diff options
author | Will Coster <willcoster@google.com> | 2020-11-17 02:48:42 +0100 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-11-17 02:48:42 +0100 |
commit | 01e576e61acb8a2e330d3a831135864369e1edb9 (patch) | |
tree | b328b9c27be8285926ca13ce37007cbba47f50ea | |
parent | Merge "Import translations. DO NOT MERGE" (diff) | |
parent | Merge "Add a fuzzer for OTA package verification" am: 6a4dbdf088 am: 923cdf3db1 am: ab1a7bb228 (diff) | |
download | android_bootable_recovery-01e576e61acb8a2e330d3a831135864369e1edb9.tar android_bootable_recovery-01e576e61acb8a2e330d3a831135864369e1edb9.tar.gz android_bootable_recovery-01e576e61acb8a2e330d3a831135864369e1edb9.tar.bz2 android_bootable_recovery-01e576e61acb8a2e330d3a831135864369e1edb9.tar.lz android_bootable_recovery-01e576e61acb8a2e330d3a831135864369e1edb9.tar.xz android_bootable_recovery-01e576e61acb8a2e330d3a831135864369e1edb9.tar.zst android_bootable_recovery-01e576e61acb8a2e330d3a831135864369e1edb9.zip |
-rw-r--r-- | tests/Android.bp | 20 | ||||
-rw-r--r-- | tests/fuzz/verify_package_fuzzer.cpp | 37 |
2 files changed, 57 insertions, 0 deletions
diff --git a/tests/Android.bp b/tests/Android.bp index a9a088a32..19f2a6c64 100644 --- a/tests/Android.bp +++ b/tests/Android.bp @@ -201,3 +201,23 @@ cc_test_host { }, }, } + +cc_fuzz { + name: "libinstall_verify_package_fuzzer", + defaults: [ + "recovery_test_defaults", + ], + + srcs: ["fuzz/verify_package_fuzzer.cpp"], + + corpus: [ + "testdata/otasigned*.zip", + ], + + static_libs: [ + "libotautil", + "libinstall", + "librecovery_ui", + "libminui", + ], +} diff --git a/tests/fuzz/verify_package_fuzzer.cpp b/tests/fuzz/verify_package_fuzzer.cpp new file mode 100644 index 000000000..baa44e070 --- /dev/null +++ b/tests/fuzz/verify_package_fuzzer.cpp @@ -0,0 +1,37 @@ +/* + * Copyright (C) 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "fuzzer/FuzzedDataProvider.h" + +#include "install/install.h" +#include "install/package.h" +#include "recovery_ui/stub_ui.h" + +std::unique_ptr<Package> CreatePackage(std::vector<uint8_t>& content) { + return Package::CreateMemoryPackage(content, [](float) -> void {}); +} + +extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { + FuzzedDataProvider data_provider(data, size); + auto package_contents = data_provider.ConsumeRemainingBytes<uint8_t>(); + if (package_contents.size() == 0) { + return 0; + } + auto package = CreatePackage(package_contents); + StubRecoveryUI ui; + verify_package(package.get(), &ui); + return 0; +} |