OLD | NEW |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // This file contains unit tests for the RestrictedToken. | 5 // This file contains unit tests for the RestrictedToken. |
6 | 6 |
7 #define _ATL_NO_EXCEPTIONS | 7 #define _ATL_NO_EXCEPTIONS |
8 #include <atlbase.h> | 8 #include <atlbase.h> |
9 #include <atlsecurity.h> | 9 #include <atlsecurity.h> |
10 #include <vector> | 10 #include <vector> |
11 #include "sandbox/src/restricted_token.h" | 11 #include "sandbox/src/restricted_token.h" |
12 #include "sandbox/src/sid.h" | 12 #include "sandbox/src/sid.h" |
13 #include "testing/gtest/include/gtest/gtest.h" | 13 #include "testing/gtest/include/gtest/gtest.h" |
14 | 14 |
15 namespace sandbox { | 15 namespace sandbox { |
16 | 16 |
17 // Tests the initializatioin with an invalid token handle. | 17 // Tests the initializatioin with an invalid token handle. |
18 TEST(RestrictedTokenTest, InvalidHandle) { | 18 TEST(RestrictedTokenTest, InvalidHandle) { |
19 RestrictedToken token; | 19 RestrictedToken token; |
20 ASSERT_EQ(ERROR_INVALID_HANDLE, token.Init(reinterpret_cast<HANDLE>(0x5555))); | 20 ASSERT_EQ(ERROR_INVALID_HANDLE, token.Init(reinterpret_cast<HANDLE>(0x5555))); |
21 } | 21 } |
22 | 22 |
23 // Tests the initialization with NULL as parameter. | 23 // Tests the initialization with NULL as parameter. |
24 TEST(RestrictedTokenTest, DefaultInit) { | 24 TEST(RestrictedTokenTest, DefaultInit) { |
25 // Get the current process token. | 25 // Get the current process token. |
26 HANDLE token_handle = INVALID_HANDLE_VALUE; | 26 HANDLE token_handle = NULL; |
27 ASSERT_TRUE(::OpenProcessToken(::GetCurrentProcess(), TOKEN_ALL_ACCESS, | 27 ASSERT_TRUE(::OpenProcessToken(::GetCurrentProcess(), TOKEN_ALL_ACCESS, |
28 &token_handle)); | 28 &token_handle)); |
29 | 29 |
30 ASSERT_NE(INVALID_HANDLE_VALUE, token_handle); | 30 ASSERT_NE(NULL, reinterpret_cast<ULONG_PTR>(token_handle)); |
31 | 31 |
32 ATL::CAccessToken access_token; | 32 ATL::CAccessToken access_token; |
33 access_token.Attach(token_handle); | 33 access_token.Attach(token_handle); |
34 | 34 |
35 // Create the token using the current token. | 35 // Create the token using the current token. |
36 RestrictedToken token_default; | 36 RestrictedToken token_default; |
37 ASSERT_EQ(ERROR_SUCCESS, token_default.Init(NULL)); | 37 ASSERT_EQ(ERROR_SUCCESS, token_default.Init(NULL)); |
38 | 38 |
39 // Get the handle to the restricted token. | 39 // Get the handle to the restricted token. |
40 | 40 |
(...skipping 14 matching lines...) Expand all Loading... |
55 ASSERT_TRUE(access_token.GetOwner(&sid_owner_default)); | 55 ASSERT_TRUE(access_token.GetOwner(&sid_owner_default)); |
56 | 56 |
57 // Check if both token have the same owner and user. | 57 // Check if both token have the same owner and user. |
58 ASSERT_EQ(sid_user_restricted, sid_user_default); | 58 ASSERT_EQ(sid_user_restricted, sid_user_default); |
59 ASSERT_EQ(sid_owner_restricted, sid_owner_default); | 59 ASSERT_EQ(sid_owner_restricted, sid_owner_default); |
60 } | 60 } |
61 | 61 |
62 // Tests the initialization with a custom token as parameter. | 62 // Tests the initialization with a custom token as parameter. |
63 TEST(RestrictedTokenTest, CustomInit) { | 63 TEST(RestrictedTokenTest, CustomInit) { |
64 // Get the current process token. | 64 // Get the current process token. |
65 HANDLE token_handle = INVALID_HANDLE_VALUE; | 65 HANDLE token_handle = NULL; |
66 ASSERT_TRUE(::OpenProcessToken(::GetCurrentProcess(), TOKEN_ALL_ACCESS, | 66 ASSERT_TRUE(::OpenProcessToken(::GetCurrentProcess(), TOKEN_ALL_ACCESS, |
67 &token_handle)); | 67 &token_handle)); |
68 | 68 |
69 ASSERT_NE(INVALID_HANDLE_VALUE, token_handle); | 69 ASSERT_NE(NULL, reinterpret_cast<ULONG_PTR>(token_handle)); |
70 | 70 |
71 ATL::CAccessToken access_token; | 71 ATL::CAccessToken access_token; |
72 access_token.Attach(token_handle); | 72 access_token.Attach(token_handle); |
73 | 73 |
74 // Change the primary group. | 74 // Change the primary group. |
75 access_token.SetPrimaryGroup(ATL::Sids::World()); | 75 access_token.SetPrimaryGroup(ATL::Sids::World()); |
76 | 76 |
77 // Create the token using the current token. | 77 // Create the token using the current token. |
78 RestrictedToken token; | 78 RestrictedToken token; |
79 ASSERT_EQ(ERROR_SUCCESS, token.Init(access_token.GetHandle())); | 79 ASSERT_EQ(ERROR_SUCCESS, token.Init(access_token.GetHandle())); |
(...skipping 441 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
521 TEST(RestrictedTokenTest, DoubleInit) { | 521 TEST(RestrictedTokenTest, DoubleInit) { |
522 RestrictedToken token; | 522 RestrictedToken token; |
523 ASSERT_EQ(ERROR_SUCCESS, token.Init(NULL)); | 523 ASSERT_EQ(ERROR_SUCCESS, token.Init(NULL)); |
524 | 524 |
525 ASSERT_EQ(ERROR_ALREADY_INITIALIZED, token.Init(NULL)); | 525 ASSERT_EQ(ERROR_ALREADY_INITIALIZED, token.Init(NULL)); |
526 } | 526 } |
527 | 527 |
528 #endif | 528 #endif |
529 | 529 |
530 } // namespace sandbox | 530 } // namespace sandbox |
OLD | NEW |