!879 add fuzz test storage_service

Merge pull request !879 from lianwei/master

test/fuzztest/BUILD.gn

@@ -18,6 +18,7 @@ group("storage_service_fuzztest") {
     # deps file
     "${storage_service_path}/test/fuzztest/bundlestats_fuzzer:BundleStatsFuzzTest",
     "${storage_service_path}/test/fuzztest/disk_fuzzer:DiskFuzzTest",
+    "${storage_service_path}/test/fuzztest/filesystemcrypto_fuzzer:FileSystemCryptoFuzzTest",
     "${storage_service_path}/test/fuzztest/fileutils_fuzzer:FileUtilsFuzzTest",
     "${storage_service_path}/test/fuzztest/fscryptutils_fuzzer:FscryptUtilsFuzzTest",
     "${storage_service_path}/test/fuzztest/keycontrol_fuzzer:KeyControlFuzzTest",
@@ -27,6 +28,7 @@ group("storage_service_fuzztest") {
     "${storage_service_path}/test/fuzztest/storagemanager_fuzzer:StorageManagerFuzzTest",
     "${storage_service_path}/test/fuzztest/storagemanagerproxy_fuzzer:StorageManagerProxyFuzzTest",
     "${storage_service_path}/test/fuzztest/storagestats_fuzzer:StorageStatsFuzzTest",
+    "${storage_service_path}/test/fuzztest/storagestatusservice_fuzzer:StorageStatusServiceFuzzTest",
     "${storage_service_path}/test/fuzztest/storagetotalstatusservice_fuzzer:StorageTotalStatusServiceFuzzTest",
     "${storage_service_path}/test/fuzztest/stringutils_fuzzer:StringUtilsFuzzTest",
     "${storage_service_path}/test/fuzztest/sysparamdynamic_fuzzer:SysparamDynamicFuzzTest",

test/fuzztest/filesystemcrypto_fuzzer/BUILD.gn

@@ -0,0 +1,54 @@
+# Copyright (c) 2024 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import("//build/config/features.gni")
+import("//build/test.gni")
+import("//foundation/filemanagement/storage_service/storage_service_aafwk.gni")
+
+ohos_fuzztest("FileSystemCryptoFuzzTest") {
+  module_out_path = "storage_service/storage_manager"
+  fuzz_config_file =
+      "${storage_service_path}/test/fuzztest/filesystemcrypto_fuzzer"
+  include_dirs = [
+    "${storage_manager_path}/include",
+    "${storage_interface_path}/innerkits/storage_manager/native",
+    "${storage_service_common_path}/include",
+    "${storage_daemon_path}/include",
+  ]
+  cflags = [
+    "-g",
+    "-O0",
+    "-Wno-unused-variable",
+    "-fno-omit-frame-pointer",
+  ]
+  sources = [
+    "${storage_manager_path}/crypto/filesystem_crypto.cpp",
+    "${storage_manager_path}/storage_daemon_communication/src/storage_daemon_communication.cpp",
+    "./filesystemcrypto_fuzzer.cpp",
+  ]
+  defines = [ "STORAGE_LOG_TAG = \"storage_service\"" ]
+  deps = [ "${storage_daemon_path}/libfscrypt:libfscryptutils" ]
+  external_deps = [
+    "c_utils:utils",
+    "hilog:libhilog",
+    "ipc:ipc_core",
+    "safwk:system_ability_fwk",
+    "samgr:samgr_proxy",
+    "storage_service:storage_manager_sa_proxy",
+  ]
+}
+
+group("fuzztest") {
+  testonly = true
+  deps = [ ":FileSystemCryptoFuzzTest" ]
+}

test/fuzztest/filesystemcrypto_fuzzer/corpus/init

@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+FUZZ

test/fuzztest/filesystemcrypto_fuzzer/filesystemcrypto_fuzzer.cpp

@@ -0,0 +1,222 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "filesystemcrypto_fuzzer.h"
+#include "crypto/filesystem_crypto.h"
+#include "storage_service_errno.h"
+#include "storage_service_log.h"
+#include "vector"
+
+namespace OHOS {
+namespace StorageManager {
+
+template<class T>
+T TypeCast(const uint8_t *data, int *pos = nullptr)
+{
+    if (pos) {
+        *pos += sizeof(T);
+    }
+    return *(reinterpret_cast<const T*>(data));
+}
+
+std::shared_ptr<FileSystemCrypto> fileSystem =
+        DelayedSingleton<FileSystemCrypto>::GetInstance();
+
+bool GenerateUserKeysFuzzTest(const uint8_t *data, size_t size)
+{
+    if (data == nullptr || size <= sizeof(uint32_t)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+    uint32_t flags = TypeCast<uint32_t>(data + pos);
+
+    int32_t result = fileSystem->GenerateUserKeys(userId, flags);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::GenerateUserKeysTest failed!");
+        return false;
+    }
+    return true;
+}
+
+bool DeleteUserKeysFuzzTest(const uint8_t *data, size_t size)
+{
+    if (data == nullptr || size <= sizeof(uint32_t)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+
+    int32_t result = fileSystem->DeleteUserKeys(userId);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::DeleteUserKeys failed!");
+        return false;
+    }
+    return true;
+}
+
+bool UpdateUserAuthFuzzTest(const uint8_t *data, size_t size)
+{
+    if (data == nullptr || size <= sizeof(uint32_t)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+    uint64_t secureUid = TypeCast<uint64_t>(data + pos);
+
+    std::vector<uint8_t> token;
+    std::vector<uint8_t> oldSecret;
+    std::vector<uint8_t> newSecret;
+    token.push_back(*data);
+    oldSecret.push_back(*data);
+    newSecret.push_back(*data);
+
+    int32_t result = fileSystem->UpdateUserAuth(userId, secureUid, token, oldSecret, newSecret);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::UpdateUserAuth failed!");
+        return false;
+    }
+    return true;
+}
+
+bool ActiveUserKeyFuzzTest(const uint8_t *data, size_t size)
+{
+    if ((data == nullptr) || (size <= 0)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+
+    std::vector<uint8_t> token;
+    std::vector<uint8_t> secret;
+    token.push_back(*data);
+    secret.push_back(*data);
+
+    int32_t result = fileSystem->ActiveUserKey(userId, token, secret);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::ActiveUserKey failed!");
+        return false;
+    }
+    return true;
+}
+
+bool InactiveUserKeyFuzzTest(const uint8_t *data, size_t size)
+{
+    if ((data == nullptr) || (size <= 0)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+
+    int32_t result = fileSystem->InactiveUserKey(userId);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::InactiveUserKey failed!");
+        return false;
+    }
+    return true;
+}
+
+bool UpdateKeyContextFuzzTest(const uint8_t *data, size_t size)
+{
+    if ((data == nullptr) || (size <= 0)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+
+    int32_t result = fileSystem->UpdateKeyContext(userId);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::UpdateKeyContext failed!");
+        return false;
+    }
+    return true;
+}
+
+bool LockUserScreenFuzzTest(const uint8_t *data, size_t size)
+{
+    if ((data == nullptr) || (size <= 0)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+
+    int32_t result = fileSystem->LockUserScreen(userId);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::LockUserScreen failed!");
+        return false;
+    }
+    return true;
+}
+
+bool UnlockUserScreenFuzzTest(const uint8_t *data, size_t size)
+{
+    if ((data == nullptr) || (size <= 0)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+
+    int32_t result = fileSystem->UnlockUserScreen(userId);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::UnlockUserScreen failed!");
+        return false;
+    }
+    return true;
+}
+
+bool GetLockScreenStatusFuzzTest(const uint8_t *data, size_t size)
+{
+    if (data == nullptr || size <= sizeof(uint32_t)) {
+        return false;
+    }
+
+    int pos = 0;
+    uint32_t userId = TypeCast<uint32_t>(data, &pos);
+    bool lockScreenStatus = TypeCast<bool>(data + pos);
+
+    int32_t result = fileSystem->GetLockScreenStatus(userId, lockScreenStatus);
+    if (result != E_OK) {
+        LOGI("file system crypto fuzz test of interface FileSystemCrypto::GetLockScreenStatus failed!");
+        return false;
+    }
+    return true;
+}
+} // namespace StorageManager
+} // namespace OHOS
+
+/* Fuzzer entry point */
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+    /* Run your code on data */
+    OHOS::StorageManager::GenerateUserKeysFuzzTest(data, size);
+    OHOS::StorageManager::DeleteUserKeysFuzzTest(data, size);
+    OHOS::StorageManager::UpdateUserAuthFuzzTest(data, size);
+    OHOS::StorageManager::ActiveUserKeyFuzzTest(data, size);
+    OHOS::StorageManager::InactiveUserKeyFuzzTest(data, size);
+    OHOS::StorageManager::UpdateKeyContextFuzzTest(data, size);
+    OHOS::StorageManager::LockUserScreenFuzzTest(data, size);
+    OHOS::StorageManager::UnlockUserScreenFuzzTest(data, size);
+    OHOS::StorageManager::GetLockScreenStatusFuzzTest(data, size);
+
+    return 0;
+}

test/fuzztest/filesystemcrypto_fuzzer/filesystemcrypto_fuzzer.h

@@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2024 Huawei Device Co., Ltd.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef FILESYSTEMCRYPTO_FUZZER_H
+#define FILESYSTEMCRYPTO_FUZZER_H
+
+#define FUZZ_PROJECT_NAME "filesystemcrypto_fuzzer"
+
+#endif

test/fuzztest/filesystemcrypto_fuzzer/project.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Copyright (c) 2021 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+-->
+<fuzz_config>
+  <fuzztest>
+    <!-- maximum length of a test input -->
+    <max_len>1000</max_len>
+    <!-- maximum total time in seconds to run the fuzzer -->
+    <max_total_time>300</max_total_time>
+    <!-- memory usage limit in Mb -->
+    <rss_limit_mb>4096</rss_limit_mb>
+  </fuzztest>
+</fuzz_config>

test/fuzztest/storagemanagerproxy_fuzzer/storagemanagerproxy_fuzzer.cpp

@@ -33,15 +33,14 @@ bool StorageManagerProxyFuzzTest(const uint8_t *data, size_t size)
     std::vector<uint8_t> secret;
     const sptr<IRemoteObject> impl;
     StorageManagerProxy prePar(impl);
-    std::string path((const char *)data, size);
-    std::string fsUuid((const char *)data, size);
+    std::string path(reinterpret_cast<const char *>(data), size);
+    std::string fsUuid(reinterpret_cast<const char *>(data), size);
     int32_t userId = *(reinterpret_cast<const int32_t *>(data));
     int32_t flags = *(reinterpret_cast<const int32_t *>(data));
     int32_t fsType = *(reinterpret_cast<const int32_t *>(data));
     uint64_t secureUid = *(reinterpret_cast<const uint64_t *>(data));
-    std::string volumeUuid((const char *)data, size);
-    std::string description((const char *)data, size);
-
+    std::string volumeUuid(reinterpret_cast<const char *>(data), size);
+    std::string description(reinterpret_cast<const char *>(data), size);
     token.push_back(*data);
     secret.push_back(*data);
     prePar.StopUser(userId);
@@ -76,16 +75,16 @@ bool StorageManagerProxyGetFuzzTest(const uint8_t *data, size_t size)
     VolumeExternal vc1;
     const sptr<IRemoteObject> impl;
     StorageManagerProxy getStor(impl);
-    std::string volumeUuid((const char *)data, size);
-    std::string pkgName((const char *)data, size);
+    std::string volumeUuid(reinterpret_cast<const char *>(data), size);
+    std::string pkgName(reinterpret_cast<const char *>(data), size);
     int32_t userId = *(reinterpret_cast<const int32_t *>(data));
-    std::string fsUuid((const char *)data, size);
+    std::string fsUuid(reinterpret_cast<const char *>(data), size);
     int64_t systemSize = *(reinterpret_cast<const int64_t *>(data));
     int64_t totalSize = *(reinterpret_cast<const int64_t *>(data));
     int64_t freeSize = *(reinterpret_cast<const int64_t *>(data));
     int64_t freeVolSize = *(reinterpret_cast<const int64_t *>(data));
     int64_t totalVolSize = *(reinterpret_cast<const int64_t *>(data));
-    std::string type((const char *)data, size);
+    std::string type(reinterpret_cast<const char *>(data), size);
     BundleStats bundleStats;
     StorageStats storageStats;
     std::vector<VolumeExternal> vecOfVol;
@@ -95,7 +94,7 @@ bool StorageManagerProxyGetFuzzTest(const uint8_t *data, size_t size)
     std::vector<std::string> bundleName;
     incrementalBackTimes.push_back(*data);
     pkgFileSizes.push_back(*data);
-    bundleName.push_back((const char *)data);
+    bundleName.push_back(reinterpret_cast<const char *>(data));
     getStor.GetAllVolumes(vecOfVol);
     getStor.GetAllDisks(vecOfDisk);
     getStor.GetSystemSize(systemSize);

test/fuzztest/storagestatusservice_fuzzer/BUILD.gn

@@ -20,8 +20,12 @@ ohos_fuzztest("StorageStatusServiceFuzzTest") {
   fuzz_config_file =
       "${storage_service_path}/test/fuzztest/storagestatusservice_fuzzer"
   include_dirs = [
+    "${bundlemanager_framework_path}/services/bundlemgr/include",
+    "${storage_interface_path}/innerkits/storage_manager/native",
     "${storage_service_common_path}/include",
+    "${storage_daemon_path}/include",
     "${storage_manager_path}/include",
+    "${storage_service_path}/utils/include",
   ]
   cflags = [
     "-g",
@@ -29,17 +33,19 @@ ohos_fuzztest("StorageStatusServiceFuzzTest") {
     "-Wno-unused-variable",
     "-fno-omit-frame-pointer",
   ]
-  sources = [
-    "${storage_manager_path}/utils/src/storage_utils.cpp",
-    "storagestatusservice_fuzzer.cpp",
-  ]
+  sources = [ "./storagestatusservice_fuzzer.cpp" ]
   defines = [ "STORAGE_LOG_TAG = \"storage_service\"" ]
-  deps = [ "${bundlemanager_framework_path}/services/bundlemgr:libbms" ]
+  deps = [ "${storage_service_path}/services/storage_manager:storage_manager" ]
 
   external_deps = [
+    "access_token:libaccesstoken_sdk",
+    "bundle_framework:appexecfwk_base",
+    "bundle_framework:appexecfwk_core",
     "c_utils:utils",
     "hilog:libhilog",
     "hitrace:hitrace_meter",
+    "ipc:ipc_core",
+    "storage_service:storage_manager_sa_proxy",
   ]
 }
 

test/fuzztest/storagestatusservice_fuzzer/storagestatusservice_fuzzer.cpp

@@ -27,14 +27,14 @@ bool StorageStatusServiceFuzzTest(const uint8_t *data, size_t size)
     std::shared_ptr<StorageStatusService> service = DelayedSingleton<StorageStatusService>::GetInstance();
 
     int32_t userId = *(reinterpret_cast<const int32_t *>(data));
-    std::string pkgName((const char *) data, size);
-    std::string type((const char *) data, size);
+    std::string pkgName(reinterpret_cast<const char *>(data), size);
+    std::string type(reinterpret_cast<const char *>(data), size);
     BundleStats bundleStats;
     StorageStats storageStats;
     std::vector<std::string> bundleName;
     std::vector<int64_t> incrementalBackTimes;
     std::vector<int64_t> pkgFileSizes;
-    bundleName.push_back((const char *) data);
+    bundleName.push_back(reinterpret_cast<const char *>(data));
     incrementalBackTimes.push_back(*data);
     pkgFileSizes.push_back(*data);
     int32_t result = service->GetBundleStats(pkgName, bundleStats);