openharmony/security_certificate_manager
1
0
Fork 0
mirror of https://gitee.com/openharmony/security_certificate_manager synced 2024-11-23 07:29:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

!181 增加OnRemoteRequest接口FUZZ

Browse Source 
Merge pull request !181 from zhao_zhen_zhou/master
This commit is contained in:
openharmony_ci 2023-06-08 09:20:27 +00:00 committed by Gitee
commit c27889e9e8
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
6 changed files with 206 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
test/fuzz_test/BUILD.gn
View File

@ -64,6 +64,7 @@ group("fuzztest") {
"./cmipcserviceuninstallappcert_fuzzer:fuzztest",
"./cmipcserviceuninstallusercert_fuzzer:fuzztest",
"./cmipcserviceupdate_fuzzer:fuzztest",
"./cmonremoterequest_fuzzer:fuzztest",
]
}
}

63
test/fuzz_test/cmonremoterequest_fuzzer/BUILD.gn Executable file
View File

@ -0,0 +1,63 @@
# Copyright (c) 2023 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import("//build/config/features.gni")
import("//build/test.gni")
module_output_path = "cert_manager_standard/cert_manager_standard_test"
##############################fuzztest##########################################
ohos_fuzztest("CmOnRemoteRequestFuzzTest") {
module_out_path = module_output_path
fuzz_config_file = "../../../test/fuzz_test/cmonremoterequest_fuzzer"
include_dirs = [
"../../../frameworks/cert_manager_standard/main/common/include",
"../../../interfaces/innerkits/cert_manager_standard/main/include",
"../../../services/cert_manager_standard/cert_manager_service/main/os_dependency/sa",
"../../../test/unittest/include",
]
cflags = [
"-g",
"-O0",
"-Wno-unused-variable",
"-fno-omit-frame-pointer",
]
sources = [
"../../../test/unittest/src/cm_test_common.cpp",
"cmonremoterequest_fuzzer.cpp",
]
deps = [
"../../../services/cert_manager_standard:cert_manager_service",
"../../../test/fuzz_test/fuzz_test_common:libcert_manager_fuzz_test_common_static",
]
external_deps = [
"access_token:libaccesstoken_sdk",
"access_token:libnativetoken",
"access_token:libtoken_setproc",
"ipc:ipc_core",
"safwk:system_ability_fwk",
]
}
###############################################################################
group("fuzztest") {
testonly = true
deps = []
deps += [
# deps file
":CmOnRemoteRequestFuzzTest",
]
}
###############################################################################

86
test/fuzz_test/cmonremoterequest_fuzzer/cmonremoterequest_fuzzer.cpp Executable file
View File

@ -0,0 +1,86 @@
/*
* Copyright (c) 2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "cmonremoterequest_fuzzer.h"
#include "cm_fuzz_test_common.h"
#include "cm_sa.h"
#include "cm_test_common.h"
#include "message_option.h"
#include "message_parcel.h"
using namespace CmFuzzTest;
namespace OHOS {
bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size)
{
uint32_t minSize = sizeof(uint32_t) + sizeof(uint32_t) + sizeof(struct CmBlob);
uint8_t *myData = nullptr;
if (!CopyMyData(data, size, minSize, &myData)) {
return false;
}
uint32_t remainSize = static_cast<uint32_t>(size);
uint32_t offset = 0;
// get code
uint32_t code;
if (!GetUintFromBuffer(myData, &remainSize, &offset, &code)) {
CmFree(myData);
return false;
}
code = (code % static_cast<uint32_t>(CM_MSG_MAX - CM_MSG_BASE) + static_cast<uint32_t>(CM_MSG_BASE));
// get data
uint32_t outSize;
if (!GetUintFromBuffer(myData, &remainSize, &offset, &outSize)) {
CmFree(myData);
return false;
}
struct CmParamSet *paramSet = nullptr;
if (ConstructParamSet(myData, &remainSize, &offset, static_cast<enum CmMessage>(code), &paramSet) == false) {
CmFree(myData);
return false;
}
struct CmBlob srcDataBlob = { paramSet->paramSetSize, reinterpret_cast<uint8_t *>(paramSet) };
Security::CertManager::CertManagerService &myService = Security::CertManager::CertManagerService::GetInstance();
std::u16string descriptor = myService.GetDescriptor();
MessageParcel messageData;
messageData.WriteInterfaceToken(descriptor);
messageData.WriteUint32(outSize);
messageData.WriteUint32(srcDataBlob.size);
messageData.WriteBuffer(srcDataBlob.data, static_cast<size_t>(srcDataBlob.size));
MessageParcel reply;
MessageOption option;
CertmanagerTest::SetATPermission();
(void)myService.OnStart();
(void)myService.OnRemoteRequest(code, messageData, reply, option);
CmFree(myData);
CmFreeParamSet(&paramSet);
return true;
}
}
/* Fuzzer entry point */
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size)
{
/* Run your code on data */
OHOS::DoSomethingInterestingWithMyAPI(data, size);
return 0;
}

18
test/fuzz_test/cmonremoterequest_fuzzer/cmonremoterequest_fuzzer.h Executable file
View File

@ -0,0 +1,18 @@
/*
* Copyright (c) 2023 Huawei Device Co., Ltd.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef FUZZ_PROJECT_NAME
#define FUZZ_PROJECT_NAME "cmonremoterequest_fuzzer"
#endif

13
test/fuzz_test/cmonremoterequest_fuzzer/corpus/init Executable file
View File

@ -0,0 +1,13 @@
# Copyright (c) 2023 Huawei Device Co., Ltd.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
FUZZ

25
test/fuzz_test/cmonremoterequest_fuzzer/project.xml Executable file
View File

@ -0,0 +1,25 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2023 Huawei Device Co., Ltd.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<fuzz_config>
<fuzztest>
<!-- maximum length of a test input -->
<max_len>1000</max_len>
<!-- maximum total time in seconds to run the fuzzer -->
<max_total_time>300</max_total_time>
<!-- memory usage limit in Mb -->
<rss_limit_mb>4096</rss_limit_mb>
</fuzztest>
</fuzz_config>