| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/syscall_broker/broker_file_permission.h" | 5 #include "sandbox/linux/syscall_broker/broker_file_permission.h" |
| 6 | 6 |
| 7 #include <fcntl.h> | 7 #include <fcntl.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 #include <sys/stat.h> | 9 #include <sys/stat.h> |
| 10 #include <sys/types.h> | 10 #include <sys/types.h> |
| (...skipping 28 matching lines...) Expand all Loading... |
| 39 SANDBOX_TEST(BrokerFilePermission, CreateGood) { | 39 SANDBOX_TEST(BrokerFilePermission, CreateGood) { |
| 40 const char kPath[] = "/tmp/good"; | 40 const char kPath[] = "/tmp/good"; |
| 41 BrokerFilePermission perm = BrokerFilePermission::ReadOnly(kPath); | 41 BrokerFilePermission perm = BrokerFilePermission::ReadOnly(kPath); |
| 42 } | 42 } |
| 43 | 43 |
| 44 SANDBOX_TEST(BrokerFilePermission, CreateGoodRecursive) { | 44 SANDBOX_TEST(BrokerFilePermission, CreateGoodRecursive) { |
| 45 const char kPath[] = "/tmp/good/"; | 45 const char kPath[] = "/tmp/good/"; |
| 46 BrokerFilePermission perm = BrokerFilePermission::ReadOnlyRecursive(kPath); | 46 BrokerFilePermission perm = BrokerFilePermission::ReadOnlyRecursive(kPath); |
| 47 } | 47 } |
| 48 | 48 |
| 49 #if defined(OS_ANDROID) && defined(OFFICIAL_BUILD) && defined(NDEBUG) | 49 // In official builds, CHECK(x) causes a SIGTRAP on the architectures where the |
| 50 #define DEATH_BY_SIGILL(msg) DEATH_BY_SIGNAL(SIGILL) | 50 // sanbox is enabled (that are x86, x86_64, arm64 and 32-bit arm processes |
| 51 // running on a arm64 kernel). |
| 52 #if defined(OFFICIAL_BUILD) |
| 53 #define DEATH_BY_CHECK(msg) DEATH_BY_SIGNAL(SIGTRAP) |
| 51 #else | 54 #else |
| 52 #define DEATH_BY_SIGILL(msg) DEATH_MESSAGE(msg) | 55 #define DEATH_BY_CHECK(msg) DEATH_MESSAGE(msg) |
| 53 #endif | 56 #endif |
| 54 | 57 |
| 55 SANDBOX_DEATH_TEST( | 58 SANDBOX_DEATH_TEST( |
| 56 BrokerFilePermission, | 59 BrokerFilePermission, |
| 57 CreateBad, | 60 CreateBad, |
| 58 DEATH_BY_SIGILL(BrokerFilePermissionTester::GetErrorMessage()) | 61 DEATH_BY_CHECK(BrokerFilePermissionTester::GetErrorMessage())) { |
| 59 ) { | |
| 60 const char kPath[] = "/tmp/bad/"; | 62 const char kPath[] = "/tmp/bad/"; |
| 61 BrokerFilePermission perm = BrokerFilePermission::ReadOnly(kPath); | 63 BrokerFilePermission perm = BrokerFilePermission::ReadOnly(kPath); |
| 62 } | 64 } |
| 63 | 65 |
| 64 SANDBOX_DEATH_TEST( | 66 SANDBOX_DEATH_TEST( |
| 65 BrokerFilePermission, | 67 BrokerFilePermission, |
| 66 CreateBadRecursive, | 68 CreateBadRecursive, |
| 67 DEATH_BY_SIGILL(BrokerFilePermissionTester::GetErrorMessage()) | 69 DEATH_BY_CHECK(BrokerFilePermissionTester::GetErrorMessage())) { |
| 68 ) { | |
| 69 const char kPath[] = "/tmp/bad"; | 70 const char kPath[] = "/tmp/bad"; |
| 70 BrokerFilePermission perm = BrokerFilePermission::ReadOnlyRecursive(kPath); | 71 BrokerFilePermission perm = BrokerFilePermission::ReadOnlyRecursive(kPath); |
| 71 } | 72 } |
| 72 | 73 |
| 73 SANDBOX_DEATH_TEST( | 74 SANDBOX_DEATH_TEST( |
| 74 BrokerFilePermission, | 75 BrokerFilePermission, |
| 75 CreateBadNotAbs, | 76 CreateBadNotAbs, |
| 76 DEATH_BY_SIGILL(BrokerFilePermissionTester::GetErrorMessage()) | 77 DEATH_BY_CHECK(BrokerFilePermissionTester::GetErrorMessage())) { |
| 77 ) { | |
| 78 const char kPath[] = "tmp/bad"; | 78 const char kPath[] = "tmp/bad"; |
| 79 BrokerFilePermission perm = BrokerFilePermission::ReadOnly(kPath); | 79 BrokerFilePermission perm = BrokerFilePermission::ReadOnly(kPath); |
| 80 } | 80 } |
| 81 | 81 |
| 82 SANDBOX_DEATH_TEST( | 82 SANDBOX_DEATH_TEST( |
| 83 BrokerFilePermission, | 83 BrokerFilePermission, |
| 84 CreateBadEmpty, | 84 CreateBadEmpty, |
| 85 DEATH_BY_SIGILL(BrokerFilePermissionTester::GetErrorMessage()) | 85 DEATH_BY_CHECK(BrokerFilePermissionTester::GetErrorMessage())) { |
| 86 ) { | |
| 87 const char kPath[] = ""; | 86 const char kPath[] = ""; |
| 88 BrokerFilePermission perm = BrokerFilePermission::ReadOnly(kPath); | 87 BrokerFilePermission perm = BrokerFilePermission::ReadOnly(kPath); |
| 89 } | 88 } |
| 90 | 89 |
| 91 // CheckPerm tests |path| against |perm| given |access_flags|. | 90 // CheckPerm tests |path| against |perm| given |access_flags|. |
| 92 // If |create| is true then file creation is tested for success. | 91 // If |create| is true then file creation is tested for success. |
| 93 void CheckPerm(const BrokerFilePermission& perm, | 92 void CheckPerm(const BrokerFilePermission& perm, |
| 94 const char* path, | 93 const char* path, |
| 95 int access_flags, | 94 int access_flags, |
| 96 bool create) { | 95 bool create) { |
| (...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 263 EXPECT_FALSE(BrokerFilePermissionTester::ValidatePath("/bad/..")); | 262 EXPECT_FALSE(BrokerFilePermissionTester::ValidatePath("/bad/..")); |
| 264 EXPECT_FALSE(BrokerFilePermissionTester::ValidatePath("/bad/../bad")); | 263 EXPECT_FALSE(BrokerFilePermissionTester::ValidatePath("/bad/../bad")); |
| 265 EXPECT_FALSE(BrokerFilePermissionTester::ValidatePath("/../bad")); | 264 EXPECT_FALSE(BrokerFilePermissionTester::ValidatePath("/../bad")); |
| 266 } | 265 } |
| 267 | 266 |
| 268 } // namespace | 267 } // namespace |
| 269 | 268 |
| 270 } // namespace syscall_broker | 269 } // namespace syscall_broker |
| 271 | 270 |
| 272 } // namespace sandbox | 271 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2709203002:
sandbox tests: Adapt test expectations to new CHECK() behavior (Closed)
