fuzz测试导致整机异常

Signed-off-by: jwz <jiangweizheng@huawei.com>

test/fuzztest/elfparser_fuzzer/ElfParser_fuzzer.cpp

@@ -53,7 +53,7 @@ public:
         file->dataSize_ = size;
         file->FuzzerTime_ = size;
         if (!file->IsOpened()) {
-            HLOGE("Error in ElfFile::MakeUnique(): elf file not opended");
+            HLOGE("Error in ElfFile::MakeUnique(): elf file not opened");
             return nullptr;
         }
         if (!file->ParseFile()) {
@@ -69,10 +69,19 @@ bool FuzzElfFile(const uint8_t *data, size_t size)
     const std::string testData = "/data/test/resource/testdata/elf_test";
     HLOGV("test data size %zu\n", size);
     if (size == 0) {
-        return 0;
+        return true;
+    }
+
+    FILE *fp = fopen(testData.c_str(), "ab");
+    if (fp == nullptr) {
+        printf("fail to append file %s\n", testData.c_str());
+        return false;
+    } else {
+        (void)fwrite(data, sizeof(uint8_t), size, fp);
+        (void)fclose(fp);
     }
     ElfFileFuzzer::MakeUnique(testData, data, size);
-    return 0;
+    return true;
 }
 } // namespace OHOS
 

test/fuzztest/perffile_fuzzer/PerfFile_fuzzer.cpp

@@ -20,44 +20,6 @@ namespace OHOS {
 using namespace OHOS::Developtools::HiPerf;
 class PerfFileReaderFuzzer : public PerfFileReader {
 public:
-    const char *dataPtr_ = nullptr;
-    size_t dataSize_ = 0;
-    size_t FuzzerTime_ = 0; // when we make a fuzzer read
-
-    bool Read(void *buf, size_t len) override
-    {
-        if (FuzzerTime_ != 0 or dataSize_ == 0) {
-            FuzzerTime_--;
-            return PerfFileReader::Read(buf, len);
-        } else {
-            HLOGD("fuzz read %zu/%zu\n", dataSize_, len);
-            if (PerfFileReader::Read(buf, len)) {
-                std::copy(dataPtr_, dataPtr_ + std::min(len, dataSize_),
-                          reinterpret_cast<char *>(buf));
-                return true;
-            } else {
-                return false;
-            }
-        }
-    }
-
-    bool Read(char *buf, [[maybe_unused]] uint64_t offset, size_t len) override
-    {
-        if (FuzzerTime_ != 0 or dataSize_ == 0) {
-            FuzzerTime_--;
-            return PerfFileReader::Read(buf, offset, len);
-        } else {
-            HLOGD("fuzz read %zu/%zu\n", dataSize_, len);
-            if (PerfFileReader::Read(buf, offset, len)) {
-                std::copy(dataPtr_, dataPtr_ + std::min(len, dataSize_),
-                          reinterpret_cast<char *>(buf));
-                return true;
-            } else {
-                return false;
-            }
-        }
-    }
-
     explicit PerfFileReaderFuzzer(const std::string &fileName, FILE *fp)
         : PerfFileReader(fileName, fp) {}
 
@@ -65,24 +27,30 @@ public:
                                                           const uint8_t *data, size_t size)
     {
         std::string resolvedPath = CanonicalizeSpecPath(fileName.c_str());
+        FILE *fpApp = fopen(resolvedPath.c_str(), "ab");
+        if (fpApp == nullptr) {
+            printf("fail to append file %s\n", fileName.c_str());
+            return nullptr;
+        } else {
+            (void)fwrite(data, sizeof(uint8_t), size, fpApp);
+            (void)fclose(fpApp);
+            fpApp = nullptr;
+        }
         FILE *fp = fopen(resolvedPath.c_str(), "rb");
         if (fp == nullptr) {
-            HLOGE("fail to open file %s", fileName.c_str());
+            printf("fail to open file %s\n", fileName.c_str());
             return nullptr;
         }
 
         std::unique_ptr<PerfFileReaderFuzzer> reader =
             std::make_unique<PerfFileReaderFuzzer>(resolvedPath, fp);
 
-        reader->dataPtr_ = reinterpret_cast<const char *>(data);
-        reader->dataSize_ = size;
-        reader->FuzzerTime_ = size;
         if (!reader->ReadFileHeader()) {
-            printf("head read error");
+            printf("head read error\n");
             return nullptr;
         }
         if (!reader->ReadAttrSection()) {
-            printf("attr read error");
+            printf("attr read error\n");
             return nullptr;
         }
         return reader;

test/unittest/common/native/hiperf_libreport_test.cpp

@@ -132,7 +132,7 @@ void HiperfLibReportTest::UnwindJsonContentCheck(const std::string &content, boo
     ASSERT_EQ(content.front(), '{');
     ASSERT_EQ(content.back(), '}');
 #ifdef __arm__
-    ASSERT_EQ(content.find("{\"symbol\":8,\"counts\":[0,0,797933]}") != std::string::npos,
+    ASSERT_EQ(content.find("{\"symbol\":8,\"counts\":[0,0,1006548]}") != std::string::npos,
               haveUnwind);
 #else
     ASSERT_EQ(content.find("{\"symbol\":16,\"counts\":[24,9065269,112324565]}") != std::string::npos,