summaryrefslogtreecommitdiffstats
path: root/sandbox/win/src/policy_opcodes_unittest.cc
diff options
context:
space:
mode:
authorerg@google.com <erg@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2012-07-13 20:49:23 +0000
committererg@google.com <erg@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2012-07-13 20:49:23 +0000
commite628fde3462899ba06af2fbc5285563c456ed5c4 (patch)
treee3ed3eb98c0044b055606bdf8628191b9b99c17c /sandbox/win/src/policy_opcodes_unittest.cc
parent23d6315575647756c4be985b895ec2c447e2f088 (diff)
downloadchromium_src-e628fde3462899ba06af2fbc5285563c456ed5c4.zip
chromium_src-e628fde3462899ba06af2fbc5285563c456ed5c4.tar.gz
chromium_src-e628fde3462899ba06af2fbc5285563c456ed5c4.tar.bz2
Emergency revert; rietveld broke; tree broke
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@146646 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/win/src/policy_opcodes_unittest.cc')
-rw-r--r--sandbox/win/src/policy_opcodes_unittest.cc344
1 files changed, 0 insertions, 344 deletions
diff --git a/sandbox/win/src/policy_opcodes_unittest.cc b/sandbox/win/src/policy_opcodes_unittest.cc
deleted file mode 100644
index e1a7ad6..0000000
--- a/sandbox/win/src/policy_opcodes_unittest.cc
+++ /dev/null
@@ -1,344 +0,0 @@
-// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "sandbox/win/src/sandbox_types.h"
-#include "sandbox/win/src/sandbox_nt_types.h"
-#include "sandbox/win/src/policy_engine_params.h"
-#include "sandbox/win/src/policy_engine_opcodes.h"
-#include "testing/gtest/include/gtest/gtest.h"
-
-
-#define INIT_GLOBAL_RTL(member) \
- g_nt.##member = reinterpret_cast<##member##Function>( \
- ::GetProcAddress(ntdll, #member)); \
- if (NULL == g_nt.##member) \
- return false
-
-namespace sandbox {
-
-SANDBOX_INTERCEPT NtExports g_nt;
-
-bool SetupNtdllImports() {
- HMODULE ntdll = ::GetModuleHandle(kNtdllName);
-
- INIT_GLOBAL_RTL(RtlAllocateHeap);
- INIT_GLOBAL_RTL(RtlAnsiStringToUnicodeString);
- INIT_GLOBAL_RTL(RtlCompareUnicodeString);
- INIT_GLOBAL_RTL(RtlCreateHeap);
- INIT_GLOBAL_RTL(RtlDestroyHeap);
- INIT_GLOBAL_RTL(RtlFreeHeap);
- INIT_GLOBAL_RTL(_strnicmp);
- INIT_GLOBAL_RTL(strlen);
- INIT_GLOBAL_RTL(wcslen);
-
- return true;
-}
-
-TEST(PolicyEngineTest, ParameterSetTest) {
- void* pv1 = reinterpret_cast<void*>(0x477EAA5);
- const void* pv2 = reinterpret_cast<void*>(0x987654);
- ParameterSet pset1 = ParamPickerMake(pv1);
- ParameterSet pset2 = ParamPickerMake(pv2);
-
- // Test that we can store and retrieve a void pointer:
- const void* result1 =0;
- unsigned long result2 = 0;
- EXPECT_TRUE(pset1.Get(&result1));
- EXPECT_TRUE(pv1 == result1);
- EXPECT_FALSE(pset1.Get(&result2));
- EXPECT_TRUE(pset2.Get(&result1));
- EXPECT_TRUE(pv2 == result1);
- EXPECT_FALSE(pset2.Get(&result2));
-
- // Test that we can store and retrieve a ulong:
- unsigned long number = 12747;
- ParameterSet pset3 = ParamPickerMake(number);
- EXPECT_FALSE(pset3.Get(&result1));
- EXPECT_TRUE(pset3.Get(&result2));
- EXPECT_EQ(number, result2);
-
- // Test that we can store and retrieve a string:
- const wchar_t* txt = L"S231L";
- ParameterSet pset4 = ParamPickerMake(txt);
- const wchar_t* result3 = NULL;
- EXPECT_TRUE(pset4.Get(&result3));
- EXPECT_EQ(0, wcscmp(txt, result3));
-}
-
-TEST(PolicyEngineTest, OpcodeConstraints) {
- // Test that PolicyOpcode has no virtual functions
- // because these objects are copied over to other processes
- // so they cannot have vtables.
- EXPECT_FALSE(__is_polymorphic(PolicyOpcode));
- // Keep developers from adding smarts to the opcodes which should
- // be pretty much a bag of bytes with a OO interface.
- EXPECT_TRUE(__has_trivial_destructor(PolicyOpcode));
- EXPECT_TRUE(__has_trivial_constructor(PolicyOpcode));
- EXPECT_TRUE(__has_trivial_copy(PolicyOpcode));
-}
-
-TEST(PolicyEngineTest, TrueFalseOpcodes) {
- void* dummy = NULL;
- ParameterSet ppb1 = ParamPickerMake(dummy);
- char memory[1024];
- OpcodeFactory opcode_maker(memory, sizeof(memory));
-
- // This opcode always evaluates to true.
- PolicyOpcode* op1 = opcode_maker.MakeOpAlwaysFalse(kPolNone);
- EXPECT_EQ(EVAL_FALSE, op1->Evaluate(&ppb1, 1, NULL));
- EXPECT_FALSE(op1->IsAction());
-
- // This opcode always evaluates to false.
- PolicyOpcode* op2 = opcode_maker.MakeOpAlwaysTrue(kPolNone);
- EXPECT_EQ(EVAL_TRUE, op2->Evaluate(&ppb1, 1, NULL));
-
- // Nulls not allowed on the params.
- EXPECT_EQ(EVAL_ERROR, op2->Evaluate(NULL, 0, NULL));
- EXPECT_EQ(EVAL_ERROR, op2->Evaluate(NULL, 1, NULL));
-
- // True and False opcodes do not 'require' a number of parameters
- EXPECT_EQ(EVAL_TRUE, op2->Evaluate(&ppb1, 0, NULL));
- EXPECT_EQ(EVAL_TRUE, op2->Evaluate(&ppb1, 1, NULL));
-
- // Test Inverting the logic. Note that inversion is done outside
- // any particular opcode evaluation so no need to repeat for all
- // opcodes.
- PolicyOpcode* op3 = opcode_maker.MakeOpAlwaysFalse(kPolNegateEval);
- EXPECT_EQ(EVAL_TRUE, op3->Evaluate(&ppb1, 1, NULL));
- PolicyOpcode* op4 = opcode_maker.MakeOpAlwaysTrue(kPolNegateEval);
- EXPECT_EQ(EVAL_FALSE, op4->Evaluate(&ppb1, 1, NULL));
-
- // Test that we clear the match context
- PolicyOpcode* op5 = opcode_maker.MakeOpAlwaysTrue(kPolClearContext);
- MatchContext context;
- context.position = 1;
- context.options = kPolUseOREval;
- EXPECT_EQ(EVAL_TRUE, op5->Evaluate(&ppb1, 1, &context));
- EXPECT_EQ(0, context.position);
- MatchContext context2;
- EXPECT_EQ(context2.options, context.options);
-}
-
-TEST(PolicyEngineTest, OpcodeMakerCase1) {
- // Testing that the opcode maker does not overrun the
- // supplied buffer. It should only be able to make 'count' opcodes.
- void* dummy = NULL;
- ParameterSet ppb1 = ParamPickerMake(dummy);
-
- char memory[256];
- OpcodeFactory opcode_maker(memory, sizeof(memory));
- size_t count = sizeof(memory) / sizeof(PolicyOpcode);
-
- for (size_t ix =0; ix != count; ++ix) {
- PolicyOpcode* op = opcode_maker.MakeOpAlwaysFalse(kPolNone);
- ASSERT_TRUE(NULL != op);
- EXPECT_EQ(EVAL_FALSE, op->Evaluate(&ppb1, 1, NULL));
- }
- // There should be no room more another opcode:
- PolicyOpcode* op1 = opcode_maker.MakeOpAlwaysFalse(kPolNone);
- ASSERT_TRUE(NULL == op1);
-}
-
-TEST(PolicyEngineTest, OpcodeMakerCase2) {
- SetupNtdllImports();
- // Testing that the opcode maker does not overrun the
- // supplied buffer. It should only be able to make 'count' opcodes.
- // The difference with the previous test is that this opcodes allocate
- // the string 'txt2' inside the same buffer.
- const wchar_t* txt1 = L"1234";
- const wchar_t txt2[] = L"123";
-
- ParameterSet ppb1 = ParamPickerMake(txt1);
- MatchContext mc1;
-
- char memory[256];
- OpcodeFactory opcode_maker(memory, sizeof(memory));
- size_t count = sizeof(memory) / (sizeof(PolicyOpcode) + sizeof(txt2));
-
- // Test that it does not overrun the buffer.
- for (size_t ix =0; ix != count; ++ix) {
- PolicyOpcode* op = opcode_maker.MakeOpWStringMatch(0, txt2, 0,
- CASE_SENSITIVE,
- kPolClearContext);
- ASSERT_TRUE(NULL != op);
- EXPECT_EQ(EVAL_TRUE, op->Evaluate(&ppb1, 1, &mc1));
- }
-
- // There should be no room more another opcode:
- PolicyOpcode* op1 = opcode_maker.MakeOpWStringMatch(0, txt2, 0,
- CASE_SENSITIVE,
- kPolNone);
- ASSERT_TRUE(NULL == op1);
-}
-
-TEST(PolicyEngineTest, IntegerOpcodes) {
- const wchar_t* txt = L"abcdef";
- unsigned long num1 = 42;
- unsigned long num2 = 113377;
-
- ParameterSet pp_wrong1 = ParamPickerMake(txt);
- ParameterSet pp_num1 = ParamPickerMake(num1);
- ParameterSet pp_num2 = ParamPickerMake(num2);
-
- char memory[128];
- OpcodeFactory opcode_maker(memory, sizeof(memory));
-
- // Test basic match for unsigned longs 42 == 42 and 42 != 113377.
- PolicyOpcode* op_m42 = opcode_maker.MakeOpNumberMatch(0, unsigned long(42),
- kPolNone);
- EXPECT_EQ(EVAL_TRUE, op_m42->Evaluate(&pp_num1, 1, NULL));
- EXPECT_EQ(EVAL_FALSE, op_m42->Evaluate(&pp_num2, 1, NULL));
- EXPECT_EQ(EVAL_ERROR, op_m42->Evaluate(&pp_wrong1, 1, NULL));
-
- // Test basic match for void pointers.
- const void* vp = NULL;
- ParameterSet pp_num3 = ParamPickerMake(vp);
- PolicyOpcode* op_vp_null = opcode_maker.MakeOpVoidPtrMatch(0, NULL,
- kPolNone);
- EXPECT_EQ(EVAL_TRUE, op_vp_null->Evaluate(&pp_num3, 1, NULL));
- EXPECT_EQ(EVAL_FALSE, op_vp_null->Evaluate(&pp_num1, 1, NULL));
- EXPECT_EQ(EVAL_ERROR, op_vp_null->Evaluate(&pp_wrong1, 1, NULL));
-
- // Basic range test [41 43] (inclusive).
- PolicyOpcode* op_range1 = opcode_maker.MakeOpUlongMatchRange(0, 41, 43,
- kPolNone);
- EXPECT_EQ(EVAL_TRUE, op_range1->Evaluate(&pp_num1, 1, NULL));
- EXPECT_EQ(EVAL_FALSE, op_range1->Evaluate(&pp_num2, 1, NULL));
- EXPECT_EQ(EVAL_ERROR, op_range1->Evaluate(&pp_wrong1, 1, NULL));
-}
-
-TEST(PolicyEngineTest, LogicalOpcodes) {
- char memory[128];
- OpcodeFactory opcode_maker(memory, sizeof(memory));
-
- unsigned long num1 = 0x10100702;
- ParameterSet pp_num1 = ParamPickerMake(num1);
-
- PolicyOpcode* op_and1 = opcode_maker.MakeOpUlongAndMatch(0, 0x00100000,
- kPolNone);
- EXPECT_EQ(EVAL_TRUE, op_and1->Evaluate(&pp_num1, 1, NULL));
- PolicyOpcode* op_and2 = opcode_maker.MakeOpUlongAndMatch(0, 0x00000001,
- kPolNone);
- EXPECT_EQ(EVAL_FALSE, op_and2->Evaluate(&pp_num1, 1, NULL));
-}
-
-TEST(PolicyEngineTest, WCharOpcodes1) {
- SetupNtdllImports();
-
- const wchar_t* txt1 = L"the quick fox jumps over the lazy dog";
- const wchar_t txt2[] = L"the quick";
- const wchar_t txt3[] = L" fox jumps";
- const wchar_t txt4[] = L"the lazy dog";
- const wchar_t txt5[] = L"jumps over";
- const wchar_t txt6[] = L"g";
-
- ParameterSet pp_tc1 = ParamPickerMake(txt1);
- char memory[512];
- OpcodeFactory opcode_maker(memory, sizeof(memory));
-
- PolicyOpcode* op1 = opcode_maker.MakeOpWStringMatch(0, txt2, 0,
- CASE_SENSITIVE,
- kPolNone);
-
- // Simplest substring match from pos 0. It should be a successful match
- // and the match context should be updated.
- MatchContext mc1;
- EXPECT_EQ(EVAL_TRUE, op1->Evaluate(&pp_tc1, 1, &mc1));
- EXPECT_TRUE(_countof(txt2) == mc1.position + 1);
-
- // Matching again should fail and the context should be unmodified.
- EXPECT_EQ(EVAL_FALSE, op1->Evaluate(&pp_tc1, 1, &mc1));
- EXPECT_TRUE(_countof(txt2) == mc1.position + 1);
-
- // Using the same match context we should continue where we left
- // in the previous successful match,
- PolicyOpcode* op3 = opcode_maker.MakeOpWStringMatch(0, txt3, 0,
- CASE_SENSITIVE,
- kPolNone);
- EXPECT_EQ(EVAL_TRUE, op3->Evaluate(&pp_tc1, 1, &mc1));
- EXPECT_TRUE(_countof(txt3) + _countof(txt2) == mc1.position + 2);
-
- // We now keep on matching but now we skip 6 characters which means
- // we skip the string ' over '. And we zero the match context. This is
- // the primitive that we use to build '??'.
- PolicyOpcode* op4 = opcode_maker.MakeOpWStringMatch(0, txt4, 6,
- CASE_SENSITIVE,
- kPolClearContext);
- EXPECT_EQ(EVAL_TRUE, op4->Evaluate(&pp_tc1, 1, &mc1));
- EXPECT_EQ(0, mc1.position);
-
- // Test that we can properly match the last part of the string
- PolicyOpcode* op4b = opcode_maker.MakeOpWStringMatch(0, txt4, kSeekToEnd,
- CASE_SENSITIVE,
- kPolClearContext);
- EXPECT_EQ(EVAL_TRUE, op4b->Evaluate(&pp_tc1, 1, &mc1));
- EXPECT_EQ(0, mc1.position);
-
- // Test matching 'jumps over' over the entire string. This is the
- // primitive we build '*' from.
- PolicyOpcode* op5 = opcode_maker.MakeOpWStringMatch(0, txt5, kSeekForward,
- CASE_SENSITIVE, kPolNone);
- EXPECT_EQ(EVAL_TRUE, op5->Evaluate(&pp_tc1, 1, &mc1));
- EXPECT_EQ(24, mc1.position);
-
- // Test that we don't match because it is not at the end of the string
- PolicyOpcode* op5b = opcode_maker.MakeOpWStringMatch(0, txt5, kSeekToEnd,
- CASE_SENSITIVE,
- kPolNone);
- EXPECT_EQ(EVAL_FALSE, op5b->Evaluate(&pp_tc1, 1, &mc1));
-
- // Test that we function if the string does not fit. In this case we
- // try to match 'the lazy dog' against 'he lazy dog'.
- PolicyOpcode* op6 = opcode_maker.MakeOpWStringMatch(0, txt4, 2,
- CASE_SENSITIVE, kPolNone);
- EXPECT_EQ(24, mc1.position);
-
- // Testing matching against 'g' which should be the last char.
- MatchContext mc2;
- PolicyOpcode* op7 = opcode_maker.MakeOpWStringMatch(0, txt6, kSeekForward,
- CASE_SENSITIVE, kPolNone);
- EXPECT_EQ(EVAL_TRUE, op7->Evaluate(&pp_tc1, 1, &mc2));
-
- // Trying to match again should fail since we are in the last char.
- // This also covers a couple of boundary conditions.
- EXPECT_EQ(EVAL_FALSE, op7->Evaluate(&pp_tc1, 1, &mc2));
-}
-
-TEST(PolicyEngineTest, WCharOpcodes2) {
- SetupNtdllImports();
-
- const wchar_t* path1 = L"c:\\documents and settings\\Microsoft\\BLAH.txt";
- const wchar_t txt1[] = L"Settings\\microsoft";
- ParameterSet pp_tc1 = ParamPickerMake(path1);
-
- char memory[256];
- OpcodeFactory opcode_maker(memory, sizeof(memory));
- MatchContext mc1;
-
- // Testing case-insensitive does not buy us much since it this option
- // is just passed to the Microsoft API that we use normally, but just for
- // coverage, here it is:
- PolicyOpcode* op1s = opcode_maker.MakeOpWStringMatch(0, txt1, kSeekForward,
- CASE_SENSITIVE, kPolNone);
- PolicyOpcode* op1i = opcode_maker.MakeOpWStringMatch(0, txt1, kSeekForward,
- CASE_INSENSITIVE,
- kPolNone);
- EXPECT_EQ(EVAL_FALSE, op1s->Evaluate(&pp_tc1, 1, &mc1));
- EXPECT_EQ(EVAL_TRUE, op1i->Evaluate(&pp_tc1, 1, &mc1));
- EXPECT_EQ(35, mc1.position);
-}
-
-TEST(PolicyEngineTest, ActionOpcodes) {
- char memory[256];
- OpcodeFactory opcode_maker(memory, sizeof(memory));
- MatchContext mc1;
- void* dummy = NULL;
- ParameterSet ppb1 = ParamPickerMake(dummy);
-
- PolicyOpcode* op1 = opcode_maker.MakeOpAction(ASK_BROKER, kPolNone);
- EXPECT_TRUE(op1->IsAction());
- EXPECT_EQ(ASK_BROKER, op1->Evaluate(&ppb1, 1, &mc1));
-}
-
-} // namespace sandbox
generated by cgit v1.1 at 2024-07-29 00:37:12 +0000