diff --git a/test/fuzztest/externalfileaccess_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccess_fuzzer/BUILD.gn index 96627b20f064872894760b622a9f3f08078ac871..12012feb945594943156e2b76533acb5c71978bc 100644 --- a/test/fuzztest/externalfileaccess_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccess_fuzzer/BUILD.gn @@ -24,10 +24,14 @@ ohos_fuzztest("ExternalFileAccessFuzzTest") { include_dirs = [ "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", "${user_file_service_path}/utils", ] - sources = [ "external_file_access_fuzzer.cpp" ] + sources = [ + "external_file_access_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] configs = [ "//build/config/compiler:exceptions" ] deps = [ diff --git a/test/fuzztest/externalfileaccess_fuzzer/external_file_access_fuzzer.cpp b/test/fuzztest/externalfileaccess_fuzzer/external_file_access_fuzzer.cpp index fcc1bfc17a97516b210e4ada89381e07033a5ca7..22c2c6f0423fc9a1f73d85e8cf2fa1cbf87bd2f2 100644 --- a/test/fuzztest/externalfileaccess_fuzzer/external_file_access_fuzzer.cpp +++ b/test/fuzztest/externalfileaccess_fuzzer/external_file_access_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2024 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -27,7 +27,7 @@ #include "file_info_shared_memory.h" #include "iservice_registry.h" #include "hilog_wrapper.h" - +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; using namespace OHOS; @@ -37,39 +37,11 @@ const int ABILITY_ID = 5003; shared_ptr g_fah = nullptr; const int UID_TRANSFORM_TMP = 20000000; const int UID_DEFAULT = 0; - -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "SetUpTestCase"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - shared_ptr GetFileAccessHelper() { if (g_fah != nullptr) { return g_fah; } - SetNativeToken(); auto saManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); if (saManager == nullptr) { return nullptr; @@ -109,7 +81,6 @@ shared_ptr GetFileAccessHelper() bool CreatorFuzzTest(const uint8_t* data, size_t size) { - SetNativeToken(); if ((data == nullptr) || (size <= 0)) { HILOG_ERROR("parameter data is nullptr or parameter size <= 0."); return false; @@ -422,6 +393,8 @@ bool GetFileInfoFromUriFuzzTest(const uint8_t* data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); /* Run your code on data */ OHOS::CreatorFuzzTest(data, size); OHOS::AccessFuzzTest(data, size); diff --git a/test/fuzztest/externalfileaccessaccess_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessaccess_fuzzer/BUILD.gn index 366750a83a4268a0af3f9c766695e0211d82e527..902cd86c85401ec2581b394a1006f985629da2c6 100644 --- a/test/fuzztest/externalfileaccessaccess_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessaccess_fuzzer/BUILD.gn @@ -22,6 +22,7 @@ ohos_fuzztest("ExternalFileAccessAccessFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -29,7 +30,10 @@ ohos_fuzztest("ExternalFileAccessAccessFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessaccess_fuzzer/externalfileaccessaccess_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessaccess_fuzzer/externalfileaccessaccess_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp" + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessaccess_fuzzer/externalfileaccessaccess_fuzzer.cpp b/test/fuzztest/externalfileaccessaccess_fuzzer/externalfileaccessaccess_fuzzer.cpp index 987c5200bd65e1ce15c3bf22ad3e84e5e3183b9e..d9e7a811a9667702b5d672129bf06d29d5b66875 100644 --- a/test/fuzztest/externalfileaccessaccess_fuzzer/externalfileaccessaccess_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessaccess_fuzzer/externalfileaccessaccess_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessAccessFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessAccessFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_ACCESS uint32_t code = 14; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessAccessFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessAccessFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccesscreatefile_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccesscreatefile_fuzzer/BUILD.gn index f4081b5942d1f57f8acaf4b3a3bc00de56b5cb7d..dd7618ca41b3d4e84d973d0d9dde22f60c639cba 100644 --- a/test/fuzztest/externalfileaccesscreatefile_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccesscreatefile_fuzzer/BUILD.gn @@ -21,6 +21,7 @@ ohos_fuzztest("ExternalFileAccessCreateFileFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -28,7 +29,10 @@ ohos_fuzztest("ExternalFileAccessCreateFileFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccesscreatefile_fuzzer/externalfileaccesscreatefile_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccesscreatefile_fuzzer/externalfileaccesscreatefile_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccesscreatefile_fuzzer/externalfileaccesscreatefile_fuzzer.cpp b/test/fuzztest/externalfileaccesscreatefile_fuzzer/externalfileaccesscreatefile_fuzzer.cpp index 9fd9100a7f72ff5fda095c9e4d060a8ff1090514..816554deb032795dbc978d693c440e73f22f7f8c 100644 --- a/test/fuzztest/externalfileaccesscreatefile_fuzzer/externalfileaccesscreatefile_fuzzer.cpp +++ b/test/fuzztest/externalfileaccesscreatefile_fuzzer/externalfileaccesscreatefile_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessCreateFileFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessCreateFileFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_CREATEILE uint32_t code = 2; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessCreateFileFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessCreateFileFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessdelete_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessdelete_fuzzer/BUILD.gn index b7716541aa8dcae603f3f328dd5c1044cee2da5c..85fdfe48facbaba887a52783372f8465e7ae5aea 100644 --- a/test/fuzztest/externalfileaccessdelete_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessdelete_fuzzer/BUILD.gn @@ -22,6 +22,7 @@ ohos_fuzztest("ExternalFileAccessDeleteFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -29,7 +30,10 @@ ohos_fuzztest("ExternalFileAccessDeleteFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessdelete_fuzzer/externalfileaccessdelete_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessdelete_fuzzer/externalfileaccessdelete_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessdelete_fuzzer/externalfileaccessdelete_fuzzer.cpp b/test/fuzztest/externalfileaccessdelete_fuzzer/externalfileaccessdelete_fuzzer.cpp index 104f85d1ff52e223ef8169193cd7a651d71b5929..d87ea6fe4628839f7bc06898445d441533f18cde 100644 --- a/test/fuzztest/externalfileaccessdelete_fuzzer/externalfileaccessdelete_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessdelete_fuzzer/externalfileaccessdelete_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessDeleteFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessDeleteFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_DELETE uint32_t code = 4; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessDeleteFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessDeleteFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/BUILD.gn index 705fdcabf1a76b00cd39652a83966cc08e800be0..e9722327b27c2024322495b6c393117322c031df 100644 --- a/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/BUILD.gn @@ -21,6 +21,7 @@ ohos_fuzztest("ExternalFileAccessGetFileInfoFromRelativePathFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -28,7 +29,10 @@ ohos_fuzztest("ExternalFileAccessGetFileInfoFromRelativePathFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/externalfileaccessgetfileinfofromrelativepath_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/externalfileaccessgetfileinfofromrelativepath_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/externalfileaccessgetfileinfofromrelativepath_fuzzer.cpp b/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/externalfileaccessgetfileinfofromrelativepath_fuzzer.cpp index eaf806c1e6fd4e336e62d436c7ea487b6193f72c..088f7095326668f026281594f8bd11ddfee67f7b 100644 --- a/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/externalfileaccessgetfileinfofromrelativepath_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessgetfileinfofromrelativepath_fuzzer/externalfileaccessgetfileinfofromrelativepath_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessGetFileInfoFromRelativePathFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessGetFileInfoFromRelativePathFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_GET_FILEINFO_FROM_RELATIVE_PATH uint32_t code = 17; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessGetFileInfoFromRelativePathFuzzTest(const uint8_t *data, /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessGetFileInfoFromRelativePathFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/BUILD.gn index f5ecec9a32a5f4a4a6aeabb7ccf7bb38fcd7d064..9df1afa96ccdd1894acbea20caf7fa46b5ae85af 100644 --- a/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/BUILD.gn @@ -21,6 +21,7 @@ ohos_fuzztest("ExternalFileAccessGetFileInfoFromUriFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -28,7 +29,10 @@ ohos_fuzztest("ExternalFileAccessGetFileInfoFromUriFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/externalfileaccessgetfileinfofromuri_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/externalfileaccessgetfileinfofromuri_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/externalfileaccessgetfileinfofromuri_fuzzer.cpp b/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/externalfileaccessgetfileinfofromuri_fuzzer.cpp index e9b05ce197e4a1f22a42a94476275e3eb4975333..2b32ec31e95643e9768003ce521ab06753cd7536 100644 --- a/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/externalfileaccessgetfileinfofromuri_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessgetfileinfofromuri_fuzzer/externalfileaccessgetfileinfofromuri_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessGetFileInfoFromUriFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessGetFileInfoFromUriFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_GET_FILEINFO_FROM_URI uint32_t code = 16; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessGetFileInfoFromUriFuzzTest(const uint8_t *data, size_t si /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessGetFileInfoFromUriFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessgetroots_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessgetroots_fuzzer/BUILD.gn index 57ee244ddcfc3254a06c595528fe3d8bd3390dc6..24f43d92f9032237c6756159ab2b877f5b2c4d32 100644 --- a/test/fuzztest/externalfileaccessgetroots_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessgetroots_fuzzer/BUILD.gn @@ -21,6 +21,7 @@ ohos_fuzztest("ExternalFileAccessGetRootsFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -28,7 +29,10 @@ ohos_fuzztest("ExternalFileAccessGetRootsFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessgetroots_fuzzer/externalfileaccessgetroots_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessgetroots_fuzzer/externalfileaccessgetroots_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessgetroots_fuzzer/externalfileaccessgetroots_fuzzer.cpp b/test/fuzztest/externalfileaccessgetroots_fuzzer/externalfileaccessgetroots_fuzzer.cpp index 5f8713a04f675495a5ca7cb5597d2218191c7bae..e5847f474350f5e93df0efbe5a19661b6ce3e12c 100644 --- a/test/fuzztest/externalfileaccessgetroots_fuzzer/externalfileaccessgetroots_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessgetroots_fuzzer/externalfileaccessgetroots_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessGetRootsFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileInterfaceFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); auto fileAccessExtAbility = FileAccessExtAbility::Create(nullptr); auto fileAccessExtAbilitySharePtr = std::shared_ptr(fileAccessExtAbility); sptr fileAccessExtStubObj(new (std::nothrow) FileAccessExtStubImpl( @@ -98,6 +72,8 @@ bool ExternalFileInterfaceFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileInterfaceFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccesslistfile_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccesslistfile_fuzzer/BUILD.gn index b09c02ec4183c0df202331c12d4713869d12324d..41c9c7500ba83b31da1ae66b8ef8b6e24a83fe00 100644 --- a/test/fuzztest/externalfileaccesslistfile_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccesslistfile_fuzzer/BUILD.gn @@ -21,6 +21,7 @@ ohos_fuzztest("ExternalFileAccessListFileFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -28,7 +29,10 @@ ohos_fuzztest("ExternalFileAccessListFileFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccesslistfile_fuzzer/externalfileaccesslistfile_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccesslistfile_fuzzer/externalfileaccesslistfile_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccesslistfile_fuzzer/externalfileaccesslistfile_fuzzer.cpp b/test/fuzztest/externalfileaccesslistfile_fuzzer/externalfileaccesslistfile_fuzzer.cpp index d109f35bef92488fca21f9aaf20cc00cab15407e..c7ba335dc2bc8db4e4fa54893a5ac181a8e4d173 100644 --- a/test/fuzztest/externalfileaccesslistfile_fuzzer/externalfileaccesslistfile_fuzzer.cpp +++ b/test/fuzztest/externalfileaccesslistfile_fuzzer/externalfileaccesslistfile_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessListFileFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessListFileFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_LISTFILE uint32_t code = 8; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessListFileFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessListFileFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessmkdir_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessmkdir_fuzzer/BUILD.gn index 0b0a42fd07e20609041bfe8300bb461026db5c6f..9341226a088ca3e08a1383d5fbb4cb2188318688 100644 --- a/test/fuzztest/externalfileaccessmkdir_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessmkdir_fuzzer/BUILD.gn @@ -22,6 +22,7 @@ ohos_fuzztest("ExternalFileAccessMkdirFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -29,7 +30,10 @@ ohos_fuzztest("ExternalFileAccessMkdirFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessmkdir_fuzzer/externalfileaccessmkdir_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessmkdir_fuzzer/externalfileaccessmkdir_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessmkdir_fuzzer/externalfileaccessmkdir_fuzzer.cpp b/test/fuzztest/externalfileaccessmkdir_fuzzer/externalfileaccessmkdir_fuzzer.cpp index fa4db3443bbfe96751926593bb379b5b2bcb3f9e..c4c5ffd57d082322796f37577d7a3778a9eb49b0 100644 --- a/test/fuzztest/externalfileaccessmkdir_fuzzer/externalfileaccessmkdir_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessmkdir_fuzzer/externalfileaccessmkdir_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessMkdirFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessMkdirFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_MKDIR uint32_t code = 3; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessMkdirFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessMkdirFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessmove_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessmove_fuzzer/BUILD.gn index e845a8ac9e066f8a55a86ee4b8b83a30a69cdfde..47d860a9ef83275d4e2a7338b0baf0874841f8d7 100644 --- a/test/fuzztest/externalfileaccessmove_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessmove_fuzzer/BUILD.gn @@ -22,6 +22,7 @@ ohos_fuzztest("ExternalFileAccessMoveFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -29,7 +30,10 @@ ohos_fuzztest("ExternalFileAccessMoveFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessmove_fuzzer/externalfileaccessmove_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessmove_fuzzer/externalfileaccessmove_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessmove_fuzzer/externalfileaccessmove_fuzzer.cpp b/test/fuzztest/externalfileaccessmove_fuzzer/externalfileaccessmove_fuzzer.cpp index 5aaf05aa0710124b405fc90014ff57e679be9eda..d0000105dea83d9bf65a0e26f2c6b5221dc0b140 100644 --- a/test/fuzztest/externalfileaccessmove_fuzzer/externalfileaccessmove_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessmove_fuzzer/externalfileaccessmove_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessMoveFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessMoveFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_MOVE uint32_t code = 5; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessMoveFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessMoveFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessopenfile_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessopenfile_fuzzer/BUILD.gn index ba64c2d079d184be2702275bf329598f82ebcc46..329bfdbf7313fb4fcdad8836b2bc4cf6434fb24d 100644 --- a/test/fuzztest/externalfileaccessopenfile_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessopenfile_fuzzer/BUILD.gn @@ -21,6 +21,7 @@ ohos_fuzztest("ExternalFileAccessOpenFileFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -28,7 +29,10 @@ ohos_fuzztest("ExternalFileAccessOpenFileFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessopenfile_fuzzer/externalfileaccessopenfile_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessopenfile_fuzzer/externalfileaccessopenfile_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessopenfile_fuzzer/externalfileaccessopenfile_fuzzer.cpp b/test/fuzztest/externalfileaccessopenfile_fuzzer/externalfileaccessopenfile_fuzzer.cpp index 8f477cb52e7a01574df113bc9cdaf2a568855d77..a1eb5b619d8666fd95f00e38ef99f13eb1629793 100644 --- a/test/fuzztest/externalfileaccessopenfile_fuzzer/externalfileaccessopenfile_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessopenfile_fuzzer/externalfileaccessopenfile_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessOpenFileFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessOpenFileFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_OPENFILE uint32_t code = 1; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessOpenFileFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessOpenFileFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessrename_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessrename_fuzzer/BUILD.gn index 2eb208d1c1bc87fd8a98f886a594f0df67686a5f..7e053deb9cb4e0ad789f774750d4768fbe0c527c 100644 --- a/test/fuzztest/externalfileaccessrename_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessrename_fuzzer/BUILD.gn @@ -22,6 +22,7 @@ ohos_fuzztest("ExternalFileAccessRenameFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -29,7 +30,10 @@ ohos_fuzztest("ExternalFileAccessRenameFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessrename_fuzzer/externalfileaccessrename_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessrename_fuzzer/externalfileaccessrename_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessrename_fuzzer/externalfileaccessrename_fuzzer.cpp b/test/fuzztest/externalfileaccessrename_fuzzer/externalfileaccessrename_fuzzer.cpp index e9a1126d0e6d88365651c9d8d324a3c24519c6c5..68039bd72e1c7e59277f9ed0851c529c8c101827 100644 --- a/test/fuzztest/externalfileaccessrename_fuzzer/externalfileaccessrename_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessrename_fuzzer/externalfileaccessrename_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessRenameFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessRenameFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_RENAME uint32_t code = 7; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessRenameFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessRenameFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/externalfileaccessscanfile_fuzzer/BUILD.gn b/test/fuzztest/externalfileaccessscanfile_fuzzer/BUILD.gn index 2f1d93f499c976ad8675d0a7344160bee7062e5c..0a1e818c0cb7e62e05e44bfd30a274d1361502d9 100644 --- a/test/fuzztest/externalfileaccessscanfile_fuzzer/BUILD.gn +++ b/test/fuzztest/externalfileaccessscanfile_fuzzer/BUILD.gn @@ -21,6 +21,7 @@ ohos_fuzztest("ExternalFileAccessScanFileFuzzTest") { include_dirs = [ "${user_file_service_path}/utils", "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] cflags = [ "-g", @@ -28,7 +29,10 @@ ohos_fuzztest("ExternalFileAccessScanFileFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/externalfileaccessscanfile_fuzzer/externalfileaccessscanfile_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/externalfileaccessscanfile_fuzzer/externalfileaccessscanfile_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/externalfileaccessscanfile_fuzzer/externalfileaccessscanfile_fuzzer.cpp b/test/fuzztest/externalfileaccessscanfile_fuzzer/externalfileaccessscanfile_fuzzer.cpp index fdc5e56d309c31cbe83fe13a56d19c05622a72cd..eaa79506ae9b1b4799a17bd3a5f52dfd756976ad 100644 --- a/test/fuzztest/externalfileaccessscanfile_fuzzer/externalfileaccessscanfile_fuzzer.cpp +++ b/test/fuzztest/externalfileaccessscanfile_fuzzer/externalfileaccessscanfile_fuzzer.cpp @@ -31,6 +31,7 @@ #include "nativetoken_kit.h" #include "token_setproc.h" #include "accesstoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,35 +39,8 @@ using namespace OHOS; using namespace FileAccessFwk; using namespace AbilityRuntime; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "ExternalFileAccessScanFileFuzzTest"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - bool ExternalFileAccessScanFileFuzzTest(const uint8_t *data, size_t size) { - SetNativeToken(); // CMD_SCANFILE uint32_t code = 9; MessageParcel datas; @@ -96,6 +70,8 @@ bool ExternalFileAccessScanFileFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); OHOS::ExternalFileAccessScanFileFuzzTest(data, size); return 0; } diff --git a/test/fuzztest/fileaccessextbaseproxy_fuzzer/BUILD.gn b/test/fuzztest/fileaccessextbaseproxy_fuzzer/BUILD.gn index c7e264b27da347458e11cfb03b02e10aab3474d3..efdebe29015999faaf1f65ac48c96941072560d3 100644 --- a/test/fuzztest/fileaccessextbaseproxy_fuzzer/BUILD.gn +++ b/test/fuzztest/fileaccessextbaseproxy_fuzzer/BUILD.gn @@ -21,6 +21,7 @@ ohos_fuzztest("FileAccessExtBaseProxyFuzzTest") { "${user_file_service_path}/test/fuzztest/fileaccessextbaseproxy_fuzzer" include_dirs = [ "${user_file_service_path}/interfaces/inner_api/file_access/include", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", "${user_file_service_path}/utils", ] cflags = [ @@ -29,7 +30,10 @@ ohos_fuzztest("FileAccessExtBaseProxyFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "fileaccessextbaseproxy_fuzzer.cpp" ] + sources = [ + "fileaccessextbaseproxy_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp" + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/fileaccessextbaseproxy_fuzzer/fileaccessextbaseproxy_fuzzer.cpp b/test/fuzztest/fileaccessextbaseproxy_fuzzer/fileaccessextbaseproxy_fuzzer.cpp index fa52bac213c28c6087a77f845c870ac22d719dc3..58e66d32be9e6b956c688badbf06b43ef175b20f 100644 --- a/test/fuzztest/fileaccessextbaseproxy_fuzzer/fileaccessextbaseproxy_fuzzer.cpp +++ b/test/fuzztest/fileaccessextbaseproxy_fuzzer/fileaccessextbaseproxy_fuzzer.cpp @@ -25,6 +25,8 @@ #include "token_setproc.h" #include "nativetoken_kit.h" +#include "user_file_service_token_mock.h" + namespace OHOS { using namespace std; using namespace FileAccessFwk; @@ -43,38 +45,11 @@ T TypeCast(const uint8_t *data, int *pos = nullptr) return *(reinterpret_cast(data)); } -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "SetUpTestCase"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - shared_ptr GetFileAccessHelper() { if (g_fah != nullptr) { return g_fah; } - SetNativeToken(); auto saManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); if (saManager == nullptr) { return nullptr; @@ -371,6 +346,8 @@ bool UrieFuzzTest(const uint8_t *data, size_t size) /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); auto helper = OHOS::GetFileAccessHelper(); if (helper == nullptr) { printf("helper is nullptr."); diff --git a/test/fuzztest/fileaccessextconnection_fuzzer/BUILD.gn b/test/fuzztest/fileaccessextconnection_fuzzer/BUILD.gn index 73d98a82617d29a27c3023a6f60ae2261f9336b3..0c029971ce1f45129797e8396dd67f7e6e17ea84 100644 --- a/test/fuzztest/fileaccessextconnection_fuzzer/BUILD.gn +++ b/test/fuzztest/fileaccessextconnection_fuzzer/BUILD.gn @@ -23,7 +23,7 @@ ohos_fuzztest("FileAccessExtConnectionFuzzTest") { "${user_file_service_path}/interfaces/inner_api/file_access/include", "${user_file_service_path}/services/native/file_access_service/include", "${user_file_service_path}/interfaces/kits/js/src/common", - "${user_file_service_path}/utils", + "${user_file_service_path}/utils" ] cflags = [ "-g", @@ -31,7 +31,9 @@ ohos_fuzztest("FileAccessExtConnectionFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/fileaccessextconnection_fuzzer/fileaccessextconnection_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/fileaccessextconnection_fuzzer/fileaccessextconnection_fuzzer.cpp" + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/fileaccessservicebaseproxy_fuzzer/BUILD.gn b/test/fuzztest/fileaccessservicebaseproxy_fuzzer/BUILD.gn index a33c004a9f391f43cac77e58c2cb816fa50261c8..6e1460406ff6c0767d3ed812eb66b1124279992d 100644 --- a/test/fuzztest/fileaccessservicebaseproxy_fuzzer/BUILD.gn +++ b/test/fuzztest/fileaccessservicebaseproxy_fuzzer/BUILD.gn @@ -25,9 +25,13 @@ ohos_fuzztest("FileAccessServiceBaseProxyFuzzTest") { include_dirs = [ "${user_file_service_path}/interfaces/inner_api/file_access/include", "${user_file_service_path}/utils", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] - sources = [ "fileaccessservicebaseproxy_fuzzer.cpp" ] + sources = [ + "fileaccessservicebaseproxy_fuzzer.cpp", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_ext_base_include", diff --git a/test/fuzztest/fileaccessservicebaseproxy_fuzzer/fileaccessservicebaseproxy_fuzzer.cpp b/test/fuzztest/fileaccessservicebaseproxy_fuzzer/fileaccessservicebaseproxy_fuzzer.cpp index e00bfcdf8181c8823ce34a4f9f0563bdefbeadbf..e02067590e8d76e53b2c6ff5a917ef03c9ab5b01 100644 --- a/test/fuzztest/fileaccessservicebaseproxy_fuzzer/fileaccessservicebaseproxy_fuzzer.cpp +++ b/test/fuzztest/fileaccessservicebaseproxy_fuzzer/fileaccessservicebaseproxy_fuzzer.cpp @@ -26,6 +26,7 @@ #include "iservice_registry.h" #include "token_setproc.h" #include "nativetoken_kit.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -45,38 +46,11 @@ T TypeCast(const uint8_t *data, int *pos = nullptr) return *(reinterpret_cast(data)); } -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "SetUpTestCase"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - shared_ptr GetFileAccessHelper() { if (g_fah != nullptr) { return g_fah; } - SetNativeToken(); auto saManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); if (saManager == nullptr) { return nullptr; @@ -120,7 +94,7 @@ public: virtual ~TestObserver() = default; int OnChange(const NotifyMessage ¬ifyMessage) override; }; - + int TestObserver::OnChange(const NotifyMessage ¬ifyMessage) { return 1; @@ -185,6 +159,8 @@ bool UnregisterNotifyNoObserverFuzzTest(sptr proxy, cons /* Fuzzer entry point */ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + OHOS::UserFileServiceTokenMock tokenMock; + tokenMock.SetFileManagerToken(); auto proxy = OHOS::FileAccessFwk::FileAccessServiceClient::GetInstance(); if (proxy == nullptr) { printf("service proxy is nullptr"); diff --git a/test/fuzztest/fileinfosharedmemory_fuzzer/BUILD.gn b/test/fuzztest/fileinfosharedmemory_fuzzer/BUILD.gn index 4dc50a83f226a647a38c52f0c35785e93b8e8008..19c5719e07b1d3c0a0892fdf658b06632f299259 100644 --- a/test/fuzztest/fileinfosharedmemory_fuzzer/BUILD.gn +++ b/test/fuzztest/fileinfosharedmemory_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -30,7 +30,9 @@ ohos_fuzztest("FileInfoSharedMemoryFuzzTest") { "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/fileinfosharedmemory_fuzzer/fileinfosharedmemory_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/fileinfosharedmemory_fuzzer/fileinfosharedmemory_fuzzer.cpp" + ] external_deps = [ "ability_base:want", diff --git a/test/fuzztest/medialibraryfileaccess_fuzzer/BUILD.gn b/test/fuzztest/medialibraryfileaccess_fuzzer/BUILD.gn index 9caf3d9bee48c6281893b732e02046094a9b01cf..17e4bc9e19486c1aade714d6a65ca05d446ee14e 100644 --- a/test/fuzztest/medialibraryfileaccess_fuzzer/BUILD.gn +++ b/test/fuzztest/medialibraryfileaccess_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2022 Huawei Device Co., Ltd. +# Copyright (c) 2022-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -25,12 +25,16 @@ ohos_fuzztest("MedialibraryFileAccessFuzzTest") { include_dirs = [ "${user_file_service_path}/interfaces/inner_api/file_access/include", "${user_file_service_path}/utils", + "${user_file_service_path}/test/fuzztest/privacy_comm/include", ] sources = [ "medialibrary_file_access_fuzzer.cpp" ] configs = [ "//build/config/compiler:exceptions" ] - deps = [ "${user_file_service_path}/interfaces/inner_api/file_access:file_access_extension_ability_kit" ] + deps = [ + "${user_file_service_path}/interfaces/inner_api/file_access:file_access_extension_ability_kit", + "${user_file_service_path}/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp", + ] external_deps = [ "ability_base:want", diff --git a/test/fuzztest/medialibraryfileaccess_fuzzer/medialibrary_file_access_fuzzer.cpp b/test/fuzztest/medialibraryfileaccess_fuzzer/medialibrary_file_access_fuzzer.cpp index 76b3b4c62696be9b4b62cc0fe6aa8ebcd529c0ab..a2f488c1207eab2d51152fd19e69411d0f76ac8f 100644 --- a/test/fuzztest/medialibraryfileaccess_fuzzer/medialibrary_file_access_fuzzer.cpp +++ b/test/fuzztest/medialibraryfileaccess_fuzzer/medialibrary_file_access_fuzzer.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022 Huawei Device Co., Ltd. + * Copyright (c) 2022-2025 Huawei Device Co., Ltd. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -27,6 +27,7 @@ #include "file_access_helper.h" #include "iservice_registry.h" #include "hilog_wrapper.h" +#include "user_file_service_token_mock.h" namespace OHOS { using namespace std; @@ -38,38 +39,11 @@ shared_ptr g_fah = nullptr; const int UID_TRANSFORM_TMP = 20000000; const int UID_DEFAULT = 0; -void SetNativeToken() -{ - uint64_t tokenId; - const char *perms[] = { - "ohos.permission.FILE_ACCESS_MANAGER", - "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", - "ohos.permission.CONNECT_FILE_ACCESS_EXTENSION" - }; - NativeTokenInfoParams infoInstance = { - .dcapsNum = 0, - .permsNum = 3, - .aclsNum = 0, - .dcaps = nullptr, - .perms = perms, - .acls = nullptr, - .aplStr = "system_core", - }; - - infoInstance.processName = "SetUpTestCase"; - tokenId = GetAccessTokenId(&infoInstance); - const uint64_t systemAppMask = (static_cast(1) << 32); - tokenId |= systemAppMask; - SetSelfTokenID(tokenId); - OHOS::Security::AccessToken::AccessTokenKit::ReloadNativeTokenInfo(); -} - shared_ptr GetFileAccessHelper() { if (g_fah != nullptr) { return g_fah; } - SetNativeToken(); auto saManager = SystemAbilityManagerClient::GetInstance().GetSystemAbilityManager(); if (saManager == nullptr) { return nullptr; @@ -124,7 +98,6 @@ bool CheckDataAndGetDownloadUri(const uint8_t* data, size_t size, shared_ptr& reqPerm, bool isSystemApp); + ~UserFileServiceTokenMock(); + void SetFileManagerToken(); +private: + int32_t AllocTestHapToken(const HapInfoParams& hapInfo, HapPolicyParams& hapPolicy, AccessTokenIDEx &tokenIdEx); + uint64_t selfTokenId_; + uint32_t mockTokenId_; +}; +} // namespace FileAccessFwk +} // namespace OHOS +#endif // USER_FILE_SERVICE_TOKEN_MOCK_H diff --git a/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp b/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp new file mode 100644 index 0000000000000000000000000000000000000000..88147538b6b61788d8d34a52d92e0f9c629b07f4 --- /dev/null +++ b/test/fuzztest/privacy_comm/src/user_file_service_token_mock.cpp @@ -0,0 +1,180 @@ +/* + * Copyright (c) 2025 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include "user_file_service_token_mock.h" + +#include +#include +#include "hilog_wrapper.h" + +using namespace OHOS::Security::AccessToken; + +namespace OHOS { +namespace FileAccessFwk { +const std::string FILE_ACCESS_PERMISSION = "ohos.permission.FILE_ACCESS_MANAGER"; +const std::string GET_BUNDLE_INFO_PRIVILEGED = "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED"; +const unsigned char FILES[] = {0x63, 0x6f, 0x6d, 0x2e, 0x68, 0x75, 0x61, 0x77, 0x65, 0x69, + 0x2e, 0x68, 0x6d, 0x6f, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x65, + 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x00}; + +const unsigned char FILEMANAGER[] = {0x63, 0x6f, 0x6d, 0x2e, 0x68, 0x75, 0x61, 0x77, 0x65, 0x69, + 0x2e, 0x68, 0x6d, 0x6f, 0x73, 0x2e, 0x66, 0x69, 0x6c, 0x65, + 0x73, 0x00}; + +std::vector requiredPermissions = { FILE_ACCESS_PERMISSION, GET_BUNDLE_INFO_PRIVILEGED }; +// 获取Native进程tokenID +static AccessTokenID GetNativeTokenIdFromProcess(const std::string &process) +{ + std::string dumpInfo; + AtmToolsParamInfo info; + info.processName = process; + AccessTokenKit::DumpTokenInfo(info, dumpInfo); + size_t pos = dumpInfo.find("\"tokenID\": "); + if (pos == std::string::npos) { + HILOG_ERROR("GetNativeTokenIdFromProcess: dumpInfo is invalid."); + return 0; + } + pos += std::string("\"tokenID\": ").length(); + std::string numStr; + while (pos < dumpInfo.length() && std::isdigit(dumpInfo[pos])) { + numStr += dumpInfo[pos]; + ++pos; + } + std::istringstream iss(numStr); + AccessTokenID tokenID; + iss >> tokenID; + return tokenID; +} + +UserFileServiceTokenMock::UserFileServiceTokenMock() +{ + selfTokenId_ = GetSelfTokenID(); + HILOG_INFO("UserFileServiceTokenMock: selfTokenId_ = 0x%{public}" PRIx64 "", selfTokenId_); +} + +UserFileServiceTokenMock::~UserFileServiceTokenMock() +{ + if (SetSelfTokenID(selfTokenId_) != 0) { + HILOG_ERROR("~UserFileServiceTokenMock SetSelfTokenID: 0x%{public}" PRIx64 " failed", selfTokenId_); + } + HILOG_INFO("~UserFileServiceTokenMock, Current tokenId = 0x%{public}" PRIx64 "", GetSelfTokenID()); +} + +void UserFileServiceTokenMock::SetFileManagerToken() +{ + std::string filesBundle(reinterpret_cast(FILES)); + std::string fileManagerBundle(reinterpret_cast(FILEMANAGER)); + if (!SetHapToken(filesBundle, requiredPermissions, true)) { + HILOG_ERROR("GetFileAccessHelper seHapToken files failed."); + if (!SetHapToken(fileManagerBundle, requiredPermissions, true)) { + HILOG_ERROR("GetFileAccessHelper seHapToken filemanager failed."); + } + } +} + +void UserFileServiceTokenMock::SetSaToken(const std::string& process) +{ + SetSelfTokenID(selfTokenId_); + uint32_t tokenId = GetNativeTokenIdFromProcess(process); + HILOG_INFO("SetSaToken, tokenId = 0x%{public}x", tokenId); + if (SetSelfTokenID(tokenId) != 0) { + HILOG_ERROR("SetSaToken SetSelfTokenID failed"); + } + HILOG_INFO("SetSaToken Current tokenId = 0x%{public}" PRIx64 "", GetSelfTokenID()); +} + +int32_t UserFileServiceTokenMock::AllocTestHapToken( + const HapInfoParams &hapInfo, HapPolicyParams &hapPolicy, AccessTokenIDEx &tokenIdEx) +{ + uint64_t selfTokenId = GetSelfTokenID(); + int ret = RET_SUCCESS; + for (auto& permissionStateFull : hapPolicy.permStateList) { + PermissionDef permDefResult; + if (AccessTokenKit::GetDefPermission(permissionStateFull.permissionName, permDefResult) != RET_SUCCESS) { + continue; + } + if (permDefResult.availableLevel > hapPolicy.apl) { + hapPolicy.aclRequestedList.emplace_back(permissionStateFull.permissionName); + } + } + if (GetNativeTokenIdFromProcess("foundation") == selfTokenId) { + HILOG_INFO("GetNativeTokenIdFromProcess called"); + ret = AccessTokenKit::InitHapToken(hapInfo, hapPolicy, tokenIdEx); + } else { + HILOG_INFO("SetSaToken called"); + // set sh token for self + SetSaToken("foundation"); + ret = AccessTokenKit::InitHapToken(hapInfo, hapPolicy, tokenIdEx); + if (ret != 0) { + HILOG_ERROR("InitHapToken failed"); + } + // restore + if (SetSelfTokenID(selfTokenId) != 0) { + HILOG_ERROR("AllocTestHapToken SetSelfTokenID failed"); + } + } + return ret; +} + +bool UserFileServiceTokenMock::SetHapToken( + const std::string& bundle, const std::vector& reqPerm, bool isSystemApp) +{ + SetSelfTokenID(selfTokenId_); + HapInfoParams infoParams = { + .userID = 0, + .bundleName = bundle, + .instIndex = 0, + .appIDDesc = "AccessTokenTestAppID", + .apiVersion = DEFAULT_API_VERSION, + .isSystemApp = isSystemApp, + .appDistributionType = "", + }; + + HapPolicyParams policyParams = { + .apl = APL_NORMAL, + .domain = "accesstoken_test_domain", + }; + for (size_t i = 0; i < reqPerm.size(); ++i) { + PermissionDef permDefResult; + if (AccessTokenKit::GetDefPermission(reqPerm[i], permDefResult) != RET_SUCCESS) { + continue; + } + PermissionStateFull permState = { + .permissionName = reqPerm[i], + .isGeneral = true, + .resDeviceID = {"local3"}, + .grantStatus = {PermissionState::PERMISSION_DENIED}, + .grantFlags = {PermissionFlag::PERMISSION_DEFAULT_FLAG} + }; + policyParams.permStateList.emplace_back(permState); + if (permDefResult.availableLevel > policyParams.apl) { + policyParams.aclRequestedList.emplace_back(reqPerm[i]); + } + } + + AccessTokenIDEx tokenIdEx = { 0 }; + AllocTestHapToken(infoParams, policyParams, tokenIdEx); + mockTokenId_ = tokenIdEx.tokenIdExStruct.tokenID; + if (mockTokenId_ == INVALID_TOKENID) { + HILOG_ERROR("SetHapToken AllocTestHapToken failed"); + return false; + } + if (SetSelfTokenID(tokenIdEx.tokenIDEx) != 0) { + HILOG_ERROR("SetHapToken SetSelfTokenID failed"); + return false; + } + return true; +} +} // namespace FileAccessFwk +} // namespace OHOS \ No newline at end of file diff --git a/test/fuzztest/useraccesscommonutils_fuzzer/BUILD.gn b/test/fuzztest/useraccesscommonutils_fuzzer/BUILD.gn index 9e7679bd6f04c617df7a4aa5b9ed0e439d3602a7..b81280946e12f66ad14c71d707a3a591c2d1e217 100644 --- a/test/fuzztest/useraccesscommonutils_fuzzer/BUILD.gn +++ b/test/fuzztest/useraccesscommonutils_fuzzer/BUILD.gn @@ -1,4 +1,4 @@ -# Copyright (c) 2024 Huawei Device Co., Ltd. +# Copyright (c) 2024-2025 Huawei Device Co., Ltd. # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -19,14 +19,18 @@ ohos_fuzztest("UserAccessCommonUtilsFuzzTest") { module_out_path = "user_file_service/user_file_service" fuzz_config_file = "${user_file_service_path}/test/fuzztest/useraccesscommonutils_fuzzer" - include_dirs = [ "${user_file_service_path}/utils" ] + include_dirs = [ + "${user_file_service_path}/utils" + ] cflags = [ "-g", "-O0", "-Wno-unused-variable", "-fno-omit-frame-pointer", ] - sources = [ "${user_file_service_path}/test/fuzztest/useraccesscommonutils_fuzzer/useraccesscommonutils_fuzzer.cpp" ] + sources = [ + "${user_file_service_path}/test/fuzztest/useraccesscommonutils_fuzzer/useraccesscommonutils_fuzzer.cpp" + ] external_deps = [ "c_utils:utils",