1 files changed, 35 insertions, 2 deletions

diff --git a/libs/binder/fuzzer/binder.cpp b/libs/binder/fuzzer/binder.cpp
index 1aabfe6907..f678f4c912 100644
--- a/libs/binder/fuzzer/binder.cpp
+++ b/libs/binder/fuzzer/binder.cpp
@@ -37,6 +37,29 @@ private:
     int64_t mExampleUsedData = 0;
 };
 
+struct ExampleFlattenable : public android::Flattenable<ExampleFlattenable> {
+public:
+    size_t getFlattenedSize() const { return sizeof(mValue); }
+    size_t getFdCount() const { return 0; }
+    status_t flatten(void*& /*buffer*/, size_t& /*size*/, int*& /*fds*/, size_t& /*count*/) const {
+        FUZZ_LOG() << "should not reach";
+        abort();
+    }
+    status_t unflatten(void const*& buffer, size_t& size, int const*& /*fds*/, size_t& /*count*/) {
+        if (size < sizeof(mValue)) {
+            return android::NO_MEMORY;
+        }
+        android::FlattenableUtils::read(buffer, size, mValue);
+        return android::OK;
+    }
+private:
+    int32_t mValue = 0xFEEDBEEF;
+};
+
+struct ExampleLightFlattenable : public android::LightFlattenablePod<ExampleLightFlattenable> {
+    int32_t mValue = 0;
+};
+
 #define PARCEL_READ_WITH_STATUS(T, FUN) \
     [] (const ::android::Parcel& p, uint8_t /*data*/) {\
         FUZZ_LOG() << "about to read " #T " using " #FUN " with status";\
@@ -173,8 +196,18 @@ std::vector<ParcelRead<::android::Parcel>> BINDER_PARCEL_READ_FUNCTIONS {
     // PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<std::unique_ptr<std::string>>>, readUtf8VectorFromUtf16Vector),
     // PARCEL_READ_WITH_STATUS(std::vector<std::string>, readUtf8VectorFromUtf16Vector),
 
-    // TODO: read(Flattenable<T>)
-    // TODO: read(LightFlattenable<T>)
+    [] (const android::Parcel& p, uint8_t /*len*/) {
+        FUZZ_LOG() << "about to read flattenable";
+        ExampleFlattenable f;
+        status_t status = p.read(f);
+        FUZZ_LOG() << "read flattenable: " << status;
+    },
+    [] (const android::Parcel& p, uint8_t /*len*/) {
+        FUZZ_LOG() << "about to read lite flattenable";
+        ExampleLightFlattenable f;
+        status_t status = p.read(f);
+        FUZZ_LOG() << "read lite flattenable: " << status;
+    },
 
     // TODO(b/131868573): can force read of arbitrarily sized vector
     // TODO: resizeOutVector