Additional test cases for paths check

author Tomasz Świerczek <cwierkajacy@MacBook-Pro-Tomasz.local>

Mon, 29 Jan 2018 05:58:19 +0000 (06:58 +0100)

committer Tomasz Swierczek <t.swierczek@samsung.com>

Tue, 27 Feb 2018 11:46:31 +0000 (12:46 +0100)
author Tomasz Świerczek <cwierkajacy@MacBook-Pro-Tomasz.local>
Mon, 29 Jan 2018 05:58:19 +0000 (06:58 +0100)
committer Tomasz Swierczek <t.swierczek@samsung.com>
Tue, 27 Feb 2018 11:46:31 +0000 (12:46 +0100)
diff --git a/src/security-manager-tests/test_cases_register_paths.cpp b/src/security-manager-tests/test_cases_register_paths.cpp

index cc98ac6..ba37c8b 100644 (file)
--- a/src/security-manager-tests/test_cases_register_paths.cpp
+++ b/src/security-manager-tests/test_cases_register_paths.cpp
@@ -118,6 +118,27 @@ RUNNER_TEST(security_manager_59_path_req_as_root_positive)
      Api::registerPaths(preq, (lib_retcode)SECURITY_MANAGER_SUCCESS);
  }
  
+RUNNER_TEST(security_manager_59a_path_req_as_root_positive_realpath_check)
+{
+    TemporaryTestUser user("sm_test_59a_user_name", GUM_USERTYPE_NORMAL);
+    user.create();
+
+    AppInstallHelper app("sm_test_59a", user.getUid());
+    ScopedInstaller appInstall(app);
+
+    app.createPrivateDir();
+    PathsRequest preq;
+    preq.setPkgId(app.getPkgId());
+    preq.setUid(user.getUid());
+    std::string privPath = "/opt/.././" + app.getPrivateDir();
+    size_t pos = privPath.find_last_of("/");
+    std::string lastElem = privPath.substr(pos + 1);
+
+    preq.addPath(privPath + "/../" + lastElem, SECURITY_MANAGER_PATH_RW);
+
+    Api::registerPaths(preq, (lib_retcode)SECURITY_MANAGER_SUCCESS);
+}
+
  RUNNER_CHILD_TEST(security_manager_60_path_req_as_user_positive)
  {
      TemporaryTestUser user("sm_test_60_user_name", GUM_USERTYPE_NORMAL, false);
@@ -137,6 +158,30 @@ RUNNER_CHILD_TEST(security_manager_60_path_req_as_user_positive)
      Api::registerPaths(preq, (lib_retcode)SECURITY_MANAGER_SUCCESS);
  }
  
+RUNNER_CHILD_TEST(security_manager_60a_path_req_as_user_positive_realpath_check)
+{
+    TemporaryTestUser user("sm_test_60a_user_name", GUM_USERTYPE_NORMAL);
+    user.create();
+
+    AppInstallHelper app("sm_test_60a", user.getUid());
+    ScopedInstaller appInstall(app);
+
+    RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(user.getUid(), user.getGid()) == 0,
+                            "drop_root_privileges failed");
+
+    app.createPrivateDir();
+    PathsRequest preq;
+    preq.setPkgId(app.getPkgId());
+    preq.setUid(user.getUid());
+    std::string privPath = "/opt/.././" + app.getPrivateDir();
+    size_t pos = privPath.find_last_of("/");
+    std::string lastElem = privPath.substr(pos + 1);
+
+    preq.addPath(privPath + "/../" + lastElem, SECURITY_MANAGER_PATH_RW);
+
+    Api::registerPaths(preq, (lib_retcode)SECURITY_MANAGER_SUCCESS);
+}
+
  RUNNER_CHILD_TEST(security_manager_61_path_req_different_user)
  {
      TemporaryTestUser user1("sm_test_61_1_user_name", GUM_USERTYPE_NORMAL, false);
author	Tomasz Świerczek <cwierkajacy@MacBook-Pro-Tomasz.local>
	Mon, 29 Jan 2018 05:58:19 +0000 (06:58 +0100)
committer	Tomasz Swierczek <t.swierczek@samsung.com>
	Tue, 27 Feb 2018 11:46:31 +0000 (12:46 +0100)