tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

trusty: Fuzzer for Confirmationui TA

Browse source 
Note: We need to add Confirmationui TA into
TRUSTY_BUILTIN_USER_TASKS to run the fuzzer.

Bug: 174402999
Bug: 171750250
Test: /data/fuzz/arm64/trusty_confirmationui_fuzzer/trusty_confirmationui_fuzzer
Change-Id: I22769782ded05eeedeb111f7537b5ba76e98ce73
This commit is contained in:
Wenhao Wang 2020-11-28 17:29:12 -08:00
parent f28a60413c
commit 0124a59fe4
2 changed files with 71 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
trusty/confirmationui/fuzz/Android.bp Normal file
View file

@ -0,0 +1,19 @@
// Copyright (C) 2020 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
cc_fuzz {
name: "trusty_confirmationui_fuzzer",
defaults: ["trusty_fuzzer_defaults"],
srcs: ["fuzz.cpp"],
}

52
trusty/confirmationui/fuzz/fuzz.cpp Normal file
View file

@ -0,0 +1,52 @@
/*
* Copyright (C) 2020 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#undef NDEBUG
#include <assert.h>
#include <log/log.h>
#include <stdlib.h>
#include <trusty/fuzz/utils.h>
#include <unistd.h>
using android::trusty::fuzz::TrustyApp;
#define TIPC_DEV "/dev/trusty-ipc-dev0"
#define CONFIRMATIONUI_PORT "com.android.trusty.confirmationui"
extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
static uint8_t buf[TIPC_MAX_MSG_SIZE];
TrustyApp ta(TIPC_DEV, CONFIRMATIONUI_PORT);
auto ret = ta.Connect();
if (!ret.ok()) {
android::trusty::fuzz::Abort();
}
/* Send message to confirmationui server */
ret = ta.Write(data, size);
if (!ret.ok()) {
return -1;
}
/* Read message from confirmationui server */
ret = ta.Read(&buf, sizeof(buf));
if (!ret.ok()) {
return -1;
}
return 0;
}