| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/test/nacl_security_tests/nacl_security_tests_win.h" | |
| 6 #include <winsock2.h> | |
| 7 #include <ws2tcpip.h> | |
| 8 #include <windows.h> | |
| 9 #include <string> | |
| 10 | |
| 11 // TODO(jvoung): factor out the enum SboxTestResult from | |
| 12 // "sandbox/tests/common/controller.h" to make it OS independent | |
| 13 | |
| 14 #include "sandbox/tests/common/controller.h" | |
| 15 #include "sandbox/tests/validation_tests/commands.h" | |
| 16 | |
| 17 BOOL APIENTRY DllMain(HMODULE module, DWORD ul_reason_for_call, | |
| 18 LPVOID lpReserved) { | |
| 19 return TRUE; | |
| 20 } | |
| 21 | |
| 22 #define RETURN_IF_NOT_DENIED(x) \ | |
| 23 if (sandbox::SBOX_TEST_DENIED != x) { \ | |
| 24 return false; \ | |
| 25 } | |
| 26 | |
| 27 //////////////////////////////////////////////////////////// | |
| 28 // Additional sandbox access tests | |
| 29 // (not in "sandbox/tests/validation_tests/commands.h") | |
| 30 //////////////////////////////////////////////////////////// | |
| 31 | |
| 32 namespace sandbox { | |
| 33 | |
| 34 SboxTestResult TestCreateProcess(const wchar_t *path_str, wchar_t *cmd_str) { | |
| 35 STARTUPINFO si; | |
| 36 PROCESS_INFORMATION pi; | |
| 37 | |
| 38 ZeroMemory(&si, sizeof(si)); | |
| 39 ZeroMemory(&pi, sizeof(pi)); | |
| 40 if (!::CreateProcess(path_str, cmd_str, NULL, NULL, FALSE, 0, | |
| 41 NULL, NULL, &si, &pi)) { | |
| 42 if (ERROR_ACCESS_DENIED == ::GetLastError()) { | |
| 43 return SBOX_TEST_DENIED; | |
| 44 } else { | |
| 45 return SBOX_TEST_DENIED; | |
| 46 } | |
| 47 } else { | |
| 48 return SBOX_TEST_SUCCEEDED; | |
| 49 } | |
| 50 } | |
| 51 | |
| 52 SboxTestResult TestConnect(const char* url) { | |
| 53 WSADATA wsaData; | |
| 54 int iResult = WSAStartup(MAKEWORD(2, 2), &wsaData); | |
| 55 | |
| 56 struct addrinfo hints, *servinfo, *p; | |
| 57 DWORD dwRet; | |
| 58 ZeroMemory(&hints, sizeof(hints)); | |
| 59 hints.ai_family = AF_UNSPEC; | |
| 60 hints.ai_socktype = SOCK_STREAM; | |
| 61 hints.ai_protocol = IPPROTO_TCP; | |
| 62 | |
| 63 dwRet = getaddrinfo(url, "80", &hints, &servinfo); | |
| 64 if (0 != dwRet) { | |
| 65 WSACleanup(); | |
| 66 return SBOX_TEST_DENIED; | |
| 67 } | |
| 68 | |
| 69 p = servinfo; | |
| 70 // Just try the first entry. | |
| 71 SOCKET sock; | |
| 72 sock = socket(p->ai_family, p->ai_socktype, p->ai_protocol); | |
| 73 if (INVALID_SOCKET == sock) { | |
| 74 freeaddrinfo(servinfo); | |
| 75 WSACleanup(); | |
| 76 return SBOX_TEST_DENIED; | |
| 77 } | |
| 78 | |
| 79 if (SOCKET_ERROR == connect(sock, p->ai_addr, | |
| 80 static_cast<int>(p->ai_addrlen))) { | |
| 81 freeaddrinfo(servinfo); | |
| 82 closesocket(sock); | |
| 83 WSACleanup(); | |
| 84 return SBOX_TEST_DENIED; | |
| 85 } | |
| 86 | |
| 87 freeaddrinfo(servinfo); | |
| 88 closesocket(sock); | |
| 89 WSACleanup(); | |
| 90 return SBOX_TEST_SUCCEEDED; | |
| 91 } | |
| 92 | |
| 93 } // namespace sandbox | |
| 94 | |
| 95 //////////////////////////////////////////////////////////// | |
| 96 | |
| 97 | |
| 98 // Runs the security tests of sandbox for the nacl loader process. | |
| 99 // If a test fails, the return value is FALSE and test_count contains the | |
| 100 // number of tests executed, including the failing test. | |
| 101 extern "C" bool __declspec(dllexport) RunNaClLoaderTests(void) { | |
| 102 // Filesystem and Registry tests borrowed from renderer security_tests.dll | |
| 103 RETURN_IF_NOT_DENIED(sandbox::TestOpenReadFile(L"%SystemDrive%")); | |
| 104 RETURN_IF_NOT_DENIED(sandbox::TestOpenReadFile(L"%SystemRoot%")); | |
| 105 RETURN_IF_NOT_DENIED(sandbox::TestOpenReadFile(L"%ProgramFiles%")); | |
| 106 RETURN_IF_NOT_DENIED(sandbox::TestOpenReadFile(L"%SystemRoot%\\System32")); | |
| 107 RETURN_IF_NOT_DENIED( | |
| 108 sandbox::TestOpenReadFile(L"%SystemRoot%\\explorer.exe")); | |
| 109 RETURN_IF_NOT_DENIED( | |
| 110 sandbox::TestOpenReadFile(L"%SystemRoot%\\Cursors\\arrow_i.cur")); | |
| 111 RETURN_IF_NOT_DENIED(sandbox::TestOpenWriteFile(L"%SystemRoot%")); | |
| 112 RETURN_IF_NOT_DENIED(sandbox::TestOpenWriteFile(L"%ProgramFiles%")); | |
| 113 RETURN_IF_NOT_DENIED(sandbox::TestOpenWriteFile(L"%SystemRoot%\\System32")); | |
| 114 RETURN_IF_NOT_DENIED( | |
| 115 sandbox::TestOpenWriteFile(L"%SystemRoot%\\explorer.exe")); | |
| 116 RETURN_IF_NOT_DENIED( | |
| 117 sandbox::TestOpenWriteFile(L"%SystemRoot%\\Cursors\\arrow_i.cur")); | |
| 118 RETURN_IF_NOT_DENIED(sandbox::TestOpenReadFile(L"%AllUsersProfile%")); | |
| 119 RETURN_IF_NOT_DENIED(sandbox::TestOpenReadFile(L"%Temp%")); | |
| 120 RETURN_IF_NOT_DENIED(sandbox::TestOpenReadFile(L"%AppData%")); | |
| 121 RETURN_IF_NOT_DENIED(sandbox::TestOpenKey(HKEY_LOCAL_MACHINE, L"")); | |
| 122 RETURN_IF_NOT_DENIED(sandbox::TestOpenKey(HKEY_CURRENT_USER, L"")); | |
| 123 RETURN_IF_NOT_DENIED(sandbox::TestOpenKey(HKEY_USERS, L"")); | |
| 124 RETURN_IF_NOT_DENIED(sandbox::TestOpenKey(HKEY_LOCAL_MACHINE, | |
| 125 L"Software\\Microsoft\\Windows NT\\CurrentVersion\\WinLogon")); | |
| 126 | |
| 127 RETURN_IF_NOT_DENIED(sandbox::TestConnect("www.archive.org")); | |
| 128 RETURN_IF_NOT_DENIED(sandbox::TestConnect("www.google.com")); | |
| 129 | |
| 130 RETURN_IF_NOT_DENIED(sandbox::TestCreateProcess(L"%SystemRoot%\\explorer.exe", | |
| 131 L"%SystemRoot%\\explorer.exe")); | |
| 132 | |
| 133 return true; | |
| 134 } | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7831053:
Move NaCl tests out of chrome/test (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/