diff --git a/security/sandbox/common/test/SandboxTestingChildTests.h b/security/sandbox/common/test/SandboxTestingChildTests.h index a2901683f5c0..61ab0991f5e5 100644 --- a/security/sandbox/common/test/SandboxTestingChildTests.h +++ b/security/sandbox/common/test/SandboxTestingChildTests.h @@ -20,6 +20,7 @@ # include # include # include +# include # endif // XP_LINUX # include # include @@ -46,7 +47,6 @@ void RunTestsContent(SandboxTestingChild* child) { # ifdef XP_LINUX child->ErrnoTest("fstatat_as_fstat"_ns, true, [&] { return fstatat(0, "", &st, AT_EMPTY_PATH); }); -# endif // XP_LINUX const struct timespec usec = {0, 1000}; child->ErrnoTest("nanosleep"_ns, true, @@ -56,6 +56,59 @@ void RunTestsContent(SandboxTestingChild* child) { child->ErrnoTest("clock_getres"_ns, true, [&] { return clock_getres(CLOCK_REALTIME, &res); }); + // An abstract socket that does not starts with '/', so we don't want it to + // work. + // Checking ENETUNREACH should be thrown by SandboxBrokerClient::Connect() + // when it detects it does not starts with a '/' + child->ErrnoValueTest("connect_abstract_blocked"_ns, false, ENETUNREACH, [&] { + int sockfd; + struct sockaddr_un addr; + char str[] = "\0xyz"; // Abstract socket requires first byte to be NULL + size_t str_size = 4; + + memset(&addr, 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + memcpy(&addr.sun_path, str, str_size); + + sockfd = socket(AF_UNIX, SOCK_STREAM, 0); + if (sockfd == -1) { + return -1; + } + + int con_st = connect(sockfd, (struct sockaddr*)&addr, + sizeof(sa_family_t) + str_size); + return con_st; + }); + + // An abstract socket that does starts with /, so we do want it to work. + // Checking ECONNREFUSED because this is what the broker should get when + // trying to establish the connect call for us. + child->ErrnoValueTest("connect_abstract_permit"_ns, false, ECONNREFUSED, [&] { + int sockfd; + struct sockaddr_un addr; + // we re-use actual X path, because this is what is allowed within + // SandboxBrokerPolicyFactory::InitContentPolicy() + // We can't just use any random path allowed, but one with CONNECT allowed. + + // Abstract socket requires first byte to be NULL + char str[] = "\0/tmp/.X11-unix/X"; + size_t str_size = 17; + + memset(&addr, 0, sizeof(struct sockaddr_un)); + addr.sun_family = AF_UNIX; + memcpy(&addr.sun_path, str, str_size); + + sockfd = socket(AF_UNIX, SOCK_STREAM, 0); + if (sockfd == -1) { + return -1; + } + + int con_st = connect(sockfd, (struct sockaddr*)&addr, + sizeof(sa_family_t) + str_size); + return con_st; + }); +# endif // XP_LINUX + #else // XP_UNIX child->ReportNoTests(); #endif // XP_UNIX diff --git a/security/sandbox/test/browser.ini b/security/sandbox/test/browser.ini index 028046bd1106..5362cfe86100 100644 --- a/security/sandbox/test/browser.ini +++ b/security/sandbox/test/browser.ini @@ -21,4 +21,6 @@ support-files = skip-if = (os != 'mac') # This is a Mac-specific test [browser_sandbox_test.js] -skip-if = !debug +skip-if = + (debug && os == 'win') # bug 1718210 + !debug diff --git a/security/sandbox/test/browser_sandbox_test.js b/security/sandbox/test/browser_sandbox_test.js index 55af8b12ae3e..f1583563e9d9 100644 --- a/security/sandbox/test/browser_sandbox_test.js +++ b/security/sandbox/test/browser_sandbox_test.js @@ -14,6 +14,10 @@ function test() { // GPU process might not run depending on the platform, so we need it to be // the last one of the list to allow the remainingTests logic below to work // as expected. + // + // Skip GPU tests for now because they don't actually run anything and they + // trigger some shutdown hang on Windows + // FIXME: Bug XXX var processTypes = ["tab", "socket", "rdd", "gmplugin", "gpu"]; // A callback called after each test-result.