Changeset View
Changeset View
Standalone View
Standalone View
contrib/capsicum-test/openat.cc
Show First 20 Lines • Show All 335 Lines • ▼ Show 20 Lines | FORK_TEST_F(OpenatTest, InCapabilityMode) { | ||||
EXPECT_CAPMODE(openat(AT_FDCWD, "subdir/bottomfile", O_RDONLY)); | EXPECT_CAPMODE(openat(AT_FDCWD, "subdir/bottomfile", O_RDONLY)); | ||||
EXPECT_CAPMODE(openat(AT_FDCWD, "/etc/passwd", O_RDONLY)); | EXPECT_CAPMODE(openat(AT_FDCWD, "/etc/passwd", O_RDONLY)); | ||||
// Can't open paths starting with "/" in capability mode. | // Can't open paths starting with "/" in capability mode. | ||||
EXPECT_OPENAT_FAIL_TRAVERSAL(dir_fd_, "/etc/passwd", O_RDONLY); | EXPECT_OPENAT_FAIL_TRAVERSAL(dir_fd_, "/etc/passwd", O_RDONLY); | ||||
EXPECT_OPENAT_FAIL_TRAVERSAL(sub_fd_, "/etc/passwd", O_RDONLY); | EXPECT_OPENAT_FAIL_TRAVERSAL(sub_fd_, "/etc/passwd", O_RDONLY); | ||||
} | } | ||||
#ifdef O_BENEATH | #if !defined(O_RESOLVE_BENEATH) && defined(O_BENEATH) | ||||
#define O_RESOLVE_BENEATH O_BENEATH | |||||
#endif | |||||
#ifdef O_RESOLVE_BENEATH | |||||
TEST_F(OpenatTest, WithFlag) { | TEST_F(OpenatTest, WithFlag) { | ||||
CheckPolicing(O_BENEATH); | CheckPolicing(O_RESOLVE_BENEATH); | ||||
// Check with AT_FDCWD. | // Check with AT_FDCWD. | ||||
EXPECT_OPEN_OK(openat(AT_FDCWD, "topfile", O_RDONLY|O_BENEATH)); | EXPECT_OPEN_OK(openat(AT_FDCWD, "topfile", O_RDONLY|O_RESOLVE_BENEATH)); | ||||
EXPECT_OPEN_OK(openat(AT_FDCWD, "subdir/bottomfile", O_RDONLY|O_BENEATH)); | EXPECT_OPEN_OK(openat(AT_FDCWD, "subdir/bottomfile", O_RDONLY|O_RESOLVE_BENEATH)); | ||||
// Can't open paths starting with "/" with O_BENEATH specified. | // Can't open paths starting with "/" with O_RESOLVE_BENEATH specified. | ||||
EXPECT_OPENAT_FAIL_TRAVERSAL(AT_FDCWD, "/etc/passwd", O_RDONLY|O_BENEATH); | EXPECT_OPENAT_FAIL_TRAVERSAL(AT_FDCWD, "/etc/passwd", O_RDONLY|O_RESOLVE_BENEATH); | ||||
kib: This is weird, because if you redefine O_RESOLVE_BENEATH as O_BENEATH, this could succeed… | |||||
Done Inline ActionsI think there could be other interesting errors if cwd == /. I guess the testsuite should check that the cwd is not inside / or /etc. arichardson: I think there could be other interesting errors if cwd == /. I guess the testsuite should check… | |||||
EXPECT_OPENAT_FAIL_TRAVERSAL(dir_fd_, "/etc/passwd", O_RDONLY|O_BENEATH); | EXPECT_OPENAT_FAIL_TRAVERSAL(dir_fd_, "/etc/passwd", O_RDONLY|O_RESOLVE_BENEATH); | ||||
EXPECT_OPENAT_FAIL_TRAVERSAL(sub_fd_, "/etc/passwd", O_RDONLY|O_BENEATH); | EXPECT_OPENAT_FAIL_TRAVERSAL(sub_fd_, "/etc/passwd", O_RDONLY|O_RESOLVE_BENEATH); | ||||
} | } | ||||
FORK_TEST_F(OpenatTest, WithFlagInCapabilityMode) { | FORK_TEST_F(OpenatTest, WithFlagInCapabilityMode) { | ||||
EXPECT_OK(cap_enter()); // Enter capability mode | EXPECT_OK(cap_enter()); // Enter capability mode | ||||
CheckPolicing(O_BENEATH); | CheckPolicing(O_RESOLVE_BENEATH); | ||||
} | } | ||||
#endif | #endif |
This is weird, because if you redefine O_RESOLVE_BENEATH as O_BENEATH, this could succeed (depending on the cwd).