1*7eba2f3bSAndroid Build Coastguard Worker #include "fuzz_cmn.h"
2*7eba2f3bSAndroid Build Coastguard Worker #include "nfa_api.h"
3*7eba2f3bSAndroid Build Coastguard Worker #include "nfa_dm_int.h"
4*7eba2f3bSAndroid Build Coastguard Worker
5*7eba2f3bSAndroid Build Coastguard Worker #define MODULE_NAME "nfc_ndef_fuzzer"
6*7eba2f3bSAndroid Build Coastguard Worker
7*7eba2f3bSAndroid Build Coastguard Worker const char fuzzer_name[] = MODULE_NAME;
8*7eba2f3bSAndroid Build Coastguard Worker
9*7eba2f3bSAndroid Build Coastguard Worker tNFA_DM_CB nfa_dm_cb = {};
10*7eba2f3bSAndroid Build Coastguard Worker bool ndef_handler_registered = false;
11*7eba2f3bSAndroid Build Coastguard Worker
ndef_cback(tNFA_NDEF_EVT event,tNFA_NDEF_EVT_DATA * p_data)12*7eba2f3bSAndroid Build Coastguard Worker static void ndef_cback(tNFA_NDEF_EVT event, tNFA_NDEF_EVT_DATA* p_data) {
13*7eba2f3bSAndroid Build Coastguard Worker if (event == NFA_NDEF_REGISTER_EVT) {
14*7eba2f3bSAndroid Build Coastguard Worker ndef_handler_registered = (p_data->ndef_reg.status == NFC_STATUS_OK);
15*7eba2f3bSAndroid Build Coastguard Worker } else if (event == NFA_NDEF_DATA_EVT) {
16*7eba2f3bSAndroid Build Coastguard Worker FUZZLOG("ndef_data, start=%p, len=%d", p_data->ndef_data.p_data,
17*7eba2f3bSAndroid Build Coastguard Worker p_data->ndef_data.len);
18*7eba2f3bSAndroid Build Coastguard Worker
19*7eba2f3bSAndroid Build Coastguard Worker uint16_t cs = 0;
20*7eba2f3bSAndroid Build Coastguard Worker for (uint8_t* p = p_data->ndef_data.p_data;
21*7eba2f3bSAndroid Build Coastguard Worker p < p_data->ndef_data.p_data + p_data->ndef_data.len; p++) {
22*7eba2f3bSAndroid Build Coastguard Worker cs += *p;
23*7eba2f3bSAndroid Build Coastguard Worker }
24*7eba2f3bSAndroid Build Coastguard Worker
25*7eba2f3bSAndroid Build Coastguard Worker FUZZLOG("ndef_data, checksum=%04X", cs);
26*7eba2f3bSAndroid Build Coastguard Worker }
27*7eba2f3bSAndroid Build Coastguard Worker }
28*7eba2f3bSAndroid Build Coastguard Worker
29*7eba2f3bSAndroid Build Coastguard Worker tNFA_DM_MSG reg_hdler = {.reg_ndef_hdlr = {
30*7eba2f3bSAndroid Build Coastguard Worker .tnf = NFA_TNF_DEFAULT,
31*7eba2f3bSAndroid Build Coastguard Worker .p_ndef_cback = ndef_cback,
32*7eba2f3bSAndroid Build Coastguard Worker }};
33*7eba2f3bSAndroid Build Coastguard Worker
init()34*7eba2f3bSAndroid Build Coastguard Worker static bool init() {
35*7eba2f3bSAndroid Build Coastguard Worker if (!ndef_handler_registered) {
36*7eba2f3bSAndroid Build Coastguard Worker nfa_dm_ndef_reg_hdlr(®_hdler);
37*7eba2f3bSAndroid Build Coastguard Worker }
38*7eba2f3bSAndroid Build Coastguard Worker return ndef_handler_registered;
39*7eba2f3bSAndroid Build Coastguard Worker }
40*7eba2f3bSAndroid Build Coastguard Worker
Fuzz_FixPackets(std::vector<bytes_t> &,uint)41*7eba2f3bSAndroid Build Coastguard Worker void Fuzz_FixPackets(std::vector<bytes_t>& /*Packets*/, uint /*Seed*/) {}
42*7eba2f3bSAndroid Build Coastguard Worker
Fuzz_RunPackets(const std::vector<bytes_t> & Packets)43*7eba2f3bSAndroid Build Coastguard Worker void Fuzz_RunPackets(const std::vector<bytes_t>& Packets) {
44*7eba2f3bSAndroid Build Coastguard Worker if (!init()) {
45*7eba2f3bSAndroid Build Coastguard Worker return;
46*7eba2f3bSAndroid Build Coastguard Worker }
47*7eba2f3bSAndroid Build Coastguard Worker
48*7eba2f3bSAndroid Build Coastguard Worker for (auto it = Packets.cbegin(); it != Packets.cend(); ++it) {
49*7eba2f3bSAndroid Build Coastguard Worker nfa_dm_ndef_handle_message(NFA_STATUS_OK, const_cast<uint8_t*>(it->data()),
50*7eba2f3bSAndroid Build Coastguard Worker (uint32_t)it->size());
51*7eba2f3bSAndroid Build Coastguard Worker }
52*7eba2f3bSAndroid Build Coastguard Worker }
53