diff --git a/test/fuzztest/fuzztest_bundlemanager/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/BUILD.gn index aac85405bcc9c7d4418b3aa623beb368d283c971..fb4e3da90bc37ca5a21fb7179968057a8718af2e 100644 --- a/test/fuzztest/fuzztest_bundlemanager/BUILD.gn +++ b/test/fuzztest/fuzztest_bundlemanager/BUILD.gn @@ -90,6 +90,9 @@ group("bundlemanagerfuzztest") { "bmsgetnameforuid_fuzzer:BMSGetNameForUidFuzzTest", "bmsgetpermissiondef_fuzzer:BMSGetPermissionDefFuzzTest", "bmshapmoduleinfo_fuzzer:BMSHapModuleInfoFuzzTest", + "bmsinstalldloadcallback_fuzzer:BMSInstalldLoadCallbackFuzzTest", + "bmsinstalldpermissionmgr_fuzzer:BMSInstalldPermissionMgrFuzzTest", + "bmsinstalldservice_fuzzer:BMSInstalldServiceFuzzTest", "bmsinstallparam_fuzzer:BMSInstallParamFuzzTest", "bmsisexistfirstinstallbundleinfo_fuzzer:BMSIsExistFirstInstallBundleInfoFuzzTest", "bmsonqueryrpcidfinished_fuzzer:BMSOnQueryRpcIdFinishedFuzzTest", diff --git a/test/fuzztest/fuzztest_bundlemanager/bmscheckabilityenableinstall_fuzzer/bmscheckabilityenableinstall_fuzzer.cpp b/test/fuzztest/fuzztest_bundlemanager/bmscheckabilityenableinstall_fuzzer/bmscheckabilityenableinstall_fuzzer.cpp index 5f8a86cc7800fb034c0ceb571ff005c855c61c6f..f746bb658952e066168f54e830536d9815ab30fa 100644 --- a/test/fuzztest/fuzztest_bundlemanager/bmscheckabilityenableinstall_fuzzer/bmscheckabilityenableinstall_fuzzer.cpp +++ b/test/fuzztest/fuzztest_bundlemanager/bmscheckabilityenableinstall_fuzzer/bmscheckabilityenableinstall_fuzzer.cpp @@ -48,6 +48,14 @@ bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size) int32_t userId = GenerateRandomUser(fdp); sptr callerToken = nullptr; BundleDistributedManager_->CheckAbilityEnableInstall(want, missionId, userId, callerToken); +#ifdef BMS_DEVICE_INFO_MANAGER_ENABLE + RpcIdResult rpcIdResult; + rpcIdResult.retCode = fdp.ConsumeIntegral(); + rpcIdResult.version = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + rpcIdResult.transactId = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + rpcIdResult.resultMsg = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + BundleDistributedManager_->ComparePcIdString(want, rpcIdResult); +#endif return true; } } diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..53a6d87cc77618f21e1a62878a19572a7e958cdb --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/BUILD.gn @@ -0,0 +1,190 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("../../../../appexecfwk.gni") +import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni") +module_output_path = fuzz_test_path + +##############################fuzztest########################################## +ohos_fuzztest("BMSInstalldLoadCallbackFuzzTest") { + fuzz_config_file = "../../../fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer" + + use_exceptions = true + module_out_path = module_output_path + include_dirs = [ + "${test_path}/fuzztest", + "${services_path}/bundlemgr/include/installd", + ] + sources = bundle_mgr_source + sources += [ + "${services_path}/bundlemgr/src/aot/aot_executor.cpp", + "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp", + "${services_path}/bundlemgr/src/installd/installd_operator.cpp", + "${services_path}/bundlemgr/src/installd/installd_service.cpp", + "${services_path}/bundlemgr/src/installd/installd_permission_mgr.cpp", + ] + + sources += bundle_install_sources + + sources += [ "bmsinstalldloadcallback_fuzzer.cpp" ] + + configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + deps = [ "${core_path}:appexecfwk_core" ] + deps += bundle_install_deps + + external_deps = [ + "ability_base:want", + "ability_runtime:app_manager", + "access_token:el5_filekey_manager_sdk", + "access_token:libprivacy_sdk", + "access_token:libtokenid_sdk", + "appspawn:hnpapi", + "appverify:libhapverify", + "bounds_checking_function:libsec_shared", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "hilog:libhilog", + "hitrace:hitrace_meter", + "init:libbegetutil", + "jsoncpp:jsoncpp", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + "selinux_adapter:librestorecon", + ] + external_deps += bundle_install_external_deps + + defines = [] + if (code_signature_enable) { + sources += [ + "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp", + "${services_path}/bundlemgr/src/code_sign_helper.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include" ] + external_deps += [ + "bounds_checking_function:libsec_shared", + "code_signature:libcode_sign_utils", + "ets_runtime:libcompiler_service", + ] + defines += [ "CODE_SIGNATURE_ENABLE" ] + } + + if (configpolicy_enable) { + external_deps += [ "config_policy:configpolicy_util" ] + defines += [ "CONFIG_POLOCY_ENABLE" ] + } + + if (bundle_framework_app_control) { + defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ] + sources += [ + "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include/app_control" ] + external_deps += [ "c_utils:utils" ] + } + if (current_cpu == "arm64") { + defines += [ "USE_BUNDLE_EXTENSION" ] + } + + if (build_selinux) { + external_deps += [ "selinux_adapter:libhap_restorecon" ] + } + if (account_enable) { + external_deps += [ "os_account:os_account_innerkits" ] + defines += [ "ACCOUNT_ENABLE" ] + } + if (bundle_framework_free_install) { + sources += aging + sources += free_install + sources += distributed_manager + external_deps += [ + "ability_runtime:ability_manager", + "ability_runtime:app_manager", + "battery_manager:batterysrv_client", + "device_usage_statistics:usagestatsinner", + "display_manager:displaymgr", + "power_manager:powermgr_client", + "syscap_codec:syscap_interface_shared", + ] + defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ] + } + if (global_resmgr_enable) { + defines += [ "GLOBAL_RESMGR_ENABLE" ] + external_deps += [ "resource_management:global_resmgr" ] + } + if (hicollie_enable) { + external_deps += [ "hicollie:libhicollie" ] + defines += [ "HICOLLIE_ENABLE" ] + } + + if (hisysevent_enable) { + sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ] + external_deps += [ "hisysevent:libhisysevent" ] + defines += [ "HISYSEVENT_ENABLE" ] + } + + if (bundle_framework_quick_fix) { + include_dirs += [ "${services_path}/bundlemgr/src/include/quick_fix" ] + sources += quick_fix + defines += [ "BUNDLE_FRAMEWORK_QUICK_FIX" ] + } + + if (storage_service_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + defines += [ "STORAGE_SERVICE_ENABLE" ] + } + + external_deps += [ "kv_store:distributeddata_inner" ] + configs += [ "${services_path}/bundlemgr:rdb_config" ] + external_deps += [ "relational_store:native_rdb" ] + sources += [ + "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp", + "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp", + ] + if (udmf_enabled) { + defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ] + external_deps += [ "udmf:udmf_client" ] + external_deps += [ "udmf:utd_client" ] + } + + if (user_auth_framework_impl_enabled) { + external_deps += [ "user_auth_framework:userauth_client" ] + defines += [ "BMS_USER_AUTH_FRAMEWORK_ENABLED" ] + include_dirs += [ "${services_path}/bundlemgr/include/user_auth" ] + sources += user_auth + } + + if (bms_device_info_manager_part_enabled) { + external_deps += [ + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + ] + defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ] + } +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/bmsinstalldloadcallback_fuzzer.cpp b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/bmsinstalldloadcallback_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..59498791136ab00d33a49c1b54ccf9d252e3ed3d --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/bmsinstalldloadcallback_fuzzer.cpp @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#define private public +#include "installd_load_callback.h" +#include "bmsinstalldloadcallback_fuzzer.h" +#include "system_ability_definition.h" +#include "bms_fuzztest_util.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::BMSFuzzTestUtil; +namespace OHOS { +bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size) +{ + auto installdloadcallback = std::make_shared(); + if (installdloadcallback == nullptr) { + return false; + } + FuzzedDataProvider fdp(data, size); + int32_t systemAbilityId = fdp.ConsumeIntegral(); + sptr remoteObject = nullptr; + installdloadcallback->OnLoadSystemAbilitySuccess(systemAbilityId, remoteObject); + installdloadcallback->OnLoadSystemAbilitySuccess(INSTALLD_SERVICE_ID, remoteObject); + installdloadcallback->OnLoadSystemAbilityFail(systemAbilityId); + installdloadcallback->OnLoadSystemAbilityFail(INSTALLD_SERVICE_ID); + return true; +} +} + +// Fuzzer entry point. +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + // Run your code on data. + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/bmsinstalldloadcallback_fuzzer.h b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/bmsinstalldloadcallback_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..78bee7274fe4bde5e2aae5d9e4829cc340fe939b --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/bmsinstalldloadcallback_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_BMS_INSTALLD_LOAD_CALLBACK_FUZZER_H +#define TEST_FUZZTEST_BMS_INSTALLD_LOAD_CALLBACK_FUZZER_H + +#define FUZZ_PROJECT_NAME "bmsinstalldloadcallback_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/corpus/init b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..6b7212c8a6a9ee6e433ea43d0c2c2e96568ad4c4 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/corpus/init @@ -0,0 +1 @@ +FUZZ \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/project.xml b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..226522bd2ad3eaf2db4f710f1924d82d2912c235 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldloadcallback_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 10000 + + 300 + + 4096 + + diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..32b8408071f9c52da32779e466e8f5fdf5e8f643 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/BUILD.gn @@ -0,0 +1,190 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("../../../../appexecfwk.gni") +import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni") +module_output_path = fuzz_test_path + +##############################fuzztest########################################## +ohos_fuzztest("BMSInstalldPermissionMgrFuzzTest") { + fuzz_config_file = "../../../fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer" + + use_exceptions = true + module_out_path = module_output_path + include_dirs = [ + "${test_path}/fuzztest", + "${services_path}/bundlemgr/include/installd", + ] + sources = bundle_mgr_source + sources += [ + "${services_path}/bundlemgr/src/aot/aot_executor.cpp", + "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp", + "${services_path}/bundlemgr/src/installd/installd_operator.cpp", + "${services_path}/bundlemgr/src/installd/installd_service.cpp", + "${services_path}/bundlemgr/src/installd/installd_permission_mgr.cpp", + ] + + sources += bundle_install_sources + + sources += [ "bmsinstalldpermissionmgr_fuzzer.cpp" ] + + configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + deps = [ "${core_path}:appexecfwk_core" ] + deps += bundle_install_deps + + external_deps = [ + "ability_base:want", + "ability_runtime:app_manager", + "access_token:el5_filekey_manager_sdk", + "access_token:libprivacy_sdk", + "access_token:libtokenid_sdk", + "appspawn:hnpapi", + "appverify:libhapverify", + "bounds_checking_function:libsec_shared", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "hilog:libhilog", + "hitrace:hitrace_meter", + "init:libbegetutil", + "jsoncpp:jsoncpp", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + "selinux_adapter:librestorecon", + ] + external_deps += bundle_install_external_deps + + defines = [] + if (code_signature_enable) { + sources += [ + "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp", + "${services_path}/bundlemgr/src/code_sign_helper.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include" ] + external_deps += [ + "bounds_checking_function:libsec_shared", + "code_signature:libcode_sign_utils", + "ets_runtime:libcompiler_service", + ] + defines += [ "CODE_SIGNATURE_ENABLE" ] + } + + if (configpolicy_enable) { + external_deps += [ "config_policy:configpolicy_util" ] + defines += [ "CONFIG_POLOCY_ENABLE" ] + } + + if (bundle_framework_app_control) { + defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ] + sources += [ + "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include/app_control" ] + external_deps += [ "c_utils:utils" ] + } + if (current_cpu == "arm64") { + defines += [ "USE_BUNDLE_EXTENSION" ] + } + + if (build_selinux) { + external_deps += [ "selinux_adapter:libhap_restorecon" ] + } + if (account_enable) { + external_deps += [ "os_account:os_account_innerkits" ] + defines += [ "ACCOUNT_ENABLE" ] + } + if (bundle_framework_free_install) { + sources += aging + sources += free_install + sources += distributed_manager + external_deps += [ + "ability_runtime:ability_manager", + "ability_runtime:app_manager", + "battery_manager:batterysrv_client", + "device_usage_statistics:usagestatsinner", + "display_manager:displaymgr", + "power_manager:powermgr_client", + "syscap_codec:syscap_interface_shared", + ] + defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ] + } + if (global_resmgr_enable) { + defines += [ "GLOBAL_RESMGR_ENABLE" ] + external_deps += [ "resource_management:global_resmgr" ] + } + if (hicollie_enable) { + external_deps += [ "hicollie:libhicollie" ] + defines += [ "HICOLLIE_ENABLE" ] + } + + if (hisysevent_enable) { + sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ] + external_deps += [ "hisysevent:libhisysevent" ] + defines += [ "HISYSEVENT_ENABLE" ] + } + + if (bundle_framework_quick_fix) { + include_dirs += [ "${services_path}/bundlemgr/src/include/quick_fix" ] + sources += quick_fix + defines += [ "BUNDLE_FRAMEWORK_QUICK_FIX" ] + } + + if (storage_service_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + defines += [ "STORAGE_SERVICE_ENABLE" ] + } + + external_deps += [ "kv_store:distributeddata_inner" ] + configs += [ "${services_path}/bundlemgr:rdb_config" ] + external_deps += [ "relational_store:native_rdb" ] + sources += [ + "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp", + "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp", + ] + if (udmf_enabled) { + defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ] + external_deps += [ "udmf:udmf_client" ] + external_deps += [ "udmf:utd_client" ] + } + + if (user_auth_framework_impl_enabled) { + external_deps += [ "user_auth_framework:userauth_client" ] + defines += [ "BMS_USER_AUTH_FRAMEWORK_ENABLED" ] + include_dirs += [ "${services_path}/bundlemgr/include/user_auth" ] + sources += user_auth + } + + if (bms_device_info_manager_part_enabled) { + external_deps += [ + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + ] + defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ] + } +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/bmsinstalldpermissionmgr_fuzzer.cpp b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/bmsinstalldpermissionmgr_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..c7791a63c9574c7648b6c453e2b7c19ab8aa0821 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/bmsinstalldpermissionmgr_fuzzer.cpp @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#define private public +#include "installd_permission_mgr.h" +#include "bmsinstalldpermissionmgr_fuzzer.h" +#include "bms_fuzztest_util.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::BMSFuzzTestUtil; +namespace OHOS { +bool DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size) +{ + auto installdpermissionmgr = std::make_shared(); + if (installdpermissionmgr == nullptr) { + return false; + } + FuzzedDataProvider fdp(data, size); + int32_t uid = fdp.ConsumeIntegral(); + installdpermissionmgr->VerifyCallingPermission(uid); + return true; +} +} + +// Fuzzer entry point. +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + // Run your code on data. + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/bmsinstalldpermissionmgr_fuzzer.h b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/bmsinstalldpermissionmgr_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..01c8b0ffb8fc6b89a29a66b476988fd26a572a0f --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/bmsinstalldpermissionmgr_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_BMS_INSTALLD_PERMISSION_MGR_FUZZER_H +#define TEST_FUZZTEST_BMS_INSTALLD_PERMISSION_MGR_FUZZER_H + +#define FUZZ_PROJECT_NAME "bmsinstalldpermissionmgr_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/corpus/init b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..6b7212c8a6a9ee6e433ea43d0c2c2e96568ad4c4 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/corpus/init @@ -0,0 +1 @@ +FUZZ \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/project.xml b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..226522bd2ad3eaf2db4f710f1924d82d2912c235 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldpermissionmgr_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 10000 + + 300 + + 4096 + + diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/BUILD.gn new file mode 100644 index 0000000000000000000000000000000000000000..e35483d8e542277de55b196f49cec3b31201f796 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/BUILD.gn @@ -0,0 +1,187 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#####################hydra-fuzz################### +import("//build/config/features.gni") +import("//build/ohos.gni") +import("//build/test.gni") +import("../../../../appexecfwk.gni") +import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni") +module_output_path = fuzz_test_path + +##############################fuzztest########################################## +ohos_fuzztest("BMSInstalldServiceFuzzTest") { + fuzz_config_file = "../../../fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer" + + use_exceptions = true + module_out_path = module_output_path + include_dirs = [ "${test_path}/fuzztest" ] + sources = bundle_mgr_source + sources += [ + "${services_path}/bundlemgr/src/aot/aot_executor.cpp", + "${services_path}/bundlemgr/src/installd/installd_host_impl.cpp", + "${services_path}/bundlemgr/src/installd/installd_operator.cpp", + "${services_path}/bundlemgr/src/installd/installd_service.cpp", + "${services_path}/bundlemgr/src/installd/installd_permission_mgr.cpp", + ] + + sources += bundle_install_sources + + sources += [ "bmsinstalldservice_fuzzer.cpp" ] + + configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + deps = [ "${core_path}:appexecfwk_core" ] + deps += bundle_install_deps + + external_deps = [ + "ability_base:want", + "ability_runtime:app_manager", + "access_token:el5_filekey_manager_sdk", + "access_token:libprivacy_sdk", + "access_token:libtokenid_sdk", + "appspawn:hnpapi", + "appverify:libhapverify", + "bounds_checking_function:libsec_shared", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "hilog:libhilog", + "hitrace:hitrace_meter", + "init:libbegetutil", + "jsoncpp:jsoncpp", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + "selinux_adapter:librestorecon", + ] + external_deps += bundle_install_external_deps + + defines = [] + if (code_signature_enable) { + sources += [ + "${services_path}/bundlemgr/src/aot/aot_sign_data_cache_mgr.cpp", + "${services_path}/bundlemgr/src/code_sign_helper.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include" ] + external_deps += [ + "bounds_checking_function:libsec_shared", + "code_signature:libcode_sign_utils", + "ets_runtime:libcompiler_service", + ] + defines += [ "CODE_SIGNATURE_ENABLE" ] + } + + if (configpolicy_enable) { + external_deps += [ "config_policy:configpolicy_util" ] + defines += [ "CONFIG_POLOCY_ENABLE" ] + } + + if (bundle_framework_app_control) { + defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ] + sources += [ + "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include/app_control" ] + external_deps += [ "c_utils:utils" ] + } + if (current_cpu == "arm64") { + defines += [ "USE_BUNDLE_EXTENSION" ] + } + + if (build_selinux) { + external_deps += [ "selinux_adapter:libhap_restorecon" ] + } + if (account_enable) { + external_deps += [ "os_account:os_account_innerkits" ] + defines += [ "ACCOUNT_ENABLE" ] + } + if (bundle_framework_free_install) { + sources += aging + sources += free_install + sources += distributed_manager + external_deps += [ + "ability_runtime:ability_manager", + "ability_runtime:app_manager", + "battery_manager:batterysrv_client", + "device_usage_statistics:usagestatsinner", + "display_manager:displaymgr", + "power_manager:powermgr_client", + "syscap_codec:syscap_interface_shared", + ] + defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ] + } + if (global_resmgr_enable) { + defines += [ "GLOBAL_RESMGR_ENABLE" ] + external_deps += [ "resource_management:global_resmgr" ] + } + if (hicollie_enable) { + external_deps += [ "hicollie:libhicollie" ] + defines += [ "HICOLLIE_ENABLE" ] + } + + if (hisysevent_enable) { + sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ] + external_deps += [ "hisysevent:libhisysevent" ] + defines += [ "HISYSEVENT_ENABLE" ] + } + + if (bundle_framework_quick_fix) { + include_dirs += [ "${services_path}/bundlemgr/src/include/quick_fix" ] + sources += quick_fix + defines += [ "BUNDLE_FRAMEWORK_QUICK_FIX" ] + } + + if (storage_service_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + defines += [ "STORAGE_SERVICE_ENABLE" ] + } + + external_deps += [ "kv_store:distributeddata_inner" ] + configs += [ "${services_path}/bundlemgr:rdb_config" ] + external_deps += [ "relational_store:native_rdb" ] + sources += [ + "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp", + "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp", + ] + if (udmf_enabled) { + defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ] + external_deps += [ "udmf:udmf_client" ] + external_deps += [ "udmf:utd_client" ] + } + + if (user_auth_framework_impl_enabled) { + external_deps += [ "user_auth_framework:userauth_client" ] + defines += [ "BMS_USER_AUTH_FRAMEWORK_ENABLED" ] + include_dirs += [ "${services_path}/bundlemgr/include/user_auth" ] + sources += user_auth + } + + if (bms_device_info_manager_part_enabled) { + external_deps += [ + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + ] + defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ] + } +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/bmsinstalldservice_fuzzer.cpp b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/bmsinstalldservice_fuzzer.cpp new file mode 100644 index 0000000000000000000000000000000000000000..000c5a3da584ce3384e47836a5b13dad49731391 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/bmsinstalldservice_fuzzer.cpp @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#define private public +#include "installd_service.h" +#include "bmsinstalldservice_fuzzer.h" +#include "bms_fuzztest_util.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::BMSFuzzTestUtil; +namespace OHOS { +bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size) +{ + auto installdService_ = std::make_shared(); + if (installdService_ == nullptr) { + return false; + } + FuzzedDataProvider fdp(data, size); + std::string path = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + installdService_->Init(); + installdService_->InitDir(path); + installdService_->OnStart(); + installdService_->Start(); + installdService_->Stop(); + installdService_->OnStop(); + return true; +} +} + +// Fuzzer entry point. +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + // Run your code on data. + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/bmsinstalldservice_fuzzer.h b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/bmsinstalldservice_fuzzer.h new file mode 100644 index 0000000000000000000000000000000000000000..79f4147053cca3451b2d555da3bce3f0d463fbad --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/bmsinstalldservice_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_BMS_INSTALLD_SERVICE_FUZZER_H +#define TEST_FUZZTEST_BMS_INSTALLD_SERVICE_FUZZER_H + +#define FUZZ_PROJECT_NAME "bmsinstalldservice_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/corpus/init b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/corpus/init new file mode 100644 index 0000000000000000000000000000000000000000..6b7212c8a6a9ee6e433ea43d0c2c2e96568ad4c4 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/corpus/init @@ -0,0 +1 @@ +FUZZ \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/project.xml b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/project.xml new file mode 100644 index 0000000000000000000000000000000000000000..66e1dcac475475fb101b6f8670ec699e6e9696aa --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsinstalldservice_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + +