+    defines += [ "ACCOUNT_ENABLE" ]
+  }
+  if (bundle_framework_free_install) {
+    sources += aging
+    sources += free_install
+    sources += distributed_manager
+    external_deps += [
+      "ability_runtime:ability_manager",
+      "ability_runtime:app_manager",
+      "battery_manager:batterysrv_client",
+      "device_usage_statistics:usagestatsinner",
+      "display_manager:displaymgr",
+      "power_manager:powermgr_client",
+      "syscap_codec:syscap_interface_shared",
+    ]
+    defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ]
+  }
+  if (global_resmgr_enable) {
+    defines += [ "GLOBAL_RESMGR_ENABLE" ]
+    external_deps += [ "resource_management:global_resmgr" ]
+  }
+  if (hicollie_enable) {
+    external_deps += [ "hicollie:libhicollie" ]
+    defines += [ "HICOLLIE_ENABLE" ]
+  }
+
+  if (hisysevent_enable) {
+    sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ]
+    external_deps += [ "hisysevent:libhisysevent" ]
+    defines += [ "HISYSEVENT_ENABLE" ]
+  }
+
+  if (bundle_framework_default_app) {
+    sources += default_app
+    defines += [ "BUNDLE_FRAMEWORK_DEFAULT_APP" ]
+  }
+
+  if (storage_service_enable) {
+    external_deps += [ "storage_service:storage_manager_sa_proxy" ]
+    defines += [ "STORAGE_SERVICE_ENABLE" ]
+  }
+
+  configs += [ "../../../../services/bundlemgr:rdb_config" ]
+  external_deps += [ "relational_store:native_rdb" ]
+  sources += [
+    "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp",
+    "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp",
+  ]
+  if (bundle_framework_app_control) {
+    defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ]
+    sources += [
+      "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include/app_control" ]
+    external_deps += [ "c_utils:utils" ]
+  }
+  if (udmf_enabled) {
+    defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ]
+    external_deps += [ "udmf:utd_client" ]
+  }
+
+  if (bms_device_info_manager_part_enabled) {
+    external_deps += [
+      "device_info_manager:distributed_device_profile_common",
+      "device_info_manager:distributed_device_profile_sdk",
+    ]
+    defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ]
+  }
+}

test/fuzztest/fuzztest_others/defaultapphostimpl_fuzzer/corpus/init

@@ -0,0 +1,14 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ

test/fuzztest/fuzztest_others/defaultapphostimpl_fuzzer/defaultapphostimpl_fuzzer.cpp

@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#define private public
+#define protected public
+
+#include <cstddef>
+#include <cstdint>
+
+#include "app_control_proxy.h"
+
+#include "defaultapphostimpl_fuzzer.h"
+#include "default_app_host_impl.h"
+
+using namespace OHOS::AppExecFwk;
+namespace OHOS {
+    bool DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
+    {
+        std::string type(reinterpret_cast<const char *>(data), size);
+        BundleInfo bundleInfo;
+        Element element;
+        element.bundleName = "";
+        AAFwk::Want want;
+        want.SetElementName("", "");
+
+        bool isDefaultApp = false;
+        auto defaultAppHostImpl_ = std::make_shared<DefaultAppHostImpl>();
+        defaultAppHostImpl_->GetDefaultApplication(reinterpret_cast<uintptr_t>(data), type, bundleInfo);
+        defaultAppHostImpl_->IsDefaultApplication(type, isDefaultApp);
+        defaultAppHostImpl_->SetDefaultApplication(reinterpret_cast<uintptr_t>(data), type, want);
+        defaultAppHostImpl_->ResetDefaultApplication(reinterpret_cast<uintptr_t>(data), type);
+
+        return true;
+    }
+}
+
+// Fuzzer entry point.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    // Run your code on data.
+    OHOS::DoSomethingInterestingWithMyAPI(data, size);
+    return 0;
+}

test/fuzztest/fuzztest_others/defaultapphostimpl_fuzzer/defaultapphostimpl_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_DEFAULTAPPHOSTIMPL_FUZZER_H
+#define TEST_FUZZTEST_DEFAULTAPPHOSTIMPL_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "DefaultAppHostImplFuzzerTest_fuzzer"
+
+#endif

test/fuzztest/fuzztest_others/defaultapphostimpl_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>

test/fuzztest/fuzztest_others/defaultappmgr_fuzzer/BUILD.gn

@@ -0,0 +1,185 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import("//build/test.gni")
+import("../../../../appexecfwk.gni")
+import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni")
+
+module_output_path = "bundle_framework/bundle_framework"
+
+ohos_fuzztest("DefaultAppMgrFuzzerTest") {
+  fuzz_config_file = "../../../fuzztest/fuzztest_others/defaultappmgr_fuzzer"
+  use_exceptions = true
+  module_out_path = module_output_path
+  include_dirs = [
+    "//third_party/jsoncpp/include",
+    "//third_party/json/include",
+  ]
+  sources = bundle_mgr_source
+  sources -= [ "${services_path}/bundlemgr/src/bms_param.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/bms_param.cpp" ]
+  sources -= [ "${services_path}/bundlemgr/src/system_ability_helper.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/aot/aot_executor.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_operator.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_service.cpp",
+  ]
+
+  sources += [
+    "${services_path}/bundlemgr/test/mock/src/accesstoken_kit.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_permission_mgr.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_bundle_status.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_clean_cache.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_status_receiver.cpp",
+    "${services_path}/bundlemgr/test/mock/src/system_ability_helper.cpp",
+  ]
+
+  sources += bundle_install_sources
+  sources -= [ "${services_path}/bundlemgr/src/installd_client.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/installd_client.cpp" ]
+  sources += [ "defaultappmgr_fuzzer.cpp" ]
+
+  configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  if (target_cpu == "arm") {
+    cflags += [ "-DBINDER_IPC_32BIT" ]
+  }
+  deps = [
+    "${bundle_framework_path}/test/sceneProject/unittest/ohos_test:copy_ohos_test",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/defaultAppTest:defaultAppTest",
+    "${core_path}:appexecfwk_core",
+  ]
+  deps += bundle_install_deps
+
+  external_deps = [
+    "ability_base:want",
+    "ability_runtime:app_manager",
+    "access_token:el5_filekey_manager_sdk",
+    "access_token:libprivacy_sdk",
+    "access_token:libtokenid_sdk",
+    "appspawn:hnpapi",
+    "appverify:libhapverify",
+    "bounds_checking_function:libsec_shared",
+    "common_event_service:cesfwk_innerkits",
+    "eventhandler:libeventhandler",
+    "hilog:libhilog",
+    "hitrace:hitrace_meter",
+    "init:libbegetutil",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+  ]
+  external_deps += bundle_install_external_deps
+  defines = []
+  if (code_signature_enable) {
+    sources += [
+      "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp",
+      "${services_path}/bundlemgr/src/code_sign_helper.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include" ]
+    external_deps += [
+      "bounds_checking_function:libsec_shared",
+      "code_signature:libcode_sign_utils",
+      "ets_runtime:libcompiler_service",
+    ]
+    defines += [ "CODE_SIGNATURE_ENABLE" ]
+  }
+  if (configpolicy_enable) {
+    external_deps += [ "config_policy:configpolicy_util" ]
+    defines += [ "CONFIG_POLOCY_ENABLE" ]
+  }
+  if (build_selinux) {
+    external_deps += [ "selinux_adapter:libhap_restorecon" ]
+    cflags += [ "-DWITH_SELINUX" ]
+  }
+  if (account_enable) {
+    external_deps += [ "os_account:os_account_innerkits" ]
+    defines += [ "ACCOUNT_ENABLE" ]
+  }
+  if (bundle_framework_free_install) {
+    sources += aging
+    sources += free_install
+    sources += distributed_manager
+    external_deps += [
+      "ability_runtime:ability_manager",
+      "ability_runtime:app_manager",
+      "battery_manager:batterysrv_client",
+      "device_usage_statistics:usagestatsinner",
+      "display_manager:displaymgr",
+      "power_manager:powermgr_client",
+      "syscap_codec:syscap_interface_shared",
+    ]
+    defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ]
+  }
+  if (global_resmgr_enable) {
+    defines += [ "GLOBAL_RESMGR_ENABLE" ]
+    external_deps += [ "resource_management:global_resmgr" ]
+  }
+  if (hicollie_enable) {
+    external_deps += [ "hicollie:libhicollie" ]
+    defines += [ "HICOLLIE_ENABLE" ]
+  }
+
+  if (hisysevent_enable) {
+    sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ]
+    external_deps += [ "hisysevent:libhisysevent" ]
+    defines += [ "HISYSEVENT_ENABLE" ]
+  }
+
+  if (bundle_framework_default_app) {
+    sources += default_app
+    defines += [ "BUNDLE_FRAMEWORK_DEFAULT_APP" ]
+  }
+
+  if (storage_service_enable) {
+    external_deps += [ "storage_service:storage_manager_sa_proxy" ]
+    defines += [ "STORAGE_SERVICE_ENABLE" ]
+  }
+
+  configs += [ "../../../../services/bundlemgr:rdb_config" ]
+  external_deps += [ "relational_store:native_rdb" ]
+  sources += [
+    "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp",
+    "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp",
+  ]
+  if (bundle_framework_app_control) {
+    defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ]
+    sources += [
+      "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include/app_control" ]
+    external_deps += [ "c_utils:utils" ]
+  }
+  if (udmf_enabled) {
+    defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ]
+    external_deps += [ "udmf:utd_client" ]
+  }
+
+  if (bms_device_info_manager_part_enabled) {
+    external_deps += [
+      "device_info_manager:distributed_device_profile_common",
+      "device_info_manager:distributed_device_profile_sdk",
+    ]
+    defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ]
+  }
+}

test/fuzztest/fuzztest_others/defaultappmgr_fuzzer/corpus/init

@@ -0,0 +1,14 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ

test/fuzztest/fuzztest_others/defaultappmgr_fuzzer/defaultappmgr_fuzzer.cpp

@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#define private public
+#define protected public
+
+#include <cstddef>
+#include <cstdint>
+
+#include "app_control_proxy.h"
+
+#include "defaultappmgr_fuzzer.h"
+#include "default_app_mgr.h"
+
+using namespace OHOS::AppExecFwk;
+namespace OHOS {
+    bool DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
+    {
+        bool ret = false;
+        std::string type(reinterpret_cast<const char *>(data), size);
+
+        BundleInfo bundleInfo;
+        auto errorCode = DefaultAppMgr::GetInstance().GetDefaultApplication(
+            reinterpret_cast<uintptr_t>(data), type, bundleInfo);
+
+        Element element;
+        element.bundleName = "";
+        ret = DefaultAppMgr::GetInstance().VerifyElementFormat(element);
+        errorCode = DefaultAppMgr::GetInstance().SetDefaultApplication(
+            reinterpret_cast<uintptr_t>(data), type, element);
+        errorCode = DefaultAppMgr::GetInstance().ResetDefaultApplication(reinterpret_cast<uintptr_t>(data), type);
+        errorCode = DefaultAppMgr::GetInstance().IsDefaultApplication(reinterpret_cast<uintptr_t>(data), type, ret);
+        DefaultAppMgr::GetInstance().HandleCreateUser(reinterpret_cast<uintptr_t>(data));
+        DefaultAppMgr::GetInstance().HandleRemoveUser(reinterpret_cast<uintptr_t>(data));
+        DefaultAppMgr::GetInstance().HandleUninstallBundle(reinterpret_cast<uintptr_t>(data), type);
+        auto utd = DefaultAppMgr::GetInstance().Normalize(type);
+        errorCode = DefaultAppMgr::GetInstance().GetDefaultApplication(
+            reinterpret_cast<uintptr_t>(data), type, bundleInfo);
+        AAFwk::Want want;
+        want.SetElementName("", "");
+        ret = DefaultAppMgr::GetInstance().GetDefaultApplication(want,
+            reinterpret_cast<uintptr_t>(data), bundleInfo.abilityInfos, bundleInfo.extensionInfos, true);
+        DefaultAppMgr::GetInstance().GetBrokerBundleInfo(element, bundleInfo);
+        DefaultAppMgr::GetInstance().Init();
+        auto isAppType = DefaultAppMgr::GetInstance().IsAppType(type);
+        ret = DefaultAppMgr::GetInstance().GetBundleInfo(reinterpret_cast<uintptr_t>(data), type, element, bundleInfo);
+        ret = DefaultAppMgr::GetInstance().IsSpecificMimeType(type);
+        std::vector<Skill> skills;
+        ret = DefaultAppMgr::GetInstance().IsMatch(type, skills);
+        ret = DefaultAppMgr::GetInstance().IsUserIdExist(reinterpret_cast<uintptr_t>(data));
+        ret = DefaultAppMgr::GetInstance().IsElementEmpty(element);
+        ret = DefaultAppMgr::GetInstance().IsElementValid(reinterpret_cast<uintptr_t>(data), type, element);
+        ret = DefaultAppMgr::GetInstance().IsEmailWant(want);
+        auto str = DefaultAppMgr::GetInstance().GetUtdByWant(want);
+        str = DefaultAppMgr::GetInstance().GetType(want);
+        ret = DefaultAppMgr::GetInstance().IsEmailSkillsValid(skills);
+        ret = DefaultAppMgr::GetInstance().IsBrowserSkillsValid(skills);
+        ret = DefaultAppMgr::GetInstance().MatchAppType(type, skills);
+        ret = DefaultAppMgr::GetInstance().MatchUtd(type, skills);
+        ret = DefaultAppMgr::GetInstance().MatchActionAndType(type, type, skills);
+        ret = DefaultAppMgr::GetInstance().GetBrokerBundleInfo(element, bundleInfo);
+        errorCode = DefaultAppMgr::GetInstance().GetBundleInfoByAppType(reinterpret_cast<uintptr_t>(data),
+            type, bundleInfo);
+        errorCode = DefaultAppMgr::GetInstance().GetBundleInfoByUtd(reinterpret_cast<uintptr_t>(data),
+            type, bundleInfo);
+        errorCode = DefaultAppMgr::GetInstance().VerifyPermission(type);
+        return true;
+    }
+}
+
+// Fuzzer entry point.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    // Run your code on data.
+    OHOS::DoSomethingInterestingWithMyAPI(data, size);
+    return 0;
+}

test/fuzztest/fuzztest_others/defaultappmgr_fuzzer/defaultappmgr_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_DEFAULTAPPMGR_FUZZER_H
+#define TEST_FUZZTEST_DEFAULTAPPMGR_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "DefaultAppMgrFuzzerTest_fuzzer"
+
+#endif

test/fuzztest/fuzztest_others/defaultappmgr_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>

test/fuzztest/fuzztest_others/defaultapprdb_fuzzer/BUILD.gn

@@ -0,0 +1,185 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import("//build/test.gni")
+import("../../../../appexecfwk.gni")
+import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni")
+
+module_output_path = "bundle_framework/bundle_framework"
+
+ohos_fuzztest("DefaultAppRdbFuzzerTest") {
+  fuzz_config_file = "../../../fuzztest/fuzztest_others/defaultapprdb_fuzzer"
+  use_exceptions = true
+  module_out_path = module_output_path
+  include_dirs = [
+    "//third_party/jsoncpp/include",
+    "//third_party/json/include",
+  ]
+  sources = bundle_mgr_source
+  sources -= [ "${services_path}/bundlemgr/src/bms_param.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/bms_param.cpp" ]
+  sources -= [ "${services_path}/bundlemgr/src/system_ability_helper.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/aot/aot_executor.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_operator.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_service.cpp",
+  ]
+
+  sources += [
+    "${services_path}/bundlemgr/test/mock/src/accesstoken_kit.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_permission_mgr.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_bundle_status.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_clean_cache.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_status_receiver.cpp",
+    "${services_path}/bundlemgr/test/mock/src/system_ability_helper.cpp",
+  ]
+
+  sources += bundle_install_sources
+  sources -= [ "${services_path}/bundlemgr/src/installd_client.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/installd_client.cpp" ]
+  sources += [ "defaultapprdb_fuzzer.cpp" ]
+
+  configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  if (target_cpu == "arm") {
+    cflags += [ "-DBINDER_IPC_32BIT" ]
+  }
+  deps = [
+    "${bundle_framework_path}/test/sceneProject/unittest/ohos_test:copy_ohos_test",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/defaultAppTest:defaultAppTest",
+    "${core_path}:appexecfwk_core",
+  ]
+  deps += bundle_install_deps
+
+  external_deps = [
+    "ability_base:want",
+    "ability_runtime:app_manager",
+    "access_token:el5_filekey_manager_sdk",
+    "access_token:libprivacy_sdk",
+    "access_token:libtokenid_sdk",
+    "appspawn:hnpapi",
+    "appverify:libhapverify",
+    "bounds_checking_function:libsec_shared",
+    "common_event_service:cesfwk_innerkits",
+    "eventhandler:libeventhandler",
+    "hilog:libhilog",
+    "hitrace:hitrace_meter",
+    "init:libbegetutil",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+  ]
+  external_deps += bundle_install_external_deps
+  defines = []
+  if (code_signature_enable) {
+    sources += [
+      "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp",
+      "${services_path}/bundlemgr/src/code_sign_helper.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include" ]
+    external_deps += [
+      "bounds_checking_function:libsec_shared",
+      "code_signature:libcode_sign_utils",
+      "ets_runtime:libcompiler_service",
+    ]
+    defines += [ "CODE_SIGNATURE_ENABLE" ]
+  }
+  if (configpolicy_enable) {
+    external_deps += [ "config_policy:configpolicy_util" ]
+    defines += [ "CONFIG_POLOCY_ENABLE" ]
+  }
+  if (build_selinux) {
+    external_deps += [ "selinux_adapter:libhap_restorecon" ]
+    cflags += [ "-DWITH_SELINUX" ]
+  }
+  if (account_enable) {
+    external_deps += [ "os_account:os_account_innerkits" ]
+    defines += [ "ACCOUNT_ENABLE" ]
+  }
+  if (bundle_framework_free_install) {
+    sources += aging
+    sources += free_install
+    sources += distributed_manager
+    external_deps += [
+      "ability_runtime:ability_manager",
+      "ability_runtime:app_manager",
+      "battery_manager:batterysrv_client",
+      "device_usage_statistics:usagestatsinner",
+      "display_manager:displaymgr",
+      "power_manager:powermgr_client",
+      "syscap_codec:syscap_interface_shared",
+    ]
+    defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ]
+  }
+  if (global_resmgr_enable) {
+    defines += [ "GLOBAL_RESMGR_ENABLE" ]
+    external_deps += [ "resource_management:global_resmgr" ]
+  }
+  if (hicollie_enable) {
+    external_deps += [ "hicollie:libhicollie" ]
+    defines += [ "HICOLLIE_ENABLE" ]
+  }
+
+  if (hisysevent_enable) {
+    sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ]
+    external_deps += [ "hisysevent:libhisysevent" ]
+    defines += [ "HISYSEVENT_ENABLE" ]
+  }
+
+  if (bundle_framework_default_app) {
+    sources += default_app
+    defines += [ "BUNDLE_FRAMEWORK_DEFAULT_APP" ]
+  }
+
+  if (storage_service_enable) {
+    external_deps += [ "storage_service:storage_manager_sa_proxy" ]
+    defines += [ "STORAGE_SERVICE_ENABLE" ]
+  }
+
+  configs += [ "../../../../services/bundlemgr:rdb_config" ]
+  external_deps += [ "relational_store:native_rdb" ]
+  sources += [
+    "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp",
+    "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp",
+  ]
+  if (bundle_framework_app_control) {
+    defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ]
+    sources += [
+      "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include/app_control" ]
+    external_deps += [ "c_utils:utils" ]
+  }
+  if (udmf_enabled) {
+    defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ]
+    external_deps += [ "udmf:utd_client" ]
+  }
+
+  if (bms_device_info_manager_part_enabled) {
+    external_deps += [
+      "device_info_manager:distributed_device_profile_common",
+      "device_info_manager:distributed_device_profile_sdk",
+    ]
+    defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ]
+  }
+}

test/fuzztest/fuzztest_others/defaultapprdb_fuzzer/corpus/init

@@ -0,0 +1,14 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ

test/fuzztest/fuzztest_others/defaultapprdb_fuzzer/defaultapprdb_fuzzer.cpp

@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2022 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#define private public
+#define protected public
+
+#include <cstddef>
+#include <cstdint>
+
+#include "app_control_proxy.h"
+
+#include "defaultapprdb_fuzzer.h"
+#include "default_app_rdb.h"
+
+using namespace OHOS::AppExecFwk;
+namespace OHOS {
+    bool DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size)
+    {
+        bool ret = false;
+        std::string type(reinterpret_cast<const char *>(data), size);
+
+        BundleInfo bundleInfo;
+        Element element;
+        element.bundleName = "";
+        auto defaultAppDb_ = std::make_shared<DefaultAppRdb>();
+        defaultAppDb_->GetDefaultApplicationInfo(reinterpret_cast<uintptr_t>(data), type, element);
+        std::map<std::string, Element> currentInfos;
+        defaultAppDb_->GetDefaultApplicationInfos(reinterpret_cast<uintptr_t>(data), currentInfos);
+        std::map<std::string, Element> newInfos;
+        defaultAppDb_->SetDefaultApplicationInfos(reinterpret_cast<uintptr_t>(data), newInfos);
+        defaultAppDb_->SetDefaultApplicationInfo(reinterpret_cast<uintptr_t>(data), type, element);
+        defaultAppDb_->DeleteDefaultApplicationInfos(reinterpret_cast<uintptr_t>(data));
+        defaultAppDb_->DeleteDefaultApplicationInfo(reinterpret_cast<uintptr_t>(data), type);
+        defaultAppDb_->RegisterDeathListener();
+        defaultAppDb_->UnRegisterDeathListener();
+        defaultAppDb_->LoadDefaultApplicationConfig();
+        defaultAppDb_->LoadBackUpDefaultApplicationConfig();
+        defaultAppDb_->ConvertMimeTypeToUtd();
+        defaultAppDb_->DeleteDataFromDb(reinterpret_cast<uintptr_t>(data));
+        defaultAppDb_->SaveDataToDb(reinterpret_cast<uintptr_t>(data), newInfos);
+        defaultAppDb_->GetDataFromDb(reinterpret_cast<uintptr_t>(data), newInfos);
+        DefaultAppData defaultAppData;
+        const std::string DEFAULT_APP_JSON_PATH = "/etc/app/backup_default_app.json";
+        defaultAppDb_->ParseConfig(DEFAULT_APP_JSON_PATH, defaultAppData);
+        return true;
+}
+}
+// Fuzzer entry point.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    // Run your code on data.
+    OHOS::DoSomethingInterestingWithMyAPI(data, size);
+    return 0;
+}

test/fuzztest/fuzztest_others/defaultapprdb_fuzzer/defaultapprdb_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_DEFAULTAPPRDB_FUZZER_H
+#define TEST_FUZZTEST_DEFAULTAPPRDB_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "DefaultAppRdbFuzzerTest_fuzzer"
+
+#endif

test/fuzztest/fuzztest_others/defaultapprdb_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2022 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>

test/fuzztest/fuzztest_others/quickfixbootscanner_fuzzer/BUILD.gn

@@ -0,0 +1,179 @@
+# Copyright (c) 2021-2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/test.gni")
+import("../../../../appexecfwk.gni")
+import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni")
+
+module_output_path = "bundle_framework/bundle_framework"
+
+ohos_fuzztest("QuickFixBootScannerFuzzerTest") {
+  fuzz_config_file =
+      "../../../fuzztest/fuzztest_others/quickfixbootscanner_fuzzer"
+  use_exceptions = true
+  module_out_path = module_output_path
+  include_dirs = [ "//third_party/jsoncpp/include" ]
+  sources = bundle_mgr_source
+  sources -= [ "${services_path}/bundlemgr/src/system_ability_helper.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/aot/aot_executor.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_operator.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_service.cpp",
+  ]
+
+  sources += [
+    "${services_path}/bundlemgr/test/mock/src/accesstoken_kit.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_permission_mgr.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_quick_fix_callback.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_status_receiver.cpp",
+    "${services_path}/bundlemgr/test/mock/src/system_ability_helper.cpp",
+  ]
+
+  defines = []
+  sources += bundle_install_sources
+  sources -= [ "${services_path}/bundlemgr/src/installd_client.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/installd_client.cpp" ]
+  if (bundle_framework_quick_fix) {
+    include_dirs += [ "${services_path}/bundlemgr/src/include/quick_fix" ]
+    sources += quick_fix
+    sources += [ "quickfixbootscanner_fuzzer.cpp" ]
+    defines += [ "BUNDLE_FRAMEWORK_QUICK_FIX" ]
+  }
+
+  configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+
+  deps = [
+    "${bundle_framework_path}/test/sceneProject/unittest/ohos_test:copy_ohos_test",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/first_right:first_right",
+    "${core_path}:appexecfwk_core",
+  ]
+  deps += bundle_install_deps
+
+  external_deps = [
+    "ability_base:want",
+    "ability_runtime:app_manager",
+    "access_token:el5_filekey_manager_sdk",
+    "access_token:libprivacy_sdk",
+    "access_token:libtokenid_sdk",
+    "appspawn:hnpapi",
+    "appverify:libhapverify",
+    "bounds_checking_function:libsec_shared",
+    "common_event_service:cesfwk_innerkits",
+    "eventhandler:libeventhandler",
+    "hilog:libhilog",
+    "hitrace:hitrace_meter",
+    "init:libbegetutil",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+  ]
+  external_deps += bundle_install_external_deps
+
+  if (code_signature_enable) {
+    sources += [
+      "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp",
+      "${services_path}/bundlemgr/src/code_sign_helper.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include" ]
+    external_deps += [
+      "bounds_checking_function:libsec_shared",
+      "code_signature:libcode_sign_utils",
+      "ets_runtime:libcompiler_service",
+    ]
+    defines += [ "CODE_SIGNATURE_ENABLE" ]
+  }
+
+  if (configpolicy_enable) {
+    external_deps += [ "config_policy:configpolicy_util" ]
+    defines += [ "CONFIG_POLOCY_ENABLE" ]
+  }
+
+  if (account_enable) {
+    external_deps += [ "os_account:os_account_innerkits" ]
+    defines += [ "ACCOUNT_ENABLE" ]
+  }
+  if (bundle_framework_free_install) {
+    sources += aging
+    sources += free_install
+    sources += distributed_manager
+    external_deps += [
+      "ability_runtime:ability_manager",
+      "ability_runtime:app_manager",
+      "battery_manager:batterysrv_client",
+      "device_usage_statistics:usagestatsinner",
+      "display_manager:displaymgr",
+      "power_manager:powermgr_client",
+      "syscap_codec:syscap_interface_shared",
+    ]
+    defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ]
+  }
+  if (global_resmgr_enable) {
+    defines += [ "GLOBAL_RESMGR_ENABLE" ]
+    external_deps += [ "resource_management:global_resmgr" ]
+  }
+  if (hicollie_enable) {
+    external_deps += [ "hicollie:libhicollie" ]
+    defines += [ "HICOLLIE_ENABLE" ]
+  }
+
+  if (hisysevent_enable) {
+    sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ]
+    external_deps += [ "hisysevent:libhisysevent" ]
+    defines += [ "HISYSEVENT_ENABLE" ]
+  }
+  if (storage_service_enable) {
+    external_deps += [ "storage_service:storage_manager_sa_proxy" ]
+    defines += [ "STORAGE_SERVICE_ENABLE" ]
+  }
+  configs += [ "../../../../services/bundlemgr:rdb_config" ]
+  external_deps += [ "relational_store:native_rdb" ]
+  sources += [
+    "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp",
+    "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp",
+    "${services_path}/bundlemgr/test/mock/src/bundle_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/test/mock/src/quick_fix_manager_rdb.cpp",
+  ]
+  sources -=
+      [ "${services_path}/bundlemgr/src/quick_fix/quick_fix_manager_rdb.cpp" ]
+  if (bundle_framework_app_control) {
+    defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ]
+    sources += [
+      "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include/app_control" ]
+    external_deps += [ "c_utils:utils" ]
+  }
+  if (udmf_enabled) {
+    defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ]
+    external_deps += [ "udmf:utd_client" ]
+  }
+
+  if (bms_device_info_manager_part_enabled) {
+    external_deps += [
+      "device_info_manager:distributed_device_profile_common",
+      "device_info_manager:distributed_device_profile_sdk",
+    ]
+    defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ]
+  }
+}

test/fuzztest/fuzztest_others/quickfixbootscanner_fuzzer/corpus/init

@@ -0,0 +1,14 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ

test/fuzztest/fuzztest_others/quickfixbootscanner_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>

test/fuzztest/fuzztest_others/quickfixbootscanner_fuzzer/quickfixbootscanner_fuzzer.cpp

@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "quickfixbootscanner_fuzzer.h"
+#define private public
+#include "quick_fix_boot_scanner.h"
+#include "securec.h"
+
+using namespace OHOS::AppExecFwk;
+namespace OHOS {
+constexpr size_t FOO_MAX_LEN = 1024;
+constexpr size_t U32_AT_SIZE = 4;
+constexpr size_t MESSAGE_SIZE = 4;
+constexpr size_t DCAMERA_SHIFT_24 = 24;
+constexpr size_t DCAMERA_SHIFT_16 = 16;
+constexpr size_t DCAMERA_SHIFT_8 = 8;
+
+uint32_t GetU32Data(const char* ptr)
+{
+    return (ptr[0] << DCAMERA_SHIFT_24) | (ptr[1] << DCAMERA_SHIFT_16) | (ptr[2] << DCAMERA_SHIFT_8) | (ptr[3]);
+}
+bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
+{
+    QuickFixBootScanner quickFixBootScanner;
+    quickFixBootScanner.ProcessQuickFixBootUp();
+    std::shared_ptr<QuickFixState> state_ = nullptr;
+    quickFixBootScanner.SetQuickFixState(state_);
+    quickFixBootScanner.ProcessState();
+    quickFixBootScanner.RestoreQuickFix();
+    std::string bundlePath (reinterpret_cast<const char*>(data), size);
+    std::string realPath (reinterpret_cast<const char*>(data), size);
+    std::vector<std::string> fileDir;
+    fileDir.push_back(bundlePath);
+    quickFixBootScanner.ProcessQuickFixDir(fileDir);
+    quickFixBootScanner.ReprocessQuickFix(realPath, bundlePath);
+    std::string bundleName(data, size);
+    std::string quickFixPath(data, size);
+    ApplicationInfo info;
+    quickFixBootScanner.GetApplicationInfo(bundleName, quickFixPath, info);
+    int32_t quickFixVersion = reinterpret_cast<uintptr_t>(data);
+    int32_t fileVersion = reinterpret_cast<uintptr_t>(data);
+    quickFixBootScanner.ProcessWithBundleHasQuickFixInfo(bundleName, quickFixPath, quickFixVersion, fileVersion);
+    quickFixBootScanner.RemoveInvalidDir();
+    return true;
+}
+}
+
+// Fuzzer entry point.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    if (data == nullptr) {
+        return 0;
+    }
+
+    if (size < OHOS::U32_AT_SIZE) {
+        return 0;
+    }
+
+    /* Validate the length of size */
+    if (size > OHOS::FOO_MAX_LEN) {
+        return 0;
+    }
+
+    char* ch = static_cast<char*>(malloc(size + 1));
+    if (ch == nullptr) {
+        return 0;
+    }
+
+    (void)memset_s(ch, size + 1, 0x00, size + 1);
+    if (memcpy_s(ch, size, data, size) != EOK) {
+        free(ch);
+        ch = nullptr;
+        return 0;
+    }
+    OHOS::DoSomethingInterestingWithMyAPI(ch, size);
+    free(ch);
+    ch = nullptr;
+    return 0;
+}

test/fuzztest/fuzztest_others/quickfixbootscanner_fuzzer/quickfixbootscanner_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_QUICKFIXBOOTSCANNER_FUZZER_H
+#define TEST_FUZZTEST_QUICKFIXBOOTSCANNER_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "quickfixbootscanner_fuzzer"
+
+#endif

test/fuzztest/fuzztest_others/quickfixchecker_fuzzer/BUILD.gn

@@ -0,0 +1,182 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import("//build/test.gni")
+import("../../../../appexecfwk.gni")
+import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni")
+
+module_output_path = "bundle_framework/bundle_framework"
+
+ohos_fuzztest("QuickFixCheckerFuzzerTest") {
+  fuzz_config_file = "../../../fuzztest/fuzztest_others/quickfixchecker_fuzzer"
+  use_exceptions = true
+  module_out_path = module_output_path
+  include_dirs = [
+    "//third_party/jsoncpp/include",
+    "//third_party/json/include",
+  ]
+  sources = bundle_mgr_source
+  sources -= [ "${services_path}/bundlemgr/src/bms_param.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/bms_param.cpp" ]
+  sources -= [ "${services_path}/bundlemgr/src/system_ability_helper.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/aot/aot_executor.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_operator.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_service.cpp",
+  ]
+
+  sources += [
+    "${services_path}/bundlemgr/test/mock/src/accesstoken_kit.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_permission_mgr.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_bundle_status.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_clean_cache.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_quick_fix_callback.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_status_receiver.cpp",
+    "${services_path}/bundlemgr/test/mock/src/system_ability_helper.cpp",
+  ]
+
+  sources += bundle_install_sources
+  sources -= [ "${services_path}/bundlemgr/src/installd_client.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/installd_client.cpp" ]
+  configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+
+  deps = [
+    "${bundle_framework_path}/test/sceneProject/unittest/driver_test/driver_feature:driver_feature_hap",
+    "${bundle_framework_path}/test/sceneProject/unittest/ohos_test:copy_ohos_test",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/bmsAccessTokentest1:bmsAccessTokentest1",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/bmsAccessTokentest3:bmsAccessTokentest3",
+    "${core_path}:appexecfwk_core",
+  ]
+  deps += bundle_install_deps
+
+  external_deps = [
+    "ability_base:want",
+    "ability_runtime:app_manager",
+    "access_token:el5_filekey_manager_sdk",
+    "access_token:libprivacy_sdk",
+    "access_token:libtokenid_sdk",
+    "appspawn:hnpapi",
+    "appverify:libhapverify",
+    "bounds_checking_function:libsec_shared",
+    "common_event_service:cesfwk_innerkits",
+    "eventhandler:libeventhandler",
+    "hilog:libhilog",
+    "hitrace:hitrace_meter",
+    "init:libbegetutil",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+  ]
+  external_deps += bundle_install_external_deps
+  defines = []
+  if (code_signature_enable) {
+    sources += [
+      "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp",
+      "${services_path}/bundlemgr/src/code_sign_helper.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include" ]
+    external_deps += [
+      "bounds_checking_function:libsec_shared",
+      "code_signature:libcode_sign_utils",
+      "ets_runtime:libcompiler_service",
+    ]
+    defines += [ "CODE_SIGNATURE_ENABLE" ]
+  }
+  if (configpolicy_enable) {
+    external_deps += [ "config_policy:configpolicy_util" ]
+    defines += [ "CONFIG_POLOCY_ENABLE" ]
+  }
+  if (account_enable) {
+    external_deps += [ "os_account:os_account_innerkits" ]
+    defines += [ "ACCOUNT_ENABLE" ]
+  }
+  if (bundle_framework_quick_fix) {
+    include_dirs += [ "${services_path}/bundlemgr/src/include/quick_fix" ]
+    sources += quick_fix
+    sources += [ "quickfixchecker_fuzzer.cpp" ]
+    defines += [ "BUNDLE_FRAMEWORK_QUICK_FIX" ]
+  }
+  if (bundle_framework_free_install) {
+    sources += aging
+    sources += free_install
+    sources += distributed_manager
+    external_deps += [
+      "ability_runtime:ability_manager",
+      "ability_runtime:app_manager",
+      "battery_manager:batterysrv_client",
+      "device_usage_statistics:usagestatsinner",
+      "display_manager:displaymgr",
+      "power_manager:powermgr_client",
+      "syscap_codec:syscap_interface_shared",
+    ]
+    defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ]
+  }
+  if (global_resmgr_enable) {
+    defines += [ "GLOBAL_RESMGR_ENABLE" ]
+    external_deps += [ "resource_management:global_resmgr" ]
+  }
+  if (hicollie_enable) {
+    external_deps += [ "hicollie:libhicollie" ]
+    defines += [ "HICOLLIE_ENABLE" ]
+  }
+
+  if (hisysevent_enable) {
+    sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ]
+    external_deps += [ "hisysevent:libhisysevent" ]
+    defines += [ "HISYSEVENT_ENABLE" ]
+  }
+  if (storage_service_enable) {
+    external_deps += [ "storage_service:storage_manager_sa_proxy" ]
+    defines += [ "STORAGE_SERVICE_ENABLE" ]
+  }
+  configs += [ "../../../../services/bundlemgr:rdb_config" ]
+  external_deps += [ "relational_store:native_rdb" ]
+  sources -=
+      [ "${services_path}/bundlemgr/src/quick_fix/quick_fix_manager_rdb.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp",
+    "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp",
+    "${services_path}/bundlemgr/test/mock/src/bundle_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/test/mock/src/quick_fix_manager_rdb.cpp",
+  ]
+  if (bundle_framework_app_control) {
+    defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ]
+    sources += [
+      "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include/app_control" ]
+    external_deps += [ "c_utils:utils" ]
+  }
+  if (udmf_enabled) {
+    defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ]
+    external_deps += [ "udmf:utd_client" ]
+  }
+
+  if (bms_device_info_manager_part_enabled) {
+    external_deps += [
+      "device_info_manager:distributed_device_profile_common",
+      "device_info_manager:distributed_device_profile_sdk",
+    ]
+    defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ]
+  }
+}

test/fuzztest/fuzztest_others/quickfixchecker_fuzzer/corpus/init

@@ -0,0 +1,14 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ

test/fuzztest/fuzztest_others/quickfixchecker_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>

test/fuzztest/fuzztest_others/quickfixchecker_fuzzer/quickfixchecker_fuzzer.cpp

@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "quickfixchecker_fuzzer.h"
+#define private public
+#include "quick_fix_checker.h"
+#include "securec.h"
+
+using namespace OHOS::AppExecFwk;
+namespace OHOS {
+constexpr size_t FOO_MAX_LEN = 1024;
+constexpr size_t U32_AT_SIZE = 4;
+constexpr size_t MESSAGE_SIZE = 4;
+constexpr size_t DCAMERA_SHIFT_24 = 24;
+constexpr size_t DCAMERA_SHIFT_16 = 16;
+constexpr size_t DCAMERA_SHIFT_8 = 8;
+
+uint32_t GetU32Data(const char* ptr)
+{
+    return (ptr[0] << DCAMERA_SHIFT_24) | (ptr[1] << DCAMERA_SHIFT_16) | (ptr[2] << DCAMERA_SHIFT_8) | (ptr[3]);
+}
+bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
+{
+    QuickFixChecker quickFixChecker;
+    std::vector<std::string> bundlePaths;
+    std::vector<Security::Verify::HapVerifyResult> hapVerifyRes;
+    quickFixChecker.CheckMultipleHqfsSignInfo(bundlePaths, hapVerifyRes);
+    std::unordered_map<std::string, AppQuickFix> infos;
+    const AppQuickFix &appQuickFix = infos.begin()->second;
+    infos.emplace("appQuickFix_1", appQuickFix);
+    quickFixChecker.CheckAppQuickFixInfos(infos);
+    quickFixChecker.CheckMultiNativeSo(infos);
+    Security::Verify::ProvisionInfo provisionInfo;
+    BundleInfo bundleInfo;
+    quickFixChecker.CheckPatchWithInstalledBundle(appQuickFix, bundleInfo, provisionInfo);
+    quickFixChecker.CheckHotReloadWithInstalledBundle(appQuickFix, bundleInfo);
+    quickFixChecker.CheckSignatureInfo(bundleInfo, provisionInfo);
+    quickFixChecker.GetAppDistributionType(static_cast<Security::Verify::AppDistType>
+      (reinterpret_cast<uintptr_t>(data)));
+    quickFixChecker.CheckCommonWithInstalledBundle(appQuickFix, bundleInfo);
+    quickFixChecker.CheckModuleNameExist(bundleInfo, infos);
+    quickFixChecker.GetAppProvisionType(Security::Verify::ProvisionType::DEBUG);
+    AppqfInfo qfInfo;
+    qfInfo.cpuAbi = "arm";
+    quickFixChecker.CheckPatchNativeSoWithInstalledBundle(bundleInfo, qfInfo);
+    return true;
+}
+}
+
+// Fuzzer entry point.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    if (data == nullptr) {
+        return 0;
+    }
+
+    if (size < OHOS::U32_AT_SIZE) {
+        return 0;
+    }
+
+    /* Validate the length of size */
+    if (size > OHOS::FOO_MAX_LEN) {
+        return 0;
+    }
+
+    char* ch = static_cast<char*>(malloc(size + 1));
+    if (ch == nullptr) {
+        return 0;
+    }
+
+    (void)memset_s(ch, size + 1, 0x00, size + 1);
+    if (memcpy_s(ch, size, data, size) != EOK) {
+        free(ch);
+        ch = nullptr;
+        return 0;
+    }
+    OHOS::DoSomethingInterestingWithMyAPI(ch, size);
+    free(ch);
+    ch = nullptr;
+    return 0;
+}

test/fuzztest/fuzztest_others/quickfixchecker_fuzzer/quickfixchecker_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_QUICKFIXCHECKER_FUZZER_H
+#define TEST_FUZZTEST_QUICKFIXCHECKER_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "quickfixchecker_fuzzer"
+
+#endif

test/fuzztest/fuzztest_others/quickfixdeployer_fuzzer/BUILD.gn

@@ -0,0 +1,182 @@
+# Copyright (c) 2022 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import("//build/test.gni")
+import("../../../../appexecfwk.gni")
+import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni")
+
+module_output_path = "bundle_framework/bundle_framework"
+
+ohos_fuzztest("QuickFixDeployerFuzzerTest") {
+  use_exceptions = true
+  module_out_path = module_output_path
+  include_dirs = [
+    "//third_party/jsoncpp/include",
+    "//third_party/json/include",
+  ]
+  sources = bundle_mgr_source
+  sources -= [ "${services_path}/bundlemgr/src/bms_param.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/bms_param.cpp" ]
+  sources -= [ "${services_path}/bundlemgr/src/system_ability_helper.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/aot/aot_executor.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp",
+    "${services_path}/bundlemgr/src/installd/installd_operator.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_service.cpp",
+  ]
+
+  sources += [
+    "${services_path}/bundlemgr/test/mock/src/accesstoken_kit.cpp",
+    "${services_path}/bundlemgr/test/mock/src/installd_permission_mgr.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_bundle_status.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_clean_cache.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_quick_fix_callback.cpp",
+    "${services_path}/bundlemgr/test/mock/src/mock_status_receiver.cpp",
+    "${services_path}/bundlemgr/test/mock/src/system_ability_helper.cpp",
+  ]
+
+  sources += bundle_install_sources
+  sources -= [ "${services_path}/bundlemgr/src/installd_client.cpp" ]
+  sources += [ "${services_path}/bundlemgr/test/mock/src/installd_client.cpp" ]
+  configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ]
+  cflags = []
+  if (target_cpu == "arm") {
+    cflags += [ "-DBINDER_IPC_32BIT" ]
+  }
+  deps = [
+    "${bundle_framework_path}/test/sceneProject/unittest/driver_test/driver_feature:driver_feature_hap",
+    "${bundle_framework_path}/test/sceneProject/unittest/ohos_test:copy_ohos_test",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/bmsAccessTokentest1:bmsAccessTokentest1",
+    "${bundle_framework_path}/test/sceneProject/unittest/test_bundle/bmsAccessTokentest3:bmsAccessTokentest3",
+    "${core_path}:appexecfwk_core",
+  ]
+  deps += bundle_install_deps
+
+  external_deps = [
+    "ability_base:want",
+    "ability_runtime:app_manager",
+    "access_token:el5_filekey_manager_sdk",
+    "access_token:libprivacy_sdk",
+    "access_token:libtokenid_sdk",
+    "appspawn:hnpapi",
+    "appverify:libhapverify",
+    "bounds_checking_function:libsec_shared",
+    "common_event_service:cesfwk_innerkits",
+    "eventhandler:libeventhandler",
+    "hilog:libhilog",
+    "hitrace:hitrace_meter",
+    "init:libbegetutil",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+  ]
+  external_deps += bundle_install_external_deps
+  defines = []
+  if (code_signature_enable) {
+    sources += [
+      "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp",
+      "${services_path}/bundlemgr/src/code_sign_helper.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include" ]
+    external_deps += [
+      "bounds_checking_function:libsec_shared",
+      "code_signature:libcode_sign_utils",
+      "ets_runtime:libcompiler_service",
+    ]
+    defines += [ "CODE_SIGNATURE_ENABLE" ]
+  }
+  if (configpolicy_enable) {
+    external_deps += [ "config_policy:configpolicy_util" ]
+    defines += [ "CONFIG_POLOCY_ENABLE" ]
+  }
+  if (build_selinux) {
+    external_deps += [ "selinux_adapter:libhap_restorecon" ]
+    cflags += [ "-DWITH_SELINUX" ]
+  }
+  if (account_enable) {
+    external_deps += [ "os_account:os_account_innerkits" ]
+    defines += [ "ACCOUNT_ENABLE" ]
+  }
+  if (bundle_framework_quick_fix) {
+    include_dirs += [ "${services_path}/bundlemgr/src/include/quick_fix" ]
+    sources += quick_fix
+    sources += [ "quickfixdeployer_fuzzer.cpp" ]
+    defines += [ "BUNDLE_FRAMEWORK_QUICK_FIX" ]
+  }
+  if (bundle_framework_free_install) {
+    sources += aging
+    sources += free_install
+    sources += distributed_manager
+    external_deps += [
+      "ability_runtime:ability_manager",
+      "ability_runtime:app_manager",
+      "battery_manager:batterysrv_client",
+      "device_usage_statistics:usagestatsinner",
+      "display_manager:displaymgr",
+      "power_manager:powermgr_client",
+      "syscap_codec:syscap_interface_shared",
+    ]
+    defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ]
+  }
+  if (global_resmgr_enable) {
+    defines += [ "GLOBAL_RESMGR_ENABLE" ]
+    external_deps += [ "resource_management:global_resmgr" ]
+  }
+  if (hicollie_enable) {
+    external_deps += [ "hicollie:libhicollie" ]
+    defines += [ "HICOLLIE_ENABLE" ]
+  }
+
+  if (hisysevent_enable) {
+    sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ]
+    external_deps += [ "hisysevent:libhisysevent" ]
+    defines += [ "HISYSEVENT_ENABLE" ]
+  }
+  if (storage_service_enable) {
+    external_deps += [ "storage_service:storage_manager_sa_proxy" ]
+    defines += [ "STORAGE_SERVICE_ENABLE" ]
+  }
+  configs += [ "../../../../services/bundlemgr:rdb_config" ]
+  external_deps += [ "relational_store:native_rdb" ]
+  sources -=
+      [ "${services_path}/bundlemgr/src/quick_fix/quick_fix_manager_rdb.cpp" ]
+  sources += [
+    "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp",
+    "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp",
+    "${services_path}/bundlemgr/test/mock/src/bundle_data_storage_rdb.cpp",
+    "${services_path}/bundlemgr/test/mock/src/quick_fix_manager_rdb.cpp",
+  ]
+  if (bundle_framework_app_control) {
+    defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ]
+    sources += [
+      "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp",
+      "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp",
+    ]
+    include_dirs += [ "${services_path}/bundlemgr/include/app_control" ]
+    external_deps += [ "c_utils:utils" ]
+  }
+  if (udmf_enabled) {
+    defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ]
+    external_deps += [ "udmf:utd_client" ]
+  }
+
+  if (bms_device_info_manager_part_enabled) {
+    external_deps += [
+      "device_info_manager:distributed_device_profile_common",
+      "device_info_manager:distributed_device_profile_sdk",
+    ]
+    defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ]
+  }
+}

test/fuzztest/fuzztest_others/quickfixdeployer_fuzzer/corpus/init

@@ -0,0 +1,14 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ

test/fuzztest/fuzztest_others/quickfixdeployer_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2024 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>

test/fuzztest/fuzztest_others/quickfixdeployer_fuzzer/quickfixdeployer_fuzzer.cpp

@@ -0,0 +1,158 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "quickfixdeployer_fuzzer.h"
+#define private public
+#include "quick_fix_deployer.h"
+#include "securec.h"
+#include "inner_bundle_info.h"
+
+using namespace OHOS::AppExecFwk;
+namespace OHOS {
+constexpr size_t FOO_MAX_LEN = 1024;
+constexpr size_t U32_AT_SIZE = 4;
+constexpr size_t MESSAGE_SIZE = 4;
+constexpr size_t DCAMERA_SHIFT_24 = 24;
+constexpr size_t DCAMERA_SHIFT_16 = 16;
+constexpr size_t DCAMERA_SHIFT_8 = 8;
+
+void DoSomething2(const char* data, size_t size) {}
+
+uint32_t GetU32Data(const char* ptr)
+{
+    return (ptr[0] << DCAMERA_SHIFT_24) | (ptr[1] << DCAMERA_SHIFT_16) | (ptr[2] << DCAMERA_SHIFT_8) | (ptr[3]);
+}
+bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
+{
+    std::string targetPath(data, size);
+    nlohmann::json jsonObject;
+    std::vector<std::string> bundlePaths;
+    QuickFixDeployer quickFixDeployer(bundlePaths, false, targetPath);
+    std::unordered_map<std::string, AppQuickFix> infos;
+    InnerAppQuickFix oldInnerAppQuickFix;
+    InnerAppQuickFix newInnerAppQuickFix;
+    std::vector<std::string> bundleFilePaths;
+    bundleFilePaths.push_back(targetPath);
+    quickFixDeployer.GetDeployQuickFixResult();
+    quickFixDeployer.DeployQuickFix();
+    quickFixDeployer.GetQuickFixDataMgr();
+    quickFixDeployer.SaveToInnerBundleInfo(newInnerAppQuickFix);
+    quickFixDeployer.ToDeployEndStatus(newInnerAppQuickFix, oldInnerAppQuickFix);
+    quickFixDeployer.ToDeployStartStatus(bundleFilePaths, newInnerAppQuickFix, oldInnerAppQuickFix);
+    quickFixDeployer.ParseAndCheckAppQuickFixInfos(bundleFilePaths, infos);
+    quickFixDeployer.ToInnerAppQuickFix(infos, oldInnerAppQuickFix, newInnerAppQuickFix);
+    BundleInfo bundleInfo;
+    std::string bundleName(data, size);
+    quickFixDeployer.GetBundleInfo(bundleName, bundleInfo);
+    quickFixDeployer.ProcessPatchDeployStart(bundleFilePaths, bundleInfo, infos);
+    std::unordered_map<std::string, AppQuickFix> infos1;
+    const AppQuickFix &appQuickFix = infos1.begin()->second;
+    quickFixDeployer.ProcessHotReloadDeployStart(bundleInfo, appQuickFix);
+    quickFixDeployer.ProcessPatchDeployEnd(appQuickFix, targetPath);
+    quickFixDeployer.ProcessHotReloadDeployEnd(appQuickFix, targetPath);
+    AppQuickFix newAppQuickFix;
+    AppQuickFix oldAppQuickFix;
+    quickFixDeployer.CheckPatchVersionCode(newAppQuickFix, oldAppQuickFix);
+    QuickFixMark mark;
+    mark.bundleName = appQuickFix.bundleName;
+    mark.status = QuickFixStatus::DEPLOY_START;
+    InnerAppQuickFix innerAppQuickFix(appQuickFix, mark);
+    quickFixDeployer.SaveAppQuickFix(innerAppQuickFix);
+    quickFixDeployer.MoveHqfFiles(innerAppQuickFix, targetPath);
+    std::vector<std::string> realPaths;
+    quickFixDeployer.ProcessBundleFilePaths(bundleFilePaths, realPaths);
+    quickFixDeployer.ToDeployQuickFixResult(appQuickFix);
+    quickFixDeployer.ProcessNativeLibraryPath(targetPath, innerAppQuickFix);
+    quickFixDeployer.ResetNativeSoAttrs(infos1);
+    DoSomething2(data, size);
+    return true;
+}
+}
+void DoSomething2(const char* data, size_t size)
+{
+    std::string targetPath(data, size);
+    std::vector<std::string> bundlePaths;
+    std::string hqfSoPath(data, size);
+    QuickFixDeployer quickFixDeployer(bundlePaths, false, hqfSoPath);
+    BundleInfo bundleInfo;
+    HapModuleInfo info;
+    info.moduleName = "entry";
+    bundleInfo.hapModuleInfos.emplace_back(info);
+    std::unordered_map<std::string, AppQuickFix> infos1;
+    const AppQuickFix &appQuickFix = infos1.begin()->second;
+    quickFixDeployer.ExtractQuickFixSoFile(appQuickFix, hqfSoPath, bundleInfo);
+    std::string bundleName(data, size);
+    std::string moduleName(data, size);
+    InnerBundleInfo innerBundleInfo;
+    quickFixDeployer.FetchInnerBundleInfo(bundleName, innerBundleInfo);
+    AppqfInfo appqfInfo;
+    HqfInfo hqfInfo;
+    bool isLibIsolated = false;
+    std::string nativeLibraryPath(data, size);
+    std::string cpuAbi(data, size);
+    quickFixDeployer.FetchPatchNativeSoAttrs(appqfInfo, hqfInfo, isLibIsolated,
+        nativeLibraryPath, cpuAbi);
+    quickFixDeployer.HasNativeSoInBundle(appQuickFix);
+    quickFixDeployer.SendQuickFixSystemEvent(innerBundleInfo);
+    quickFixDeployer.ExtractSoAndApplyDiff(appQuickFix, bundleInfo, hqfSoPath);
+    quickFixDeployer.ExtractSoFiles(bundleInfo, moduleName, hqfSoPath);
+    std::string oldSoPath(data, size);
+    quickFixDeployer.ProcessApplyDiffPatch(appQuickFix,
+        appQuickFix.deployingAppqfInfo.hqfInfos[0], oldSoPath, hqfSoPath, reinterpret_cast<uintptr_t>(data));
+    quickFixDeployer.ExtractEncryptedSoFiles(bundleInfo, moduleName, reinterpret_cast<uintptr_t>(data), oldSoPath);
+    bundleInfo.applicationInfo.compileSdkType = "";
+    CodeSignatureParam codeSignatureParam;
+    quickFixDeployer.PrepareCodeSignatureParam(appQuickFix, hqfInfo, bundleInfo, hqfSoPath, codeSignatureParam);
+    InnerAppQuickFix innerAppQuickFix;
+    innerAppQuickFix.SetAppQuickFix(appQuickFix);
+    quickFixDeployer.VerifyCodeSignatureForHqf(innerAppQuickFix, oldSoPath);
+    std::vector<std::string> bundleFilePaths;
+    bundleFilePaths.push_back(targetPath);
+    quickFixDeployer.CheckHqfResourceIsValid(bundleFilePaths, bundleInfo);
+    quickFixDeployer.ExtractQuickFixResFile(appQuickFix, bundleInfo);
+}
+// Fuzzer entry point.
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    if (data == nullptr) {
+        return 0;
+    }
+
+    if (size < OHOS::U32_AT_SIZE) {
+        return 0;
+    }
+
+    /* Validate the length of size */
+    if (size > OHOS::FOO_MAX_LEN) {
+        return 0;
+    }
+
+    char* ch = static_cast<char*>(malloc(size + 1));
+    if (ch == nullptr) {
+        return 0;
+    }
+
+    (void)memset_s(ch, size + 1, 0x00, size + 1);
+    if (memcpy_s(ch, size, data, size) != EOK) {
+        free(ch);
+        ch = nullptr;
+        return 0;
+    }
+    OHOS::DoSomethingInterestingWithMyAPI(ch, size);
+    free(ch);
+    ch = nullptr;
+    return 0;
+}

test/fuzztest/fuzztest_others/quickfixdeployer_fuzzer/quickfixdeployer_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_FUZZTEST_QUICKFIXDEPLOYER_FUZZER_H
+#define TEST_FUZZTEST_QUICKFIXDEPLOYER_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "quickfixdeployer_fuzzer"
+
+#endif

test/fuzztest/fuzztest_others/verifymanagerhostimplgetbundlemutex_fuzzer/verifymanagerhostimplgetbundlemutex_fuzzer.cpp

@@ -30,7 +30,7 @@ constexpr size_t U32_AT_SIZE = 4;
 bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
 {
     VerifyManagerHostImpl impl;
-    std::string bundleName;
+    std::string bundleName(data, size);
     impl.GetBundleMutex(bundleName);
     return true;
 }

test/fuzztest/fuzztest_others/verifymanagerhostimplgetcallingbundlename_fuzzer/verifymanagerhostimplgetcallingbundlename_fuzzer.cpp

@@ -30,7 +30,7 @@ constexpr size_t U32_AT_SIZE = 4;
 bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
 {
     VerifyManagerHostImpl impl;
-    std::string bundleName;
+    std::string bundleName(data, size);
     auto ret1 = impl.GetCallingBundleName(bundleName);
     return true;
 }

test/fuzztest/fuzztest_others/verifymanagerhostimplgetfiledir_fuzzer/verifymanagerhostimplgetfiledir_fuzzer.cpp

@@ -28,8 +28,8 @@ namespace OHOS {
     bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
     {
         VerifyManagerHostImpl impl;
-        const std::string sourcePath;
-        std::string fileDir;
+        const std::string sourcePath(data, size);
+        std::string fileDir(data, size);
         auto ret1 = impl.GetFileDir(sourcePath, fileDir);
         return true;
     }

test/fuzztest/fuzztest_others/verifymanagerhostimplmkdirIfnotexist_fuzzer/verifymanagerhostimplmkdirIfnotexist_fuzzer.cpp

@@ -30,7 +30,7 @@ constexpr size_t U32_AT_SIZE = 4;
 bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
 {
     VerifyManagerHostImpl impl;
-    std::string dir;
+    std::string dir(data, size);
     auto ret1 = impl.MkdirIfNotExist(dir);
     return true;
 }

test/fuzztest/fuzztest_others/verifymanagerhostimplrollbackdir_fuzzer/verifymanagerhostimplrollbackdir_fuzzer.cpp

@@ -30,7 +30,7 @@ constexpr size_t U32_AT_SIZE = 4;
 bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
 {
     VerifyManagerHostImpl impl;
-    std::string rootDir;
+    std::string rootDir(data, size);
     std::vector<std::string> names;
     impl.Rollback(rootDir, names);
     return true;

test/fuzztest/fuzztest_others/verifymanagerhostimplverifyabcdir_fuzzer/verifymanagerhostimplverifyabcdir_fuzzer.cpp

@@ -30,7 +30,7 @@ constexpr size_t U32_AT_SIZE = 4;
 bool DoSomethingInterestingWithMyAPI(const char* data, size_t size)
 {
     VerifyManagerHostImpl impl;
-    std::string rootDir;
+    std::string rootDir(data, size);
     std::vector<std::string> names;
     auto ret1 = impl.VerifyAbc(rootDir, names);
     return true;