Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1026)

Unified Diff: content/common/sandbox_mac_diraccess_unittest.mm

Issue 2919963003: Update sandbox profiles and remove regular expressions. (Closed)
Patch Set: Remove string quoting Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/common/sandbox_mac.mm ('k') | content/ppapi_plugin/ppapi.sb » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/sandbox_mac_diraccess_unittest.mm
diff --git a/content/common/sandbox_mac_diraccess_unittest.mm b/content/common/sandbox_mac_diraccess_unittest.mm
index 5cf973f0f596740df2aff5bf4d01cd557784ce84..1b2160ab292736927def006f932ab901cb9b20d3 100644
--- a/content/common/sandbox_mac_diraccess_unittest.mm
+++ b/content/common/sandbox_mac_diraccess_unittest.mm
@@ -53,89 +53,6 @@ class MacDirAccessSandboxTest : public base::MultiProcessTest {
}
};
-TEST_F(MacDirAccessSandboxTest, StringEscape) {
- const struct string_escape_test_data {
- const char* to_escape;
- const char* escaped;
- } string_escape_cases[] = {
- {"", ""},
- {"\b\f\n\r\t\\\"", "\\b\\f\\n\\r\\t\\\\\\\""},
- {"/'", "/'"},
- {"sandwich", "sandwich"},
- {"(sandwich)", "(sandwich)"},
- {"^\u2135.\u2136$", "^\\u2135.\\u2136$"},
- };
-
- for (size_t i = 0; i < arraysize(string_escape_cases); ++i) {
- std::string out;
- std::string in(string_escape_cases[i].to_escape);
- EXPECT_TRUE(Sandbox::QuotePlainString(in, &out));
- EXPECT_EQ(string_escape_cases[i].escaped, out);
- }
-}
-
-TEST_F(MacDirAccessSandboxTest, RegexEscape) {
- const std::string kSandboxEscapeSuffix("(/|$)");
- const struct regex_test_data {
- const wchar_t *to_escape;
- const char* escaped;
- } regex_cases[] = {
- {L"", ""},
- {L"/'", "/'"}, // / & ' characters don't need escaping.
- {L"sandwich", "sandwich"},
- {L"(sandwich)", "\\(sandwich\\)"},
- };
-
- // Check that all characters whose values are smaller than 32 [1F] are
- // rejected by the regex escaping code.
- {
- std::string out;
- char fail_string[] = {31, 0};
- char ok_string[] = {32, 0};
- EXPECT_FALSE(Sandbox::QuoteStringForRegex(fail_string, &out));
- EXPECT_TRUE(Sandbox::QuoteStringForRegex(ok_string, &out));
- }
-
- // Check that all characters whose values are larger than 126 [7E] are
- // rejected by the regex escaping code.
- {
- std::string out;
- EXPECT_TRUE(Sandbox::QuoteStringForRegex("}", &out)); // } == 0x7D == 125
- EXPECT_FALSE(Sandbox::QuoteStringForRegex("~", &out)); // ~ == 0x7E == 126
- EXPECT_FALSE(
- Sandbox::QuoteStringForRegex(base::WideToUTF8(L"^\u2135.\u2136$"),
- &out));
- }
-
- {
- for (size_t i = 0; i < arraysize(regex_cases); ++i) {
- std::string out;
- std::string in = base::WideToUTF8(regex_cases[i].to_escape);
- EXPECT_TRUE(Sandbox::QuoteStringForRegex(in, &out));
- std::string expected("^");
- expected.append(regex_cases[i].escaped);
- expected.append(kSandboxEscapeSuffix);
- EXPECT_EQ(expected, out);
- }
- }
-
- {
- std::string in_utf8("\\^.$|()[]*+?{}");
- std::string expected;
- expected.push_back('^');
- for (size_t i = 0; i < in_utf8.length(); ++i) {
- expected.push_back('\\');
- expected.push_back(in_utf8[i]);
- }
- expected.append(kSandboxEscapeSuffix);
-
- std::string out;
- EXPECT_TRUE(Sandbox::QuoteStringForRegex(in_utf8, &out));
- EXPECT_EQ(expected, out);
-
- }
-}
-
// A class to handle auto-deleting a directory.
struct ScopedDirectoryDelete {
inline void operator()(base::FilePath* x) const {
@@ -159,9 +76,13 @@ TEST_F(MacDirAccessSandboxTest, SandboxAccess) {
ScopedDirectory cleanup(&tmp_dir);
const char* sandbox_dir_cases[] = {
- "simple_dir_name",
- "^hello++ $", // Regex.
- "\\^.$|()[]*+?{}", // All regex characters.
+ "simple_dir_name",
+ "^hello++ $", // Regex.
+ "\\^.$|()[]*+?{}", // All regex characters.
+ "\n",
+ "\tfile\b",
+ "ÖÖÖÖÖ",
+ "ȓȓȓȓȓ",
};
for (size_t i = 0; i < arraysize(sandbox_dir_cases); ++i) {
@@ -188,10 +109,6 @@ MULTIPROCESS_TEST_MAIN(mac_sandbox_path_access) {
if (!sandbox_allowed_dir)
return -1;
- std::string final_allowed_dir;
- EXPECT_TRUE(
- Sandbox::QuoteStringForRegex(sandbox_allowed_dir, &final_allowed_dir));
-
// Build up a sandbox profile that only allows access to a single directory.
std::string sandbox_profile =
"(version 1)"
@@ -202,12 +119,11 @@ MULTIPROCESS_TEST_MAIN(mac_sandbox_path_access) {
"(if (string? perm_dir)"
" (begin"
" (allow file-read-metadata )"
- " (allow file-read* file-write* (regex (string-append #\"\" "
- "perm_dir)))))";
+ " (allow file-read* file-write* (subpath perm_dir))))";
// Setup the parameters to pass to the sandbox.
sandbox::SandboxCompiler compiler(sandbox_profile);
- CHECK(compiler.InsertStringParam("PERMITTED_DIR", final_allowed_dir));
+ CHECK(compiler.InsertStringParam("PERMITTED_DIR", sandbox_allowed_dir));
// Enable Sandbox.
std::string error_str;
« no previous file with comments | « content/common/sandbox_mac.mm ('k') | content/ppapi_plugin/ppapi.sb » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698