xref: /openbsd-src/regress/lib/libc/sys/t_revoke.c (revision f6aab3d83b51b91c24247ad2c2573574de475a82) 
1 /*	$OpenBSD: t_revoke.c,v 1.3 2021/12/13 16:56:48 deraadt Exp $	*/
2 /* $NetBSD: t_revoke.c,v 1.2 2017/01/13 21:15:57 christos Exp $ */
3 
4 /*-
5  * Copyright (c) 2011 The NetBSD Foundation, Inc.
6  * All rights reserved.
7  *
8  * This code is derived from software contributed to The NetBSD Foundation
9  * by Jukka Ruohonen.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in the
18  *    documentation and/or other materials provided with the distribution.
19  *
20  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
21  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
22  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
23  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
24  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30  * POSSIBILITY OF SUCH DAMAGE.
31  */
32 
33 #include "macros.h"
34 
35 #include <sys/resource.h>
36 #include <sys/wait.h>
37 
38 #include "atf-c.h"
39 #include <fcntl.h>
40 #include <errno.h>
41 #include <pwd.h>
42 #include <stdio.h>
43 #include <stdlib.h>
44 #include <string.h>
45 #include <unistd.h>
46 
47 static const char path[] = "revoke";
48 
49 ATF_TC_WITH_CLEANUP(revoke_basic);
50 ATF_TC_HEAD(revoke_basic, tc)
51 {
52 	atf_tc_set_md_var(tc, "descr", "A basic test of revoke(2)");
53 }
54 
55 ATF_TC_BODY(revoke_basic, tc)
56 {
57 	struct rlimit res;
58 	char tmp[10];
59 	size_t i, n;
60 	int *buf;
61 
62 	(void)memset(&res, 0, sizeof(struct rlimit));
63 	(void)getrlimit(RLIMIT_NOFILE, &res);
64 
65 	if ((n = res.rlim_cur / 10) == 0)
66 		n = 10;
67 
68 	buf = calloc(n, sizeof(int));
69 	ATF_REQUIRE(buf != NULL);
70 
71 	buf[0] = open(path, O_RDWR | O_CREAT, 0600);
72 	ATF_REQUIRE(buf[0] >= 0);
73 
74 	for (i = 1; i < n; i++) {
75 		buf[i] = open(path, O_RDWR);
76 		ATF_REQUIRE(buf[i] >= 0);
77 	}
78 
79 	ATF_REQUIRE(revoke(path) == 0);
80 
81 	for (i = 0; i < n; i++) {
82 
83 		ATF_REQUIRE(read(buf[i], tmp, sizeof(tmp)) == -1);
84 
85 		(void)close(buf[i]);
86 	}
87 
88 	free(buf);
89 
90 	(void)unlink(path);
91 }
92 
93 ATF_TC_CLEANUP(revoke_basic, tc)
94 {
95 	(void)unlink(path);
96 }
97 
98 ATF_TC(revoke_err);
99 ATF_TC_HEAD(revoke_err, tc)
100 {
101 	atf_tc_set_md_var(tc, "descr", "Test errors from revoke(2)");
102 	atf_tc_set_md_var(tc, "require.user", "unprivileged");
103 }
104 
105 ATF_TC_BODY(revoke_err, tc)
106 {
107 	char buf[1024 + 1];	/* XXX: From the manual page... */
108 
109 	(void)memset(buf, 'x', sizeof(buf));
110 
111 	errno = 0;
112 	ATF_REQUIRE_ERRNO(EFAULT, revoke((char *)-1) == -1);
113 
114 	errno = 0;
115 	ATF_REQUIRE_ERRNO(ENAMETOOLONG, revoke(buf) == -1);
116 
117 	errno = 0;
118 #ifdef __OpenBSD__
119 	ATF_REQUIRE_ERRNO(ENOTTY, revoke("/etc/passwd") == -1);
120 #else
121 	ATF_REQUIRE_ERRNO(EPERM, revoke("/etc/passwd") == -1);
122 #endif
123 
124 	errno = 0;
125 	ATF_REQUIRE_ERRNO(ENOENT, revoke("/etc/xxx/yyy") == -1);
126 }
127 
128 ATF_TC_WITH_CLEANUP(revoke_perm);
129 ATF_TC_HEAD(revoke_perm, tc)
130 {
131 	atf_tc_set_md_var(tc, "descr", "Test permissions revoke(2)");
132 	atf_tc_set_md_var(tc, "require.user", "root");
133 }
134 
135 ATF_TC_BODY(revoke_perm, tc)
136 {
137 	struct passwd *pw;
138 	int fd, sta;
139 	pid_t pid;
140 
141 	pw = getpwnam("nobody");
142 	fd = open(path, O_RDWR | O_CREAT, 0600);
143 
144 	ATF_REQUIRE(fd >= 0);
145 	ATF_REQUIRE(pw != NULL);
146 	ATF_REQUIRE(revoke(path) == 0);
147 
148 	pid = fork();
149 	ATF_REQUIRE(pid >= 0);
150 
151 	if (pid == 0) {
152 
153 		if (setuid(pw->pw_uid) != 0)
154 			_exit(EXIT_FAILURE);
155 
156 		errno = 0;
157 
158 		if (revoke(path) == 0)
159 			_exit(EXIT_FAILURE);
160 
161 		if (errno != EACCES)
162 			_exit(EXIT_FAILURE);
163 
164 		if (close(fd) != 0)
165 			_exit(EXIT_FAILURE);
166 
167 		_exit(EXIT_SUCCESS);
168 	}
169 
170 	(void)wait(&sta);
171 
172 	if (WIFEXITED(sta) == 0 || WEXITSTATUS(sta) != EXIT_SUCCESS)
173 		atf_tc_fail("revoke(2) did not obey permissions");
174 
175 	(void)close(fd);
176 	ATF_REQUIRE(unlink(path) == 0);
177 }
178 
179 ATF_TC_CLEANUP(revoke_perm, tc)
180 {
181 	(void)unlink(path);
182 }
183 
184 ATF_TP_ADD_TCS(tp)
185 {
186 
187 #ifndef __OpenBSD__
188 	/* OpenBSD supports revoke only on ttys */
189 	ATF_TP_ADD_TC(tp, revoke_basic);
190 #endif
191 	ATF_TP_ADD_TC(tp, revoke_err);
192 #ifndef __OpenBSD__
193 	/* OpenBSD supports revoke only on ttys */
194 	ATF_TP_ADD_TC(tp, revoke_perm);
195 #endif
196 
197 	return atf_no_error();
198 }
199