Make second param for TestChildProcess optional.

sandbox/win/src/process_mitigations_test.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/files/file_util.h"
 #include "base/files/scoped_temp_dir.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/path_service.h"
 #include "base/process/launch.h"
 #include "base/strings/stringprintf.h"
@@ skipping 186 matching lines @@
 
   EXPECT_EQ((is_success_test ? sandbox::SBOX_TEST_SUCCEEDED
                              : sandbox::SBOX_TEST_FAILED),
             runner.RunTest(test.c_str()));
 }
 
 }  // namespace
 
 namespace sandbox {
 
-// A shared helper test command that will attempt to CreateProcess
-// with a given command line. The second parameter, if set to non-zero
-// will cause the child process to return exit code STATUS_ACCESS_VIOLATION.
+// A shared helper test command that will attempt to CreateProcess with a given
+// command line. The second optional parameter will cause the child process to
+// return that as an exit code on termination.
 //
 // ***Make sure you've enabled basic process creation in the
 // test sandbox settings via:
 // sandbox::TargetPolicy::SetJobLevel(),
 // sandbox::TargetPolicy::SetTokenLevel(),
 // and TestRunner::SetDisableCsrss().
 SBOX_TESTS_COMMAND int TestChildProcess(int argc, wchar_t** argv) {
-  if (argc < 2)
+  if (argc < 1)
     return SBOX_TEST_INVALID_PARAMETER;
 
-  int desired_exit_code = _wtoi(argv[1]);
-  if (desired_exit_code)
-      desired_exit_code = STATUS_ACCESS_VIOLATION;
+  int desired_exit_code = 0;
+
+  if (argc == 2) {
+    desired_exit_code = wcstoul(argv[1], nullptr, 0);
+  }
 
   std::wstring cmd = argv[0];
   base::LaunchOptions options = base::LaunchOptionsForTest();
   base::Process setup_proc = base::LaunchProcess(cmd.c_str(), options);
 
   if (setup_proc.IsValid()) {
     setup_proc.Terminate(desired_exit_code, false);
     return SBOX_TEST_SUCCEEDED;
   }
   // Note: GetLastError from CreateProcess returns 5, "ERROR_ACCESS_DENIED".
@@ skipping 437 matching lines @@
   policy->SetJobLevel(JOB_INTERACTIVE, 0);
   policy->SetTokenLevel(USER_UNPROTECTED, USER_UNPROTECTED);
   runner.SetDisableCsrss(false);
 
   base::FilePath cmd;
   EXPECT_TRUE(base::PathService::Get(base::DIR_SYSTEM, &cmd));
   cmd = cmd.Append(L"calc.exe");
 
   std::wstring test_command = L"TestChildProcess ";
   test_command += cmd.value().c_str();
-  test_command += L" 0";
 
   EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(test_command.c_str()));
 }
 
 // This test validates that setting the
 // MITIGATION_CHILD_PROCESS_CREATION_RESTRICTED mitigation prevents
 // the spawning of child processes.
 TEST(ProcessMitigationsTest, CheckChildProcessFailure) {
   TestRunner runner;
   sandbox::TargetPolicy* policy = runner.GetPolicy();
 
   // Now set the job level to be <= JOB_LIMITED_USER
   // and ensure we can no longer create a child process.
   policy->SetJobLevel(JOB_LIMITED_USER, 0);
   policy->SetTokenLevel(USER_UNPROTECTED, USER_UNPROTECTED);
   runner.SetDisableCsrss(false);
 
   base::FilePath cmd;
   EXPECT_TRUE(base::PathService::Get(base::DIR_SYSTEM, &cmd));
   cmd = cmd.Append(L"calc.exe");
 
   std::wstring test_command = L"TestChildProcess ";
   test_command += cmd.value().c_str();
-  test_command += L" 0";
 
   EXPECT_EQ(SBOX_TEST_FAILED, runner.RunTest(test_command.c_str()));
 }
 
-// This test validates that we can spawn a child process if
-// MITIGATION_CHILD_PROCESS_CREATION_RESTRICTED mitigation is
-// not set. This also tests that a crashing child process is correctly handled
-// by the broker.
-TEST(ProcessMitigationsTest, CheckChildProcessSuccessAbnormalExit) {
+// This test validates that when the sandboxed target within a job spawns a
+// child process and the target process exits abnormally, the broker correctly
+// handles the JOB_OBJECT_MSG_ABNORMAL_EXIT_PROCESS message.
+// Because this involves spawning a child process from the target process and is
+// very similar to the above CheckChildProcess* tests, this test is here rather
+// than elsewhere closer to the other Job tests.
+TEST(ProcessMitigationsTest, CheckChildProcessAbnormalExit) {
   TestRunner runner;
   sandbox::TargetPolicy* policy = runner.GetPolicy();
 
   // Set a policy that would normally allow for process creation.
   policy->SetJobLevel(JOB_INTERACTIVE, 0);
   policy->SetTokenLevel(USER_UNPROTECTED, USER_UNPROTECTED);
   runner.SetDisableCsrss(false);
 
   base::FilePath cmd;
   EXPECT_TRUE(base::PathService::Get(base::DIR_SYSTEM, &cmd));
   cmd = cmd.Append(L"calc.exe");
 
-  std::wstring test_command = L"TestChildProcess ";
-  test_command += cmd.value().c_str();
-  test_command += L" 1";
+  std::wstring test_command(base::StringPrintf(L"TestChildProcess %ls 0x%08X",
+                                               cmd.value().c_str(),
+                                               STATUS_ACCESS_VIOLATION));
 
   EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(test_command.c_str()));
 }
 
-// This test validates that setting the
-// MITIGATION_CHILD_PROCESS_CREATION_RESTRICTED mitigation prevents
-// the spawning of child processes.  This also tests that a crashing child
-// process is correctly handled by the broker.
-TEST(ProcessMitigationsTest, CheckChildProcessFailureAbnormalExit) {
-  TestRunner runner;
-  sandbox::TargetPolicy* policy = runner.GetPolicy();
-
-  // Now set the job level to be <= JOB_LIMITED_USER
-  // and ensure we can no longer create a child process.
-  policy->SetJobLevel(JOB_LIMITED_USER, 0);
-  policy->SetTokenLevel(USER_UNPROTECTED, USER_UNPROTECTED);
-  runner.SetDisableCsrss(false);
-
-  base::FilePath cmd;
-  EXPECT_TRUE(base::PathService::Get(base::DIR_SYSTEM, &cmd));
-  cmd = cmd.Append(L"calc.exe");
-
-  std::wstring test_command = L"TestChildProcess ";
-  test_command += cmd.value().c_str();
-  test_command += L" 1";
-
-  EXPECT_EQ(SBOX_TEST_FAILED, runner.RunTest(test_command.c_str()));
-}
-
 }  // namespace sandbox