add fuzz test storage_service

Signed-off-by: lianwei <lianwei3@huawei.com>
This commit is contained in:
lianwei 2024-04-01 16:30:10 +08:00
parent 27ae55dced
commit d04befdfd7
9 changed files with 363 additions and 18 deletions

View File

@ -18,6 +18,7 @@ group("storage_service_fuzztest") {
# deps file
"${storage_service_path}/test/fuzztest/bundlestats_fuzzer:BundleStatsFuzzTest",
"${storage_service_path}/test/fuzztest/disk_fuzzer:DiskFuzzTest",
"${storage_service_path}/test/fuzztest/filesystemcrypto_fuzzer:FileSystemCryptoFuzzTest",
"${storage_service_path}/test/fuzztest/fileutils_fuzzer:FileUtilsFuzzTest",
"${storage_service_path}/test/fuzztest/fscryptutils_fuzzer:FscryptUtilsFuzzTest",
"${storage_service_path}/test/fuzztest/keycontrol_fuzzer:KeyControlFuzzTest",
@ -27,6 +28,7 @@ group("storage_service_fuzztest") {
"${storage_service_path}/test/fuzztest/storagemanager_fuzzer:StorageManagerFuzzTest",
"${storage_service_path}/test/fuzztest/storagemanagerproxy_fuzzer:StorageManagerProxyFuzzTest",
"${storage_service_path}/test/fuzztest/storagestats_fuzzer:StorageStatsFuzzTest",
"${storage_service_path}/test/fuzztest/storagestatusservice_fuzzer:StorageStatusServiceFuzzTest",
"${storage_service_path}/test/fuzztest/storagetotalstatusservice_fuzzer:StorageTotalStatusServiceFuzzTest",
"${storage_service_path}/test/fuzztest/stringutils_fuzzer:StringUtilsFuzzTest",
"${storage_service_path}/test/fuzztest/sysparamdynamic_fuzzer:SysparamDynamicFuzzTest",

View File

@ -0,0 +1,54 @@
# Copyright (c) 2024 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/config/features.gni")
import("//build/test.gni")
import("//foundation/filemanagement/storage_service/storage_service_aafwk.gni")
ohos_fuzztest("FileSystemCryptoFuzzTest") {
module_out_path = "storage_service/storage_manager"
fuzz_config_file =
"${storage_service_path}/test/fuzztest/filesystemcrypto_fuzzer"
include_dirs = [
"${storage_manager_path}/include",
"${storage_interface_path}/innerkits/storage_manager/native",
"${storage_service_common_path}/include",
"${storage_daemon_path}/include",
]
cflags = [
"-g",
"-O0",
"-Wno-unused-variable",
"-fno-omit-frame-pointer",
]
sources = [
"${storage_manager_path}/crypto/filesystem_crypto.cpp",
"${storage_manager_path}/storage_daemon_communication/src/storage_daemon_communication.cpp",
"./filesystemcrypto_fuzzer.cpp",
]
defines = [ "STORAGE_LOG_TAG = \"storage_service\"" ]
deps = [ "${storage_daemon_path}/libfscrypt:libfscryptutils" ]
external_deps = [
"c_utils:utils",
"hilog:libhilog",
"ipc:ipc_core",
"safwk:system_ability_fwk",
"samgr:samgr_proxy",
"storage_service:storage_manager_sa_proxy",
]
}
group("fuzztest") {
testonly = true
deps = [ ":FileSystemCryptoFuzzTest" ]
}

View File

@ -0,0 +1,16 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
FUZZ

View File

@ -0,0 +1,222 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "filesystemcrypto_fuzzer.h"
#include "crypto/filesystem_crypto.h"
#include "storage_service_errno.h"
#include "storage_service_log.h"
#include "vector"
namespace OHOS {
namespace StorageManager {
template<class T>
T TypeCast(const uint8_t *data, int *pos = nullptr)
{
if (pos) {
*pos += sizeof(T);
}
return *(reinterpret_cast<const T*>(data));
}
std::shared_ptr<FileSystemCrypto> fileSystem =
DelayedSingleton<FileSystemCrypto>::GetInstance();
bool GenerateUserKeysFuzzTest(const uint8_t *data, size_t size)
{
if (data == nullptr || size <= sizeof(uint32_t)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
uint32_t flags = TypeCast<uint32_t>(data + pos);
int32_t result = fileSystem->GenerateUserKeys(userId, flags);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::GenerateUserKeysTest failed!");
return false;
}
return true;
}
bool DeleteUserKeysFuzzTest(const uint8_t *data, size_t size)
{
if (data == nullptr || size <= sizeof(uint32_t)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
int32_t result = fileSystem->DeleteUserKeys(userId);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::DeleteUserKeys failed!");
return false;
}
return true;
}
bool UpdateUserAuthFuzzTest(const uint8_t *data, size_t size)
{
if (data == nullptr || size <= sizeof(uint32_t)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
uint64_t secureUid = TypeCast<uint64_t>(data + pos);
std::vector<uint8_t> token;
std::vector<uint8_t> oldSecret;
std::vector<uint8_t> newSecret;
token.push_back(*data);
oldSecret.push_back(*data);
newSecret.push_back(*data);
int32_t result = fileSystem->UpdateUserAuth(userId, secureUid, token, oldSecret, newSecret);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::UpdateUserAuth failed!");
return false;
}
return true;
}
bool ActiveUserKeyFuzzTest(const uint8_t *data, size_t size)
{
if ((data == nullptr) || (size <= 0)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
std::vector<uint8_t> token;
std::vector<uint8_t> secret;
token.push_back(*data);
secret.push_back(*data);
int32_t result = fileSystem->ActiveUserKey(userId, token, secret);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::ActiveUserKey failed!");
return false;
}
return true;
}
bool InactiveUserKeyFuzzTest(const uint8_t *data, size_t size)
{
if ((data == nullptr) || (size <= 0)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
int32_t result = fileSystem->InactiveUserKey(userId);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::InactiveUserKey failed!");
return false;
}
return true;
}
bool UpdateKeyContextFuzzTest(const uint8_t *data, size_t size)
{
if ((data == nullptr) || (size <= 0)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
int32_t result = fileSystem->UpdateKeyContext(userId);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::UpdateKeyContext failed!");
return false;
}
return true;
}
bool LockUserScreenFuzzTest(const uint8_t *data, size_t size)
{
if ((data == nullptr) || (size <= 0)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
int32_t result = fileSystem->LockUserScreen(userId);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::LockUserScreen failed!");
return false;
}
return true;
}
bool UnlockUserScreenFuzzTest(const uint8_t *data, size_t size)
{
if ((data == nullptr) || (size <= 0)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
int32_t result = fileSystem->UnlockUserScreen(userId);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::UnlockUserScreen failed!");
return false;
}
return true;
}
bool GetLockScreenStatusFuzzTest(const uint8_t *data, size_t size)
{
if (data == nullptr || size <= sizeof(uint32_t)) {
return false;
}
int pos = 0;
uint32_t userId = TypeCast<uint32_t>(data, &pos);
bool lockScreenStatus = TypeCast<bool>(data + pos);
int32_t result = fileSystem->GetLockScreenStatus(userId, lockScreenStatus);
if (result != E_OK) {
LOGI("file system crypto fuzz test of interface FileSystemCrypto::GetLockScreenStatus failed!");
return false;
}
return true;
}
} // namespace StorageManager
} // namespace OHOS
/* Fuzzer entry point */
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
/* Run your code on data */
OHOS::StorageManager::GenerateUserKeysFuzzTest(data, size);
OHOS::StorageManager::DeleteUserKeysFuzzTest(data, size);
OHOS::StorageManager::UpdateUserAuthFuzzTest(data, size);
OHOS::StorageManager::ActiveUserKeyFuzzTest(data, size);
OHOS::StorageManager::InactiveUserKeyFuzzTest(data, size);
OHOS::StorageManager::UpdateKeyContextFuzzTest(data, size);
OHOS::StorageManager::LockUserScreenFuzzTest(data, size);
OHOS::StorageManager::UnlockUserScreenFuzzTest(data, size);
OHOS::StorageManager::GetLockScreenStatusFuzzTest(data, size);
return 0;
}

View File

@ -0,0 +1,21 @@
/*
* Copyright (c) 2024 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef FILESYSTEMCRYPTO_FUZZER_H
#define FILESYSTEMCRYPTO_FUZZER_H
#define FUZZ_PROJECT_NAME "filesystemcrypto_fuzzer"
#endif

View File

@ -0,0 +1,25 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2021 Huawei Device Co., Ltd.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<fuzz_config>
<fuzztest>
<!-- maximum length of a test input -->
<max_len>1000</max_len>
<!-- maximum total time in seconds to run the fuzzer -->
<max_total_time>300</max_total_time>
<!-- memory usage limit in Mb -->
<rss_limit_mb>4096</rss_limit_mb>
</fuzztest>
</fuzz_config>

View File

@ -33,15 +33,14 @@ bool StorageManagerProxyFuzzTest(const uint8_t *data, size_t size)
std::vector<uint8_t> secret;
const sptr<IRemoteObject> impl;
StorageManagerProxy prePar(impl);
std::string path((const char *)data, size);
std::string fsUuid((const char *)data, size);
std::string path(reinterpret_cast<const char *>(data), size);
std::string fsUuid(reinterpret_cast<const char *>(data), size);
int32_t userId = *(reinterpret_cast<const int32_t *>(data));
int32_t flags = *(reinterpret_cast<const int32_t *>(data));
int32_t fsType = *(reinterpret_cast<const int32_t *>(data));
uint64_t secureUid = *(reinterpret_cast<const uint64_t *>(data));
std::string volumeUuid((const char *)data, size);
std::string description((const char *)data, size);
std::string volumeUuid(reinterpret_cast<const char *>(data), size);
std::string description(reinterpret_cast<const char *>(data), size);
token.push_back(*data);
secret.push_back(*data);
prePar.StopUser(userId);
@ -76,16 +75,16 @@ bool StorageManagerProxyGetFuzzTest(const uint8_t *data, size_t size)
VolumeExternal vc1;
const sptr<IRemoteObject> impl;
StorageManagerProxy getStor(impl);
std::string volumeUuid((const char *)data, size);
std::string pkgName((const char *)data, size);
std::string volumeUuid(reinterpret_cast<const char *>(data), size);
std::string pkgName(reinterpret_cast<const char *>(data), size);
int32_t userId = *(reinterpret_cast<const int32_t *>(data));
std::string fsUuid((const char *)data, size);
std::string fsUuid(reinterpret_cast<const char *>(data), size);
int64_t systemSize = *(reinterpret_cast<const int64_t *>(data));
int64_t totalSize = *(reinterpret_cast<const int64_t *>(data));
int64_t freeSize = *(reinterpret_cast<const int64_t *>(data));
int64_t freeVolSize = *(reinterpret_cast<const int64_t *>(data));
int64_t totalVolSize = *(reinterpret_cast<const int64_t *>(data));
std::string type((const char *)data, size);
std::string type(reinterpret_cast<const char *>(data), size);
BundleStats bundleStats;
StorageStats storageStats;
std::vector<VolumeExternal> vecOfVol;
@ -95,7 +94,7 @@ bool StorageManagerProxyGetFuzzTest(const uint8_t *data, size_t size)
std::vector<std::string> bundleName;
incrementalBackTimes.push_back(*data);
pkgFileSizes.push_back(*data);
bundleName.push_back((const char *)data);
bundleName.push_back(reinterpret_cast<const char *>(data));
getStor.GetAllVolumes(vecOfVol);
getStor.GetAllDisks(vecOfDisk);
getStor.GetSystemSize(systemSize);

View File

@ -20,8 +20,12 @@ ohos_fuzztest("StorageStatusServiceFuzzTest") {
fuzz_config_file =
"${storage_service_path}/test/fuzztest/storagestatusservice_fuzzer"
include_dirs = [
"${bundlemanager_framework_path}/services/bundlemgr/include",
"${storage_interface_path}/innerkits/storage_manager/native",
"${storage_service_common_path}/include",
"${storage_daemon_path}/include",
"${storage_manager_path}/include",
"${storage_service_path}/utils/include",
]
cflags = [
"-g",
@ -29,17 +33,19 @@ ohos_fuzztest("StorageStatusServiceFuzzTest") {
"-Wno-unused-variable",
"-fno-omit-frame-pointer",
]
sources = [
"${storage_manager_path}/utils/src/storage_utils.cpp",
"storagestatusservice_fuzzer.cpp",
]
sources = [ "./storagestatusservice_fuzzer.cpp" ]
defines = [ "STORAGE_LOG_TAG = \"storage_service\"" ]
deps = [ "${bundlemanager_framework_path}/services/bundlemgr:libbms" ]
deps = [ "${storage_service_path}/services/storage_manager:storage_manager" ]
external_deps = [
"access_token:libaccesstoken_sdk",
"bundle_framework:appexecfwk_base",
"bundle_framework:appexecfwk_core",
"c_utils:utils",
"hilog:libhilog",
"hitrace:hitrace_meter",
"ipc:ipc_core",
"storage_service:storage_manager_sa_proxy",
]
}

View File

@ -27,14 +27,14 @@ bool StorageStatusServiceFuzzTest(const uint8_t *data, size_t size)
std::shared_ptr<StorageStatusService> service = DelayedSingleton<StorageStatusService>::GetInstance();
int32_t userId = *(reinterpret_cast<const int32_t *>(data));
std::string pkgName((const char *) data, size);
std::string type((const char *) data, size);
std::string pkgName(reinterpret_cast<const char *>(data), size);
std::string type(reinterpret_cast<const char *>(data), size);
BundleStats bundleStats;
StorageStats storageStats;
std::vector<std::string> bundleName;
std::vector<int64_t> incrementalBackTimes;
std::vector<int64_t> pkgFileSizes;
bundleName.push_back((const char *) data);
bundleName.push_back(reinterpret_cast<const char *>(data));
incrementalBackTimes.push_back(*data);
pkgFileSizes.push_back(*data);
int32_t result = service->GetBundleStats(pkgName, bundleStats);