| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome_frame/module_utils.h" | 5 #include "chrome_frame/module_utils.h" |
| 6 | 6 |
| 7 #include "base/scoped_handle.h" | 7 #include "base/scoped_handle.h" |
| 8 #include "base/shared_memory.h" | 8 #include "base/shared_memory.h" |
| 9 #include "base/utf_string_conversions.h" | 9 #include "base/utf_string_conversions.h" |
| 10 #include "base/version.h" | 10 #include "base/version.h" |
| 11 #include "chrome_frame/test/chrome_frame_test_utils.h" |
| 11 #include "gtest/gtest.h" | 12 #include "gtest/gtest.h" |
| 12 | 13 |
| 13 extern "C" IMAGE_DOS_HEADER __ImageBase; | 14 extern "C" IMAGE_DOS_HEADER __ImageBase; |
| 14 | 15 |
| 15 const char kMockVersionString[] = "42.42.42.42"; | 16 const char kMockVersionString[] = "42.42.42.42"; |
| 16 const char kMockVersionString2[] = "133.33.33.7"; | 17 const char kMockVersionString2[] = "133.33.33.7"; |
| 17 | 18 |
| 18 const HMODULE kMockModuleHandle = reinterpret_cast<HMODULE>(42); | 19 const HMODULE kMockModuleHandle = reinterpret_cast<HMODULE>(42); |
| 19 const HMODULE kMockModuleHandle2 = reinterpret_cast<HMODULE>(43); | 20 const HMODULE kMockModuleHandle2 = reinterpret_cast<HMODULE>(43); |
| 20 | 21 |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 61 | 62 |
| 62 virtual HMODULE LoadVersionedModule() { | 63 virtual HMODULE LoadVersionedModule() { |
| 63 return kMockModuleHandle2; | 64 return kMockModuleHandle2; |
| 64 } | 65 } |
| 65 | 66 |
| 66 virtual Version* GetCurrentModuleVersion() { | 67 virtual Version* GetCurrentModuleVersion() { |
| 67 return Version::GetVersionFromString(kMockVersionString2); | 68 return Version::GetVersionFromString(kMockVersionString2); |
| 68 } | 69 } |
| 69 }; | 70 }; |
| 70 | 71 |
| 72 class MockDllRedirectorNoPermissions : public MockDllRedirector { |
| 73 public: |
| 74 explicit MockDllRedirectorNoPermissions(const char* beacon_name) |
| 75 : MockDllRedirector(beacon_name) {} |
| 76 |
| 77 virtual bool GetLockSecurityAttributes(ATL::CSecurityAttributes* sec_attr) { |
| 78 return false; |
| 79 } |
| 80 |
| 81 virtual bool SetFileMappingToReadOnly(base::SharedMemoryHandle mapping) { |
| 82 return true; |
| 83 } |
| 84 }; |
| 85 |
| 71 class DllRedirectorTest : public testing::Test { | 86 class DllRedirectorTest : public testing::Test { |
| 72 public: | 87 public: |
| 73 virtual void SetUp() { | 88 virtual void SetUp() { |
| 74 shared_memory_.reset(new base::SharedMemory); | 89 shared_memory_.reset(new base::SharedMemory); |
| 75 mock_version_.reset(Version::GetVersionFromString(kMockVersionString)); | 90 mock_version_.reset(Version::GetVersionFromString(kMockVersionString)); |
| 76 mock_version2_.reset(Version::GetVersionFromString(kMockVersionString2)); | 91 mock_version2_.reset(Version::GetVersionFromString(kMockVersionString2)); |
| 77 } | 92 } |
| 78 | 93 |
| 79 virtual void TearDown() { | 94 virtual void TearDown() { |
| 80 CloseBeacon(); | 95 CloseBeacon(); |
| (...skipping 202 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 283 // The redirector should fail to read the version number and defer to | 298 // The redirector should fail to read the version number and defer to |
| 284 // its own version. | 299 // its own version. |
| 285 scoped_ptr<MockDllRedirector> first_redirector( | 300 scoped_ptr<MockDllRedirector> first_redirector( |
| 286 new MockDllRedirector(kTestVersionBeaconName)); | 301 new MockDllRedirector(kTestVersionBeaconName)); |
| 287 EXPECT_TRUE(first_redirector->RegisterAsFirstCFModule()); | 302 EXPECT_TRUE(first_redirector->RegisterAsFirstCFModule()); |
| 288 | 303 |
| 289 HMODULE first_module = first_redirector->GetFirstModule(); | 304 HMODULE first_module = first_redirector->GetFirstModule(); |
| 290 EXPECT_EQ(reinterpret_cast<HMODULE>(&__ImageBase), first_module); | 305 EXPECT_EQ(reinterpret_cast<HMODULE>(&__ImageBase), first_module); |
| 291 } | 306 } |
| 292 | 307 |
| 308 TEST_F(DllRedirectorTest, LowIntegrityAccess) { |
| 309 scoped_ptr<MockDllRedirector> first_redirector( |
| 310 new MockDllRedirector(kTestVersionBeaconName)); |
| 311 EXPECT_TRUE(first_redirector->RegisterAsFirstCFModule()); |
| 312 |
| 313 // Ensure that we can acquire the mutex from medium integrity: |
| 314 { |
| 315 base::SharedMemory shared_memory(ASCIIToWide(kTestVersionBeaconName)); |
| 316 bool mutex_locked = shared_memory.Lock(kWaitTestTimeout, NULL); |
| 317 EXPECT_TRUE(mutex_locked); |
| 318 |
| 319 // Ensure that the shared memory is read-only: |
| 320 EXPECT_FALSE(shared_memory.Open(kTestVersionBeaconName, false)); |
| 321 shared_memory.Close(); |
| 322 EXPECT_TRUE(shared_memory.Open(kTestVersionBeaconName, true)); |
| 323 shared_memory.Close(); |
| 324 |
| 325 if (mutex_locked) |
| 326 shared_memory.Unlock(); |
| 327 } |
| 328 |
| 329 // Now move to low integrity |
| 330 chrome_frame_test::LowIntegrityToken low_integrity_token; |
| 331 ASSERT_TRUE(low_integrity_token.Impersonate()); |
| 332 |
| 333 // Ensure that we can also acquire the mutex from low integrity. |
| 334 base::SharedMemory shared_memory(ASCIIToWide(kTestVersionBeaconName)); |
| 335 bool mutex_locked = shared_memory.Lock(kWaitTestTimeout, NULL); |
| 336 EXPECT_TRUE(mutex_locked); |
| 337 |
| 338 // Ensure that the shared memory is read-only: |
| 339 EXPECT_FALSE(shared_memory.Open(kTestVersionBeaconName, false)); |
| 340 shared_memory.Close(); |
| 341 EXPECT_TRUE(shared_memory.Open(kTestVersionBeaconName, true)); |
| 342 shared_memory.Close(); |
| 343 |
| 344 if (mutex_locked) |
| 345 shared_memory.Unlock(); |
| 346 } |
| 347 |
| 348 TEST_F(DllRedirectorTest, LowIntegrityAccessDenied) { |
| 349 // Run this test with a mock DllRedirector that doesn't set permissions |
| 350 // on the shared memory. |
| 351 scoped_ptr<MockDllRedirectorNoPermissions> first_redirector( |
| 352 new MockDllRedirectorNoPermissions(kTestVersionBeaconName)); |
| 353 EXPECT_TRUE(first_redirector->RegisterAsFirstCFModule()); |
| 354 |
| 355 // Ensure that we can acquire the mutex from medium integrity: |
| 356 { |
| 357 base::SharedMemory shared_memory(ASCIIToWide(kTestVersionBeaconName)); |
| 358 bool mutex_locked = shared_memory.Lock(kWaitTestTimeout, NULL); |
| 359 EXPECT_TRUE(mutex_locked); |
| 360 |
| 361 // We should be able to open the memory as read/write. |
| 362 EXPECT_TRUE(shared_memory.Open(kTestVersionBeaconName, false)); |
| 363 shared_memory.Close(); |
| 364 |
| 365 if (mutex_locked) |
| 366 shared_memory.Unlock(); |
| 367 } |
| 368 |
| 369 // Now move to low integrity |
| 370 chrome_frame_test::LowIntegrityToken low_integrity_token; |
| 371 low_integrity_token.Impersonate(); |
| 372 |
| 373 // Ensure that we can't acquire the mutex without having set the |
| 374 // Low Integrity ACE in the SACL. |
| 375 base::SharedMemory shared_memory(ASCIIToWide(kTestVersionBeaconName)); |
| 376 bool mutex_locked = shared_memory.Lock(kWaitTestTimeout, NULL); |
| 377 EXPECT_FALSE(mutex_locked); |
| 378 |
| 379 // We shouldn't be able to open the memory. |
| 380 EXPECT_FALSE(shared_memory.Open(kTestVersionBeaconName, false)); |
| 381 shared_memory.Close(); |
| 382 |
| 383 if (mutex_locked) |
| 384 shared_memory.Unlock(); |
| 385 } |
| 386 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 5012001:
Chrome Frame: Add explicit object security attributes to the Chrome Frame ver... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/