Adding fuzzer for Suspend Service
Test: m suspend_service_fuzzer && adb sync data && adb shell /data/fuzz/x86_64/suspend_service_fuzzer/suspend_service_fuzzer
Bug: 232439428
Change-Id: I4d66948859034fb2804154db51b89b6fe2641e98
diff --git a/suspend/1.0/default/Android.bp b/suspend/1.0/default/Android.bp
index 83dadb9..389aa20 100644
--- a/suspend/1.0/default/Android.bp
+++ b/suspend/1.0/default/Android.bp
@@ -42,15 +42,12 @@
],
}
-cc_binary {
- name: "android.system.suspend-service",
- relative_install_path: "hw",
+cc_defaults {
+ name: "android.system.suspend-service_defaults",
defaults: [
"system_suspend_defaults",
"system_suspend_stats_defaults",
],
- init_rc: ["android.system.suspend-service.rc"],
- vintf_fragments: ["android.system.suspend-service.xml"],
shared_libs: [
"android.system.suspend-V1-ndk",
"android.system.suspend.control-V1-cpp",
@@ -59,7 +56,6 @@
"libSuspendProperties",
],
srcs: [
- "main.cpp",
"SuspendControlService.cpp",
"SystemSuspend.cpp",
"SystemSuspendHidl.cpp",
@@ -69,6 +65,19 @@
],
}
+cc_binary {
+ name: "android.system.suspend-service",
+ relative_install_path: "hw",
+ defaults: [
+ "android.system.suspend-service_defaults",
+ ],
+ init_rc: ["android.system.suspend-service.rc"],
+ vintf_fragments: ["android.system.suspend-service.xml"],
+ srcs: [
+ "main.cpp",
+ ],
+}
+
// Unit tests for ISystemSuspend implementation.
// Do *NOT* use for compliance with *TS.
cc_test {
@@ -147,3 +156,32 @@
srcs: ["SuspendProperties.sysprop"],
property_owner: "Platform",
}
+
+cc_defaults {
+ name: "suspend_fuzzer_defaults",
+ defaults: [
+ "service_fuzzer_defaults",
+ "fuzzer_disable_leaks",
+ "android.system.suspend-service_defaults",
+ ],
+ static_libs: [
+ "liblog",
+ ],
+ fuzz_config: {
+ cc: [
+ "kaleshsingh@google.com",
+ ],
+ triage_assignee: "waghpawan@google.com",
+ },
+ include_dirs: ["system/hardware/interfaces/suspend/1.0/default/"],
+}
+
+cc_fuzz {
+ name: "suspend_service_fuzzer",
+ defaults: [
+ "suspend_fuzzer_defaults",
+ ],
+ srcs: [
+ "fuzzers/SuspendServiceFuzzer.cpp",
+ ],
+}
diff --git a/suspend/1.0/default/fuzzers/SuspendServiceFuzzer.cpp b/suspend/1.0/default/fuzzers/SuspendServiceFuzzer.cpp
new file mode 100644
index 0000000..4ed52db
--- /dev/null
+++ b/suspend/1.0/default/fuzzers/SuspendServiceFuzzer.cpp
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <fuzzbinder/libbinder_driver.h>
+
+#include "SuspendControlService.h"
+
+using ::android::fuzzService;
+using ::android::sp;
+using ::android::system::suspend::V1_0::SuspendControlService;
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ sp<SuspendControlService> suspendControlService = sp<SuspendControlService>::make();
+ fuzzService(suspendControlService, FuzzedDataProvider(data, size));
+ return 0;
+}
