search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Updating trunk VERSION from 2139.0 to 2140.0
[chromium-blink-merge.git] / sandbox / win / tests / validation_tests / commands.cc
blob45717b472db283b9f2344a396bc76dd4a0447e20
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <Aclapi.h>
6 #include <windows.h>
7 #include <string>
8
9 #include "sandbox/win/tests/validation_tests/commands.h"
10
11 #include "sandbox/win/tests/common/controller.h"
12
13 namespace {
14
15 // Returns the HKEY corresponding to name. If there is no HKEY corresponding
16 // to the name it returns NULL.
17 HKEY GetHKEYFromString(const base::string16 &name) {
18 if (L"HKLM" == name)
19 return HKEY_LOCAL_MACHINE;
20 else if (L"HKCR" == name)
21 return HKEY_CLASSES_ROOT;
22 else if (L"HKCC" == name)
23 return HKEY_CURRENT_CONFIG;
24 else if (L"HKCU" == name)
25 return HKEY_CURRENT_USER;
26 else if (L"HKU" == name)
27 return HKEY_USERS;
28
29 return NULL;
30 }
31
32 // Modifies string to remove the leading and trailing quotes.
33 void trim_quote(base::string16* string) {
34 base::string16::size_type pos1 = string->find_first_not_of(L'"');
35 base::string16::size_type pos2 = string->find_last_not_of(L'"');
36
37 if (base::string16::npos == pos1 || base::string16::npos == pos2)
38 (*string) = L"";
39 else
40 (*string) = string->substr(pos1, pos2 + 1);
41 }
42
43 int TestOpenFile(base::string16 path, bool for_write) {
44 wchar_t path_expanded[MAX_PATH + 1] = {0};
45 DWORD size = ::ExpandEnvironmentStrings(path.c_str(), path_expanded,
46 MAX_PATH);
47 if (!size)
48 return sandbox::SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
49
50 HANDLE file;
51 file = ::CreateFile(path_expanded,
52 for_write ? GENERIC_READ | GENERIC_WRITE : GENERIC_READ,
53 FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
54 NULL, // No security attributes.
55 OPEN_EXISTING,
56 FILE_FLAG_BACKUP_SEMANTICS,
57 NULL); // No template.
58
59 if (INVALID_HANDLE_VALUE != file) {
60 ::CloseHandle(file);
61 return sandbox::SBOX_TEST_SUCCEEDED;
62 } else {
63 if (ERROR_ACCESS_DENIED == ::GetLastError()) {
64 return sandbox::SBOX_TEST_DENIED;
65 } else {
66 return sandbox::SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
67 }
68 }
69 }
70
71 } // namespace
72
73 namespace sandbox {
74
75 SBOX_TESTS_COMMAND int ValidWindow(int argc, wchar_t **argv) {
76 if (1 != argc)
77 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
78
79 HWND window = reinterpret_cast<HWND>(static_cast<ULONG_PTR>(_wtoi(argv[0])));
80
81 return TestValidWindow(window);
82 }
83
84 int TestValidWindow(HWND window) {
85 if (::IsWindow(window))
86 return SBOX_TEST_SUCCEEDED;
87
88 return SBOX_TEST_DENIED;
89 }
90
91 SBOX_TESTS_COMMAND int OpenProcessCmd(int argc, wchar_t **argv) {
92 if (2 != argc)
93 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
94
95 DWORD process_id = _wtol(argv[0]);
96 DWORD access_mask = _wtol(argv[1]);
97 return TestOpenProcess(process_id, access_mask);
98 }
99
100 int TestOpenProcess(DWORD process_id, DWORD access_mask) {
101 HANDLE process = ::OpenProcess(access_mask,
102 FALSE, // Do not inherit handle.
103 process_id);
104 if (NULL == process) {
105 if (ERROR_ACCESS_DENIED == ::GetLastError()) {
106 return SBOX_TEST_DENIED;
107 } else {
108 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
109 }
110 } else {
111 ::CloseHandle(process);
112 return SBOX_TEST_SUCCEEDED;
113 }
114 }
115
116 SBOX_TESTS_COMMAND int OpenThreadCmd(int argc, wchar_t **argv) {
117 if (1 != argc)
118 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
119
120 DWORD thread_id = _wtoi(argv[0]);
121 return TestOpenThread(thread_id);
122 }
123
124 int TestOpenThread(DWORD thread_id) {
125
126 HANDLE thread = ::OpenThread(THREAD_QUERY_INFORMATION,
127 FALSE, // Do not inherit handles.
128 thread_id);
129
130 if (NULL == thread) {
131 if (ERROR_ACCESS_DENIED == ::GetLastError()) {
132 return SBOX_TEST_DENIED;
133 } else {
134 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
135 }
136 } else {
137 ::CloseHandle(thread);
138 return SBOX_TEST_SUCCEEDED;
139 }
140 }
141
142 SBOX_TESTS_COMMAND int OpenFileCmd(int argc, wchar_t **argv) {
143 if (1 != argc)
144 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
145
146 base::string16 path = argv[0];
147 trim_quote(&path);
148
149 return TestOpenReadFile(path);
150 }
151
152 int TestOpenReadFile(const base::string16& path) {
153 return TestOpenFile(path, false);
154 }
155
156 int TestOpenWriteFile(int argc, wchar_t **argv) {
157 if (1 != argc)
158 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
159
160 base::string16 path = argv[0];
161 trim_quote(&path);
162
163 return TestOpenWriteFile(path);
164 }
165
166 int TestOpenWriteFile(const base::string16& path) {
167 return TestOpenFile(path, true);
168 }
169
170 SBOX_TESTS_COMMAND int OpenKey(int argc, wchar_t **argv) {
171 if (0 == argc || argc > 2)
172 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
173
174 // Get the hive.
175 HKEY base_key = GetHKEYFromString(argv[0]);
176
177 // Get the subkey.
178 base::string16 subkey;
179 if (2 == argc) {
180 subkey = argv[1];
181 trim_quote(&subkey);
182 }
183
184 return TestOpenKey(base_key, subkey);
185 }
186
187 int TestOpenKey(HKEY base_key, base::string16 subkey) {
188 HKEY key;
189 LONG err_code = ::RegOpenKeyEx(base_key,
190 subkey.c_str(),
191 0, // Reserved, must be 0.
192 MAXIMUM_ALLOWED,
193 &key);
194 if (ERROR_SUCCESS == err_code) {
195 ::RegCloseKey(key);
196 return SBOX_TEST_SUCCEEDED;
197 } else if (ERROR_INVALID_HANDLE == err_code ||
198 ERROR_ACCESS_DENIED == err_code) {
199 return SBOX_TEST_DENIED;
200 } else {
201 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
202 }
203 }
204
205 // Returns true if the current's thread desktop is the interactive desktop.
206 // In Vista there is a more direct test but for XP and w2k we need to check
207 // the object name.
208 bool IsInteractiveDesktop(bool* is_interactive) {
209 HDESK current_desk = ::GetThreadDesktop(::GetCurrentThreadId());
210 if (NULL == current_desk) {
211 return false;
212 }
213 wchar_t current_desk_name[256] = {0};
214 if (!::GetUserObjectInformationW(current_desk, UOI_NAME, current_desk_name,
215 sizeof(current_desk_name), NULL)) {
216 return false;
217 }
218 *is_interactive = (0 == _wcsicmp(L"default", current_desk_name));
219 return true;
220 }
221
222 SBOX_TESTS_COMMAND int OpenInteractiveDesktop(int, wchar_t **) {
223 return TestOpenInputDesktop();
224 }
225
226 int TestOpenInputDesktop() {
227 bool is_interactive = false;
228 if (IsInteractiveDesktop(&is_interactive) && is_interactive) {
229 return SBOX_TEST_SUCCEEDED;
230 }
231 HDESK desk = ::OpenInputDesktop(0, FALSE, DESKTOP_CREATEWINDOW);
232 if (desk) {
233 ::CloseDesktop(desk);
234 return SBOX_TEST_SUCCEEDED;
235 }
236 return SBOX_TEST_DENIED;
237 }
238
239 SBOX_TESTS_COMMAND int SwitchToSboxDesktop(int, wchar_t **) {
240 return TestSwitchDesktop();
241 }
242
243 int TestSwitchDesktop() {
244 HDESK desktop = ::GetThreadDesktop(::GetCurrentThreadId());
245 if (NULL == desktop) {
246 return SBOX_TEST_FAILED;
247 }
248 if (::SwitchDesktop(desktop)) {
249 return SBOX_TEST_SUCCEEDED;
250 }
251 return SBOX_TEST_DENIED;
252 }
253
254 SBOX_TESTS_COMMAND int OpenAlternateDesktop(int, wchar_t **argv) {
255 return TestOpenAlternateDesktop(argv[0]);
256 }
257
258 int TestOpenAlternateDesktop(wchar_t *desktop_name) {
259 // Test for WRITE_DAC permission on the handle.
260 HDESK desktop = ::GetThreadDesktop(::GetCurrentThreadId());
261 if (desktop) {
262 HANDLE test_handle;
263 if (::DuplicateHandle(::GetCurrentProcess(), desktop,
264 ::GetCurrentProcess(), &test_handle,
265 WRITE_DAC, FALSE, 0)) {
266 DWORD result = ::SetSecurityInfo(test_handle, SE_WINDOW_OBJECT,
267 DACL_SECURITY_INFORMATION, NULL, NULL,
268 NULL, NULL);
269 ::CloseHandle(test_handle);
270 if (result != ERROR_ACCESS_DENIED) {
271 return SBOX_TEST_SUCCEEDED;
272 }
273 } else if (::GetLastError() != ERROR_ACCESS_DENIED) {
274 return SBOX_TEST_FAILED;
275 }
276 }
277
278 // Open by name with WRITE_DAC.
279 desktop = ::OpenDesktop(desktop_name, 0, FALSE, WRITE_DAC);
280 if (desktop || ::GetLastError() != ERROR_ACCESS_DENIED) {
281 ::CloseDesktop(desktop);
282 return SBOX_TEST_SUCCEEDED;
283 }
284
285 return SBOX_TEST_DENIED;
286 }
287
288 BOOL CALLBACK DesktopTestEnumProc(LPTSTR desktop_name, LPARAM result) {
289 return TRUE;
290 }
291
292 SBOX_TESTS_COMMAND int EnumAlternateWinsta(int, wchar_t **) {
293 return TestEnumAlternateWinsta();
294 }
295
296 int TestEnumAlternateWinsta() {
297 int result = SBOX_TEST_DENIED;
298 // Try to enumerate the destops on the alternate windowstation.
299 if (::EnumDesktopsW(NULL, DesktopTestEnumProc, 0)) {
300 return SBOX_TEST_SUCCEEDED;
301 }
302 return SBOX_TEST_DENIED;
303 }
304
305 SBOX_TESTS_COMMAND int SleepCmd(int argc, wchar_t **argv) {
306 if (1 != argc)
307 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
308
309 ::Sleep(_wtoi(argv[0]));
310 return SBOX_TEST_SUCCEEDED;
311 }
312
313 SBOX_TESTS_COMMAND int AllocateCmd(int argc, wchar_t **argv) {
314 if (argc != 1)
315 return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND;
316
317 size_t mem_size = static_cast<size_t>(_wtoll(argv[0]));
318 void* memory = ::VirtualAlloc(NULL, mem_size, MEM_COMMIT | MEM_RESERVE,
319 PAGE_READWRITE);
320 if (!memory) {
321 // We need to give the broker a chance to kill our process on failure.
322 ::Sleep(5000);
323 return SBOX_TEST_DENIED;
324 }
325
326 if (!::VirtualFree(memory, 0, MEM_RELEASE))
327 return SBOX_TEST_FAILED;
328
329 return SBOX_TEST_SUCCEEDED;
330 }
331
332
333 } // namespace sandbox