aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorMichael Orlitzky <mjo@gentoo.org>2018-01-27 20:05:02 -0500
committerMike Gilbert <floppym@gentoo.org>2023-06-22 09:54:38 -0400
commit05e32f542c145253eb01ae4005ca13c63a1c79d8 (patch)
tree5fa501fd2fc41e5c324eebd7c0bef2b6d3157259 /tests
parentlibsandbox: add support for fchown/fchmod on linux (diff)
downloadsandbox-05e32f542c145253eb01ae4005ca13c63a1c79d8.tar.gz
sandbox-05e32f542c145253eb01ae4005ca13c63a1c79d8.tar.bz2
sandbox-05e32f542c145253eb01ae4005ca13c63a1c79d8.zip
tests: add test case for fchown/fchmod with O_RDONLY.
Bug: https://bugs.gentoo.org/599706 Signed-off-by: Michael Orlitzky <mjo@gentoo.org> Signed-off-by: Mike Gilbert <floppym@gentoo.org>
Diffstat (limited to 'tests')
-rw-r--r--tests/fchmod-0.c35
-rwxr-xr-xtests/fchmod-1.sh14
-rw-r--r--tests/fchmod.at1
-rw-r--r--tests/fchown-0.c34
-rwxr-xr-xtests/fchown-1.sh14
-rw-r--r--tests/fchown.at1
-rw-r--r--tests/local.mk2
7 files changed, 101 insertions, 0 deletions
diff --git a/tests/fchmod-0.c b/tests/fchmod-0.c
new file mode 100644
index 0000000..de0c237
--- /dev/null
+++ b/tests/fchmod-0.c
@@ -0,0 +1,35 @@
+/*
+ * https://bugs.gentoo.org/599706
+ *
+ */
+
+#include "headers.h"
+
+int main(int argc, char *argv[])
+{
+ if (argc < 2)
+ return -2;
+
+ int mode = 0;
+ sscanf(argv[1], "%i", &mode);
+ /* The sandbox catches this:
+ *
+ * int fd = open(argv[2], O_RDWR);
+ *
+ * And it /should/ catch this:
+ *
+ * int fd = open(argv[2], O_RDONLY);
+ *
+ * ...but the latter only works when /proc/self/fd/%i
+ * is available.
+ *
+ */
+#ifdef SANDBOX_PROC_SELF_FD
+ int fd = open(argv[2], O_RDONLY);
+#else
+ int fd = open(argv[2], O_RDWR);
+#endif
+ int fchmod_result = fchmod(fd, (mode_t)mode);
+ close(fd);
+ return fchmod_result;
+}
diff --git a/tests/fchmod-1.sh b/tests/fchmod-1.sh
new file mode 100755
index 0000000..db404ba
--- /dev/null
+++ b/tests/fchmod-1.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# https://bugs.gentoo.org/599706
+#
+
+addwrite $PWD
+
+# The sandbox doesn't log anything when it returns a junk file
+# descriptor? It doesn't look like we can test the contents of
+# sandbox.log here... instead, we just have to count on fchmod
+# failing, which it does if you use O_RDWR, and it *should* if you use
+# O_RDONLY (because that won't stop the change of permissions).
+fchmod-0 $(stat --format='%#04a' ../..) ../.. && exit 1
+exit 0
diff --git a/tests/fchmod.at b/tests/fchmod.at
new file mode 100644
index 0000000..081d7d2
--- /dev/null
+++ b/tests/fchmod.at
@@ -0,0 +1 @@
+SB_CHECK(1)
diff --git a/tests/fchown-0.c b/tests/fchown-0.c
new file mode 100644
index 0000000..7fdca73
--- /dev/null
+++ b/tests/fchown-0.c
@@ -0,0 +1,34 @@
+/*
+ * https://bugs.gentoo.org/599706
+ *
+ */
+
+#include "headers.h"
+
+int main(int argc, char *argv[])
+{
+ if (argc < 3)
+ return -2;
+
+ uid_t uid = atoi(argv[1]);
+ gid_t gid = atoi(argv[2]);
+ /* The sandbox catches this:
+ *
+ * int fd = open(argv[3], O_RDWR);
+ *
+ * And it /should/ catch this:
+ *
+ * int fd = open(argv[3], O_RDONLY);
+ *
+ * ...but the latter only works when /proc/self/fd/%i
+ * is available.
+ */
+#ifdef SANDBOX_PROC_SELF_FD
+ int fd = open(argv[3], O_RDONLY);
+#else
+ int fd = open(argv[3], O_RDWR);
+#endif
+ int fchown_result = fchown(fd, uid, gid);
+ close(fd);
+ return fchown_result;
+}
diff --git a/tests/fchown-1.sh b/tests/fchown-1.sh
new file mode 100755
index 0000000..1b4a173
--- /dev/null
+++ b/tests/fchown-1.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# https://bugs.gentoo.org/599706
+#
+
+addwrite $PWD
+
+# The sandbox doesn't log anything when it returns a junk file
+# descriptor? It doesn't look like we can test the contents of
+# sandbox.log here... instead, we just have to count on fchown
+# failing, which it does if you use O_RDWR, and it *should* if you use
+# O_RDONLY (because that won't stop the change of ownership).
+fchown-0 ${SB_UID} ${SB_GID} ../.. && exit 1
+exit 0
diff --git a/tests/fchown.at b/tests/fchown.at
new file mode 100644
index 0000000..081d7d2
--- /dev/null
+++ b/tests/fchown.at
@@ -0,0 +1 @@
+SB_CHECK(1)
diff --git a/tests/local.mk b/tests/local.mk
index 046cf6f..f1f4ac0 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -29,7 +29,9 @@ check_PROGRAMS += \
%D%/execv-0 \
%D%/execvp-0 \
%D%/faccessat-0 \
+ %D%/fchmod-0 \
%D%/fchmodat-0 \
+ %D%/fchown-0 \
%D%/fchownat-0 \
%D%/fopen-0 \
%D%/fopen64-0 \