We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
ladybird
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 87d19dfa28
Branches Tags
ladybird
/
Tests
/
Kernel
/
TestKernelUnveil.cpp

TestKernelUnveil.cpp 2.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. /*
    2. 

  2.  * Copyright (c) 2020, the SerenityOS developers.
    3. 

  3.  *
    4. 

  4.  * SPDX-License-Identifier: BSD-2-Clause
    5. 

  5.  */
    6. 

  6. 

  7. #include <LibTest/TestCase.h>
    8. 

  8. #include <errno.h>
    9. 

  9. #include <unistd.h>
    10. 

  10. 

  11. TEST_CASE(test_argument_validation)
    12. 

  12. {
    13. 

  13.     auto res = unveil("/etc", "aaaaaaaaaaaa");
    14. 

  14.     EXPECT_EQ(res, -1);
    15. 

  15.     EXPECT_EQ(errno, EINVAL);
    16. 

  16. 

  17.     res = unveil(nullptr, "r");
    18. 

  18.     EXPECT_EQ(res, -1);
    19. 

  19.     EXPECT_EQ(errno, EINVAL);
    20. 

  20. 

  21.     res = unveil("/etc", nullptr);
    22. 

  22.     EXPECT_EQ(res, -1);
    23. 

  23.     EXPECT_EQ(errno, EINVAL);
    24. 

  24. 

  25.     res = unveil("", "r");
    26. 

  26.     EXPECT_EQ(res, -1);
    27. 

  27.     EXPECT_EQ(errno, EINVAL);
    28. 

  28. 

  29.     res = unveil("test", "r");
    30. 

  30.     EXPECT_EQ(res, -1);
    31. 

  31.     EXPECT_EQ(errno, EINVAL);
    32. 

  32. 

  33.     res = unveil("/etc", "f");
    34. 

  34.     EXPECT_EQ(res, -1);
    35. 

  35.     EXPECT_EQ(errno, EINVAL);
    36. 

  36. }
    37. 

  37. 

  38. TEST_CASE(test_failures)
    39. 

  39. {
    40. 

  40.     auto res = unveil("/etc", "r");
    41. 

  41.     if (res < 0)
    42. 

  42.         FAIL("unveil read only failed");
    43. 

  43. 

  44.     res = unveil("/etc", "w");
    45. 

  45.     if (res >= 0)
    46. 

  46.         FAIL("unveil write permitted after unveil read only");
    47. 

  47. 

  48.     res = unveil("/etc", "x");
    49. 

  49.     if (res >= 0)
    50. 

  50.         FAIL("unveil execute permitted after unveil read only");
    51. 

  51. 

  52.     res = unveil("/etc", "c");
    53. 

  53.     if (res >= 0)
    54. 

  54.         FAIL("unveil create permitted after unveil read only");
    55. 

  55. 

  56.     res = unveil("/tmp/doesnotexist", "c");
    57. 

  57.     if (res < 0)
    58. 

  58.         FAIL("unveil create on non-existent path failed");
    59. 

  59. 

  60.     res = unveil("/home", "b");
    61. 

  61.     if (res < 0)
    62. 

  62.         FAIL("unveil browse failed");
    63. 

  63. 

  64.     res = unveil("/home", "w");
    65. 

  65.     if (res >= 0)
    66. 

  66.         FAIL("unveil write permitted after unveil browse only");
    67. 

  67. 

  68.     res = unveil("/home", "x");
    69. 

  69.     if (res >= 0)
    70. 

  70.         FAIL("unveil execute permitted after unveil browse only");
    71. 

  71. 

  72.     res = unveil("/home", "c");
    73. 

  73.     if (res >= 0)
    74. 

  74.         FAIL("unveil create permitted after unveil browse only");
    75. 

  75. 

  76.     res = unveil(nullptr, nullptr);
    77. 

  77.     if (res < 0)
    78. 

  78.         FAIL("unveil state lock failed");
    79. 

  79. 

  80.     res = unveil("/bin", "w");
    81. 

  81.     if (res >= 0)
    82. 

  82.         FAIL("unveil permitted after unveil state locked");
    83. 

  83. 

  84.     res = access("/bin/id", F_OK);
    85. 

  85.     if (res == 0)
    86. 

  86.         FAIL("access(..., F_OK) permitted after locked veil without relevant unveil");
    87. 

  87. }
    88.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5