1 /*
2  * Copyright 2020 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef BT_STACK_FUZZ_A2DP_HELPERS_H_
18 #define BT_STACK_FUZZ_A2DP_HELPERS_H_
19 
20 // NOTE: This file should not be included directly.
21 //       It is included by the corresponding "...Functions.h" file.
22 
23 #include <fuzzer/FuzzedDataProvider.h>
24 
25 #include <vector>
26 
27 #include "fuzzers/sdp/sdpFuzzHelpers.h"
28 #include "internal_include/bt_target.h"
29 #include "osi/include/allocator.h"
30 #include "stack/a2dp/a2dp_int.h"
31 #include "types/raw_address.h"
32 
33 #define MAX_DB_SIZE 4096
34 
generateDBParams(FuzzedDataProvider * fdp,std::vector<uint16_t> & attr_list)35 tA2DP_SDP_DB_PARAMS generateDBParams(FuzzedDataProvider* fdp,
36                                      std::vector<uint16_t>& attr_list) {
37   attr_list = generateArbitraryAttrList(fdp);
38 
39   tA2DP_SDP_DB_PARAMS db_params;
40   db_params.db_len = fdp->ConsumeIntegralInRange<uint32_t>(0, MAX_DB_SIZE);
41   db_params.num_attr = attr_list.size();
42   db_params.p_attrs = attr_list.empty() ? nullptr : attr_list.data();
43 
44   return db_params;
45 }
46 
47 // Define our empty callback function
a2dp_find_callback(bool found,tA2DP_Service * p_service,const RawAddress & peer_address)48 void a2dp_find_callback(bool found, tA2DP_Service* p_service,
49                         const RawAddress& peer_address) {
50   // Free the RawAddress we created in the generate function
51   delete &peer_address;
52 }
53 
54 // Function to clean up and clear our allocated objects
cleanupA2dpFuzz()55 void cleanupA2dpFuzz() {
56   // Delete our a2dp_cb database if it exists
57   if (a2dp_cb.find.p_db) {
58     osi_free(a2dp_cb.find.p_db);
59   }
60   // This function resets the a2dp_cb global to defaults
61   A2DP_Init();
62 
63   // SDP needs to perform cleanup as well.
64   cleanupSdpFuzz();
65 }
66 
67 #endif  // BT_STACK_FUZZ_A2DP_HELPERS_H_
68