1 /* 2 * Copyright (C) 2023 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #include <fuzzbinder/libbinder_driver.h> 18 19 #include <binderwrapper/binder_wrapper.h> 20 21 #include "update_engine/aosp/daemon_android.h" 22 #include "update_engine/aosp/daemon_state_android.h" 23 24 using chromeos_update_engine::BinderUpdateEngineAndroidService; 25 using chromeos_update_engine::BinderUpdateEngineAndroidStableService; 26 using chromeos_update_engine::DaemonStateAndroid; 27 28 using android::fuzzService; 29 using android::sp; 30 LLVMFuzzerTestOneInput(const uint8_t * data,size_t size)31extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { 32 android::BinderWrapper::Create(); 33 34 brillo::BaseMessageLoop message_loop_; 35 message_loop_.SetAsCurrent(); 36 37 auto daemonStateAndroid = std::make_unique<DaemonStateAndroid>(); 38 daemonStateAndroid->Initialize(); 39 40 auto binderService = sp<BinderUpdateEngineAndroidService>::make( 41 daemonStateAndroid->service_delegate()); 42 auto stableBinderService = sp<BinderUpdateEngineAndroidStableService>::make( 43 daemonStateAndroid->service_delegate()); 44 // TODO(b/287253479) - Add seed corpus/dicts for this fuzzer which has valid 45 // urls 46 fuzzService({binderService, stableBinderService}, 47 FuzzedDataProvider(data, size)); 48 49 android::BinderWrapper::Destroy(); 50 return 0; 51 } 52