--- a/security/sandbox/linux/gtest/TestBroker.cpp
+++ b/security/sandbox/linux/gtest/TestBroker.cpp
@@ -232,20 +232,29 @@ TEST_F(SandboxBrokerTest, LStat)
EXPECT_EQ(-ENOENT, LStat("/var/empty/qwertyuiop", &brokeredStat));
EXPECT_EQ(-EACCES, LStat("/dev", &brokeredStat));
EXPECT_EQ(0, LStat("/proc/self", &brokeredStat));
EXPECT_TRUE(S_ISLNK(brokeredStat.st_mode));
}
-TEST_F(SandboxBrokerTest, Chmod)
+static void PrePostTestCleanup(void)
{
unlink("/tmp/blublu");
rmdir("/tmp/blublu");
+ unlink("/tmp/nope");
+ rmdir("/tmp/nope");
+ unlink("/tmp/blublublu");
+ rmdir("/tmp/blublublu");
+}
+
+TEST_F(SandboxBrokerTest, Chmod)
+{
+ PrePostTestCleanup();
int fd = Open("/tmp/blublu", O_WRONLY | O_CREAT);
ASSERT_GE(fd, 0) << "Opening /tmp/blublu for writing failed.";
close(fd);
// Set read only. SandboxBroker enforces 0600 mode flags.
ASSERT_EQ(0, Chmod("/tmp/blublu", S_IRUSR));
// SandboxBroker doesn't use real access(), it just checks against
// the policy. So it can't see the change in permisions here.
@@ -254,156 +263,140 @@ TEST_F(SandboxBrokerTest, Chmod)
struct stat realStat;
EXPECT_EQ(0, stat("/tmp/blublu", &realStat));
EXPECT_EQ((mode_t)S_IRUSR, realStat.st_mode & 0777);
ASSERT_EQ(0, Chmod("/tmp/blublu", S_IRUSR | S_IWUSR));
EXPECT_EQ(0, stat("/tmp/blublu", &realStat));
EXPECT_EQ((mode_t)(S_IRUSR | S_IWUSR), realStat.st_mode & 0777);
EXPECT_EQ(0, unlink("/tmp/blublu"));
+
+ PrePostTestCleanup();
}
TEST_F(SandboxBrokerTest, Link)
{
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/blublublu");
+ PrePostTestCleanup();
int fd = Open("/tmp/blublu", O_WRONLY | O_CREAT);
ASSERT_GE(fd, 0) << "Opening /tmp/blublu for writing failed.";
close(fd);
ASSERT_EQ(0, Link("/tmp/blublu", "/tmp/blublublu"));
EXPECT_EQ(0, Access("/tmp/blublublu", F_OK));
// Not whitelisted target path
EXPECT_EQ(-EACCES, Link("/tmp/blublu", "/tmp/nope"));
EXPECT_EQ(0, unlink("/tmp/blublublu"));
EXPECT_EQ(0, unlink("/tmp/blublu"));
+
+ PrePostTestCleanup();
}
TEST_F(SandboxBrokerTest, Symlink)
{
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/blublublu");
+ PrePostTestCleanup();
int fd = Open("/tmp/blublu", O_WRONLY | O_CREAT);
ASSERT_GE(fd, 0) << "Opening /tmp/blublu for writing failed.";
close(fd);
ASSERT_EQ(0, Symlink("/tmp/blublu", "/tmp/blublublu"));
EXPECT_EQ(0, Access("/tmp/blublublu", F_OK));
struct stat aStat;
ASSERT_EQ(0, lstat("/tmp/blublublu", &aStat));
EXPECT_EQ((mode_t)S_IFLNK, aStat.st_mode & S_IFMT);
// Not whitelisted target path
EXPECT_EQ(-EACCES, Symlink("/tmp/blublu", "/tmp/nope"));
EXPECT_EQ(0, unlink("/tmp/blublublu"));
EXPECT_EQ(0, unlink("/tmp/blublu"));
+
+ PrePostTestCleanup();
}
TEST_F(SandboxBrokerTest, Mkdir)
{
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/nope");
- rmdir("/tmp/nope");
+ PrePostTestCleanup();
ASSERT_EQ(0, mkdir("/tmp/blublu", 0600))
<< "Creating dir /tmp/blublu failed.";
EXPECT_EQ(0, Access("/tmp/blublu", F_OK));
// Not whitelisted target path
EXPECT_EQ(-EACCES, Mkdir("/tmp/nope", 0600))
<< "Creating dir without MAY_CREATE succeed.";
EXPECT_EQ(0, rmdir("/tmp/blublu"));
+
+ PrePostTestCleanup();
}
TEST_F(SandboxBrokerTest, Rename)
{
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/blublublu");
- rmdir("/tmp/blublublu");
+ PrePostTestCleanup();
ASSERT_EQ(0, mkdir("/tmp/blublu", 0600))
<< "Creating dir /tmp/blublu failed.";
EXPECT_EQ(0, Access("/tmp/blublu", F_OK));
ASSERT_EQ(0, Rename("/tmp/blublu", "/tmp/blublublu"));
EXPECT_EQ(0, Access("/tmp/blublublu", F_OK));
EXPECT_EQ(-ENOENT , Access("/tmp/blublu", F_OK));
// Not whitelisted target path
EXPECT_EQ(-EACCES, Rename("/tmp/blublublu", "/tmp/nope"))
<< "Renaming dir without write access succeed.";
EXPECT_EQ(0, rmdir("/tmp/blublublu"));
+
+ PrePostTestCleanup();
}
TEST_F(SandboxBrokerTest, Rmdir)
{
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/blublublu");
- rmdir("/tmp/blublublu");
- unlink("/tmp/nope");
- rmdir("/tmp/nope");
+ PrePostTestCleanup();
ASSERT_EQ(0, mkdir("/tmp/blublu", 0600))
<< "Creating dir /tmp/blublu failed.";
EXPECT_EQ(0, Access("/tmp/blublu", F_OK));
ASSERT_EQ(0, Rmdir("/tmp/blublu"));
EXPECT_EQ(-ENOENT, Access("/tmp/blublu", F_OK));
// Bypass sandbox to create a non-deletable dir
ASSERT_EQ(0, mkdir("/tmp/nope", 0600));
EXPECT_EQ(-EACCES, Rmdir("/tmp/nope"));
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/nope");
- rmdir("/tmp/nope");
+ PrePostTestCleanup();
}
TEST_F(SandboxBrokerTest, Unlink)
{
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/nope");
- rmdir("/tmp/nope");
+ PrePostTestCleanup();
int fd = Open("/tmp/blublu", O_WRONLY | O_CREAT);
ASSERT_GE(fd, 0) << "Opening /tmp/blublu for writing failed.";
close(fd);
EXPECT_EQ(0, Access("/tmp/blublu", F_OK));
EXPECT_EQ(0, Unlink("/tmp/blublu"));
EXPECT_EQ(-ENOENT , Access("/tmp/blublu", F_OK));
// Bypass sandbox to write a non-deletable file
fd = open("/tmp/nope", O_WRONLY | O_CREAT);
ASSERT_GE(fd, 0) << "Opening /tmp/nope for writing failed.";
close(fd);
EXPECT_EQ(-EACCES, Unlink("/tmp/nope"));
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
+ PrePostTestCleanup();
}
TEST_F(SandboxBrokerTest, Readlink)
{
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/blublublu");
+ PrePostTestCleanup();
int fd = Open("/tmp/blublu", O_WRONLY | O_CREAT);
ASSERT_GE(fd, 0) << "Opening /tmp/blublu for writing failed.";
close(fd);
ASSERT_EQ(0, Symlink("/tmp/blublu", "/tmp/blublublu"));
EXPECT_EQ(0, Access("/tmp/blublublu", F_OK));
char linkBuff[256];
EXPECT_EQ(11, Readlink("/tmp/blublublu", linkBuff, sizeof(linkBuff)));
linkBuff[12] = '\0';
EXPECT_EQ(0, strcmp(linkBuff, "/tmp/blublu"));
- unlink("/tmp/blublu");
- rmdir("/tmp/blublu");
- unlink("/tmp/blublublu");
+ PrePostTestCleanup();
}
TEST_F(SandboxBrokerTest, MultiThreadOpen) {
RunOnManyThreads<SandboxBrokerTest,
&SandboxBrokerTest::MultiThreadOpenWorker>();
}
void SandboxBrokerTest::MultiThreadOpenWorker() {
static const int kNumLoops = 10000;