1 /*
2  * Copyright 2019 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #define PACKET_TESTING
18 #include "l2cap/l2cap_packets.h"
19 
20 #include <gtest/gtest.h>
21 #include <forward_list>
22 #include <memory>
23 
24 #include "os/log.h"
25 #include "packet/bit_inserter.h"
26 #include "packet/raw_builder.h"
27 
28 using bluetooth::packet::BitInserter;
29 using bluetooth::packet::RawBuilder;
30 using std::vector;
31 
32 namespace bluetooth {
33 namespace l2cap {
34 
35 std::vector<uint8_t> extended_information_start_frame = {
36     0x0B, /* First size byte */
37     0x00, /* Second size byte */
38     0xc1, /* First ChannelId byte */
39     0xc2, /**/
40     0x4A, /* 0x12 ReqSeq, Final, IFrame */
41     0xD0, /* 0x13 ReqSeq */
42     0x89, /* 0x21 TxSeq sar = START */
43     0x8C, /* 0x23 TxSeq  */
44     0x10, /* first length byte */
45     0x11, /**/
46     0x01, /* first payload byte */
47     0x02, 0x03, 0x04, 0x05,
48 };
49 
50 DEFINE_AND_INSTANTIATE_ExtendedInformationStartFrameReflectionTest(extended_information_start_frame);
51 
52 std::vector<uint8_t> i_frame_with_fcs = {0x0E, 0x00, 0x40, 0x00, 0x02, 0x00, 0x00, 0x01, 0x02,
53                                          0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x38, 0x61};
54 DEFINE_AND_INSTANTIATE_StandardInformationFrameWithFcsReflectionTest(i_frame_with_fcs);
55 
56 std::vector<uint8_t> rr_frame_with_fcs = {0x04, 0x00, 0x40, 0x00, 0x01, 0x01, 0xD4, 0x14};
57 DEFINE_AND_INSTANTIATE_StandardSupervisoryFrameWithFcsReflectionTest(rr_frame_with_fcs);
58 
59 std::vector<uint8_t> g_frame = {0x03, 0x00, 0x02, 0x00, 0x01, 0x02, 0x03};
60 DEFINE_AND_INSTANTIATE_GroupFrameReflectionTest(g_frame);
61 
62 std::vector<uint8_t> config_mtu_request = {0x04, 0x05, 0x08, 0x00, 0x41, 0x00, 0x00, 0x00, 0x01, 0x02, 0xa0, 0x02};
63 DEFINE_AND_INSTANTIATE_ConfigurationRequestReflectionTest(config_mtu_request);
64 
65 DEFINE_ConfigurationRequestReflectionFuzzTest();
66 
67 TEST(L2capFuzzRegressions, ConfigurationRequestFuzz_5691566077247488) {
68   uint8_t bluetooth_gd_fuzz_test_5691566077247488[] = {
69       0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
70   };
71   RunConfigurationRequestReflectionFuzzTest(bluetooth_gd_fuzz_test_5691566077247488,
72                                             sizeof(bluetooth_gd_fuzz_test_5691566077247488));
73 }
74 
75 TEST(L2capFuzzRegressions, ConfigurationRequestFuzz_5747922062802944) {
76   uint8_t bluetooth_gd_fuzz_test_5747922062802944[] = {
77       0x04, 0x02, 0x02, 0x7f, 0x3f, 0x7f, 0x3f, 0x7e, 0x7f,
78   };
79   RunConfigurationRequestReflectionFuzzTest(bluetooth_gd_fuzz_test_5747922062802944,
80                                             sizeof(bluetooth_gd_fuzz_test_5747922062802944));
81 }
82 }  // namespace l2cap
83 }  // namespace bluetooth
84