]> git.saurik.com Git - apple/security.git/blob - OSX/sec/securityd/Regressions/secd-04-corrupted-items.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.60.18.tar.gz
[apple/security.git] / OSX / sec / securityd / Regressions / secd-04-corrupted-items.c
1 /*
2 * Copyright (c) 2013-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 #include "secd_regressions.h"
26
27 #include <securityd/SecDbItem.h>
28 #include <utilities/SecCFWrappers.h>
29 #include <utilities/SecFileLocations.h>
30 #include <utilities/fileIo.h>
31
32 #include <securityd/SOSCloudCircleServer.h>
33 #include <securityd/SecItemServer.h>
34
35 #include <Security/SecBasePriv.h>
36
37 #include <AssertMacros.h>
38
39 #include <stdio.h>
40 #include <unistd.h>
41 #include <sys/stat.h>
42 #include <pthread.h>
43
44 #include "SecdTestKeychainUtilities.h"
45
46 /* Corrupt 1st and 3rd item */
47 static const char *corrupt_item_sql = "UPDATE inet SET data=X'12345678' WHERE rowid=1 OR rowid=3";
48
49 int secd_04_corrupted_items(int argc, char *const *argv)
50 {
51 plan_tests(11 + kSecdTestSetupTestCount);
52
53 /* custom keychain dir */
54 secd_test_setup_temp_keychain("secd_04_corrupted_items", NULL);
55
56 /* add a password */
57 CFTypeRef ref1 = NULL;
58 int v_eighty = 80;
59 CFNumberRef eighty = CFNumberCreate(NULL, kCFNumberSInt32Type, &v_eighty);
60 const char *v_data = "test";
61 CFDataRef pwdata = CFDataCreate(NULL, (UInt8 *)v_data, strlen(v_data));
62 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
63 CFDictionaryAddValue(query, kSecClass, kSecClassInternetPassword);
64 CFDictionaryAddValue(query, kSecAttrServer, CFSTR("corrupt.spamcop.net"));
65 CFDictionaryAddValue(query, kSecAttrAccount, CFSTR("smith"));
66 CFDictionaryAddValue(query, kSecAttrPort, eighty);
67 CFDictionaryAddValue(query, kSecAttrProtocol, kSecAttrProtocolHTTP);
68 CFDictionaryAddValue(query, kSecAttrAuthenticationType, kSecAttrAuthenticationTypeDefault);
69 CFDictionaryAddValue(query, kSecValueData, pwdata);
70 CFDictionaryAddValue(query, kSecReturnPersistentRef, kCFBooleanTrue);
71 ok_status(SecItemAdd(query, &ref1), "add internet password port 80");
72
73 /* add another one */
74 CFTypeRef ref2 = NULL;
75 int v_eighty_one = 81;
76 CFNumberRef eighty_one = CFNumberCreate(NULL, kCFNumberSInt32Type, &v_eighty_one);
77 CFDictionarySetValue(query, kSecAttrPort, eighty_one);
78 ok_status(SecItemAdd(query, &ref2), "add internet password port 81");
79
80 /* add another one */
81 CFTypeRef ref3 = NULL;
82 int v_eighty_two = 82;
83 CFNumberRef eighty_two = CFNumberCreate(NULL, kCFNumberSInt32Type, &v_eighty_two);
84 CFDictionarySetValue(query, kSecAttrPort, eighty_two);
85 ok_status(SecItemAdd(query, &ref3), "add internet password port 82");
86
87 /* remove the data, and return key from the query */
88 CFDictionaryRemoveValue(query, kSecValueData);
89 CFDictionaryRemoveValue(query, kSecReturnPersistentRef);
90
91 /* update second password to conflict with first one */
92 CFDictionarySetValue(query, kSecAttrPort, eighty_one);
93 CFMutableDictionaryRef attributes = CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
94 CFDictionaryAddValue(attributes, kSecAttrPort, eighty);
95 is_status(SecItemUpdate(query, attributes), errSecDuplicateItem, "update internet password port 80 to 81");
96
97 /* corrupt the first and 3rd password */
98 CFStringRef keychain_path_cf = __SecKeychainCopyPath();
99
100 CFStringPerformWithCString(keychain_path_cf, ^(const char *keychain_path) {
101 /* Create a new keychain sqlite db */
102 sqlite3 *db;
103
104 is(sqlite3_open(keychain_path, &db), SQLITE_OK, "open keychain");
105 is(sqlite3_exec(db, corrupt_item_sql, NULL, NULL, NULL), SQLITE_OK,
106 "corrupting keychain items");
107
108 });
109
110 /* Try the update again */
111 ok_status(SecItemUpdate(query, attributes), "update internet password port 80 to 81 (after corrupting item)");
112
113 /* query the persistent ref */
114 CFTypeRef ref = NULL;
115 CFDictionarySetValue(query, kSecAttrPort, eighty);
116 CFDictionaryAddValue(query, kSecReturnPersistentRef, kCFBooleanTrue);
117 ok_status(SecItemCopyMatching(query, &ref), "Item 80 found");
118
119 CFDictionaryRemoveValue(query, kSecReturnPersistentRef);
120 ok(CFEqual(ref, ref2), "persistent ref of item 2");
121
122 CFReleaseNull(attributes);
123
124 /* Update the 3rd item (82) */
125 CFDictionarySetValue(query, kSecAttrPort, eighty_two);
126
127 attributes = CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
128 CFDictionaryAddValue(attributes, kSecAttrLabel, CFSTR("This is the 3rd password"));
129 is_status(SecItemUpdate(query, attributes), errSecItemNotFound, "update internet password port 82 (after corrupting item)");
130
131 CFDictionarySetValue(query, kSecValueData, pwdata);
132 ok_status(SecItemAdd(query, NULL), "re-adding internet password port 82 (after corrupting item)");
133 CFReleaseNull(pwdata);
134 CFReleaseNull(attributes);
135 CFReleaseNull(query);
136 CFReleaseNull(eighty);
137 CFReleaseNull(eighty_one);
138 CFReleaseNull(eighty_two);
139
140 return 0;
141 }
mirror of Security