The Tor Browser / file diff

diff: security/sandbox/win/src/handle_policy_test.cc

security/sandbox/win/src/handle_policy_test.cc

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/security/sandbox/win/src/handle_policy_test.cc	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,114 @@
     1.4 +// Copyright (c) 2012 The Chromium Authors. All rights reserved.
     1.5 +// Use of this source code is governed by a BSD-style license that can be
     1.6 +// found in the LICENSE file.
     1.7 +
     1.8 +#include "base/strings/stringprintf.h"
     1.9 +#include "sandbox/win/src/handle_policy.h"
    1.10 +#include "sandbox/win/src/nt_internals.h"
    1.11 +#include "sandbox/win/src/sandbox.h"
    1.12 +#include "sandbox/win/src/sandbox_factory.h"
    1.13 +#include "sandbox/win/src/sandbox_policy.h"
    1.14 +#include "sandbox/win/src/win_utils.h"
    1.15 +#include "sandbox/win/tests/common/controller.h"
    1.16 +#include "testing/gtest/include/gtest/gtest.h"
    1.17 +
    1.18 +namespace sandbox {
    1.19 +
    1.20 +// Just waits for the supplied number of milliseconds.
    1.21 +SBOX_TESTS_COMMAND int Handle_WaitProcess(int argc, wchar_t **argv) {
    1.22 +  if (argc != 1)
    1.23 +    return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
    1.24 +
    1.25 +  ::Sleep(::wcstoul(argv[0], NULL, 10));
    1.26 +  return SBOX_TEST_TIMED_OUT;
    1.27 +}
    1.28 +
    1.29 +// Attempts to duplicate an event handle into the target process.
    1.30 +SBOX_TESTS_COMMAND int Handle_DuplicateEvent(int argc, wchar_t **argv) {
    1.31 +  if (argc != 1)
    1.32 +    return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
    1.33 +
    1.34 +  // Create a test event to use as a handle.
    1.35 +  base::win::ScopedHandle test_event;
    1.36 +  test_event.Set(::CreateEvent(NULL, TRUE, TRUE, NULL));
    1.37 +  if (!test_event.IsValid())
    1.38 +    return SBOX_TEST_FIRST_ERROR;
    1.39 +
    1.40 +  // Get the target process ID.
    1.41 +  DWORD target_process_id = ::wcstoul(argv[0], NULL, 10);
    1.42 +
    1.43 +  HANDLE handle = NULL;
    1.44 +  ResultCode result = SandboxFactory::GetTargetServices()->DuplicateHandle(
    1.45 +      test_event, target_process_id, &handle, 0, DUPLICATE_SAME_ACCESS);
    1.46 +
    1.47 +  return (result == SBOX_ALL_OK) ? SBOX_TEST_SUCCEEDED : SBOX_TEST_DENIED;
    1.48 +}
    1.49 +
    1.50 +// Tests that duplicating an object works only when the policy allows it.
    1.51 +TEST(HandlePolicyTest, DuplicateHandle) {
    1.52 +  TestRunner target;
    1.53 +  TestRunner runner;
    1.54 +
    1.55 +  // Kick off an asynchronous target process for testing.
    1.56 +  target.SetAsynchronous(true);
    1.57 +  EXPECT_EQ(SBOX_TEST_SUCCEEDED, target.RunTest(L"Handle_WaitProcess 30000"));
    1.58 +
    1.59 +  // First test that we fail to open the event.
    1.60 +  std::wstring cmd_line = base::StringPrintf(L"Handle_DuplicateEvent %d",
    1.61 +                                             target.process_id());
    1.62 +  EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(cmd_line.c_str()));
    1.63 +
    1.64 +  // Now successfully open the event after adding a duplicate handle rule.
    1.65 +  EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_HANDLES,
    1.66 +                             TargetPolicy::HANDLES_DUP_ANY,
    1.67 +                             L"Event"));
    1.68 +  EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(cmd_line.c_str()));
    1.69 +}
    1.70 +
    1.71 +// Tests that duplicating an object works only when the policy allows it.
    1.72 +TEST(HandlePolicyTest, DuplicatePeerHandle) {
    1.73 +  TestRunner target;
    1.74 +  TestRunner runner;
    1.75 +
    1.76 +  // Kick off an asynchronous target process for testing.
    1.77 +  target.SetAsynchronous(true);
    1.78 +  target.SetUnsandboxed(true);
    1.79 +  EXPECT_EQ(SBOX_TEST_SUCCEEDED, target.RunTest(L"Handle_WaitProcess 30000"));
    1.80 +
    1.81 +  // First test that we fail to open the event.
    1.82 +  std::wstring cmd_line = base::StringPrintf(L"Handle_DuplicateEvent %d",
    1.83 +                                             target.process_id());
    1.84 +  EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(cmd_line.c_str()));
    1.85 +
    1.86 +  // Now successfully open the event after adding a duplicate handle rule.
    1.87 +  EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_HANDLES,
    1.88 +                             TargetPolicy::HANDLES_DUP_ANY,
    1.89 +                             L"Event"));
    1.90 +  EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(cmd_line.c_str()));
    1.91 +}
    1.92 +
    1.93 +// Tests that duplicating an object works only when the policy allows it.
    1.94 +TEST(HandlePolicyTest, DuplicateBrokerHandle) {
    1.95 +  TestRunner runner;
    1.96 +
    1.97 +  // First test that we fail to open the event.
    1.98 +  std::wstring cmd_line = base::StringPrintf(L"Handle_DuplicateEvent %d",
    1.99 +                                             ::GetCurrentProcessId());
   1.100 +  EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(cmd_line.c_str()));
   1.101 +
   1.102 +  // Add the peer rule and make sure we fail again.
   1.103 +  EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_HANDLES,
   1.104 +                             TargetPolicy::HANDLES_DUP_ANY,
   1.105 +                             L"Event"));
   1.106 +  EXPECT_EQ(SBOX_TEST_DENIED, runner.RunTest(cmd_line.c_str()));
   1.107 +
   1.108 +
   1.109 +  // Now successfully open the event after adding a broker handle rule.
   1.110 +  EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_HANDLES,
   1.111 +                             TargetPolicy::HANDLES_DUP_BROKER,
   1.112 +                             L"Event"));
   1.113 +  EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(cmd_line.c_str()));
   1.114 +}
   1.115 +
   1.116 +}  // namespace sandbox
   1.117 +

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial