!1880 添加fuzz用例

Merge pull request !1880 from zhangyixin/master

OAT.xml

@@ -76,6 +76,7 @@ Note:If the text contains special characters, please escape them according to th
                 <filteritem type="filepath" name="device/plugins/cpu_plugin/test/fuzztest/cpustartplugin_fuzzer/corpus/init" desc="test resource file, no license header"/>
                 <filteritem type="filepath" name="device/plugins/diskio_plugin/test/fuzztest/diskiostartplugin_fuzzer/corpus/init" desc="test resource file, no license header"/>
                 <filteritem type="filepath" name="device/plugins/memory_plugin/test/fuzztest/memorystartplugin_fuzzer/corpus/init" desc="test resource file, no license header"/>
+                <filteritem type="filepath" name="device/plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer/corpus/init" desc="test resource file, no license header"/>
                 <filteritem type="filepath" name="device/plugins/network_plugin/test/fuzztest/networkstartplugin_fuzzer/corpus/init" desc="test resource file, no license header"/>
                 <filteritem type="filepath" name="device/services/profiler_service/test/fuzztest/profilerstopsession_fuzzer/corpus/init" desc="test resource file, no license header"/>
                 <filteritem type="filepath" name="device/services/profiler_service/test/fuzztest/profilerkeepsession_fuzzer/corpus/init" desc="test resource file, no license header"/>
@@ -111,6 +112,7 @@ Note:If the text contains special characters, please escape them according to th
                 <filteritem type="filepath" name="device/plugins/cpu_plugin/test/fuzztest/cpustartplugin_fuzzer/corpus/init" desc="test resource file, no copyright header"/>
                 <filteritem type="filepath" name="device/plugins/diskio_plugin/test/fuzztest/diskiostartplugin_fuzzer/corpus/init" desc="test resource file, no copyright header"/>
                 <filteritem type="filepath" name="device/plugins/memory_plugin/test/fuzztest/memorystartplugin_fuzzer/corpus/init" desc="test resource file, no copyright header"/>
+                <filteritem type="filepath" name="device/plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer/corpus/init" desc="test resource file, no copyright header"/>
                 <filteritem type="filepath" name="device/plugins/network_plugin/test/fuzztest/networkstartplugin_fuzzer/corpus/init" desc="test resource file, no copyright header"/>
                 <filteritem type="filepath" name="device/services/profiler_service/test/fuzztest/profilerstopsession_fuzzer/corpus/init" desc="test resource file, no copyright header"/>
                 <filteritem type="filepath" name="device/services/profiler_service/test/fuzztest/profilerkeepsession_fuzzer/corpus/init" desc="test resource file, no copyright header"/>

device/BUILD.gn

@@ -103,6 +103,7 @@ group("fuzztest") {
     "plugins/hilog_plugin/test/fuzztest/hilogstartplugin_fuzzer:fuzztest",
     "plugins/hiperf_plugin/test/fuzztest/hiperfstartplugin_fuzzer:fuzztest",
     "plugins/memory_plugin/test/fuzztest/memorystartplugin_fuzzer:fuzztest",
+    "plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer:fuzztest",
     "plugins/network_plugin/test/fuzztest/networkstartplugin_fuzzer:fuzztest",
     "services/profiler_service/test/fuzztest/profilercreatesession_fuzzer:fuzztest",
     "services/profiler_service/test/fuzztest/profilerdestroysession_fuzzer:fuzztest",

device/plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer/BUILD.gn

@@ -0,0 +1,108 @@
+# Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#####################hydra-fuzz###################
+import("//build/test.gni")
+import("../../../../../../base/config.gni")
+
+##############################fuzztest##########################################
+ohos_fuzztest("NativeDaemonSaFuzzTest") {
+  module_out_path = hiprofiler_fuzz_output_path
+  fuzz_config_file = "${OHOS_PROFILER_DIR}/device/plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer"
+  configs = [ "${OHOS_PROFILER_DIR}/device/plugins/native_daemon/native_memory_profiler_sa/test:native_memory_profiler_sa_config" ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+    "-DFUZZ_TEST",
+  ]
+
+  sources = [
+    "${OHOS_PROFILER_DIR}/device/plugins/native_daemon/native_memory_profiler_sa/src/native_memory_profiler_sa_client_manager.cpp",
+    "${OHOS_PROFILER_DIR}/device/plugins/native_daemon/native_memory_profiler_sa/src/native_memory_profiler_sa_config.cpp",
+    "${OHOS_PROFILER_DIR}/device/plugins/native_daemon/native_memory_profiler_sa/src/native_memory_profiler_sa_death_recipient.cpp",
+    "${OHOS_PROFILER_DIR}/device/plugins/native_daemon/native_memory_profiler_sa/src/native_memory_profiler_sa_proxy.cpp",
+    "${OHOS_PROFILER_DIR}/device/plugins/native_daemon/native_memory_profiler_sa/src/native_memory_profiler_sa_service.cpp",
+    "${OHOS_PROFILER_DIR}/device/plugins/native_daemon/native_memory_profiler_sa/src/native_memory_profiler_sa_stub.cpp",
+    "${OHOS_PROFILER_DIR}/device/services/profiler_service/src/trace_file_helper.cpp",
+    "${OHOS_PROFILER_DIR}/device/services/profiler_service/src/trace_file_writer.cpp",
+    "../../../../../api/src/buffer_writer.cpp",
+    "../../../../../api/src/command_poller.cpp",
+    "../../../../../api/src/writer_adapter.cpp",
+    "../../../../src/call_stack.cpp",
+    "../../../../src/debug_logger.cpp",
+    "../../../../src/dwarf_encoding.cpp",
+    "../../../../src/get_thread_id.cpp",
+    "../../../../src/hook_manager.cpp",
+    "../../../../src/hook_service.cpp",
+    "../../../../src/register.cpp",
+    "../../../../src/stack_data_repeater.cpp",
+    "../../../../src/stack_preprocess.cpp",
+    "../../../../src/symbols_file.cpp",
+    "../../../../src/utilities.cpp",
+    "../../../../src/virtual_runtime.cpp",
+    "../../../../src/virtual_thread.cpp",
+    "native_daemon_sa_fuzzer.cpp",
+  ]
+
+  deps = [
+    "${OHOS_PROFILER_DIR}/device/base:hiprofiler_base",
+    "${OHOS_PROFILER_DIR}/device/services/shared_memory:shared_memory_source",
+    "${OHOS_PROFILER_DIR}/proto_encoder:proto_encoder_source",
+    "${OHOS_PROFILER_DIR}/protos/services:plugin_service_proto",
+    "${OHOS_PROFILER_DIR}/protos/services:profiler_service_all_type_source",
+    "${OHOS_PROFILER_DIR}/protos/types/plugins/native_hook:native_hook_cpp",
+    "${OHOS_PROFILER_DIR}/protos/types/plugins/native_hook:native_hook_cpp_standard",
+  ]
+
+  if (hiprofiler_use_libunwind) {
+    deps += [ "//third_party/libunwind:unwind_source_${target_cpu}" ]
+  }
+
+  use_exceptions = true
+  if (is_linux) {
+    static_link = false
+  }
+
+  external_deps = [
+    "ability_base:extractortool",
+    "access_token:libaccesstoken_sdk",
+    "access_token:libtokensetproc_shared",
+    "bounds_checking_function:libsec_shared",
+    "c_utils:utils",
+    "googletest:gtest",
+    "init:libbegetutil",
+    "ipc:ipc_core",
+    "openssl:libcrypto_shared",
+    "protobuf:protobuf_lite",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+    "zlib:libz",
+  ]
+
+  if (hiprofiler_use_libunwinder) {
+    external_deps += [ "faultloggerd:libunwinder" ]
+  }
+}
+
+###############################################################################
+group("fuzztest") {
+  testonly = true
+  deps = []
+  deps += [
+    # deps file
+    ":NativeDaemonSaFuzzTest",
+  ]
+}
+###############################################################################

device/plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer/corpus/init

@@ -0,0 +1,14 @@
+# Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FUZZ

device/plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer/native_daemon_sa_fuzzer.cpp

@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "native_daemon_sa_fuzzer.h"
+
+#include <cstddef>
+#include <cstdint>
+#include <unistd.h>
+#include <cstdio>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include "init_param.h"
+#include "native_memory_profiler_sa_client_manager.h"
+#include "utilities.h"
+#include "token_setproc.h"
+#include "accesstoken_kit.h"
+
+namespace {
+const std::string NATIVE_PARAM = "hiviewdfx.hiprofiler.native_memoryd.start";
+const std::string TEST_PROC_NAME = "hiview";
+constexpr uint32_t SECOND_CHECK = 2;
+constexpr uint32_t THIRD_CHECK = 3;
+constexpr uint32_t FOURTH_CHECK = 4;
+constexpr uint32_t SLEEP_TIME = 10;
+}
+
+namespace OHOS {
+bool FuzzNativeDaemonSa(const uint8_t* data, size_t size)
+{
+    using namespace OHOS::Developtools::NativeDaemon;
+    using namespace OHOS::Security::AccessToken;
+    AccessTokenID tokenID = AccessTokenKit::GetNativeTokenId(TEST_PROC_NAME);
+    SetSelfTokenID(tokenID);
+    SystemSetParameter(NATIVE_PARAM.c_str(), "2");
+    sleep(1);
+    uint32_t pid = 0;
+    uint32_t duration = 0;
+    uint32_t sampleInterval = 0;
+    uint32_t stopPid = 0;
+    if (size >= 1) {
+        pid = static_cast<uint32_t>(data[0]);
+    }
+    if (size >= SECOND_CHECK) {
+        duration = static_cast<uint32_t>(data[1]);
+    }
+    if (size >= THIRD_CHECK) {
+        sampleInterval = static_cast<uint32_t>(data[SECOND_CHECK]);
+    }
+    if (size >= FOURTH_CHECK) {
+        stopPid = static_cast<uint32_t>(data[THIRD_CHECK]);
+    }
+    NativeMemoryProfilerSaClientManager::Start(
+        NativeMemoryProfilerSaClientManager::NativeMemProfilerType::MEM_PROFILER_CALL_STACK, pid, duration,
+        sampleInterval);
+    sleep(SLEEP_TIME);
+    NativeMemoryProfilerSaClientManager::Stop(stopPid);
+    return true;
+}
+}
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::FuzzNativeDaemonSa(data, size);
+    return 0;
+}

device/plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer/native_daemon_sa_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef NATIVE_DAEMON_SA_FUZZER
+#define NATIVE_DAEMON_SA_FUZZER
+
+#define FUZZ_PROJECT_NAME "nativedaemonsa_fuzzer"
+
+#endif

device/plugins/native_daemon/native_memory_profiler_sa/test/fuzztest/nativedaemonsa_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>100</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>50</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>