1 : /*
2 : * Copyright (c) 2011 The Native Client Authors. All rights reserved.
3 : * Use of this source code is governed by a BSD-style license that can be
4 : * found in the LICENSE file.
5 : */
6 :
7 : #include <stdio.h>
8 : #include <string.h>
9 :
10 : #include "native_client/src/include/portability.h"
11 :
12 : #include "native_client/src/trusted/service_runtime/env_cleanser.h"
13 : #include "native_client/src/trusted/service_runtime/env_cleanser_test.h"
14 :
15 : static char const *const kBogusEnvs[] = {
16 : "FOOBAR",
17 : "QUUX",
18 : "USER=bsy",
19 : "HOME=/home/bsy",
20 : "PATH=/home/bsy/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin",
21 : "LD_LIBRARY_PATH=.:/usr/bsy/lib",
22 : NULL,
23 : };
24 :
25 : static char const *const kValidEnvs[] = {
26 : "LANG=en_us.UTF-8",
27 : "LC_MEASUREMENT=en_US.UTF-8",
28 : "LC_PAPER=en_US.UTF-8@legal",
29 : "LC_TIME=%a, %B %d, %Y",
30 : "NACLVERBOSITY",
31 : NULL,
32 : };
33 :
34 : static char const *const kMurkyEnv[] = {
35 : "FOOBAR",
36 : "LC_TIME=%a, %B %d, %Y",
37 : "QUUX",
38 : "USER=bsy",
39 : "LC_PAPER=en_US.UTF-8@legal",
40 : "HOME=/home/bsy",
41 : "PATH=/home/bsy/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin",
42 : "LANG=en_us.UTF-8",
43 : "LC_MEASUREMENT=en_US.UTF-8",
44 : "LD_LIBRARY_PATH=.:/usr/bsy/lib",
45 : "NACLENV_LD_PRELOAD=libvalgrind.so",
46 : "NACLENV_SHELL=/bin/sh",
47 : NULL,
48 : };
49 :
50 : static char const *const kFilteredEnv[] = {
51 : "LANG=en_us.UTF-8",
52 : "LC_MEASUREMENT=en_US.UTF-8",
53 : "LC_PAPER=en_US.UTF-8@legal",
54 : "LC_TIME=%a, %B %d, %Y",
55 : "LD_PRELOAD=libvalgrind.so",
56 : "SHELL=/bin/sh",
57 : NULL,
58 : };
59 :
60 : static char const *const kFilteredEnvWithoutWhitelist[] = {
61 : "LD_PRELOAD=libvalgrind.so",
62 : "SHELL=/bin/sh",
63 : NULL,
64 : };
65 :
66 1 : int StrInStrTbl(char const *str, char const *const *tbl) {
67 : int i;
68 :
69 1 : for (i = 0; NULL != tbl[i]; ++i) {
70 1 : if (!strcmp(str, tbl[i])) {
71 1 : return 1;
72 : }
73 1 : }
74 0 : return 0;
75 1 : }
76 :
77 1 : int StrTblsHaveSameEntries(char const *const *tbl1, char const *const *tbl2) {
78 : int i;
79 : int num_left;
80 : int num_right;
81 :
82 1 : if (NULL == tbl1) {
83 0 : num_left = 0;
84 0 : } else {
85 1 : for (num_left = 0; NULL != tbl1[num_left]; ++num_left) {
86 1 : }
87 : }
88 1 : if (NULL == tbl2) {
89 0 : num_right = 0;
90 0 : } else {
91 1 : for (num_right = 0; NULL != tbl2[num_right]; ++num_right) {
92 1 : }
93 : }
94 1 : if (num_left != num_right) {
95 0 : return 0;
96 : }
97 1 : if (0 == num_left) {
98 0 : return 1;
99 : }
100 1 : for (i = 0; NULL != tbl1[i]; ++i) {
101 1 : if (!StrInStrTbl(tbl1[i], tbl2)) {
102 0 : return 0;
103 : }
104 1 : }
105 1 : for (i = 0; NULL != tbl2[i]; ++i) {
106 1 : if (!StrInStrTbl(tbl2[i], tbl1)) {
107 0 : return 0;
108 : }
109 1 : }
110 1 : return 1;
111 1 : }
112 :
113 0 : void PrintStrTbl(char const *name, char const *const *tbl) {
114 0 : printf("\n%s\n", name);
115 0 : printf("--------\n");
116 0 : for (; NULL != *tbl; ++tbl) {
117 0 : printf("%s\n", *tbl);
118 0 : }
119 0 : printf("--------\n");
120 0 : }
121 :
122 1 : int main(void) {
123 1 : int errors = 0;
124 : int i;
125 : struct NaClEnvCleanser nec;
126 :
127 1 : printf("Environment Cleanser Test\n\n");
128 1 : printf("\nWhitelist self-check\n\n");
129 1 : for (i = 0; NULL != kNaClEnvWhitelist[i]; ++i) {
130 1 : printf("Checking %s\n", kNaClEnvWhitelist[i]);
131 1 : if (0 == NaClEnvInWhitelist(kNaClEnvWhitelist[i])) {
132 0 : ++errors;
133 0 : printf("ERROR\n");
134 0 : } else {
135 1 : printf("OK\n");
136 : }
137 1 : }
138 :
139 1 : printf("\nNon-whitelisted entries\n\n");
140 :
141 1 : for (i = 0; NULL != kBogusEnvs[i]; ++i) {
142 1 : printf("Checking %s\n", kBogusEnvs[i]);
143 1 : if (0 != NaClEnvInWhitelist(kBogusEnvs[i])) {
144 0 : ++errors;
145 0 : printf("ERROR\n");
146 0 : } else {
147 1 : printf("OK\n");
148 : }
149 1 : }
150 :
151 1 : printf("\nValid environment entries\n\n");
152 :
153 1 : for (i = 0; NULL != kValidEnvs[i]; ++i) {
154 1 : printf("Checking %s\n", kValidEnvs[i]);
155 1 : if (0 == NaClEnvInWhitelist(kValidEnvs[i])) {
156 0 : ++errors;
157 0 : printf("ERROR\n");
158 0 : } else {
159 1 : printf("OK\n");
160 : }
161 1 : }
162 :
163 1 : printf("\nEnvironment Filtering\n");
164 1 : NaClEnvCleanserCtor(&nec, 1);
165 1 : if (!NaClEnvCleanserInit(&nec, kMurkyEnv, NULL)) {
166 0 : printf("FAILED: NaClEnvCleanser Init failed\n");
167 0 : ++errors;
168 0 : } else {
169 : if (!StrTblsHaveSameEntries(NaClEnvCleanserEnvironment(&nec),
170 1 : kFilteredEnv)) {
171 0 : printf("ERROR: filtered env wrong\n");
172 0 : ++errors;
173 :
174 0 : PrintStrTbl("Original environment", kMurkyEnv);
175 0 : PrintStrTbl("Filtered environment", NaClEnvCleanserEnvironment(&nec));
176 0 : PrintStrTbl("Expected environment", kFilteredEnv);
177 0 : } else {
178 1 : printf("OK\n");
179 : }
180 : }
181 1 : NaClEnvCleanserDtor(&nec);
182 :
183 1 : printf("\nEnvironment Filtering (without whitelist)\n");
184 1 : NaClEnvCleanserCtor(&nec, 0);
185 1 : if (!NaClEnvCleanserInit(&nec, kMurkyEnv, NULL)) {
186 0 : printf("FAILED: NaClEnvCleanser Init failed\n");
187 0 : ++errors;
188 0 : } else {
189 : if (!StrTblsHaveSameEntries(NaClEnvCleanserEnvironment(&nec),
190 1 : kFilteredEnvWithoutWhitelist)) {
191 0 : printf("ERROR: filtered env wrong\n");
192 0 : ++errors;
193 :
194 0 : PrintStrTbl("Original environment", kMurkyEnv);
195 0 : PrintStrTbl("Filtered environment", NaClEnvCleanserEnvironment(&nec));
196 0 : PrintStrTbl("Expected environment", kFilteredEnvWithoutWhitelist);
197 0 : } else {
198 1 : printf("OK\n");
199 : }
200 : }
201 1 : NaClEnvCleanserDtor(&nec);
202 :
203 1 : printf("%s\n", (0 == errors) ? "PASSED" : "FAILED");
204 1 : return 0 != errors;
205 1 : }
|
