Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 22da223a authored by Billy Huang's avatar Billy Huang
Browse files

rfcomm-fuzzer: initialize callback mock 

Avoid seg faults from accessing methods of an uninitialized callback

Bug: 349650855
Test: m rfcomm-fuzzer
Test: Fuzzer runs without incident on testcase
Flag: TEST_ONLY
Change-Id: I6cf254dd1d2121dcff341fa2752bdbdf7db868f9
parent be3d2e85

system/stack/fuzzers/rfcomm_fuzzer.cc

+11 −0
Original line number Diff line number Diff line
@@ -17,6 +17,7 @@ 
#include <base/location.h>

#include <bluetooth/log.h>

#include <fuzzer/FuzzedDataProvider.h>

#include <gmock/gmock.h>



#include <cstdint>

#include <iostream>
@@ -103,6 +104,15 @@ public: 
  FakeBtStack fake_stack;

};



class Mocks {

public:

  ::testing::NiceMock<bluetooth::rfcomm::MockRfcommCallback> mock_rfcomm_callback;



  Mocks() { rfcomm_callback = &mock_rfcomm_callback; }



  ~Mocks() { rfcomm_callback = nullptr; }

};



}  // namespace



static int Cleanup(uint16_t* server_handle) { return RFCOMM_RemoveServer(*server_handle); }
@@ -198,6 +208,7 @@ static void FuzzAsClient(FuzzedDataProvider* fdp) { 


extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {

  auto fakes = std::make_unique<Fakes>();

  auto mocks = std::make_unique<Mocks>();



  FuzzedDataProvider fdp(data, size);