Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 238f8351202e230692abb7e0e11356433aad6a79^! / .
commit238f8351202e230692abb7e0e11356433aad6a79[log] [tgz]
authorPawan Wagh <waghpawan@google.com>Sat Feb 11 01:01:12 2023 +0000
committerPawan Wagh <waghpawan@google.com>Sat Feb 11 01:15:11 2023 +0000
treee0dacdc35060e96a10a530e483ef4985630f8f94
parent9fe9eed821a69c05814567c7040ec0313890c309 [diff]
Adding AIDL fuzzer for AuthorizationManager

Bug: 232439428
Test: m authorization_service_fuzzer && adb sync && adb shell /data/fuzz/arm64/authorization_service_fuzzer/authorization_service_fuzzer
Change-Id: I867dcb5da9dac98d6cb324dead3742ddd608506b

diff --git a/keystore2/src/fuzzers/Android.bp b/keystore2/src/fuzzers/Android.bp
index 3adb922..9a2d98d 100644
--- a/keystore2/src/fuzzers/Android.bp
+++ b/keystore2/src/fuzzers/Android.bp

@@ -37,3 +37,30 @@
         componentid: 155276,
     },
 }
+
+
+rust_fuzz {
+    name: "authorization_service_fuzzer",
+    srcs: ["aidl-fuzzers/authorization_service_fuzzer.rs"],
+    rustlibs: [
+        "libkeystore2",
+        "libkeystore2_crypto_rust",
+        "libkeystore2_vintf_rust",
+        "libkeystore2_aaid-rust",
+        "libkeystore2_apc_compat-rust",
+        "libkeystore2_selinux",
+        "libbinder_rs",
+        "libbinder_random_parcel_rs",
+    ],
+    fuzz_config: {
+        fuzz_on_haiku_device: true,
+        fuzz_on_haiku_host: false,
+        cc: [
+            "android-media-fuzzing-reports@google.com",
+            "smoreland@google.com",
+            "waghpawan@google.com"
+        ],
+        // Adds bugs to hotlist "AIDL fuzzers bugs" on buganizer
+        hotlists: ["4637097"],
+    },
+}

diff --git a/keystore2/src/fuzzers/aidl-fuzzers/authorization_service_fuzzer.rs b/keystore2/src/fuzzers/aidl-fuzzers/authorization_service_fuzzer.rs
new file mode 100644
index 0000000..c1b2098
--- /dev/null
+++ b/keystore2/src/fuzzers/aidl-fuzzers/authorization_service_fuzzer.rs

@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#![allow(missing_docs)]
+#![no_main]
+#[macro_use]
+extern crate libfuzzer_sys;
+
+use binder_random_parcel_rs::fuzz_service;
+use keystore2::authorization::AuthorizationManager;
+
+fuzz_target!(|data: &[u8]| {
+    let authorization_service = AuthorizationManager::new_native_binder().unwrap_or_else(|e| {
+        panic!("Failed to create android.security.authorization service because of {:?}", e);
+    });
+    fuzz_service(&mut authorization_service.as_binder(), data);
+});