1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/sandbox/win/src/named_pipe_policy_test.cc Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,78 @@
1.4 +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved.
1.5 +// Use of this source code is governed by a BSD-style license that can be
1.6 +// found in the LICENSE file.
1.7 +
1.8 +#include "testing/gtest/include/gtest/gtest.h"
1.9 +#include "sandbox/win/src/sandbox.h"
1.10 +#include "sandbox/win/src/sandbox_policy.h"
1.11 +#include "sandbox/win/src/sandbox_factory.h"
1.12 +#include "sandbox/win/tests/common/controller.h"
1.13 +
1.14 +namespace sandbox {
1.15 +
1.16 +
1.17 +SBOX_TESTS_COMMAND int NamedPipe_Create(int argc, wchar_t **argv) {
1.18 + if (argc != 1) {
1.19 + return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
1.20 + }
1.21 + if ((NULL == argv) || (NULL == argv[0])) {
1.22 + return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
1.23 + }
1.24 +
1.25 + HANDLE pipe = ::CreateNamedPipeW(argv[0],
1.26 + PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED,
1.27 + PIPE_TYPE_BYTE | PIPE_READMODE_BYTE, 1, 4096,
1.28 + 4096, 2000, NULL);
1.29 + if (INVALID_HANDLE_VALUE == pipe)
1.30 + return SBOX_TEST_DENIED;
1.31 +
1.32 + OVERLAPPED overlapped = {0};
1.33 + overlapped.hEvent = ::CreateEvent(NULL, TRUE, TRUE, NULL);
1.34 + BOOL result = ::ConnectNamedPipe(pipe, &overlapped);
1.35 +
1.36 + if (!result) {
1.37 + DWORD error = ::GetLastError();
1.38 + if (ERROR_PIPE_CONNECTED != error &&
1.39 + ERROR_IO_PENDING != error) {
1.40 + return SBOX_TEST_FAILED;
1.41 + }
1.42 + }
1.43 +
1.44 + if (!::CloseHandle(pipe))
1.45 + return SBOX_TEST_FAILED;
1.46 +
1.47 + ::CloseHandle(overlapped.hEvent);
1.48 + return SBOX_TEST_SUCCEEDED;
1.49 +}
1.50 +
1.51 +// Tests if we can create a pipe in the sandbox. On XP, the sandbox can create
1.52 +// a pipe without any help but it fails on Vista, this is why we do not test
1.53 +// the "denied" case.
1.54 +TEST(NamedPipePolicyTest, CreatePipe) {
1.55 + TestRunner runner;
1.56 + // TODO(nsylvain): This policy is wrong because "*" is a valid char in a
1.57 + // namedpipe name. Here we apply it like a wildcard. http://b/893603
1.58 + EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_NAMED_PIPES,
1.59 + TargetPolicy::NAMEDPIPES_ALLOW_ANY,
1.60 + L"\\\\.\\pipe\\test*"));
1.61 +
1.62 + EXPECT_EQ(SBOX_TEST_SUCCEEDED,
1.63 + runner.RunTest(L"NamedPipe_Create \\\\.\\pipe\\testbleh"));
1.64 +}
1.65 +
1.66 +// The same test as CreatePipe but this time using strict interceptions.
1.67 +TEST(NamedPipePolicyTest, CreatePipeStrictInterceptions) {
1.68 + TestRunner runner;
1.69 + runner.GetPolicy()->SetStrictInterceptions();
1.70 +
1.71 + // TODO(nsylvain): This policy is wrong because "*" is a valid char in a
1.72 + // namedpipe name. Here we apply it like a wildcard. http://b/893603
1.73 + EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_NAMED_PIPES,
1.74 + TargetPolicy::NAMEDPIPES_ALLOW_ANY,
1.75 + L"\\\\.\\pipe\\test*"));
1.76 +
1.77 + EXPECT_EQ(SBOX_TEST_SUCCEEDED,
1.78 + runner.RunTest(L"NamedPipe_Create \\\\.\\pipe\\testbleh"));
1.79 +}
1.80 +
1.81 +} // namespace sandbox
