Merge changes Ie487b34e,I66efe42b am: ca5b1d7295 (6612680f) · Commits · e / os / android_frameworks_native-old

libs/binder/tests/parcel_fuzzer/binder.cpp

+51 −56

Original line number	Diff line number	Diff line
		@@ -158,22 +158,20 @@ std::vector<ParcelRead<::android::Parcel>> BINDER_PARCEL_READ_FUNCTIONS {
		PARCEL_READ_WITH_STATUS(android::sp<android::IBinder>, readStrongBinder),
		PARCEL_READ_WITH_STATUS(android::sp<android::IBinder>, readNullableStrongBinder),

		// TODO(b/131868573): can force read of arbitrarily sized vector
		// PARCEL_READ_WITH_STATUS(std::vector<ByteEnum>, readEnumVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<ByteEnum>>, readEnumVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<ByteEnum>>, readEnumVector),
		// PARCEL_READ_WITH_STATUS(std::vector<IntEnum>, readEnumVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<IntEnum>>, readEnumVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<IntEnum>>, readEnumVector),
		// PARCEL_READ_WITH_STATUS(std::vector<LongEnum>, readEnumVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<LongEnum>>, readEnumVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<LongEnum>>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::vector<ByteEnum>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<ByteEnum>>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<ByteEnum>>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::vector<IntEnum>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<IntEnum>>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<IntEnum>>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::vector<LongEnum>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<LongEnum>>, readEnumVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<LongEnum>>, readEnumVector),

		// only reading one parcelable type for now
		// TODO(b/131868573): can force read of arbitrarily sized vector
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<std::unique_ptr<ExampleParcelable>>>, readParcelableVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<std::optional<ExampleParcelable>>>, readParcelableVector),
		// PARCEL_READ_WITH_STATUS(std::vector<ExampleParcelable>, readParcelableVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<std::unique_ptr<ExampleParcelable>>>, readParcelableVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<std::optional<ExampleParcelable>>>, readParcelableVector),
		PARCEL_READ_WITH_STATUS(std::vector<ExampleParcelable>, readParcelableVector),
		PARCEL_READ_WITH_STATUS(ExampleParcelable, readParcelable),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<ExampleParcelable>, readParcelable),
		PARCEL_READ_WITH_STATUS(std::optional<ExampleParcelable>, readParcelable),
		@@ -182,45 +180,43 @@ std::vector<ParcelRead<::android::Parcel>> BINDER_PARCEL_READ_FUNCTIONS {
		PARCEL_READ_WITH_STATUS(android::sp<android::os::IServiceManager>, readStrongBinder),
		PARCEL_READ_WITH_STATUS(android::sp<android::os::IServiceManager>, readNullableStrongBinder),

		// TODO(b/131868573): can force read of arbitrarily sized vector
		// PARCEL_READ_WITH_STATUS(::std::unique_ptr<std::vector<android::sp<android::IBinder>>>, readStrongBinderVector),
		// PARCEL_READ_WITH_STATUS(::std::optional<std::vector<android::sp<android::IBinder>>>, readStrongBinderVector),
		// PARCEL_READ_WITH_STATUS(std::vector<android::sp<android::IBinder>>, readStrongBinderVector),
		PARCEL_READ_WITH_STATUS(::std::unique_ptr<std::vector<android::sp<android::IBinder>>>, readStrongBinderVector),
		PARCEL_READ_WITH_STATUS(::std::optional<std::vector<android::sp<android::IBinder>>>, readStrongBinderVector),
		PARCEL_READ_WITH_STATUS(std::vector<android::sp<android::IBinder>>, readStrongBinderVector),

		// TODO(b/131868573): can force read of arbitrarily sized vector
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<int8_t>>, readByteVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<int8_t>>, readByteVector),
		// PARCEL_READ_WITH_STATUS(std::vector<int8_t>, readByteVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<uint8_t>>, readByteVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<uint8_t>>, readByteVector),
		// PARCEL_READ_WITH_STATUS(std::vector<uint8_t>, readByteVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<int32_t>>, readInt32Vector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<int32_t>>, readInt32Vector),
		// PARCEL_READ_WITH_STATUS(std::vector<int32_t>, readInt32Vector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<int64_t>>, readInt64Vector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<int64_t>>, readInt64Vector),
		// PARCEL_READ_WITH_STATUS(std::vector<int64_t>, readInt64Vector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<uint64_t>>, readUint64Vector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<uint64_t>>, readUint64Vector),
		// PARCEL_READ_WITH_STATUS(std::vector<uint64_t>, readUint64Vector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<float>>, readFloatVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<float>>, readFloatVector),
		// PARCEL_READ_WITH_STATUS(std::vector<float>, readFloatVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<double>>, readDoubleVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<double>>, readDoubleVector),
		// PARCEL_READ_WITH_STATUS(std::vector<double>, readDoubleVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<bool>>, readBoolVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<bool>>, readBoolVector),
		// PARCEL_READ_WITH_STATUS(std::vector<bool>, readBoolVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<char16_t>>, readCharVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<char16_t>>, readCharVector),
		// PARCEL_READ_WITH_STATUS(std::vector<char16_t>, readCharVector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<std::unique_ptr<android::String16>>>, readString16Vector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<std::optional<android::String16>>>, readString16Vector),
		// PARCEL_READ_WITH_STATUS(std::vector<android::String16>, readString16Vector),
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<std::unique_ptr<std::string>>>, readUtf8VectorFromUtf16Vector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<std::optional<std::string>>>, readUtf8VectorFromUtf16Vector),
		// PARCEL_READ_WITH_STATUS(std::vector<std::string>, readUtf8VectorFromUtf16Vector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<int8_t>>, readByteVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<int8_t>>, readByteVector),
		PARCEL_READ_WITH_STATUS(std::vector<int8_t>, readByteVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<uint8_t>>, readByteVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<uint8_t>>, readByteVector),
		PARCEL_READ_WITH_STATUS(std::vector<uint8_t>, readByteVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<int32_t>>, readInt32Vector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<int32_t>>, readInt32Vector),
		PARCEL_READ_WITH_STATUS(std::vector<int32_t>, readInt32Vector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<int64_t>>, readInt64Vector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<int64_t>>, readInt64Vector),
		PARCEL_READ_WITH_STATUS(std::vector<int64_t>, readInt64Vector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<uint64_t>>, readUint64Vector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<uint64_t>>, readUint64Vector),
		PARCEL_READ_WITH_STATUS(std::vector<uint64_t>, readUint64Vector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<float>>, readFloatVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<float>>, readFloatVector),
		PARCEL_READ_WITH_STATUS(std::vector<float>, readFloatVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<double>>, readDoubleVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<double>>, readDoubleVector),
		PARCEL_READ_WITH_STATUS(std::vector<double>, readDoubleVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<bool>>, readBoolVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<bool>>, readBoolVector),
		PARCEL_READ_WITH_STATUS(std::vector<bool>, readBoolVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<char16_t>>, readCharVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<char16_t>>, readCharVector),
		PARCEL_READ_WITH_STATUS(std::vector<char16_t>, readCharVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<std::unique_ptr<android::String16>>>, readString16Vector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<std::optional<android::String16>>>, readString16Vector),
		PARCEL_READ_WITH_STATUS(std::vector<android::String16>, readString16Vector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<std::unique_ptr<std::string>>>, readUtf8VectorFromUtf16Vector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<std::optional<std::string>>>, readUtf8VectorFromUtf16Vector),
		PARCEL_READ_WITH_STATUS(std::vector<std::string>, readUtf8VectorFromUtf16Vector),

		[] (const android::Parcel& p, uint8_t /len/) {
		FUZZ_LOG() << "about to read flattenable";
		@@ -254,10 +250,9 @@ std::vector<ParcelRead<::android::Parcel>> BINDER_PARCEL_READ_FUNCTIONS {
		PARCEL_READ_NO_STATUS(int, readParcelFileDescriptor),
		PARCEL_READ_WITH_STATUS(android::base::unique_fd, readUniqueFileDescriptor),

		// TODO(b/131868573): can force read of arbitrarily sized vector
		// PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<android::base::unique_fd>>, readUniqueFileDescriptorVector),
		// PARCEL_READ_WITH_STATUS(std::optional<std::vector<android::base::unique_fd>>, readUniqueFileDescriptorVector),
		// PARCEL_READ_WITH_STATUS(std::vector<android::base::unique_fd>, readUniqueFileDescriptorVector),
		PARCEL_READ_WITH_STATUS(std::unique_ptr<std::vector<android::base::unique_fd>>, readUniqueFileDescriptorVector),
		PARCEL_READ_WITH_STATUS(std::optional<std::vector<android::base::unique_fd>>, readUniqueFileDescriptorVector),
		PARCEL_READ_WITH_STATUS(std::vector<android::base::unique_fd>, readUniqueFileDescriptorVector),

		[] (const android::Parcel& p, uint8_t len) {
		FUZZ_LOG() << "about to readBlob";

libs/binder/tests/parcel_fuzzer/main.cpp

+0 −20

Original line number	Diff line number	Diff line
		@@ -95,25 +95,7 @@ void doFuzz(const char* backend, const std::vector<ParcelRead<P>>& reads,
		}
		}

		size_t getHardMemoryLimit() {
		struct rlimit limit;
		CHECK(0 == getrlimit(RLIMIT_AS, &limit)) << errno;
		return limit.rlim_max;
		}

		void setMemoryLimit(size_t cur, size_t max) {
		const struct rlimit kLimit = {
		.rlim_cur = cur,
		.rlim_max = max,
		};
		CHECK(0 == setrlimit(RLIMIT_AS, &kLimit)) << errno;
		}

		extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
		static constexpr size_t kMemLimit = 1 * 1024 * 1024;
		size_t hardLimit = getHardMemoryLimit();
		setMemoryLimit(std::min(kMemLimit, hardLimit), hardLimit);

		if (size <= 1) return 0; // no use

		// avoid timeouts, see b/142617274, b/142473153
		@@ -138,7 +120,5 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {

		provider.PickValueInArray(fuzzBackend)(std::move(provider));

		setMemoryLimit(hardLimit, hardLimit);

		return 0;
		}