| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include <stddef.h> | |
| 6 | |
| 7 #include "base/environment.h" | |
| 8 #include "base/files/file_path.h" | |
| 9 #include "base/files/scoped_temp_dir.h" | |
| 10 #include "base/i18n/case_conversion.h" | |
| 11 #include "base/macros.h" | |
| 12 #include "base/path_service.h" | |
| 13 #include "base/scoped_native_library.h" | |
| 14 #include "base/strings/string16.h" | |
| 15 #include "base/strings/string_number_conversions.h" | |
| 16 #include "base/strings/utf_string_conversions.h" | |
| 17 #include "base/test/test_reg_util_win.h" | |
| 18 #include "base/win/registry.h" | |
| 19 #include "chrome/common/chrome_version.h" | |
| 20 #include "chrome_elf/blacklist/blacklist.h" | |
| 21 #include "chrome_elf/blacklist/test/blacklist_test_main_dll.h" | |
| 22 #include "chrome_elf/chrome_elf_constants.h" | |
| 23 #include "testing/gtest/include/gtest/gtest.h" | |
| 24 | |
| 25 const wchar_t kTestDllName1[] = L"blacklist_test_dll_1.dll"; | |
| 26 const wchar_t kTestDllName2[] = L"blacklist_test_dll_2.dll"; | |
| 27 const wchar_t kTestDllName3[] = L"blacklist_test_dll_3.dll"; | |
| 28 | |
| 29 const wchar_t kDll2Beacon[] = L"{F70A0100-2889-4629-9B44-610FE5C73231}"; | |
| 30 const wchar_t kDll3Beacon[] = L"{9E056AEC-169E-400c-B2D0-5A07E3ACE2EB}"; | |
| 31 | |
| 32 extern const wchar_t* kEnvVars[]; | |
| 33 | |
| 34 extern "C" { | |
| 35 // When modifying the blacklist in the test process, use the exported test dll | |
| 36 // functions on the test blacklist dll, not the ones linked into the test | |
| 37 // executable itself. | |
| 38 __declspec(dllimport) void TestDll_AddDllsFromRegistryToBlacklist(); | |
| 39 __declspec(dllimport) bool TestDll_AddDllToBlacklist(const wchar_t* dll_name); | |
| 40 __declspec(dllimport) int TestDll_BlacklistSize(); | |
| 41 __declspec(dllimport) void TestDll_BlockedDll(size_t blocked_index); | |
| 42 __declspec(dllimport) int TestDll_GetBlacklistIndex(const wchar_t* dll_name); | |
| 43 __declspec(dllimport) bool TestDll_IsBlacklistInitialized(); | |
| 44 __declspec(dllimport) bool TestDll_RemoveDllFromBlacklist( | |
| 45 const wchar_t* dll_name); | |
| 46 __declspec(dllimport) bool TestDll_SuccessfullyBlocked( | |
| 47 const wchar_t** blocked_dlls, | |
| 48 int* size); | |
| 49 } | |
| 50 | |
| 51 namespace { | |
| 52 | |
| 53 struct TestData { | |
| 54 const wchar_t* dll_name; | |
| 55 const wchar_t* dll_beacon; | |
| 56 } test_data[] = { | |
| 57 {kTestDllName2, kDll2Beacon}, | |
| 58 {kTestDllName3, kDll3Beacon} | |
| 59 }; | |
| 60 | |
| 61 class BlacklistTest : public testing::Test { | |
| 62 protected: | |
| 63 BlacklistTest() : override_manager_(), num_initially_blocked_(0) { | |
| 64 override_manager_.OverrideRegistry(HKEY_CURRENT_USER); | |
| 65 } | |
| 66 | |
| 67 void CheckBlacklistedDllsNotLoaded() { | |
| 68 base::FilePath current_dir; | |
| 69 ASSERT_TRUE(PathService::Get(base::DIR_EXE, ¤t_dir)); | |
| 70 | |
| 71 for (size_t i = 0; i < arraysize(test_data); ++i) { | |
| 72 // Ensure that the dll has not been loaded both by inspecting the handle | |
| 73 // returned by LoadLibrary and by looking for an environment variable that | |
| 74 // is set when the DLL's entry point is called. | |
| 75 base::ScopedNativeLibrary dll_blacklisted( | |
| 76 current_dir.Append(test_data[i].dll_name)); | |
| 77 EXPECT_FALSE(dll_blacklisted.is_valid()); | |
| 78 EXPECT_EQ(0u, ::GetEnvironmentVariable(test_data[i].dll_beacon, NULL, 0)); | |
| 79 dll_blacklisted.Reset(NULL); | |
| 80 | |
| 81 // Ensure that the dll is recorded as blocked. | |
| 82 int array_size = 1 + num_initially_blocked_; | |
| 83 std::vector<const wchar_t*> blocked_dlls(array_size); | |
| 84 TestDll_SuccessfullyBlocked(&blocked_dlls[0], &array_size); | |
| 85 EXPECT_EQ(1 + num_initially_blocked_, array_size); | |
| 86 EXPECT_STREQ(test_data[i].dll_name, blocked_dlls[num_initially_blocked_]); | |
| 87 | |
| 88 // Remove the DLL from the blacklist. Ensure that it loads and that its | |
| 89 // entry point was called. | |
| 90 EXPECT_TRUE(TestDll_RemoveDllFromBlacklist(test_data[i].dll_name)); | |
| 91 base::ScopedNativeLibrary dll(current_dir.Append(test_data[i].dll_name)); | |
| 92 EXPECT_TRUE(dll.is_valid()); | |
| 93 EXPECT_NE(0u, ::GetEnvironmentVariable(test_data[i].dll_beacon, NULL, 0)); | |
| 94 dll.Reset(NULL); | |
| 95 | |
| 96 ::SetEnvironmentVariable(test_data[i].dll_beacon, NULL); | |
| 97 | |
| 98 // Ensure that the dll won't load even if the name has different | |
| 99 // capitalization. | |
| 100 base::string16 uppercase_name = | |
| 101 base::i18n::ToUpper(test_data[i].dll_name); | |
| 102 EXPECT_TRUE(TestDll_AddDllToBlacklist(uppercase_name.c_str())); | |
| 103 base::ScopedNativeLibrary dll_blacklisted_different_case( | |
| 104 current_dir.Append(test_data[i].dll_name)); | |
| 105 EXPECT_FALSE(dll_blacklisted_different_case.is_valid()); | |
| 106 EXPECT_EQ(0u, ::GetEnvironmentVariable(test_data[i].dll_beacon, NULL, 0)); | |
| 107 dll_blacklisted_different_case.Reset(NULL); | |
| 108 | |
| 109 EXPECT_TRUE(TestDll_RemoveDllFromBlacklist(uppercase_name.c_str())); | |
| 110 | |
| 111 // The blocked dll was removed, so the number of blocked dlls should | |
| 112 // return to what it originally was. | |
| 113 int num_blocked_dlls = 0; | |
| 114 TestDll_SuccessfullyBlocked(NULL, &num_blocked_dlls); | |
| 115 EXPECT_EQ(num_initially_blocked_, num_blocked_dlls); | |
| 116 } | |
| 117 } | |
| 118 | |
| 119 scoped_ptr<base::win::RegKey> blacklist_registry_key_; | |
| 120 registry_util::RegistryOverrideManager override_manager_; | |
| 121 | |
| 122 // The number of dlls initially blocked by the blacklist. | |
| 123 int num_initially_blocked_; | |
| 124 | |
| 125 private: | |
| 126 void SetUp() override { | |
| 127 // Force an import from blacklist_test_main_dll. | |
| 128 InitBlacklistTestDll(); | |
| 129 blacklist_registry_key_.reset( | |
| 130 new base::win::RegKey(HKEY_CURRENT_USER, | |
| 131 blacklist::kRegistryBeaconPath, | |
| 132 KEY_QUERY_VALUE | KEY_SET_VALUE)); | |
| 133 | |
| 134 // Find out how many dlls were blocked before the test starts. | |
| 135 TestDll_SuccessfullyBlocked(NULL, &num_initially_blocked_); | |
| 136 } | |
| 137 | |
| 138 void TearDown() override { | |
| 139 TestDll_RemoveDllFromBlacklist(kTestDllName1); | |
| 140 TestDll_RemoveDllFromBlacklist(kTestDllName2); | |
| 141 TestDll_RemoveDllFromBlacklist(kTestDllName3); | |
| 142 } | |
| 143 }; | |
| 144 | |
| 145 TEST_F(BlacklistTest, Beacon) { | |
| 146 // Ensure that the beacon state starts off 'running' for this version. | |
| 147 LONG result = blacklist_registry_key_->WriteValue( | |
| 148 blacklist::kBeaconState, blacklist::BLACKLIST_SETUP_RUNNING); | |
| 149 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 150 | |
| 151 result = blacklist_registry_key_->WriteValue(blacklist::kBeaconVersion, | |
| 152 TEXT(CHROME_VERSION_STRING)); | |
| 153 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 154 | |
| 155 // First call should find the beacon and reset it. | |
| 156 EXPECT_TRUE(blacklist::ResetBeacon()); | |
| 157 | |
| 158 // First call should succeed as the beacon is enabled. | |
| 159 EXPECT_TRUE(blacklist::LeaveSetupBeacon()); | |
| 160 } | |
| 161 | |
| 162 TEST_F(BlacklistTest, AddAndRemoveModules) { | |
| 163 EXPECT_TRUE(TestDll_AddDllToBlacklist(L"foo.dll")); | |
| 164 // Adding the same item twice should be idempotent. | |
| 165 EXPECT_TRUE(TestDll_AddDllToBlacklist(L"foo.dll")); | |
| 166 EXPECT_TRUE(TestDll_RemoveDllFromBlacklist(L"foo.dll")); | |
| 167 EXPECT_FALSE(TestDll_RemoveDllFromBlacklist(L"foo.dll")); | |
| 168 | |
| 169 // Increase the blacklist size by 1 to include the NULL pointer | |
| 170 // that marks the end. | |
| 171 int empty_spaces = | |
| 172 blacklist::kTroublesomeDllsMaxCount - (TestDll_BlacklistSize() + 1); | |
| 173 std::vector<base::string16> added_dlls; | |
| 174 added_dlls.reserve(empty_spaces); | |
| 175 for (int i = 0; i < empty_spaces; ++i) { | |
| 176 added_dlls.push_back(base::IntToString16(i) + L".dll"); | |
| 177 EXPECT_TRUE(TestDll_AddDllToBlacklist(added_dlls[i].c_str())) << i; | |
| 178 } | |
| 179 EXPECT_FALSE(TestDll_AddDllToBlacklist(L"overflow.dll")); | |
| 180 for (int i = 0; i < empty_spaces; ++i) { | |
| 181 EXPECT_TRUE(TestDll_RemoveDllFromBlacklist(added_dlls[i].c_str())) << i; | |
| 182 } | |
| 183 EXPECT_FALSE(TestDll_RemoveDllFromBlacklist(added_dlls[0].c_str())); | |
| 184 EXPECT_FALSE( | |
| 185 TestDll_RemoveDllFromBlacklist(added_dlls[empty_spaces - 1].c_str())); | |
| 186 } | |
| 187 | |
| 188 TEST_F(BlacklistTest, SuccessfullyBlocked) { | |
| 189 // Add 5 news dlls to blacklist. | |
| 190 const int kDesiredBlacklistSize = 1; | |
| 191 std::vector<base::string16> dlls_to_block; | |
| 192 for (int i = 0; i < kDesiredBlacklistSize; ++i) { | |
| 193 dlls_to_block.push_back(base::IntToString16(i) + L".dll"); | |
| 194 ASSERT_TRUE(TestDll_AddDllToBlacklist(dlls_to_block[i].c_str())); | |
| 195 } | |
| 196 | |
| 197 // Block the dlls, one at a time, and ensure SuccesfullyBlocked correctly | |
| 198 // passes the list of blocked dlls. | |
| 199 for (int i = 0; i < kDesiredBlacklistSize; ++i) { | |
| 200 TestDll_BlockedDll(TestDll_GetBlacklistIndex(dlls_to_block[i].c_str())); | |
| 201 | |
| 202 int size = 0; | |
| 203 TestDll_SuccessfullyBlocked(NULL, &size); | |
| 204 ASSERT_EQ(num_initially_blocked_ + i + 1, size); | |
| 205 | |
| 206 std::vector<const wchar_t*> blocked_dlls(size); | |
| 207 TestDll_SuccessfullyBlocked(&(blocked_dlls[0]), &size); | |
| 208 ASSERT_EQ(num_initially_blocked_ + i + 1, size); | |
| 209 | |
| 210 for (int j = 0; j <= i; ++j) { | |
| 211 EXPECT_STREQ(blocked_dlls[num_initially_blocked_ + j], | |
| 212 dlls_to_block[j].c_str()); | |
| 213 } | |
| 214 } | |
| 215 | |
| 216 // Remove the dlls from the blacklist now that we are done. | |
| 217 for (const auto& dll : dlls_to_block) { | |
| 218 EXPECT_TRUE(TestDll_RemoveDllFromBlacklist(dll.c_str())); | |
| 219 } | |
| 220 } | |
| 221 | |
| 222 TEST_F(BlacklistTest, LoadBlacklistedLibrary) { | |
| 223 base::FilePath current_dir; | |
| 224 ASSERT_TRUE(PathService::Get(base::DIR_EXE, ¤t_dir)); | |
| 225 | |
| 226 // Ensure that the blacklist is loaded. | |
| 227 ASSERT_TRUE(TestDll_IsBlacklistInitialized()); | |
| 228 | |
| 229 // Test that an un-blacklisted DLL can load correctly. | |
| 230 base::ScopedNativeLibrary dll1(current_dir.Append(kTestDllName1)); | |
| 231 EXPECT_TRUE(dll1.is_valid()); | |
| 232 dll1.Reset(NULL); | |
| 233 | |
| 234 int num_blocked_dlls = 0; | |
| 235 TestDll_SuccessfullyBlocked(NULL, &num_blocked_dlls); | |
| 236 EXPECT_EQ(num_initially_blocked_, num_blocked_dlls); | |
| 237 | |
| 238 // Add all DLLs to the blacklist then check they are blocked. | |
| 239 for (size_t i = 0; i < arraysize(test_data); ++i) { | |
| 240 EXPECT_TRUE(TestDll_AddDllToBlacklist(test_data[i].dll_name)); | |
| 241 } | |
| 242 CheckBlacklistedDllsNotLoaded(); | |
| 243 } | |
| 244 | |
| 245 TEST_F(BlacklistTest, AddDllsFromRegistryToBlacklist) { | |
| 246 // Ensure that the blacklist is loaded. | |
| 247 ASSERT_TRUE(TestDll_IsBlacklistInitialized()); | |
| 248 | |
| 249 // Delete the finch registry key to clear its values. | |
| 250 base::win::RegKey key(HKEY_CURRENT_USER, | |
| 251 blacklist::kRegistryFinchListPath, | |
| 252 KEY_QUERY_VALUE | KEY_SET_VALUE); | |
| 253 key.DeleteKey(L""); | |
| 254 | |
| 255 // Add the test dlls to the registry (with their name as both key and value). | |
| 256 base::win::RegKey finch_blacklist_registry_key( | |
| 257 HKEY_CURRENT_USER, | |
| 258 blacklist::kRegistryFinchListPath, | |
| 259 KEY_QUERY_VALUE | KEY_SET_VALUE); | |
| 260 for (size_t i = 0; i < arraysize(test_data); ++i) { | |
| 261 finch_blacklist_registry_key.WriteValue(test_data[i].dll_name, | |
| 262 test_data[i].dll_name); | |
| 263 } | |
| 264 | |
| 265 TestDll_AddDllsFromRegistryToBlacklist(); | |
| 266 CheckBlacklistedDllsNotLoaded(); | |
| 267 } | |
| 268 | |
| 269 void TestResetBeacon(scoped_ptr<base::win::RegKey>& key, | |
| 270 DWORD input_state, | |
| 271 DWORD expected_output_state) { | |
| 272 LONG result = key->WriteValue(blacklist::kBeaconState, input_state); | |
| 273 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 274 | |
| 275 EXPECT_TRUE(blacklist::ResetBeacon()); | |
| 276 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; | |
| 277 result = key->ReadValueDW(blacklist::kBeaconState, &blacklist_state); | |
| 278 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 279 EXPECT_EQ(expected_output_state, blacklist_state); | |
| 280 } | |
| 281 | |
| 282 TEST_F(BlacklistTest, ResetBeacon) { | |
| 283 // Ensure that ResetBeacon resets properly on successful runs and not on | |
| 284 // failed or disabled runs. | |
| 285 TestResetBeacon(blacklist_registry_key_, | |
| 286 blacklist::BLACKLIST_SETUP_RUNNING, | |
| 287 blacklist::BLACKLIST_ENABLED); | |
| 288 | |
| 289 TestResetBeacon(blacklist_registry_key_, | |
| 290 blacklist::BLACKLIST_SETUP_FAILED, | |
| 291 blacklist::BLACKLIST_SETUP_FAILED); | |
| 292 | |
| 293 TestResetBeacon(blacklist_registry_key_, | |
| 294 blacklist::BLACKLIST_DISABLED, | |
| 295 blacklist::BLACKLIST_DISABLED); | |
| 296 } | |
| 297 | |
| 298 TEST_F(BlacklistTest, SetupFailed) { | |
| 299 // Ensure that when the number of failed tries reaches the maximum allowed, | |
| 300 // the blacklist state is set to failed. | |
| 301 LONG result = blacklist_registry_key_->WriteValue( | |
| 302 blacklist::kBeaconState, blacklist::BLACKLIST_SETUP_RUNNING); | |
| 303 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 304 | |
| 305 // Set the attempt count so that on the next failure the blacklist is | |
| 306 // disabled. | |
| 307 result = blacklist_registry_key_->WriteValue( | |
| 308 blacklist::kBeaconAttemptCount, blacklist::kBeaconMaxAttempts - 1); | |
| 309 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 310 | |
| 311 EXPECT_FALSE(blacklist::LeaveSetupBeacon()); | |
| 312 | |
| 313 DWORD attempt_count = 0; | |
| 314 blacklist_registry_key_->ReadValueDW(blacklist::kBeaconAttemptCount, | |
| 315 &attempt_count); | |
| 316 EXPECT_EQ(attempt_count, blacklist::kBeaconMaxAttempts); | |
| 317 | |
| 318 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; | |
| 319 result = blacklist_registry_key_->ReadValueDW(blacklist::kBeaconState, | |
| 320 &blacklist_state); | |
| 321 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 322 EXPECT_EQ(blacklist_state, blacklist::BLACKLIST_SETUP_FAILED); | |
| 323 } | |
| 324 | |
| 325 TEST_F(BlacklistTest, SetupSucceeded) { | |
| 326 // Starting with the enabled beacon should result in the setup running state | |
| 327 // and the attempt counter reset to zero. | |
| 328 LONG result = blacklist_registry_key_->WriteValue( | |
| 329 blacklist::kBeaconState, blacklist::BLACKLIST_ENABLED); | |
| 330 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 331 result = blacklist_registry_key_->WriteValue(blacklist::kBeaconAttemptCount, | |
| 332 blacklist::kBeaconMaxAttempts); | |
| 333 EXPECT_EQ(ERROR_SUCCESS, result); | |
| 334 | |
| 335 EXPECT_TRUE(blacklist::LeaveSetupBeacon()); | |
| 336 | |
| 337 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; | |
| 338 blacklist_registry_key_->ReadValueDW(blacklist::kBeaconState, | |
| 339 &blacklist_state); | |
| 340 EXPECT_EQ(blacklist_state, blacklist::BLACKLIST_SETUP_RUNNING); | |
| 341 | |
| 342 DWORD attempt_count = blacklist::kBeaconMaxAttempts; | |
| 343 blacklist_registry_key_->ReadValueDW(blacklist::kBeaconAttemptCount, | |
| 344 &attempt_count); | |
| 345 EXPECT_EQ(static_cast<DWORD>(0), attempt_count); | |
| 346 } | |
| 347 | |
| 348 } // namespace | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1851213002:
Remove sandbox on Windows. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master