diff --git a/bundle.json b/bundle.json index 5a06d612aa69fe7e7ed2d560f9fe5db087e24987..38eae89f74b536216751266b00ad00b574de3b6b 100644 --- a/bundle.json +++ b/bundle.json @@ -68,7 +68,8 @@ "test": [ "//base/security/certificate_manager/test:unittest", "//base/security/certificate_manager/test:module_test", - "//base/security/certificate_manager/test:permission_test" + "//base/security/certificate_manager/test:permission_test", + "//base/security/certificate_manager/test/fuzz_test:fuzztest" ] } } diff --git a/test/fuzz_test/BUILD.gn b/test/fuzz_test/BUILD.gn new file mode 100755 index 0000000000000000000000000000000000000000..d4f6aff38da0324912116b1dfe8c063a80a0c36e --- /dev/null +++ b/test/fuzz_test/BUILD.gn @@ -0,0 +1,26 @@ +# Copyright (C) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/test.gni") + +#################################group######################################### +group("fuzztest") { + testonly = true + if (os_level == "standard") { + deps = [ + "//base/security/certificate_manager/test/fuzz_test/cmgetcertinfo_fuzzer:fuzztest", + "//base/security/certificate_manager/test/fuzz_test/cmgetcertlist_fuzzer:fuzztest", + "//base/security/certificate_manager/test/fuzz_test/cmsetcertstatus_fuzzer:fuzztest", + ] + } +} diff --git a/test/fuzz_test/cmgetcertinfo_fuzzer/BUILD.gn b/test/fuzz_test/cmgetcertinfo_fuzzer/BUILD.gn new file mode 100755 index 0000000000000000000000000000000000000000..acdef5e631a09022967f18d2995d5048e1c62fe9 --- /dev/null +++ b/test/fuzz_test/cmgetcertinfo_fuzzer/BUILD.gn @@ -0,0 +1,62 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") + +module_output_path = "cert_manager_standard/cert_manager_standard_test" + +##############################fuzztest########################################## +ohos_fuzztest("CmGetCertInfoFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = + "//base/security/certificate_manager/test/fuzz_test/cmgetcertinfo_fuzzer" + + include_dirs = [ + "//base/security/access_token/interfaces/innerkits/token_setproc/include", + "//base/security/access_token/interfaces/innerkits/nativetoken/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/certificate_manager/frameworks/cert_manager_standard/main/common/include", + "//base/security/certificate_manager/test/unittest/include", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "//base/security/certificate_manager/test/unittest/src/cm_test_common.cpp", + "cmgetcertinfo_fuzzer.cpp", + ] + deps = [ + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", + "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", + "//base/security/certificate_manager/interfaces/innerkits/cert_manager_standard/main:cert_manager_sdk", + "//base/security/certificate_manager/test/fuzz_test/fuzz_test_common:libcert_manager_fuzz_test_common_static", + ] + external_deps = [ "c_utils:utils" ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + + deps += [ + # deps file + ":CmGetCertInfoFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzz_test/cmgetcertinfo_fuzzer/cmgetcertinfo_fuzzer.cpp b/test/fuzz_test/cmgetcertinfo_fuzzer/cmgetcertinfo_fuzzer.cpp new file mode 100755 index 0000000000000000000000000000000000000000..921ecaa7c1c4050bb31bda542d2f528f71c54b3b --- /dev/null +++ b/test/fuzz_test/cmgetcertinfo_fuzzer/cmgetcertinfo_fuzzer.cpp @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cmgetcertinfo_fuzzer.h" + +#include "cert_manager_api.h" +#include "cm_fuzz_test_common.h" +#include "cm_test_common.h" + +namespace OHOS { + bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size) + { + uint32_t minSize = sizeof(struct CmBlob) + sizeof(uint32_t) + sizeof(struct CertInfo); + uint8_t *myData; + if (!DupMyData(data, size, minSize, &myData)) { + return false; + } + + uint32_t remainSize = static_cast(size); + uint32_t offset = 0; + struct CmBlob sysCertUri = { 0, nullptr }; + if (!GetCmBlobFromBuffer(myData, &remainSize, &offset, &sysCertUri)) { + CmFree(myData); + return false; + } + + uint32_t store; + if (!GetUintFromBuffer(myData, &remainSize, &offset, &store)) { + CmFree(myData); + return false; + } + + struct CertInfo sysCertInfo; + if (!GetCertInfoFromBuffer(myData, &remainSize, &offset, &sysCertInfo)) { + CmFree(myData); + return false; + } + + CertmanagerTest::SetATPermission(); + (void)CmGetCertInfo(&sysCertUri, store, &sysCertInfo); + + CmFree(myData); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} diff --git a/test/fuzz_test/cmgetcertinfo_fuzzer/cmgetcertinfo_fuzzer.h b/test/fuzz_test/cmgetcertinfo_fuzzer/cmgetcertinfo_fuzzer.h new file mode 100755 index 0000000000000000000000000000000000000000..7c60e5f39525b272ef6ce5e29fcbc5c34b5233b2 --- /dev/null +++ b/test/fuzz_test/cmgetcertinfo_fuzzer/cmgetcertinfo_fuzzer.h @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZ_PROJECT_NAME +#define FUZZ_PROJECT_NAME "cmgetcertinfo_fuzzer" +#endif diff --git a/test/fuzz_test/cmgetcertinfo_fuzzer/corpus/init b/test/fuzz_test/cmgetcertinfo_fuzzer/corpus/init new file mode 100755 index 0000000000000000000000000000000000000000..1c6cd97a6d25dea7d7a5311f1eddd5c9c67116b5 --- /dev/null +++ b/test/fuzz_test/cmgetcertinfo_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzz_test/cmgetcertinfo_fuzzer/project.xml b/test/fuzz_test/cmgetcertinfo_fuzzer/project.xml new file mode 100755 index 0000000000000000000000000000000000000000..6e8ad2cfde8f8bda4beb6cabbe7efd8bc3c54eec --- /dev/null +++ b/test/fuzz_test/cmgetcertinfo_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzz_test/cmgetcertlist_fuzzer/BUILD.gn b/test/fuzz_test/cmgetcertlist_fuzzer/BUILD.gn new file mode 100755 index 0000000000000000000000000000000000000000..59e37a90b45dada06c29dbc7533b8e704728340f --- /dev/null +++ b/test/fuzz_test/cmgetcertlist_fuzzer/BUILD.gn @@ -0,0 +1,62 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") + +module_output_path = "cert_manager_standard/cert_manager_standard_test" + +##############################fuzztest########################################## +ohos_fuzztest("CmGetCertListFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = + "//base/security/certificate_manager/test/fuzz_test/cmgetcertlist_fuzzer" + + include_dirs = [ + "//base/security/access_token/interfaces/innerkits/token_setproc/include", + "//base/security/access_token/interfaces/innerkits/nativetoken/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/certificate_manager/frameworks/cert_manager_standard/main/common/include", + "//base/security/certificate_manager/test/unittest/include", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "//base/security/certificate_manager/test/unittest/src/cm_test_common.cpp", + "cmgetcertlist_fuzzer.cpp", + ] + deps = [ + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", + "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", + "//base/security/certificate_manager/interfaces/innerkits/cert_manager_standard/main:cert_manager_sdk", + "//base/security/certificate_manager/test/fuzz_test/fuzz_test_common:libcert_manager_fuzz_test_common_static", + ] + external_deps = [ "c_utils:utils" ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + + deps += [ + # deps file + ":CmGetCertListFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzz_test/cmgetcertlist_fuzzer/cmgetcertlist_fuzzer.cpp b/test/fuzz_test/cmgetcertlist_fuzzer/cmgetcertlist_fuzzer.cpp new file mode 100755 index 0000000000000000000000000000000000000000..70b361ca69dcc7e88b54c604ce3d17a5270ddc92 --- /dev/null +++ b/test/fuzz_test/cmgetcertlist_fuzzer/cmgetcertlist_fuzzer.cpp @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cmgetcertlist_fuzzer.h" + +#include "cert_manager_api.h" +#include "cm_fuzz_test_common.h" +#include "cm_test_common.h" + +namespace OHOS { + bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size) + { + uint32_t minSize = sizeof(uint32_t) + sizeof(struct CertList); + uint8_t *myData; + if (!DupMyData(data, size, minSize, &myData)) { + return false; + } + + uint32_t remainSize = static_cast(size); + uint32_t offset = 0; + uint32_t sysStore; + if (!GetUintFromBuffer(myData, &remainSize, &offset, &sysStore)) { + CmFree(myData); + return false; + } + + struct CertList sysCertList = { 0, nullptr }; + if (!GetCertListFromBuffer(myData, &remainSize, &offset, &sysCertList)) { + CmFree(myData); + return false; + } + + CertmanagerTest::SetATPermission(); + (void)CmGetCertList(sysStore, &sysCertList); + + CmFree(myData); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} diff --git a/test/fuzz_test/cmgetcertlist_fuzzer/cmgetcertlist_fuzzer.h b/test/fuzz_test/cmgetcertlist_fuzzer/cmgetcertlist_fuzzer.h new file mode 100755 index 0000000000000000000000000000000000000000..b79c6fcb372f8188d1716a1545ad27da96b335f5 --- /dev/null +++ b/test/fuzz_test/cmgetcertlist_fuzzer/cmgetcertlist_fuzzer.h @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZ_PROJECT_NAME +#define FUZZ_PROJECT_NAME "cmgetcertlist_fuzzer" +#endif diff --git a/test/fuzz_test/cmgetcertlist_fuzzer/corpus/init b/test/fuzz_test/cmgetcertlist_fuzzer/corpus/init new file mode 100755 index 0000000000000000000000000000000000000000..1c6cd97a6d25dea7d7a5311f1eddd5c9c67116b5 --- /dev/null +++ b/test/fuzz_test/cmgetcertlist_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzz_test/cmgetcertlist_fuzzer/project.xml b/test/fuzz_test/cmgetcertlist_fuzzer/project.xml new file mode 100755 index 0000000000000000000000000000000000000000..6e8ad2cfde8f8bda4beb6cabbe7efd8bc3c54eec --- /dev/null +++ b/test/fuzz_test/cmgetcertlist_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzz_test/cmsetcertstatus_fuzzer/BUILD.gn b/test/fuzz_test/cmsetcertstatus_fuzzer/BUILD.gn new file mode 100755 index 0000000000000000000000000000000000000000..5b7918303fbef30ff40f67294562cb6f7a243936 --- /dev/null +++ b/test/fuzz_test/cmsetcertstatus_fuzzer/BUILD.gn @@ -0,0 +1,61 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/config/features.gni") +import("//build/test.gni") + +module_output_path = "cert_manager_standard/cert_manager_standard_test" + +##############################fuzztest########################################## +ohos_fuzztest("CmSetCertStatusFuzzTest") { + module_out_path = module_output_path + fuzz_config_file = "//base/security/certificate_manager/test/fuzz_test/cmsetcertstatus_fuzzer" + + include_dirs = [ + "//base/security/access_token/interfaces/innerkits/token_setproc/include", + "//base/security/access_token/interfaces/innerkits/nativetoken/include", + "//base/security/access_token/interfaces/innerkits/accesstoken/include", + "//base/security/certificate_manager/frameworks/cert_manager_standard/main/common/include", + "//base/security/certificate_manager/test/unittest/include", + ] + cflags = [ + "-g", + "-O0", + "-Wno-unused-variable", + "-fno-omit-frame-pointer", + ] + sources = [ + "//base/security/certificate_manager/test/unittest/src/cm_test_common.cpp", + "cmsetcertstatus_fuzzer.cpp", + ] + deps = [ + "//base/security/access_token/interfaces/innerkits/accesstoken:libaccesstoken_sdk", + "//base/security/access_token/interfaces/innerkits/nativetoken:libnativetoken", + "//base/security/access_token/interfaces/innerkits/token_setproc:libtoken_setproc", + "//base/security/certificate_manager/interfaces/innerkits/cert_manager_standard/main:cert_manager_sdk", + "//base/security/certificate_manager/test/fuzz_test/fuzz_test_common:libcert_manager_fuzz_test_common_static", + ] + external_deps = [ "c_utils:utils" ] +} + +############################################################################### +group("fuzztest") { + testonly = true + deps = [] + + deps += [ + # deps file + ":CmSetCertStatusFuzzTest", + ] +} +############################################################################### diff --git a/test/fuzz_test/cmsetcertstatus_fuzzer/cmsetcertstatus_fuzzer.cpp b/test/fuzz_test/cmsetcertstatus_fuzzer/cmsetcertstatus_fuzzer.cpp new file mode 100755 index 0000000000000000000000000000000000000000..42ca31c610e316ecc31c8b68200d3975fbde88e6 --- /dev/null +++ b/test/fuzz_test/cmsetcertstatus_fuzzer/cmsetcertstatus_fuzzer.cpp @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cmsetcertstatus_fuzzer.h" + +#include "cert_manager_api.h" +#include "cm_fuzz_test_common.h" +#include "cm_test_common.h" + +namespace OHOS { + bool DoSomethingInterestingWithMyAPI(const uint8_t* data, size_t size) + { + uint32_t minSize = sizeof(struct CmBlob) + sizeof(uint32_t) + sizeof(bool); + uint8_t *myData; + if (!DupMyData(data, size, minSize, &myData)) { + return false; + } + + uint32_t remainSize = static_cast(size); + uint32_t offset = 0; + + struct CmBlob sysCertUri = { 0, nullptr }; + if (!GetCmBlobFromBuffer(myData, &remainSize, &offset, &sysCertUri)) { + CmFree(myData); + return false; + } + + uint32_t store; + if (!GetUintFromBuffer(myData, &remainSize, &offset, &store)) { + CmFree(myData); + return false; + } + + if (remainSize < sizeof(bool)) { + CmFree(myData); + return false; + } + bool status = *(reinterpret_cast(myData + offset)); + + CertmanagerTest::SetATPermission(); + (void)CmSetCertStatus(&sysCertUri, store, status); + CmFree(myData); + return true; + } +} + +/* Fuzzer entry point */ +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) +{ + /* Run your code on data */ + OHOS::DoSomethingInterestingWithMyAPI(data, size); + return 0; +} diff --git a/test/fuzz_test/cmsetcertstatus_fuzzer/cmsetcertstatus_fuzzer.h b/test/fuzz_test/cmsetcertstatus_fuzzer/cmsetcertstatus_fuzzer.h new file mode 100755 index 0000000000000000000000000000000000000000..ec3ce39dfbf035dfb3389e6cc2421101b02bb5fb --- /dev/null +++ b/test/fuzz_test/cmsetcertstatus_fuzzer/cmsetcertstatus_fuzzer.h @@ -0,0 +1,18 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef FUZZ_PROJECT_NAME +#define FUZZ_PROJECT_NAME "cmsetcertstatus_fuzzer" +#endif diff --git a/test/fuzz_test/cmsetcertstatus_fuzzer/corpus/init b/test/fuzz_test/cmsetcertstatus_fuzzer/corpus/init new file mode 100755 index 0000000000000000000000000000000000000000..1c6cd97a6d25dea7d7a5311f1eddd5c9c67116b5 --- /dev/null +++ b/test/fuzz_test/cmsetcertstatus_fuzzer/corpus/init @@ -0,0 +1,13 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +FUZZ \ No newline at end of file diff --git a/test/fuzz_test/cmsetcertstatus_fuzzer/project.xml b/test/fuzz_test/cmsetcertstatus_fuzzer/project.xml new file mode 100755 index 0000000000000000000000000000000000000000..6e8ad2cfde8f8bda4beb6cabbe7efd8bc3c54eec --- /dev/null +++ b/test/fuzz_test/cmsetcertstatus_fuzzer/project.xml @@ -0,0 +1,25 @@ + + + + + + 1000 + + 300 + + 4096 + + diff --git a/test/fuzz_test/fuzz_test_common/BUILD.gn b/test/fuzz_test/fuzz_test_common/BUILD.gn new file mode 100755 index 0000000000000000000000000000000000000000..11ba55a82a0525ae1a1e7bc3e5329787ac3eedd4 --- /dev/null +++ b/test/fuzz_test/fuzz_test_common/BUILD.gn @@ -0,0 +1,37 @@ +# Copyright (c) 2022 Huawei Device Co., Ltd. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import("//build/ohos.gni") + +config("cert_manager_config") { + include_dirs = [ "include" ] +} + +ohos_static_library("libcert_manager_fuzz_test_common_static") { + subsystem_name = "security" + part_name = "certificate_manager" + public_configs = [ ":cert_manager_config" ] + include_dirs = [ "//base/security/certificate_manager/frameworks/cert_manager_standard/main/common/include" ] + sources = [ "src/cm_fuzz_test_common.cpp" ] + cflags_cc = [ + "-Wall", + "-Werror", + ] + defines = [ + "L2_STANDARD", + "_CM_LOG_ENABLE_", + ] + deps = [ "//base/security/certificate_manager/frameworks/cert_manager_standard/main/common:libcert_manager_common_standard_static" ] + external_deps = [ "c_utils:utils" ] + complete_static_lib = true +} diff --git a/test/fuzz_test/fuzz_test_common/include/cm_fuzz_test_common.h b/test/fuzz_test/fuzz_test_common/include/cm_fuzz_test_common.h new file mode 100755 index 0000000000000000000000000000000000000000..f2095b6811de057464277df409b7b65086d76d64 --- /dev/null +++ b/test/fuzz_test/fuzz_test_common/include/cm_fuzz_test_common.h @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef CM_FUZZ_TEST_COMMON_H +#define CM_FUZZ_TEST_COMMON_H + +#include "cm_mem.h" +#include "cm_type.h" +#include "securec.h" + +bool GetUintFromBuffer(uint8_t *srcData, uint32_t *remSize, uint32_t *offset, uint32_t *outVal); + +bool GetCmBlobFromBuffer(uint8_t *srcData, uint32_t *remSize, uint32_t *offset, struct CmBlob *outBlob); + +bool GetCertListFromBuffer(uint8_t *srcData, uint32_t *remSize, uint32_t *offset, struct CertList *outList); + +bool GetCertInfoFromBuffer(uint8_t *srcData, uint32_t *remSize, uint32_t *offset, struct CertInfo *outInfo); + +bool DupMyData(const uint8_t *data, const size_t size, const uint32_t minSize, uint8_t **myData); + +#endif /* CM_FUZZ_TEST_COMMON_H */ \ No newline at end of file diff --git a/test/fuzz_test/fuzz_test_common/src/cm_fuzz_test_common.cpp b/test/fuzz_test/fuzz_test_common/src/cm_fuzz_test_common.cpp new file mode 100755 index 0000000000000000000000000000000000000000..1fcbf0574c94015abb033029738c7071631ff0a9 --- /dev/null +++ b/test/fuzz_test/fuzz_test_common/src/cm_fuzz_test_common.cpp @@ -0,0 +1,93 @@ +/* + * Copyright (c) 2022 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "cm_fuzz_test_common.h" + +bool GetUintFromBuffer(uint8_t *srcData, uint32_t *remSize, uint32_t *offset, uint32_t *outVal) +{ + if (*remSize < sizeof(uint32_t)) { + return false; + } + + *outVal = *(reinterpret_cast(srcData + *offset)); + *remSize -= sizeof(uint32_t); + *offset += sizeof(uint32_t); + + return true; +} + +bool GetCmBlobFromBuffer(uint8_t *srcData, uint32_t *remSize, uint32_t *offset, struct CmBlob *outBlob) +{ + if (GetUintFromBuffer(srcData, remSize, offset, &(outBlob->size)) != true) { + return false; + } + + if (*remSize < outBlob->size) { + return false; + } + outBlob->data = srcData + *offset; + *remSize -= outBlob->size; + *offset += outBlob->size; + + return true; +} + +bool GetCertListFromBuffer(uint8_t *srcData, uint32_t *remSize, uint32_t *offset, struct CertList *outList) +{ + if (GetUintFromBuffer(srcData, remSize, offset, &(outList->certsCount)) != true) { + return false; + } + + if (outList->certsCount > (*remSize / sizeof(struct CertAbstract))) { + return false; + } + outList->certAbstract = reinterpret_cast(srcData + *offset); + + return true; +} + +bool GetCertInfoFromBuffer(uint8_t *srcData, uint32_t *remSize, uint32_t *offset, struct CertInfo *outInfo) +{ + if (*remSize < sizeof(struct CertInfo)) { + return false; + } + + outInfo = reinterpret_cast(srcData + *offset); + *remSize -= sizeof(struct CertInfo); + *offset += sizeof(struct CertInfo); + + if (*remSize < outInfo->certInfo.size) { + return false; + } + + outInfo->certInfo.data = const_cast(srcData + *offset); + return true; +} + +bool DupMyData(const uint8_t *data, const size_t size, const uint32_t minSize, uint8_t **myData) +{ + if (data == nullptr|| static_cast(size) < minSize) { + return false; + } + + uint8_t *tempData = static_cast(CmMalloc(sizeof(uint8_t) * size)); + if (tempData == nullptr) { + return false; + } + (void)memcpy_s(tempData, size, data, size); + + *myData = tempData; + return true; +} \ No newline at end of file diff --git a/test/unittest/src/cm_test_common.cpp b/test/unittest/src/cm_test_common.cpp index 5b178ebd7371519589dd6d6b6ed0ed139639b469..bf36654d27cf78e12949d6027c7cac90b89fd5db 100644 --- a/test/unittest/src/cm_test_common.cpp +++ b/test/unittest/src/cm_test_common.cpp @@ -15,8 +15,6 @@ #include "cm_test_common.h" -#include - #include "cert_manager_api.h" #include "cm_cert_data.h" @@ -27,7 +25,6 @@ #include "nativetoken_kit.h" #include "token_setproc.h" -using namespace testing::ext; namespace CertmanagerTest { void SetATPermission(void) {