commit 910968de36b314ccd702aaf0e8f92f403cd4c352
author Michael Ensing <michael.ensing@leviathansecurity.com> Sun Jul 19 17:19:31 2020 -0700
committer Ayushi Khopkar <akhopkar@google.com> Tue Aug 30 10:29:45 2022 +0000
tree 1749082266a03f04059f640c1afb25a1006cb142
parent b8d9326f7586f47d7771c7d1e7bafd35d1b6c82e

Add inputflinger blockingQueue/classifier fuzzers

This CL aims to add libfuzzer fuzzers to inputflinger, to test the
BlockingQueue and InputClassifier objects.

Test: Each fuzzer was tested on a Pixel 3a for a few million
      iterations to ensure stability. Executions/sec average about
      500 for the BlockingQueue fuzzer, and ~2000-2500 for the
      InputClassifier fuzzers.
Signed-off-by: Michael Ensing <michael.ensing@leviathansecurity.com>
Change-Id: If48e5ddbe3066800da88216882ffbbf417dc0d2c

services/inputflinger/tests/fuzzers/Android.bp

diff --git a/services/inputflinger/tests/fuzzers/Android.bp b/services/inputflinger/tests/fuzzers/Android.bp
index a53db00..05755ac 100644
--- a/services/inputflinger/tests/fuzzers/Android.bp
+++ b/services/inputflinger/tests/fuzzers/Android.bp
@@ -57,6 +57,7 @@
     ],
     shared_libs: [
         "android.hardware.input.classifier@1.0",
+        "android.hardware.input.processor-V1-ndk",
         "libbase",
         "libbinder",
         "libcutils",
@@ -117,3 +118,23 @@
         "SwitchInputFuzzer.cpp",
     ],
 }
+
+cc_fuzz {
+    name: "inputflinger_blocking_queue_fuzzer",
+    defaults: [
+        "inputflinger_fuzz_defaults",
+    ],
+    srcs: [
+        "BlockingQueueFuzzer.cpp",
+    ],
+}
+
+cc_fuzz {
+    name: "inputflinger_input_classifier_fuzzer",
+    defaults: [
+        "inputflinger_fuzz_defaults",
+    ],
+    srcs: [
+        "InputClassifierFuzzer.cpp",
+    ],
+}