From 7db7c67480152b43658e1ae0f0a67806b6209928 Mon Sep 17 00:00:00 2001 From: Jeongik Cha Date: Sat, 17 Oct 2020 01:18:33 +0900 Subject: Supplement fuzzer with testcase for ParcelableHolder and related NDK API Test: run binder_parcel_fuzzer on host and check if there isn't error for mintues. Bug: 146611855 Change-Id: I2d6945fe62f9ba43404d906aad8ebde2f600a397 --- libs/binder/parcel_fuzzer/binder_ndk.cpp | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/libs/binder/parcel_fuzzer/binder_ndk.cpp b/libs/binder/parcel_fuzzer/binder_ndk.cpp index 29da8f7537..008780cb2e 100644 --- a/libs/binder/parcel_fuzzer/binder_ndk.cpp +++ b/libs/binder/parcel_fuzzer/binder_ndk.cpp @@ -18,6 +18,7 @@ #include "binder_ndk.h" #include +#include #include "util.h" @@ -54,6 +55,25 @@ std::vector> BINDER_NDK_PARCEL_READ_FUNCTIONS{ binder_status_t status = AParcel_readStatusHeader(p.aParcel(), t.getR()); FUZZ_LOG() << "read status header: " << status; }, + [](const NdkParcelAdapter& p, uint8_t /*data*/) { + FUZZ_LOG() << "about to getDataSize the parcel"; + AParcel_getDataSize(p.aParcel()); + FUZZ_LOG() << "getDataSize done"; + }, + [](const NdkParcelAdapter& p, uint8_t data) { + FUZZ_LOG() << "about to read a ParcelableHolder"; + ndk::AParcelableHolder ph {(data % 2 == 1) ? ndk::STABILITY_LOCAL : ndk::STABILITY_VINTF}; + binder_status_t status = AParcel_readParcelable(p.aParcel(), &ph); + FUZZ_LOG() << "read the ParcelableHolder: " << status; + }, + [](const NdkParcelAdapter& p, uint8_t data) { + FUZZ_LOG() << "about to appendFrom"; + AParcel* parcel = AParcel_create(); + binder_status_t status = AParcel_appendFrom(p.aParcel(), parcel, 0, data); + AParcel_delete(parcel); + FUZZ_LOG() << "appendFrom: " << status; + }, + PARCEL_READ(int32_t, AParcel_readInt32), PARCEL_READ(uint32_t, AParcel_readUint32), PARCEL_READ(int64_t, AParcel_readInt64), -- cgit v1.2.3-59-g8ed1b