The Tor Browser / annotate

security/sandbox/win/src/handle_policy_test.cc@6474c204b198 (annotated)

security/sandbox/win/src/handle_policy_test.cc

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
michael@0 2 // Use of this source code is governed by a BSD-style license that can be
michael@0 3 // found in the LICENSE file.
michael@0 4
michael@0 5 #include "base/strings/stringprintf.h"
michael@0 6 #include "sandbox/win/src/handle_policy.h"
michael@0 7 #include "sandbox/win/src/nt_internals.h"
michael@0 8 #include "sandbox/win/src/sandbox.h"
michael@0 9 #include "sandbox/win/src/sandbox_factory.h"
michael@0 10 #include "sandbox/win/src/sandbox_policy.h"
michael@0 11 #include "sandbox/win/src/win_utils.h"
michael@0 12 #include "sandbox/win/tests/common/controller.h"
michael@0 13 #include "testing/gtest/include/gtest/gtest.h"
michael@0 14
michael@0 15 namespace sandbox {
michael@0 16
michael@0 17 // Just waits for the supplied number of milliseconds.
michael@0 18 SBOX_TESTS_COMMAND int Handle_WaitProcess(int argc, wchar_t **argv) {
michael@0 19 if (argc != 1)
michael@0 20 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
michael@0 21
michael@0 22 ::Sleep(::wcstoul(argv[0], NULL, 10));
michael@0 23 return SBOX_TEST_TIMED_OUT;
michael@0 24 }
michael@0 25
michael@0 26 // Attempts to duplicate an event handle into the target process.
michael@0 27 SBOX_TESTS_COMMAND int Handle_DuplicateEvent(int argc, wchar_t **argv) {
michael@0 28 if (argc != 1)
michael@0 29 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
michael@0 30
michael@0 31 // Create a test event to use as a handle.
michael@0 32 base::win::ScopedHandle test_event;
michael@0 33 test_event.Set(::CreateEvent(NULL, TRUE, TRUE, NULL));
michael@0 34 if (!test_event.IsValid())
michael@0 35 return SBOX_TEST_FIRST_ERROR;
michael@0 36
michael@0 37 // Get the target process ID.
michael@0 38 DWORD target_process_id = ::wcstoul(argv[0], NULL, 10);
michael@0 39
michael@0 40 HANDLE handle = NULL;
michael@0 41 ResultCode result = SandboxFactory::GetTargetServices()->DuplicateHandle(
michael@0 42 test_event, target_process_id, &handle, 0, DUPLICATE_SAME_ACCESS);
michael@0 43
michael@0 44 return (result == SBOX_ALL_OK) ? SBOX_TEST_SUCCEEDED : SBOX_TEST_DENIED;
michael@0 45 }
michael@0 46
michael@0 47 // Tests that duplicating an object works only when the policy allows it.
michael@0 48 TEST(HandlePolicyTest, DuplicateHandle) {
michael@0 49 TestRunner target;
michael@0 50 TestRunner runner;
michael@0 51
michael@0 52 // Kick off an asynchronous target process for testing.
michael@0 53 target.SetAsynchronous(true);
michael@0 54 EXPECT_EQ(SBOX_TEST_SUCCEEDED, target.RunTest(L"Handle_WaitProcess 30000"));
michael@0 55
michael@0 56 // First test that we fail to open the event.
michael@0 57 std::wstring cmd_line = base::StringPrintf(L"Handle_DuplicateEvent %d",
michael@0 58 target.process_id());
michael@0 59 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(cmd_line.c_str()));
michael@0 60
michael@0 61 // Now successfully open the event after adding a duplicate handle rule.
michael@0 62 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_HANDLES,
michael@0 63 TargetPolicy::HANDLES_DUP_ANY,
michael@0 64 L"Event"));
michael@0 65 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(cmd_line.c_str()));
michael@0 66 }
michael@0 67
michael@0 68 // Tests that duplicating an object works only when the policy allows it.
michael@0 69 TEST(HandlePolicyTest, DuplicatePeerHandle) {
michael@0 70 TestRunner target;
michael@0 71 TestRunner runner;
michael@0 72
michael@0 73 // Kick off an asynchronous target process for testing.
michael@0 74 target.SetAsynchronous(true);
michael@0 75 target.SetUnsandboxed(true);
michael@0 76 EXPECT_EQ(SBOX_TEST_SUCCEEDED, target.RunTest(L"Handle_WaitProcess 30000"));
michael@0 77
michael@0 78 // First test that we fail to open the event.
michael@0 79 std::wstring cmd_line = base::StringPrintf(L"Handle_DuplicateEvent %d",
michael@0 80 target.process_id());
michael@0 81 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(cmd_line.c_str()));
michael@0 82
michael@0 83 // Now successfully open the event after adding a duplicate handle rule.
michael@0 84 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_HANDLES,
michael@0 85 TargetPolicy::HANDLES_DUP_ANY,
michael@0 86 L"Event"));
michael@0 87 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(cmd_line.c_str()));
michael@0 88 }
michael@0 89
michael@0 90 // Tests that duplicating an object works only when the policy allows it.
michael@0 91 TEST(HandlePolicyTest, DuplicateBrokerHandle) {
michael@0 92 TestRunner runner;
michael@0 93
michael@0 94 // First test that we fail to open the event.
michael@0 95 std::wstring cmd_line = base::StringPrintf(L"Handle_DuplicateEvent %d",
michael@0 96 ::GetCurrentProcessId());
michael@0 97 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(cmd_line.c_str()));
michael@0 98
michael@0 99 // Add the peer rule and make sure we fail again.
michael@0 100 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_HANDLES,
michael@0 101 TargetPolicy::HANDLES_DUP_ANY,
michael@0 102 L"Event"));
michael@0 103 EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(cmd_line.c_str()));
michael@0 104
michael@0 105
michael@0 106 // Now successfully open the event after adding a broker handle rule.
michael@0 107 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_HANDLES,
michael@0 108 TargetPolicy::HANDLES_DUP_BROKER,
michael@0 109 L"Event"));
michael@0 110 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(cmd_line.c_str()));
michael@0 111 }
michael@0 112
michael@0 113 } // namespace sandbox
michael@0 114

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial