mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 00:14:44 +01:00
The coredump regression test existed in the tree, but was not hooked up to
the testsuite. It looks like coredump mediation may have been removed, since it is rather a corner-case, so I have currently marked it as XFAIL. In hooking it back up, the "prologue.inc" was reviewed, dead code dropped, and the "image=" argument changed to correctly handle the imageperms syntax used elsewhere. It was working in other tests out of coincidence.
This commit is contained in:
Kees Cook
parent
b30b4c1877
commit
32d899eb6d
5 changed files with 59 additions and 36 deletions
|
|
@ -237,3 +237,4 @@ tests/regression/apparmor/unix_fd_client
|
|||
tests/regression/apparmor/unix_fd_server
|
||||
tests/regression/apparmor/unlink
|
||||
tests/regression/apparmor/xattrs
|
||||
tests/regression/apparmor/coredump
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@ SRC=access.c \
|
|||
chmod.c \
|
||||
chown.c \
|
||||
clone.c \
|
||||
coredump.c \
|
||||
deleted.c \
|
||||
environ.c \
|
||||
env_check.c \
|
||||
|
|
@ -113,6 +114,7 @@ TESTS=access \
|
|||
changehat_misc \
|
||||
chdir \
|
||||
clone \
|
||||
coredump \
|
||||
deleted \
|
||||
environ \
|
||||
exec \
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
#include <stdio.h>
|
||||
int *ptr;
|
||||
|
||||
/*
|
||||
* Copyright (C) 2002-2005 Novell/SUSE
|
||||
* Copyright (C) 2010 Canonical, Ltd
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
|
|
@ -9,7 +11,7 @@ int *ptr;
|
|||
* License.
|
||||
*/
|
||||
|
||||
main()
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
printf("This will cause a sigsegv\n");
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
#! /bin/bash
|
||||
# $Id$
|
||||
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) 2010 Canonical, Ltd
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
|
|
@ -11,26 +10,52 @@
|
|||
#=NAME coredump
|
||||
#=DESCRIPTION coredump test
|
||||
|
||||
cleancorefile()
|
||||
{
|
||||
rm -f core core.*
|
||||
}
|
||||
|
||||
checkcorefile()
|
||||
{
|
||||
_corefilelist=`echo core.*`
|
||||
if [ "$_corefilelist" = "core.*" ]
|
||||
then
|
||||
_corefile=no
|
||||
else
|
||||
_corefile=yes
|
||||
fi
|
||||
# global _testdesc _pfmode _known outfile
|
||||
if [ ${1:0:1} == "x" ] ; then
|
||||
requirement=${1#x}
|
||||
_known=" (known problem)"
|
||||
else
|
||||
requirement=$1
|
||||
_known=""
|
||||
fi
|
||||
|
||||
if [ "$1" = "yes" -a "$_corefile" = "no" ]
|
||||
then
|
||||
echo "Error: corefile expected but not present - $2"
|
||||
elif [ "$1" = "no" -a "$_corefile" = "yes" ]
|
||||
then
|
||||
echo "Error: corefile present when not expected -- $2"
|
||||
fi
|
||||
_corefilelist=`echo core.*`
|
||||
if [ ! -f core ] && [ "$_corefilelist" = "core.*" ]
|
||||
then
|
||||
_corefile=no
|
||||
else
|
||||
_corefile=yes
|
||||
fi
|
||||
|
||||
unset _corefile _corefilelist
|
||||
rm -f core.*
|
||||
if [ "$requirement" = "yes" -a "$_corefile" = "no" ] ; then
|
||||
if [ -n $_known ] ; then
|
||||
echo -n "XFAIL: "
|
||||
fi
|
||||
echo "Error: corefile expected but not present - $2"
|
||||
if [ -z $_known ] ; then
|
||||
cat $profile
|
||||
testfailed
|
||||
fi
|
||||
elif [ "$requirement" = "no" -a "$_corefile" = "yes" ] ; then
|
||||
if [ -n "$_known" ] ; then
|
||||
echo -n "XFAIL: "
|
||||
fi
|
||||
echo "Error: corefile present when not expected -- $2"
|
||||
if [ -z "$_known" ] ; then
|
||||
cat $profile
|
||||
testfailed
|
||||
fi
|
||||
fi
|
||||
|
||||
unset _corefile _corefilelist
|
||||
cleancorefile
|
||||
}
|
||||
|
||||
pwd=`dirname $0`
|
||||
|
|
@ -45,15 +70,18 @@ nocoreperm=ix
|
|||
|
||||
# enable coredumps
|
||||
ulimit -c 1000000
|
||||
cleancorefile
|
||||
checkcorefile no "COREDUMP (starting with clean slate)"
|
||||
|
||||
# PASS TEST, no confinement
|
||||
cleancorefile
|
||||
echo "*** A 'Segmentation Fault' message from bash is expected for the following test"
|
||||
runchecktest "COREDUMP (no confinement)" signal11
|
||||
checkcorefile yes "COREDUMP (no confinement)"
|
||||
|
||||
# PASS TEST, with r confinement
|
||||
genprofile $test:$coreperm
|
||||
cat $profile
|
||||
cleancorefile
|
||||
genprofile image=$test:$coreperm
|
||||
|
||||
echo
|
||||
echo "*** A 'Segmentation Fault' message from bash is expected for the following test"
|
||||
|
|
@ -61,10 +89,10 @@ runchecktest "COREDUMP ($coreperm confinement)" signal11
|
|||
checkcorefile yes "COREDUMP ($coreperm confinement)"
|
||||
|
||||
# FAIL TEST, with x confinement
|
||||
genprofile $test:$nocoreperm
|
||||
cat $profile
|
||||
cleancorefile
|
||||
genprofile image=$test:$nocoreperm
|
||||
|
||||
echo
|
||||
echo "*** A 'Segmentation Fault' message from bash is expected for the following test"
|
||||
runchecktest "COREDUMP ($nocoreperm confinement)" signal11
|
||||
checkcorefile no "COREDUMP ($nocoreperm confinement)"
|
||||
checkcorefile xno "COREDUMP ($nocoreperm confinement)"
|
||||
|
|
|
|||
|
|
@ -415,22 +415,12 @@ fi
|
|||
# it is most often used after --, in fact it is basically
|
||||
# mandatory after --
|
||||
case "$1" in
|
||||
profile=*) imagename=`echo $1 | sed 's/^profile=[rix]*//'`
|
||||
perm=`echo $1 | sed -n 's/^profile=\([rix]*\).*$/\1/p'`
|
||||
if [ -n "$perm" ]
|
||||
then
|
||||
imageperm=$perm
|
||||
fi
|
||||
num_emitted=0
|
||||
shift
|
||||
;;
|
||||
|
||||
image=*) imagename=`echo $1 | sed 's/^image=[rix]*//'`
|
||||
image=*) imagename=`echo $1 | sed 's/^image=\([^:]*\).*$/\1/'`
|
||||
if [ ! -x "$imagename" ]
|
||||
then
|
||||
fatalerror "invalid imagename specified in input '$1'"
|
||||
fi
|
||||
perm=`echo $1 | sed -n 's/^image=\([rix]*\).*$/\1/p'`
|
||||
perm=`echo $1 | sed -n 's/^image=[^:]*:\(.*\)$/\1/p'`
|
||||
if [ -n "$perm" ]
|
||||
then
|
||||
imageperm=$perm
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue