UserFileService-FileAccessExtAbility-Delete用例

Signed-off-by: yangjingbo10 <yangjingbo10@huawei.com>

Change-Id: I5baa6ec711ae43a7eac09cc3cc7c369b16e6e09a
This commit is contained in:
y30045862 2023-08-17 21:29:06 +08:00
parent a2694e00c2
commit 74225f897d
5 changed files with 252 additions and 0 deletions

View File

@ -0,0 +1,70 @@
# Copyright (c) 2023 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#####################hydra-fuzz###################
import("//build/config/features.gni")
import("//build/test.gni")
import("//foundation/filemanagement/user_file_service/filemanagement_aafwk.gni")
ohos_fuzztest("ExternalFileAccessDeleteFuzzTest") {
module_out_path = "filemanagement/user_file_service"
fuzz_config_file =
"${user_file_service_path}/test/fuzztest/externalfileaccessdelete_fuzzer"
include_dirs = [
"${user_file_service_path}/utils",
"${ability_runtime_kits_path}/appkit/native/ability_runtime/app",
"${ability_runtime_kits_path}/appkit/native/app/include",
"${ability_runtime_kits_path}/appkit/native/ability_runtime/context",
"${user_file_service_path}/interfaces/inner_api/file_access/include",
]
cflags = [
"-g",
"-O0",
"-Wno-unused-variable",
"-fno-omit-frame-pointer",
]
sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessdelete_fuzzer/externalfileaccessdelete_fuzzer.cpp" ]
deps = [
"${ability_runtime_path}/frameworks/native/ability/native:abilitykit_native",
"${ability_runtime_path}/frameworks/native/appkit:app_context",
"${access_token_path}/frameworks/accesstoken:accesstoken_communication_adapter_cxx",
"${user_file_service_path}/interfaces/inner_api/file_access:file_access_extension_ability_kit",
]
external_deps = [
"ability_base:want",
"ability_base:zuri",
"ability_runtime:ability_manager",
"ability_runtime:app_context",
"ability_runtime:extensionkit_native",
"ability_runtime:napi_common",
"ability_runtime:runtime",
"access_token:libaccesstoken_sdk",
"access_token:libnativetoken",
"access_token:libtoken_setproc",
"bundle_framework:appexecfwk_base",
"bundle_framework:appexecfwk_core",
"c_utils:utils",
"hilog:libhilog",
"hitrace:hitrace_meter",
"image_framework:image_native",
"ipc:ipc_core",
"napi:ace_napi",
"samgr:samgr_proxy",
]
}
group("fuzztest") {
testonly = true
deps = [ ":ExternalFileAccessDeleteFuzzTest" ]
}

View File

@ -0,0 +1,16 @@
/*
* Copyright (c) 2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
FUZZ

View File

@ -0,0 +1,120 @@
/*
* Copyright (c) 2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "externalfileaccessdelete_fuzzer.h"
#include <cstddef>
#include <cstdint>
#include <cstring>
#include <memory>
#include "extension_base.h"
#include "extension_context.h"
#include "message_parcel.h"
#include "file_access_ext_stub.h"
#include "file_access_ext_stub_impl.h"
#include "file_access_ext_ability.h"
#include "js_file_access_ext_ability.h"
#include "js_runtime.h"
#include "securec.h"
#include "nativetoken_kit.h"
#include "token_setproc.h"
#include "accesstoken_kit.h"
namespace OHOS {
using namespace std;
using namespace OHOS;
using namespace FileAccessFwk;
using namespace AbilityRuntime;
constexpr size_t FOO_MAX_LEN = 1024;
constexpr size_t U32_AT_SIZE = 4;
enum {
TOKEN_INDEX_ONE = 0,
};
void SetNativeToken()
{
uint64_t tokenId;
const char **perms = new const char *[1];
perms[TOKEN_INDEX_ONE] = "ohos.permission.FILE_ACCESS_MANAGER";
NativeTokenInfoParams infoInstance = {
.dcapsNum = 0,
.permsNum = 1,
.aclsNum = 0,
.dcaps = nullptr,
.perms = perms,
.acls = nullptr,
.aplStr = "system_core",
};
infoInstance.processName = "ExternalFileAccessDeleteFuzzTest";
tokenId = GetAccessTokenId(&infoInstance);
const uint64_t systemAppMask = (static_cast<uint64_t>(1) << 32);
tokenId |= systemAppMask;
SetSelfTokenID(tokenId);
OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo();
delete[] perms;
}
bool ExternalFileAccessDeleteFuzzTest(std::unique_ptr<char[]> data, size_t size)
{
SetNativeToken();
// CMD_DELETE
uint32_t code = 4;
MessageParcel datas;
datas.WriteInterfaceToken(FileAccessExtStub::GetDescriptor());
datas.WriteBuffer(data.get(), size);
datas.RewindRead(0);
MessageParcel reply;
MessageOption option;
auto fileAccessExtAbility = FileAccessExtAbility::Create(nullptr);
auto fileAccessExtAbilitySharePtr = std::shared_ptr<FileAccessExtAbility>(fileAccessExtAbility);
sptr<FileAccessExtStubImpl> fileAccessExtStubObj(new (std::nothrow) FileAccessExtStubImpl(
fileAccessExtAbilitySharePtr, nullptr));
fileAccessExtStubObj->OnRemoteRequest(code, datas, reply, option);
fileAccessExtAbility = nullptr;
fileAccessExtStubObj = nullptr;
return true;
}
} // namespace OHOS
/* Fuzzer entry point */
extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
/* Run your code on data */
if (data == nullptr) {
return 0;
}
/* Validate the length of size */
if (size < OHOS::U32_AT_SIZE || size > OHOS::FOO_MAX_LEN) {
return 0;
}
auto str = std::make_unique<char[]>(size + 1);
(void)memset_s(str.get(), size + 1, 0x00, size + 1);
if (memcpy_s(str.get(), size, data, size) != EOK) {
return 0;
}
OHOS::ExternalFileAccessDeleteFuzzTest(move(str), size);
return 0;
}

View File

@ -0,0 +1,21 @@
/*
* Copyright (c) 2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef FILE_ACCESS_EXTERNAL_FILE_ACCESS_DELETE_FUZZER_H
#define FILE_ACCESS_EXTERNAL_FILE_ACCESS_DELETE_FUZZER_H
#define FUZZ_PROJECT_NAME "externalfileaccessdelete_fuzzer"
#endif

View File

@ -0,0 +1,25 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2023 Huawei Device Co., Ltd.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<fuzz_config>
<fuzztest>
<!-- maximum length of a test input -->
<max_len>1000</max_len>
<!-- maximum total time in seconds to run the fuzzer -->
<max_total_time>300</max_total_time>
<!-- memory usage limit in Mb -->
<rss_limit_mb>4096</rss_limit_mb>
</fuzztest>
</fuzz_config>