From f299547b30e193fdde66c27003650e2eabdd8b52 Mon Sep 17 00:00:00 2001 From: zhaogan Date: Tue, 8 Jul 2025 16:55:56 +0800 Subject: [PATCH] fuzz6 Signed-off-by: zhaogan --- test/fuzztest/fuzztest_bundlemanager/BUILD.gn | 3 + .../BUILD.gn | 153 ++++++++++++++++++ .../bmsbasebundleinstallerpartone_fuzzer.cpp | 74 +++++++++ .../bmsbasebundleinstallerpartone_fuzzer.h | 21 +++ .../corpus/init | 1 + .../project.xml | 25 +++ .../BUILD.gn | 153 ++++++++++++++++++ ...bmsbasebundleinstallerpartthree_fuzzer.cpp | 83 ++++++++++ .../bmsbasebundleinstallerpartthree_fuzzer.h | 21 +++ .../corpus/init | 1 + .../project.xml | 25 +++ .../BUILD.gn | 153 ++++++++++++++++++ .../bmsbasebundleinstallerparttwo_fuzzer.cpp | 71 ++++++++ .../bmsbasebundleinstallerparttwo_fuzzer.h | 21 +++ .../corpus/init | 1 + .../project.xml | 25 +++ 16 files changed, 831 insertions(+) create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/BUILD.gn create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/bmsbasebundleinstallerpartone_fuzzer.cpp create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/bmsbasebundleinstallerpartone_fuzzer.h create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/corpus/init create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/project.xml create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/BUILD.gn create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/bmsbasebundleinstallerpartthree_fuzzer.cpp create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/bmsbasebundleinstallerpartthree_fuzzer.h create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/corpus/init create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/project.xml create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/BUILD.gn create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/bmsbasebundleinstallerparttwo_fuzzer.cpp create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/bmsbasebundleinstallerparttwo_fuzzer.h create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/corpus/init create mode 100644 test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/project.xml diff --git a/test/fuzztest/fuzztest_bundlemanager/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/BUILD.gn index 37085130e3..7abe747338 100644 --- a/test/fuzztest/fuzztest_bundlemanager/BUILD.gn +++ b/test/fuzztest/fuzztest_bundlemanager/BUILD.gn @@ -40,6 +40,9 @@ group("bundlemanagerfuzztest") { "bmsappservicefwkinstallerprocessnativelibrary_fuzzer:BMSAppServiceFwkInstallerProcessNativeLibraryFuzzTest", "bmsbundlecloneinstaller_fuzzer:BmsBundleCloneInstallerFuzzTest", "bmsapplicationinfofromjson_fuzzer:BMSApplicationInfoFromJsonFuzzTest", + "bmsbasebundleinstallerpartone_fuzzer:BMSBaseBundleInstallerPartOneFuzzTest", + "bmsbasebundleinstallerpartthree_fuzzer:BMSBaseBundleInstallerPartThreeFuzzTest", + "bmsbasebundleinstallerparttwo_fuzzer:BMSBaseBundleInstallerPartTwoFuzzTest", "bmsbundlefileutil_fuzzer:BMSBundleFileUtilFuzzTest", "bmsbundleinfo_fuzzer:BMSBundleInfoFuzzTest", "bmsbundleinstallerhost_fuzzer:BMSBundleInstallerHostFuzzTest", diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/BUILD.gn new file mode 100644 index 0000000000..273e002e5f --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/BUILD.gn @@ -0,0 +1,153 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") +import("../../../../appexecfwk.gni") +import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni") + +module_output_path = fuzz_test_path + +ohos_fuzztest("BMSBaseBundleInstallerPartOneFuzzTest") { + fuzz_config_file = "../../../fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer" + use_exceptions = true + module_out_path = module_output_path + include_dirs = [ "${test_path}/fuzztest" ] + sources = bundle_mgr_source + sources += bundle_install_sources + + sources += [ "bmsbasebundleinstallerpartone_fuzzer.cpp" ] + + configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + deps = [ "${core_path}:appexecfwk_core" ] + + deps += bundle_install_deps + + external_deps = [ + "ability_base:want", + "ability_runtime:app_manager", + "access_token:el5_filekey_manager_sdk", + "access_token:libprivacy_sdk", + "access_token:libtokenid_sdk", + "appverify:libhapverify", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "hilog:libhilog", + "hitrace:hitrace_meter", + "init:libbegetutil", + "jsoncpp:jsoncpp", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + "selinux_adapter:librestorecon", + ] + external_deps += bundle_install_external_deps + if (bundle_framework_graphics) { + external_deps += [ "image_framework:image_native" ] + } + defines = [] + if (configpolicy_enable) { + external_deps += [ "config_policy:configpolicy_util" ] + defines += [ "CONFIG_POLOCY_ENABLE" ] + } + + if (build_selinux) { + external_deps += [ "selinux_adapter:libhap_restorecon" ] + } + + if (account_enable) { + external_deps += [ "os_account:os_account_innerkits" ] + defines += [ "ACCOUNT_ENABLE" ] + } + + if (bundle_framework_free_install) { + sources += aging + sources += free_install + sources += distributed_manager + external_deps += [ + "ability_runtime:ability_manager", + "ability_runtime:app_manager", + "battery_manager:batterysrv_client", + "device_usage_statistics:usagestatsinner", + "display_manager:displaymgr", + "power_manager:powermgr_client", + "syscap_codec:syscap_interface_shared", + ] + defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ] + } + if (hicollie_enable) { + external_deps += [ "hicollie:libhicollie" ] + defines += [ "HICOLLIE_ENABLE" ] + } + if (global_resmgr_enable) { + defines += [ "GLOBAL_RESMGR_ENABLE" ] + external_deps += [ "resource_management:global_resmgr" ] + } + + if (hisysevent_enable) { + sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ] + external_deps += [ "hisysevent:libhisysevent" ] + defines += [ "HISYSEVENT_ENABLE" ] + } + + if (storage_service_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + defines += [ "STORAGE_SERVICE_ENABLE" ] + } + + configs += [ "${services_path}/bundlemgr:rdb_config" ] + external_deps += [ "relational_store:native_rdb" ] + sources += [ + "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp", + "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp", + ] + if (bundle_framework_app_control) { + defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ] + sources += [ + "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include/app_control" ] + external_deps += [ "c_utils:utils" ] + } + if (udmf_enabled) { + defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ] + external_deps += [ "udmf:udmf_client" ] + external_deps += [ "udmf:utd_client" ] + } + + if (user_auth_framework_impl_enabled) { + external_deps += [ "user_auth_framework:userauth_client" ] + defines += [ "BMS_USER_AUTH_FRAMEWORK_ENABLED" ] + include_dirs += [ "${services_path}/bundlemgr/include/user_auth" ] + sources += user_auth + } + + if (bms_device_info_manager_part_enabled) { + external_deps += [ + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + ] + defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ] + } +} diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/bmsbasebundleinstallerpartone_fuzzer.cpp b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/bmsbasebundleinstallerpartone_fuzzer.cpp new file mode 100644 index 0000000000..70927a2f28 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/bmsbasebundleinstallerpartone_fuzzer.cpp @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#define private public +#define protected public +#include +#include +#include + +#include "bmsbasebundleinstallerpartone_fuzzer.h" +#include "bms_fuzztest_util.h" +#include "base_bundle_installer.h" +#include "securec.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::BMSFuzzTestUtil; +namespace OHOS { +bool DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size) +{ + BaseBundleInstaller basebundleinstall; + FuzzedDataProvider fdp(data, size); + std::vector bundlePaths = GenerateStringArray(fdp); + InstallParam installParam; + GenerateInstallParam(fdp, installParam); + std::vector hapVerifyRes; + basebundleinstall.CheckMultipleHapsSignInfo(bundlePaths, installParam, hapVerifyRes); + basebundleinstall.CheckSysCap(bundlePaths); + + InnerBundleInfo info; + info.baseApplicationInfo_ = std::make_shared(); + info.baseApplicationInfo_->removable = fdp.ConsumeBool(); + info.uninstallState_ = fdp.ConsumeBool(); + info.baseApplicationInfo_->bundleType = + static_cast(fdp.ConsumeIntegralInRange(0, CODE_MAX_FOUR)); + std::string bundleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + basebundleinstall.CheckUninstallInnerBundleInfo(info, bundleName); + basebundleinstall.CreateBundleAndDataDir(info); + std::string modulePath = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + basebundleinstall.ExtractModule(info, modulePath); + std::string targetSoPath = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + std::string cpuAbi = fdp.ConsumeBool() ? "X86" : "ARM64"; + basebundleinstall.ExtractModuleFiles(info, modulePath, targetSoPath, cpuAbi); + + std::unordered_map newInfos; + newInfos.emplace(bundleName, info); + int32_t uid = fdp.ConsumeIntegral(); + basebundleinstall.InnerProcessBundleInstall(newInfos, info, installParam, uid); + basebundleinstall.InnerProcessInstallByPreInstallInfo(bundleName, installParam, uid); + + Constants::AppType appType = Constants::AppType::SYSTEM_APP; + basebundleinstall.InstallBundle(bundlePaths, installParam, appType); + basebundleinstall.InstallBundleByBundleName(bundleName, installParam); + return true; +} +} + +// Fuzzer entry point. +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/bmsbasebundleinstallerpartone_fuzzer.h b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/bmsbasebundleinstallerpartone_fuzzer.h new file mode 100644 index 0000000000..355b9186bb --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/bmsbasebundleinstallerpartone_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_BASEBUNDLEINSTALLER_PARTONE_FUZZER_H +#define TEST_FUZZTEST_BASEBUNDLEINSTALLER_PARTONE_FUZZER_H + +#define FUZZ_PROJECT_NAME "bmsbasebundleinstallerpartone_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/corpus/init b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/corpus/init new file mode 100644 index 0000000000..6b7212c8a6 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/corpus/init @@ -0,0 +1 @@ +FUZZ \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/project.xml b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/project.xml new file mode 100644 index 0000000000..93837373f3 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartone_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 10000 + + 300 + + 4096 + + diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/BUILD.gn new file mode 100644 index 0000000000..93fb4f555b --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/BUILD.gn @@ -0,0 +1,153 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") +import("../../../../appexecfwk.gni") +import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni") + +module_output_path = fuzz_test_path + +ohos_fuzztest("BMSBaseBundleInstallerPartThreeFuzzTest") { + fuzz_config_file = "../../../fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer" + use_exceptions = true + module_out_path = module_output_path + include_dirs = [ "${test_path}/fuzztest" ] + sources = bundle_mgr_source + sources += bundle_install_sources + + sources += [ "bmsbasebundleinstallerpartthree_fuzzer.cpp" ] + + configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + deps = [ "${core_path}:appexecfwk_core" ] + + deps += bundle_install_deps + + external_deps = [ + "ability_base:want", + "ability_runtime:app_manager", + "access_token:el5_filekey_manager_sdk", + "access_token:libprivacy_sdk", + "access_token:libtokenid_sdk", + "appverify:libhapverify", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "hilog:libhilog", + "hitrace:hitrace_meter", + "init:libbegetutil", + "jsoncpp:jsoncpp", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + "selinux_adapter:librestorecon", + ] + external_deps += bundle_install_external_deps + if (bundle_framework_graphics) { + external_deps += [ "image_framework:image_native" ] + } + defines = [] + if (configpolicy_enable) { + external_deps += [ "config_policy:configpolicy_util" ] + defines += [ "CONFIG_POLOCY_ENABLE" ] + } + + if (build_selinux) { + external_deps += [ "selinux_adapter:libhap_restorecon" ] + } + + if (account_enable) { + external_deps += [ "os_account:os_account_innerkits" ] + defines += [ "ACCOUNT_ENABLE" ] + } + + if (bundle_framework_free_install) { + sources += aging + sources += free_install + sources += distributed_manager + external_deps += [ + "ability_runtime:ability_manager", + "ability_runtime:app_manager", + "battery_manager:batterysrv_client", + "device_usage_statistics:usagestatsinner", + "display_manager:displaymgr", + "power_manager:powermgr_client", + "syscap_codec:syscap_interface_shared", + ] + defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ] + } + if (hicollie_enable) { + external_deps += [ "hicollie:libhicollie" ] + defines += [ "HICOLLIE_ENABLE" ] + } + if (global_resmgr_enable) { + defines += [ "GLOBAL_RESMGR_ENABLE" ] + external_deps += [ "resource_management:global_resmgr" ] + } + + if (hisysevent_enable) { + sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ] + external_deps += [ "hisysevent:libhisysevent" ] + defines += [ "HISYSEVENT_ENABLE" ] + } + + if (storage_service_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + defines += [ "STORAGE_SERVICE_ENABLE" ] + } + + configs += [ "${services_path}/bundlemgr:rdb_config" ] + external_deps += [ "relational_store:native_rdb" ] + sources += [ + "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp", + "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp", + ] + if (bundle_framework_app_control) { + defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ] + sources += [ + "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include/app_control" ] + external_deps += [ "c_utils:utils" ] + } + if (udmf_enabled) { + defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ] + external_deps += [ "udmf:udmf_client" ] + external_deps += [ "udmf:utd_client" ] + } + + if (user_auth_framework_impl_enabled) { + external_deps += [ "user_auth_framework:userauth_client" ] + defines += [ "BMS_USER_AUTH_FRAMEWORK_ENABLED" ] + include_dirs += [ "${services_path}/bundlemgr/include/user_auth" ] + sources += user_auth + } + + if (bms_device_info_manager_part_enabled) { + external_deps += [ + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + ] + defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ] + } +} diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/bmsbasebundleinstallerpartthree_fuzzer.cpp b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/bmsbasebundleinstallerpartthree_fuzzer.cpp new file mode 100644 index 0000000000..b1a45fae51 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/bmsbasebundleinstallerpartthree_fuzzer.cpp @@ -0,0 +1,83 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#define private public +#define protected public +#include +#include +#include + +#include "bmsbasebundleinstallerpartthree_fuzzer.h" +#include "bms_fuzztest_util.h" +#include "base_bundle_installer.h" +#include "securec.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::BMSFuzzTestUtil; +namespace OHOS { +bool DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size) +{ + BaseBundleInstaller basebundleinstall; + FuzzedDataProvider fdp(data, size); + InstallParam installParam; + GenerateInstallParam(fdp, installParam); + InnerBundleInfo info; + info.baseApplicationInfo_ = std::make_shared(); + info.baseApplicationInfo_->removable = fdp.ConsumeBool(); + info.uninstallState_ = fdp.ConsumeBool(); + info.baseApplicationInfo_->bundleType = + static_cast(fdp.ConsumeIntegralInRange(0, CODE_MAX_FOUR)); + std::string bundleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + std::string modulePath = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + std::unordered_map newInfos; + newInfos.emplace(bundleName, info); + int32_t uid = fdp.ConsumeIntegral(); + std::string modulePackage = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + + basebundleinstall.ProcessBundleUninstall(bundleName, installParam, uid); + basebundleinstall.ProcessBundleUninstall(bundleName, modulePackage, installParam, uid); + int32_t userId = fdp.ConsumeIntegral(); + basebundleinstall.ProcessBundleUnInstallNative(info, userId, bundleName); + + InnerBundleInfo newInfo; + bool isReplace = fdp.ConsumeBool(); + basebundleinstall.ProcessBundleUpdateStatus(info, newInfo, isReplace); + basebundleinstall.ProcessInstallBundleByBundleName(bundleName, installParam, uid); + basebundleinstall.ProcessModuleUpdate(newInfo, info, isReplace); + basebundleinstall.ProcessRecover(bundleName, installParam, uid); + basebundleinstall.Recover(bundleName, installParam); + + bool isKeepData = fdp.ConsumeBool(); + basebundleinstall.RemoveBundleAndDataDir(info, isKeepData); + basebundleinstall.RemoveBundle(info, isReplace); + basebundleinstall.RemoveModuleAndDataDir(info, modulePackage, userId, isKeepData); + basebundleinstall.RemoveModuleDir(modulePath); + basebundleinstall.RenameModuleDir(info); + std::string checkResultMsg = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + basebundleinstall.SetCheckResultMsg(checkResultMsg); + basebundleinstall.UninstallBundle(bundleName, installParam); + UninstallParam uninstallParam; + basebundleinstall.UninstallBundleByUninstallParam(uninstallParam); + basebundleinstall.UninstallBundle(bundleName, modulePackage, installParam); + return true; +} +} + +// Fuzzer entry point. +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/bmsbasebundleinstallerpartthree_fuzzer.h b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/bmsbasebundleinstallerpartthree_fuzzer.h new file mode 100644 index 0000000000..cbd0ba20ab --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/bmsbasebundleinstallerpartthree_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_BASEBUNDLEINSTALLER_PARTTHREE_FUZZER_H +#define TEST_FUZZTEST_BASEBUNDLEINSTALLER_PARTTHREE_FUZZER_H + +#define FUZZ_PROJECT_NAME "bmsbasebundleinstallerpartthree_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/corpus/init b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/corpus/init new file mode 100644 index 0000000000..6b7212c8a6 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/corpus/init @@ -0,0 +1 @@ +FUZZ \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/project.xml b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/project.xml new file mode 100644 index 0000000000..93837373f3 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerpartthree_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 10000 + + 300 + + 4096 + + diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/BUILD.gn b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/BUILD.gn new file mode 100644 index 0000000000..6252095507 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/BUILD.gn @@ -0,0 +1,153 @@ +# Copyright (c) 2025 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") +import("../../../../appexecfwk.gni") +import("../../../../services/bundlemgr/appexecfwk_bundlemgr.gni") + +module_output_path = fuzz_test_path + +ohos_fuzztest("BMSBaseBundleInstallerPartTwoFuzzTest") { + fuzz_config_file = "../../../fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer" + use_exceptions = true + module_out_path = module_output_path + include_dirs = [ "${test_path}/fuzztest" ] + sources = bundle_mgr_source + sources += bundle_install_sources + + sources += [ "bmsbasebundleinstallerparttwo_fuzzer.cpp" ] + + configs = [ "${services_path}/bundlemgr/test:bundlemgr_test_config" ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + + deps = [ "${core_path}:appexecfwk_core" ] + + deps += bundle_install_deps + + external_deps = [ + "ability_base:want", + "ability_runtime:app_manager", + "access_token:el5_filekey_manager_sdk", + "access_token:libprivacy_sdk", + "access_token:libtokenid_sdk", + "appverify:libhapverify", + "common_event_service:cesfwk_innerkits", + "eventhandler:libeventhandler", + "hilog:libhilog", + "hitrace:hitrace_meter", + "init:libbegetutil", + "jsoncpp:jsoncpp", + "safwk:system_ability_fwk", + "samgr:samgr_proxy", + "selinux_adapter:librestorecon", + ] + external_deps += bundle_install_external_deps + if (bundle_framework_graphics) { + external_deps += [ "image_framework:image_native" ] + } + defines = [] + if (configpolicy_enable) { + external_deps += [ "config_policy:configpolicy_util" ] + defines += [ "CONFIG_POLOCY_ENABLE" ] + } + + if (build_selinux) { + external_deps += [ "selinux_adapter:libhap_restorecon" ] + } + + if (account_enable) { + external_deps += [ "os_account:os_account_innerkits" ] + defines += [ "ACCOUNT_ENABLE" ] + } + + if (bundle_framework_free_install) { + sources += aging + sources += free_install + sources += distributed_manager + external_deps += [ + "ability_runtime:ability_manager", + "ability_runtime:app_manager", + "battery_manager:batterysrv_client", + "device_usage_statistics:usagestatsinner", + "display_manager:displaymgr", + "power_manager:powermgr_client", + "syscap_codec:syscap_interface_shared", + ] + defines += [ "BUNDLE_FRAMEWORK_FREE_INSTALL" ] + } + if (hicollie_enable) { + external_deps += [ "hicollie:libhicollie" ] + defines += [ "HICOLLIE_ENABLE" ] + } + if (global_resmgr_enable) { + defines += [ "GLOBAL_RESMGR_ENABLE" ] + external_deps += [ "resource_management:global_resmgr" ] + } + + if (hisysevent_enable) { + sources += [ "${services_path}/bundlemgr/src/inner_event_report.cpp" ] + external_deps += [ "hisysevent:libhisysevent" ] + defines += [ "HISYSEVENT_ENABLE" ] + } + + if (storage_service_enable) { + external_deps += [ "storage_service:storage_manager_sa_proxy" ] + defines += [ "STORAGE_SERVICE_ENABLE" ] + } + + configs += [ "${services_path}/bundlemgr:rdb_config" ] + external_deps += [ "relational_store:native_rdb" ] + sources += [ + "${services_path}/bundlemgr/src/bundle_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/preinstall_data_storage_rdb.cpp", + "${services_path}/bundlemgr/src/rdb/bms_rdb_open_callback.cpp", + "${services_path}/bundlemgr/src/rdb/rdb_data_manager.cpp", + ] + if (bundle_framework_app_control) { + defines += [ "BUNDLE_FRAMEWORK_APP_CONTROL" ] + sources += [ + "${services_path}/bundlemgr/src/app_control/app_control_manager.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_host_impl.cpp", + "${services_path}/bundlemgr/src/app_control/app_control_manager_rdb.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_event_subscriber.cpp", + "${services_path}/bundlemgr/src/app_control/app_jump_interceptor_manager_rdb.cpp", + ] + include_dirs += [ "${services_path}/bundlemgr/include/app_control" ] + external_deps += [ "c_utils:utils" ] + } + if (udmf_enabled) { + defines += [ "BUNDLE_FRAMEWORK_UDMF_ENABLED" ] + external_deps += [ "udmf:udmf_client" ] + external_deps += [ "udmf:utd_client" ] + } + + if (user_auth_framework_impl_enabled) { + external_deps += [ "user_auth_framework:userauth_client" ] + defines += [ "BMS_USER_AUTH_FRAMEWORK_ENABLED" ] + include_dirs += [ "${services_path}/bundlemgr/include/user_auth" ] + sources += user_auth + } + + if (bms_device_info_manager_part_enabled) { + external_deps += [ + "device_info_manager:distributed_device_profile_common", + "device_info_manager:distributed_device_profile_sdk", + ] + defines += [ "BMS_DEVICE_INFO_MANAGER_ENABLE" ] + } +} diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/bmsbasebundleinstallerparttwo_fuzzer.cpp b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/bmsbasebundleinstallerparttwo_fuzzer.cpp new file mode 100644 index 0000000000..27a4244e07 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/bmsbasebundleinstallerparttwo_fuzzer.cpp @@ -0,0 +1,71 @@ +/* + * Copyright (c) 2024 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#define private public +#define protected public +#include +#include +#include + +#include "bmsbasebundleinstallerparttwo_fuzzer.h" +#include "bms_fuzztest_util.h" +#include "base_bundle_installer.h" +#include "securec.h" + +using namespace OHOS::AppExecFwk; +using namespace OHOS::AppExecFwk::BMSFuzzTestUtil; +namespace OHOS { +bool DoSomethingInterestingWithMyAPI(const uint8_t *data, size_t size) +{ + BaseBundleInstaller basebundleinstall; + FuzzedDataProvider fdp(data, size); + std::vector bundlePaths = GenerateStringArray(fdp); + InstallParam installParam; + GenerateInstallParam(fdp, installParam); + std::vector hapVerifyRes; + InnerBundleInfo info; + info.baseApplicationInfo_ = std::make_shared(); + info.baseApplicationInfo_->removable = fdp.ConsumeBool(); + info.uninstallState_ = fdp.ConsumeBool(); + info.baseApplicationInfo_->bundleType = + static_cast(fdp.ConsumeIntegralInRange(0, CODE_MAX_FOUR)); + std::string bundleName = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + std::string modulePath = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + std::string targetSoPath = fdp.ConsumeRandomLengthString(STRING_MAX_LENGTH); + std::string cpuAbi = fdp.ConsumeBool() ? "X86" : "ARM64"; + std::unordered_map newInfos; + newInfos.emplace(bundleName, info); + int32_t uid = fdp.ConsumeIntegral(); + + Constants::AppType appType = static_cast(fdp.ConsumeIntegralInRange(0, CODE_MAX_TWO)); + basebundleinstall.InstallBundle(bundlePaths, installParam, appType); + basebundleinstall.SetCallingUid(uid); + bool isBootScene = fdp.ConsumeBool(); + basebundleinstall.MarkPreBundleSyeEventBootTag(isBootScene); + basebundleinstall.ProcessBundleInstall(bundlePaths, installParam, appType, uid); + + int32_t userId = GenerateRandomUser(fdp); + basebundleinstall.ProcessBundleInstallNative(info, userId); + basebundleinstall.ProcessBundleInstallStatus(info, uid); + return true; +} +} + +// Fuzzer entry point. +extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) +{ + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/bmsbasebundleinstallerparttwo_fuzzer.h b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/bmsbasebundleinstallerparttwo_fuzzer.h new file mode 100644 index 0000000000..aa1f7c392f --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/bmsbasebundleinstallerparttwo_fuzzer.h @@ -0,0 +1,21 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef TEST_FUZZTEST_BASEBUNDLEINSTALLER_PARTTWO_FUZZER_H +#define TEST_FUZZTEST_BASEBUNDLEINSTALLER_PARTTWO_FUZZER_H + +#define FUZZ_PROJECT_NAME "bmsbasebundleinstallerparttwo_fuzzer" + +#endif \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/corpus/init b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/corpus/init new file mode 100644 index 0000000000..6b7212c8a6 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/corpus/init @@ -0,0 +1 @@ +FUZZ \ No newline at end of file diff --git a/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/project.xml b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/project.xml new file mode 100644 index 0000000000..93837373f3 --- /dev/null +++ b/test/fuzztest/fuzztest_bundlemanager/bmsbasebundleinstallerparttwo_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 10000 + + 300 + + 4096 + + -- Gitee