Changeset View
Changeset View
Standalone View
Standalone View
contrib/capsicum-test/openat.cc
| Show First 20 Lines • Show All 335 Lines • ▼ Show 20 Lines | FORK_TEST_F(OpenatTest, InCapabilityMode) { | ||||
| EXPECT_CAPMODE(openat(AT_FDCWD, "subdir/bottomfile", O_RDONLY)); | EXPECT_CAPMODE(openat(AT_FDCWD, "subdir/bottomfile", O_RDONLY)); | ||||
| EXPECT_CAPMODE(openat(AT_FDCWD, "/etc/passwd", O_RDONLY)); | EXPECT_CAPMODE(openat(AT_FDCWD, "/etc/passwd", O_RDONLY)); | ||||
| // Can't open paths starting with "/" in capability mode. | // Can't open paths starting with "/" in capability mode. | ||||
| EXPECT_OPENAT_FAIL_TRAVERSAL(dir_fd_, "/etc/passwd", O_RDONLY); | EXPECT_OPENAT_FAIL_TRAVERSAL(dir_fd_, "/etc/passwd", O_RDONLY); | ||||
| EXPECT_OPENAT_FAIL_TRAVERSAL(sub_fd_, "/etc/passwd", O_RDONLY); | EXPECT_OPENAT_FAIL_TRAVERSAL(sub_fd_, "/etc/passwd", O_RDONLY); | ||||
| } | } | ||||
| #ifdef O_BENEATH | #if !defined(O_RESOLVE_BENEATH) && defined(O_BENEATH) | ||||
| #define O_RESOLVE_BENEATH O_BENEATH | |||||
| #endif | |||||
| #ifdef O_RESOLVE_BENEATH | |||||
| TEST_F(OpenatTest, WithFlag) { | TEST_F(OpenatTest, WithFlag) { | ||||
| CheckPolicing(O_BENEATH); | CheckPolicing(O_RESOLVE_BENEATH); | ||||
| // Check with AT_FDCWD. | // Check with AT_FDCWD. | ||||
| EXPECT_OPEN_OK(openat(AT_FDCWD, "topfile", O_RDONLY|O_BENEATH)); | EXPECT_OPEN_OK(openat(AT_FDCWD, "topfile", O_RDONLY|O_RESOLVE_BENEATH)); | ||||
| EXPECT_OPEN_OK(openat(AT_FDCWD, "subdir/bottomfile", O_RDONLY|O_BENEATH)); | EXPECT_OPEN_OK(openat(AT_FDCWD, "subdir/bottomfile", O_RDONLY|O_RESOLVE_BENEATH)); | ||||
| // Can't open paths starting with "/" with O_BENEATH specified. | // Can't open paths starting with "/" with O_RESOLVE_BENEATH specified. | ||||
| EXPECT_OPENAT_FAIL_TRAVERSAL(AT_FDCWD, "/etc/passwd", O_RDONLY|O_BENEATH); | EXPECT_OPENAT_FAIL_TRAVERSAL(AT_FDCWD, "/etc/passwd", O_RDONLY|O_RESOLVE_BENEATH); | ||||
kib: This is weird, because if you redefine O_RESOLVE_BENEATH as O_BENEATH, this could succeed… | |||||
Done Inline ActionsI think there could be other interesting errors if cwd == /. I guess the testsuite should check that the cwd is not inside / or /etc. arichardson: I think there could be other interesting errors if cwd == /. I guess the testsuite should check… | |||||
| EXPECT_OPENAT_FAIL_TRAVERSAL(dir_fd_, "/etc/passwd", O_RDONLY|O_BENEATH); | EXPECT_OPENAT_FAIL_TRAVERSAL(dir_fd_, "/etc/passwd", O_RDONLY|O_RESOLVE_BENEATH); | ||||
| EXPECT_OPENAT_FAIL_TRAVERSAL(sub_fd_, "/etc/passwd", O_RDONLY|O_BENEATH); | EXPECT_OPENAT_FAIL_TRAVERSAL(sub_fd_, "/etc/passwd", O_RDONLY|O_RESOLVE_BENEATH); | ||||
| } | } | ||||
| FORK_TEST_F(OpenatTest, WithFlagInCapabilityMode) { | FORK_TEST_F(OpenatTest, WithFlagInCapabilityMode) { | ||||
| EXPECT_OK(cap_enter()); // Enter capability mode | EXPECT_OK(cap_enter()); // Enter capability mode | ||||
| CheckPolicing(O_BENEATH); | CheckPolicing(O_RESOLVE_BENEATH); | ||||
| } | } | ||||
| #endif | #endif | ||||
This is weird, because if you redefine O_RESOLVE_BENEATH as O_BENEATH, this could succeed (depending on the cwd).