| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <memory> | 5 #include <memory> |
| 6 #include <string> | 6 #include <string> |
| 7 | 7 |
| 8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/strings/string16.h" | 9 #include "base/strings/string16.h" |
| 10 #include "base/strings/sys_string_conversions.h" | 10 #include "base/strings/sys_string_conversions.h" |
| (...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 263 return SBOX_TEST_DENIED; | 263 return SBOX_TEST_DENIED; |
| 264 } | 264 } |
| 265 } else { | 265 } else { |
| 266 ::CloseHandle(token); | 266 ::CloseHandle(token); |
| 267 return SBOX_TEST_SUCCEEDED; | 267 return SBOX_TEST_SUCCEEDED; |
| 268 } | 268 } |
| 269 | 269 |
| 270 return SBOX_TEST_FAILED; | 270 return SBOX_TEST_FAILED; |
| 271 } | 271 } |
| 272 | 272 |
| 273 SBOX_TESTS_COMMAND int Process_Crash(int argc, wchar_t **argv) { |
| 274 __debugbreak(); |
| 275 return SBOX_TEST_FAILED; |
| 276 } |
| 273 // Generate a event name, used to test thread creation. | 277 // Generate a event name, used to test thread creation. |
| 274 std::wstring GenerateEventName(DWORD pid) { | 278 std::wstring GenerateEventName(DWORD pid) { |
| 275 wchar_t buff[30] = {0}; | 279 wchar_t buff[30] = {0}; |
| 276 int res = swprintf_s(buff, sizeof(buff) / sizeof(buff[0]), | 280 int res = swprintf_s(buff, sizeof(buff) / sizeof(buff[0]), |
| 277 L"ProcessPolicyTest_%08x", pid); | 281 L"ProcessPolicyTest_%08x", pid); |
| 278 if (-1 != res) { | 282 if (-1 != res) { |
| 279 return std::wstring(buff); | 283 return std::wstring(buff); |
| 280 } | 284 } |
| 281 return std::wstring(); | 285 return std::wstring(); |
| 282 } | 286 } |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 402 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 406 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
| 403 runner.RunTest(L"Process_RunApp3 findstr.exe")); | 407 runner.RunTest(L"Process_RunApp3 findstr.exe")); |
| 404 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 408 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
| 405 runner.RunTest(L"Process_RunApp4 findstr.exe")); | 409 runner.RunTest(L"Process_RunApp4 findstr.exe")); |
| 406 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 410 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
| 407 runner.RunTest(L"Process_RunApp5 findstr.exe")); | 411 runner.RunTest(L"Process_RunApp5 findstr.exe")); |
| 408 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 412 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
| 409 runner.RunTest(L"Process_RunApp6 findstr.exe")); | 413 runner.RunTest(L"Process_RunApp6 findstr.exe")); |
| 410 } | 414 } |
| 411 | 415 |
| 416 // Tests that the broker correctly handles a process crashing within the job. |
| 417 TEST(ProcessPolicyTest, CreateProcessCrashy) { |
| 418 TestRunner runner; |
| 419 EXPECT_EQ(STATUS_BREAKPOINT, runner.RunTest(L"Process_Crash")); |
| 420 } |
| 421 |
| 412 TEST(ProcessPolicyTest, OpenToken) { | 422 TEST(ProcessPolicyTest, OpenToken) { |
| 413 TestRunner runner; | 423 TestRunner runner; |
| 414 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Process_OpenToken")); | 424 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Process_OpenToken")); |
| 415 } | 425 } |
| 416 | 426 |
| 417 TEST(ProcessPolicyTest, TestGetProcessTokenMinAccess) { | 427 TEST(ProcessPolicyTest, TestGetProcessTokenMinAccess) { |
| 418 TestRunner runner; | 428 TestRunner runner; |
| 419 base::string16 exe_path = MakePathToSys(L"findstr.exe", false); | 429 base::string16 exe_path = MakePathToSys(L"findstr.exe", false); |
| 420 ASSERT_TRUE(!exe_path.empty()); | 430 ASSERT_TRUE(!exe_path.empty()); |
| 421 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, | 431 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 502 HANDLE thread = NULL; | 512 HANDLE thread = NULL; |
| 503 thread = TargetCreateThread( | 513 thread = TargetCreateThread( |
| 504 ::CreateThread, NULL, 0, &TestThreadFunc, | 514 ::CreateThread, NULL, 0, &TestThreadFunc, |
| 505 reinterpret_cast<LPVOID>(static_cast<uintptr_t>(pid)), 0, &thread_id); | 515 reinterpret_cast<LPVOID>(static_cast<uintptr_t>(pid)), 0, &thread_id); |
| 506 EXPECT_NE(static_cast<HANDLE>(NULL), thread); | 516 EXPECT_NE(static_cast<HANDLE>(NULL), thread); |
| 507 EXPECT_EQ(WAIT_OBJECT_0, WaitForSingleObject(thread, INFINITE)); | 517 EXPECT_EQ(WAIT_OBJECT_0, WaitForSingleObject(thread, INFINITE)); |
| 508 EXPECT_EQ(WAIT_OBJECT_0, WaitForSingleObject(event, INFINITE)); | 518 EXPECT_EQ(WAIT_OBJECT_0, WaitForSingleObject(event, INFINITE)); |
| 509 } | 519 } |
| 510 | 520 |
| 511 } // namespace sandbox | 521 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1826223004:
Correctly handle child processes of sandboxed target processes. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master