github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/cmd/snap-confine/snap-confine-args-test.c (about) 1 /* 2 * Copyright (C) 2016 Canonical Ltd 3 * 4 * This program is free software: you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License version 3 as 6 * published by the Free Software Foundation. 7 * 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 * GNU General Public License for more details. 12 * 13 * You should have received a copy of the GNU General Public License 14 * along with this program. If not, see <http://www.gnu.org/licenses/>. 15 * 16 */ 17 18 #include "snap-confine-args.h" 19 #include "snap-confine-args.c" 20 #include "../libsnap-confine-private/cleanup-funcs.h" 21 22 #include <stdarg.h> 23 24 #include <glib.h> 25 26 static void test_sc_nonfatal_parse_args__typical(void) 27 { 28 // Test that typical invocation of snap-confine is parsed correctly. 29 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 30 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 31 32 int argc; 33 char **argv; 34 test_argc_argv(&argc, &argv, 35 "/usr/lib/snapd/snap-confine", "snap.SNAP_NAME.APP_NAME", 36 "/usr/lib/snapd/snap-exec", "--option", "arg", NULL); 37 38 args = sc_nonfatal_parse_args(&argc, &argv, &err); 39 g_assert_null(err); 40 g_assert_nonnull(args); 41 42 // Check supported switches and arguments 43 g_assert_cmpstr(sc_args_security_tag(args), ==, 44 "snap.SNAP_NAME.APP_NAME"); 45 g_assert_cmpstr(sc_args_executable(args), ==, 46 "/usr/lib/snapd/snap-exec"); 47 g_assert_cmpint(sc_args_is_version_query(args), ==, false); 48 g_assert_cmpint(sc_args_is_classic_confinement(args), ==, false); 49 g_assert_null(sc_args_base_snap(args)); 50 51 // Check remaining arguments 52 g_assert_cmpint(argc, ==, 3); 53 g_assert_cmpstr(argv[0], ==, "/usr/lib/snapd/snap-confine"); 54 g_assert_cmpstr(argv[1], ==, "--option"); 55 g_assert_cmpstr(argv[2], ==, "arg"); 56 g_assert_null(argv[3]); 57 } 58 59 static void test_sc_cleanup_args(void) 60 { 61 // Check that NULL argument parser can be cleaned up 62 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 63 struct sc_args *args = NULL; 64 sc_cleanup_args(&args); 65 66 // Check that a non-NULL argument parser can be cleaned up 67 int argc; 68 char **argv; 69 test_argc_argv(&argc, &argv, "/usr/lib/snapd/snap-confine", 70 "snap.SNAP_NAME.APP_NAME", "/usr/lib/snapd/snap-exec", 71 NULL); 72 args = sc_nonfatal_parse_args(&argc, &argv, &err); 73 g_assert_null(err); 74 g_assert_nonnull(args); 75 76 sc_cleanup_args(&args); 77 g_assert_null(args); 78 } 79 80 static void test_sc_nonfatal_parse_args__typical_classic(void) 81 { 82 // Test that typical invocation of snap-confine is parsed correctly. 83 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 84 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 85 86 int argc; 87 char **argv; 88 test_argc_argv(&argc, &argv, 89 "/usr/lib/snapd/snap-confine", "--classic", 90 "snap.SNAP_NAME.APP_NAME", "/usr/lib/snapd/snap-exec", 91 "--option", "arg", NULL); 92 93 args = sc_nonfatal_parse_args(&argc, &argv, &err); 94 g_assert_null(err); 95 g_assert_nonnull(args); 96 97 // Check supported switches and arguments 98 g_assert_cmpstr(sc_args_security_tag(args), ==, 99 "snap.SNAP_NAME.APP_NAME"); 100 g_assert_cmpstr(sc_args_executable(args), ==, 101 "/usr/lib/snapd/snap-exec"); 102 g_assert_cmpint(sc_args_is_version_query(args), ==, false); 103 g_assert_cmpint(sc_args_is_classic_confinement(args), ==, true); 104 105 // Check remaining arguments 106 g_assert_cmpint(argc, ==, 3); 107 g_assert_cmpstr(argv[0], ==, "/usr/lib/snapd/snap-confine"); 108 g_assert_cmpstr(argv[1], ==, "--option"); 109 g_assert_cmpstr(argv[2], ==, "arg"); 110 g_assert_null(argv[3]); 111 } 112 113 static void test_sc_nonfatal_parse_args__ubuntu_core_launcher(void) 114 { 115 // Test that typical legacy invocation of snap-confine via the 116 // ubuntu-core-launcher symlink, with duplicated security tag, is parsed 117 // correctly. 118 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 119 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 120 121 int argc; 122 char **argv; 123 test_argc_argv(&argc, &argv, 124 "/usr/bin/ubuntu-core-launcher", 125 "snap.SNAP_NAME.APP_NAME", "snap.SNAP_NAME.APP_NAME", 126 "/usr/lib/snapd/snap-exec", "--option", "arg", NULL); 127 128 args = sc_nonfatal_parse_args(&argc, &argv, &err); 129 g_assert_null(err); 130 g_assert_nonnull(args); 131 132 // Check supported switches and arguments 133 g_assert_cmpstr(sc_args_security_tag(args), ==, 134 "snap.SNAP_NAME.APP_NAME"); 135 g_assert_cmpstr(sc_args_executable(args), ==, 136 "/usr/lib/snapd/snap-exec"); 137 g_assert_cmpint(sc_args_is_version_query(args), ==, false); 138 g_assert_cmpint(sc_args_is_classic_confinement(args), ==, false); 139 140 // Check remaining arguments 141 g_assert_cmpint(argc, ==, 3); 142 g_assert_cmpstr(argv[0], ==, "/usr/bin/ubuntu-core-launcher"); 143 g_assert_cmpstr(argv[1], ==, "--option"); 144 g_assert_cmpstr(argv[2], ==, "arg"); 145 g_assert_null(argv[3]); 146 } 147 148 static void test_sc_nonfatal_parse_args__version(void) 149 { 150 // Test that snap-confine --version is detected. 151 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 152 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 153 154 int argc; 155 char **argv; 156 test_argc_argv(&argc, &argv, 157 "/usr/lib/snapd/snap-confine", "--version", "ignored", 158 "garbage", NULL); 159 160 args = sc_nonfatal_parse_args(&argc, &argv, &err); 161 g_assert_null(err); 162 g_assert_nonnull(args); 163 164 // Check supported switches and arguments 165 g_assert_null(sc_args_security_tag(args)); 166 g_assert_null(sc_args_executable(args)); 167 g_assert_cmpint(sc_args_is_version_query(args), ==, true); 168 g_assert_cmpint(sc_args_is_classic_confinement(args), ==, false); 169 170 // Check remaining arguments 171 g_assert_cmpint(argc, ==, 3); 172 g_assert_cmpstr(argv[0], ==, "/usr/lib/snapd/snap-confine"); 173 g_assert_cmpstr(argv[1], ==, "ignored"); 174 g_assert_cmpstr(argv[2], ==, "garbage"); 175 g_assert_null(argv[3]); 176 } 177 178 static void test_sc_nonfatal_parse_args__evil_input(void) 179 { 180 // Check that calling without any arguments is reported as error. 181 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 182 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 183 184 // NULL argcp/argvp attack 185 args = sc_nonfatal_parse_args(NULL, NULL, &err); 186 187 g_assert_nonnull(err); 188 g_assert_null(args); 189 g_assert_cmpstr(sc_error_msg(err), ==, 190 "cannot parse arguments, argcp or argvp is NULL"); 191 sc_cleanup_error(&err); 192 193 int argc; 194 char **argv; 195 196 // NULL argv attack 197 argc = 0; 198 argv = NULL; 199 args = sc_nonfatal_parse_args(&argc, &argv, &err); 200 201 g_assert_nonnull(err); 202 g_assert_null(args); 203 g_assert_cmpstr(sc_error_msg(err), ==, 204 "cannot parse arguments, argc is zero or argv is NULL"); 205 sc_cleanup_error(&err); 206 207 // NULL argv[i] attack 208 test_argc_argv(&argc, &argv, 209 "/usr/lib/snapd/snap-confine", "--version", "ignored", 210 "garbage", NULL); 211 argv[1] = NULL; // overwrite --version with NULL 212 args = sc_nonfatal_parse_args(&argc, &argv, &err); 213 214 g_assert_nonnull(err); 215 g_assert_null(args); 216 g_assert_cmpstr(sc_error_msg(err), ==, 217 "cannot parse arguments, argument at index 1 is NULL"); 218 } 219 220 static void test_sc_nonfatal_parse_args__nothing_to_parse(void) 221 { 222 // Check that calling without any arguments is reported as error. 223 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 224 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 225 226 int argc; 227 char **argv; 228 test_argc_argv(&argc, &argv, NULL); 229 230 args = sc_nonfatal_parse_args(&argc, &argv, &err); 231 g_assert_nonnull(err); 232 g_assert_null(args); 233 234 // Check the error that we've got 235 g_assert_cmpstr(sc_error_msg(err), ==, 236 "cannot parse arguments, argc is zero or argv is NULL"); 237 } 238 239 static void test_sc_nonfatal_parse_args__no_security_tag(void) 240 { 241 // Check that lack of security tag is reported as error. 242 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 243 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 244 245 int argc; 246 char **argv; 247 test_argc_argv(&argc, &argv, "/usr/lib/snapd/snap-confine", NULL); 248 249 args = sc_nonfatal_parse_args(&argc, &argv, &err); 250 g_assert_nonnull(err); 251 g_assert_null(args); 252 253 // Check the error that we've got 254 g_assert_cmpstr(sc_error_msg(err), ==, 255 "Usage: snap-confine <security-tag> <executable>\n" 256 "\napplication or hook security tag was not provided"); 257 258 g_assert_true(sc_error_match(err, SC_ARGS_DOMAIN, SC_ARGS_ERR_USAGE)); 259 } 260 261 static void test_sc_nonfatal_parse_args__no_executable(void) 262 { 263 // Check that lack of security tag is reported as error. 264 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 265 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 266 267 int argc; 268 char **argv; 269 test_argc_argv(&argc, &argv, "/usr/lib/snapd/snap-confine", 270 "snap.SNAP_NAME.APP_NAME", NULL); 271 272 args = sc_nonfatal_parse_args(&argc, &argv, &err); 273 g_assert_nonnull(err); 274 g_assert_null(args); 275 276 // Check the error that we've got 277 g_assert_cmpstr(sc_error_msg(err), ==, 278 "Usage: snap-confine <security-tag> <executable>\n" 279 "\nexecutable name was not provided"); 280 g_assert_true(sc_error_match(err, SC_ARGS_DOMAIN, SC_ARGS_ERR_USAGE)); 281 } 282 283 static void test_sc_nonfatal_parse_args__unknown_option(void) 284 { 285 // Check that unrecognized option switch is reported as error. 286 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 287 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 288 289 int argc; 290 char **argv; 291 test_argc_argv(&argc, &argv, "/usr/lib/snapd/snap-confine", 292 "--frozbonicator", NULL); 293 294 args = sc_nonfatal_parse_args(&argc, &argv, &err); 295 g_assert_nonnull(err); 296 g_assert_null(args); 297 298 // Check the error that we've got 299 g_assert_cmpstr(sc_error_msg(err), ==, 300 "Usage: snap-confine <security-tag> <executable>\n" 301 "\nunrecognized command line option: --frozbonicator"); 302 g_assert_true(sc_error_match(err, SC_ARGS_DOMAIN, SC_ARGS_ERR_USAGE)); 303 } 304 305 static void test_sc_nonfatal_parse_args__forwards_error(void) 306 { 307 // Check that sc_nonfatal_parse_args() forwards errors. 308 if (g_test_subprocess()) { 309 int argc; 310 char **argv; 311 test_argc_argv(&argc, &argv, "/usr/lib/snapd/snap-confine", 312 "--frozbonicator", NULL); 313 314 // Call sc_nonfatal_parse_args() without an error handle 315 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 316 args = sc_nonfatal_parse_args(&argc, &argv, NULL); 317 (void)args; 318 319 g_test_message("expected not to reach this place"); 320 g_test_fail(); 321 return; 322 } 323 g_test_trap_subprocess(NULL, 0, 0); 324 g_test_trap_assert_failed(); 325 g_test_trap_assert_stderr 326 ("Usage: snap-confine <security-tag> <executable>\n" 327 "\nunrecognized command line option: --frozbonicator\n"); 328 } 329 330 static void test_sc_nonfatal_parse_args__base_snap(void) 331 { 332 // Check that --base specifies the name of the base snap. 333 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 334 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 335 336 int argc; 337 char **argv; 338 test_argc_argv(&argc, &argv, 339 "/usr/lib/snapd/snap-confine", "--base", "base-snap", 340 "snap.SNAP_NAME.APP_NAME", "/usr/lib/snapd/snap-exec", 341 NULL); 342 343 args = sc_nonfatal_parse_args(&argc, &argv, &err); 344 g_assert_null(err); 345 g_assert_nonnull(args); 346 347 // Check the --base switch 348 g_assert_cmpstr(sc_args_base_snap(args), ==, "base-snap"); 349 // Check other arguments 350 g_assert_cmpstr(sc_args_security_tag(args), ==, 351 "snap.SNAP_NAME.APP_NAME"); 352 g_assert_cmpstr(sc_args_executable(args), ==, 353 "/usr/lib/snapd/snap-exec"); 354 g_assert_cmpint(sc_args_is_version_query(args), ==, false); 355 g_assert_cmpint(sc_args_is_classic_confinement(args), ==, false); 356 } 357 358 static void test_sc_nonfatal_parse_args__base_snap__missing_arg(void) 359 { 360 // Check that --base specifies the name of the base snap. 361 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 362 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 363 364 int argc; 365 char **argv; 366 test_argc_argv(&argc, &argv, 367 "/usr/lib/snapd/snap-confine", "--base", NULL); 368 369 args = sc_nonfatal_parse_args(&argc, &argv, &err); 370 g_assert_nonnull(err); 371 g_assert_null(args); 372 373 // Check the error that we've got 374 g_assert_cmpstr(sc_error_msg(err), ==, 375 "Usage: snap-confine <security-tag> <executable>\n" 376 "\nthe --base option requires an argument"); 377 g_assert_true(sc_error_match(err, SC_ARGS_DOMAIN, SC_ARGS_ERR_USAGE)); 378 } 379 380 static void test_sc_nonfatal_parse_args__base_snap__twice(void) 381 { 382 // Check that --base specifies the name of the base snap. 383 sc_error *err SC_CLEANUP(sc_cleanup_error) = NULL; 384 struct sc_args *args SC_CLEANUP(sc_cleanup_args) = NULL; 385 386 int argc; 387 char **argv; 388 test_argc_argv(&argc, &argv, 389 "/usr/lib/snapd/snap-confine", 390 "--base", "base1", "--base", "base2", NULL); 391 392 args = sc_nonfatal_parse_args(&argc, &argv, &err); 393 g_assert_nonnull(err); 394 g_assert_null(args); 395 396 // Check the error that we've got 397 g_assert_cmpstr(sc_error_msg(err), ==, 398 "Usage: snap-confine <security-tag> <executable>\n" 399 "\nthe --base option can be used only once"); 400 g_assert_true(sc_error_match(err, SC_ARGS_DOMAIN, SC_ARGS_ERR_USAGE)); 401 } 402 403 static void __attribute__((constructor)) init(void) 404 { 405 g_test_add_func("/args/sc_cleanup_args", test_sc_cleanup_args); 406 g_test_add_func("/args/sc_nonfatal_parse_args/typical", 407 test_sc_nonfatal_parse_args__typical); 408 g_test_add_func("/args/sc_nonfatal_parse_args/typical_classic", 409 test_sc_nonfatal_parse_args__typical_classic); 410 g_test_add_func("/args/sc_nonfatal_parse_args/ubuntu_core_launcher", 411 test_sc_nonfatal_parse_args__ubuntu_core_launcher); 412 g_test_add_func("/args/sc_nonfatal_parse_args/version", 413 test_sc_nonfatal_parse_args__version); 414 g_test_add_func("/args/sc_nonfatal_parse_args/nothing_to_parse", 415 test_sc_nonfatal_parse_args__nothing_to_parse); 416 g_test_add_func("/args/sc_nonfatal_parse_args/evil_input", 417 test_sc_nonfatal_parse_args__evil_input); 418 g_test_add_func("/args/sc_nonfatal_parse_args/no_security_tag", 419 test_sc_nonfatal_parse_args__no_security_tag); 420 g_test_add_func("/args/sc_nonfatal_parse_args/no_executable", 421 test_sc_nonfatal_parse_args__no_executable); 422 g_test_add_func("/args/sc_nonfatal_parse_args/unknown_option", 423 test_sc_nonfatal_parse_args__unknown_option); 424 g_test_add_func("/args/sc_nonfatal_parse_args/forwards_error", 425 test_sc_nonfatal_parse_args__forwards_error); 426 g_test_add_func("/args/sc_nonfatal_parse_args/base_snap", 427 test_sc_nonfatal_parse_args__base_snap); 428 g_test_add_func("/args/sc_nonfatal_parse_args/base_snap/missing-arg", 429 test_sc_nonfatal_parse_args__base_snap__missing_arg); 430 g_test_add_func("/args/sc_nonfatal_parse_args/base_snap/twice", 431 test_sc_nonfatal_parse_args__base_snap__twice); 432 }