Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(8)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/sandbox_mac_diraccess_unittest.mm

Issue 3022005: Recommit - r52326 - Mac: Use canonicalization rather than absolute paths for sandbox. (Closed)
Patch Set: Created 10 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/common/sandbox_mac.mm ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #import <Cocoa/Cocoa.h> 5 #import <Cocoa/Cocoa.h>
6 #include <dirent.h> 6 #include <dirent.h>
7 7
8 extern "C" { 8 extern "C" {
9 #include <sandbox.h> 9 #include <sandbox.h>
10 } 10 }
(...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after
140 }; 140 };
141 141
142 typedef scoped_ptr_malloc<FilePath, ScopedDirectoryDelete> ScopedDirectory; 142 typedef scoped_ptr_malloc<FilePath, ScopedDirectoryDelete> ScopedDirectory;
143 143
144 TEST_F(MacDirAccessSandboxTest, SandboxAccess) { 144 TEST_F(MacDirAccessSandboxTest, SandboxAccess) {
145 FilePath tmp_dir; 145 FilePath tmp_dir;
146 ASSERT_TRUE(file_util::CreateNewTempDirectory("", &tmp_dir)); 146 ASSERT_TRUE(file_util::CreateNewTempDirectory("", &tmp_dir));
147 // This step is important on OS X since the sandbox only understands "real" 147 // This step is important on OS X since the sandbox only understands "real"
148 // paths and the paths CreateNewTempDirectory() returns are empirically in 148 // paths and the paths CreateNewTempDirectory() returns are empirically in
149 // /var which is a symlink to /private/var . 149 // /var which is a symlink to /private/var .
150 ASSERT_TRUE(file_util::AbsolutePath(&tmp_dir)); 150 sandbox::GetCanonicalSandboxPath(&tmp_dir);
151 ScopedDirectory cleanup(&tmp_dir); 151 ScopedDirectory cleanup(&tmp_dir);
152 152
153 const char* sandbox_dir_cases[] = { 153 const char* sandbox_dir_cases[] = {
154 "simple_dir_name", 154 "simple_dir_name",
155 "^hello++ $", // Regex. 155 "^hello++ $", // Regex.
156 "\\^.$|()[]*+?{}", // All regex characters. 156 "\\^.$|()[]*+?{}", // All regex characters.
157 }; 157 };
158 158
159 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(sandbox_dir_cases); ++i) { 159 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(sandbox_dir_cases); ++i) {
160 const char* sandbox_dir_name = sandbox_dir_cases[i]; 160 const char* sandbox_dir_name = sandbox_dir_cases[i];
(...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after
241 PLOG(ERROR) << "Sandbox breach: was able to write (" 241 PLOG(ERROR) << "Sandbox breach: was able to write ("
242 << denied_file2.value() 242 << denied_file2.value()
243 << ")"; 243 << ")";
244 return -1; 244 return -1;
245 } 245 }
246 246
247 return 0; 247 return 0;
248 } 248 }
249 249
250 } // namespace 250 } // namespace
OLDNEW
« no previous file with comments | « chrome/common/sandbox_mac.mm ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698