Merge changes If9072405,I5da8ee7f

# Only turn on clang-format check for the following subfolders.

clang_format = --commit ${PREUPLOAD_COMMIT} --style file --extensions c,h,cc,cpp

               include/input/

               libs/binder/fuzzer/

               libs/binder/ndk/

               libs/graphicsenv/

               libs/gui/

cc_fuzz {

    name: "binder_parcel_fuzzer",

    defaults: ["libbinder_ndk_host_user"],

    host_supported: true,

    srcs: [

        "binder.cpp",

        "binder_ndk.cpp",

        "hwbinder.cpp",

        "main.cpp",

        "util.cpp",

    target: {

        android: {

            shared_libs: ["libbinder"],

            shared_libs: [

                "libbinder_ndk",

                "libbinder",

            ],

        },

        host: {

            static_libs: ["libbinder"],

            static_libs: [

                "libbinder_ndk",

                "libbinder",

            ],

        },

    },

}

#include <binder/Parcel.h>

#include <vector>

#include "parcel.h"

#include "parcel_fuzzer.h"

extern std::vector<ParcelRead<::android::Parcel>> BINDER_PARCEL_READ_FUNCTIONS;

/*

 * Copyright (C) 2019 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#define FUZZ_LOG_TAG "binder_ndk"

#include "binder_ndk.h"

#include <android/binder_parcel_utils.h>

#include "util.h"

// TODO(b/142061461): parent class

class SomeParcelable {

public:

    binder_status_t readFromParcel(const AParcel* parcel) {

        return AParcel_readInt32(parcel, &mValue);

    }

private:

    int32_t mValue = 0;

};

#define PARCEL_READ(T, FUN)                                              \

    [](const NdkParcelAdapter& p, uint8_t /*data*/) {                    \

        FUZZ_LOG() << "about to read " #T " using " #FUN " with status"; \

        T t{};                                                           \

        binder_status_t status = FUN(p.aParcel(), &t);                   \

        FUZZ_LOG() << #T " status: " << status /* << " value: " << t*/;  \

    }

// clang-format off

std::vector<ParcelRead<NdkParcelAdapter>> BINDER_NDK_PARCEL_READ_FUNCTIONS{

        // methods from binder_parcel.h

        [](const NdkParcelAdapter& p, uint8_t pos) {

            FUZZ_LOG() << "about to set data position to " << pos;

            binder_status_t status = AParcel_setDataPosition(p.aParcel(), pos);

            FUZZ_LOG() << "set data position: " << status;

        },

        [](const NdkParcelAdapter& p, uint8_t /*data*/) {

            FUZZ_LOG() << "about to read status header";

            ndk::ScopedAStatus t;

            binder_status_t status = AParcel_readStatusHeader(p.aParcel(), t.getR());

            FUZZ_LOG() << "read status header: " << status;

        },

        PARCEL_READ(int32_t, AParcel_readInt32),

        PARCEL_READ(uint32_t, AParcel_readUint32),

        PARCEL_READ(int64_t, AParcel_readInt64),

        PARCEL_READ(uint64_t, AParcel_readUint64),

        PARCEL_READ(float, AParcel_readFloat),

        PARCEL_READ(double, AParcel_readDouble),

        PARCEL_READ(bool, AParcel_readBool),

        PARCEL_READ(char16_t, AParcel_readChar),

        PARCEL_READ(int8_t, AParcel_readByte),

        // methods from binder_parcel_utils.h

        PARCEL_READ(ndk::SpAIBinder, ndk::AParcel_readNullableStrongBinder),

        PARCEL_READ(ndk::SpAIBinder, ndk::AParcel_readRequiredStrongBinder),

        PARCEL_READ(ndk::ScopedFileDescriptor, ndk::AParcel_readNullableParcelFileDescriptor),

        PARCEL_READ(ndk::ScopedFileDescriptor, ndk::AParcel_readRequiredParcelFileDescriptor),

        PARCEL_READ(std::string, ndk::AParcel_readString),

        PARCEL_READ(std::optional<std::string>, ndk::AParcel_readString),

        // TODO(b/131868573): can force process to allocate arbitrary amount of

        // memory

        // PARCEL_READ(std::vector<std::string>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<std::optional<std::string>>>,

        // ndk::AParcel_readVector), PARCEL_READ(std::vector<SomeParcelable>,

        // ndk::AParcel_readVector), PARCEL_READ(std::vector<int32_t>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<int32_t>>, ndk::AParcel_readVector),

        // PARCEL_READ(std::vector<uint32_t>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<uint32_t>>, ndk::AParcel_readVector),

        // PARCEL_READ(std::vector<int64_t>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<int64_t>>, ndk::AParcel_readVector),

        // PARCEL_READ(std::vector<uint64_t>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<uint64_t>>, ndk::AParcel_readVector),

        // PARCEL_READ(std::vector<float>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<float>>, ndk::AParcel_readVector),

        // PARCEL_READ(std::vector<double>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<double>>, ndk::AParcel_readVector),

        // PARCEL_READ(std::vector<bool>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<bool>>, ndk::AParcel_readVector),

        // PARCEL_READ(std::vector<char16_t>, ndk::AParcel_readVector),

        // PARCEL_READ(std::optional<std::vector<char16_t>>, ndk::AParcel_readVector),

        // PARCEL_READ(std::vector<int32_t>, ndk::AParcel_resizeVector),

        // PARCEL_READ(std::optional<std::vector<int32_t>>, ndk::AParcel_resizeVector),

};

// clang-format on

/*

 * Copyright (C) 2019 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#include <android/binder_auto_utils.h>

#include <vector>

#include <android/binder_parcel.h>

#include "parcel_fuzzer.h"

// libbinder_ndk doesn't export this header which breaks down its API for NDK

// and APEX users, but we need access to it to fuzz.

#include "../ndk/parcel_internal.h"

class NdkParcelAdapter {

public:

    NdkParcelAdapter() : mParcel(new AParcel(nullptr /*binder*/)) {}

    const AParcel* aParcel() const { return mParcel.get(); }

    AParcel* aParcel() { return mParcel.get(); }

    size_t dataSize() const { return aParcel()->get()->dataSize(); }

    size_t dataAvail() const { return aParcel()->get()->dataAvail(); }

    size_t dataPosition() const { return aParcel()->get()->dataPosition(); }

    size_t dataCapacity() const { return aParcel()->get()->dataCapacity(); }

    android::status_t setData(const uint8_t* buffer, size_t len) {

        return aParcel()->get()->setData(buffer, len);

    }

private:

    ndk::ScopedAParcel mParcel;

};

extern std::vector<ParcelRead<NdkParcelAdapter>> BINDER_NDK_PARCEL_READ_FUNCTIONS;