git.saurik.com Git - apple/xnu.git/blame_incremental - tests/invalid_setaudit

... / ...

Commit	Line	Data
	1	#pragma clang diagnostic ignored "-Wdeprecated-declarations"
	2
	3	#include <bsm/audit.h>
	4	#include <bsm/audit_session.h>
	5	#include <err.h>
	6	#include <sysexits.h>
	7	#include <unistd.h>
	8	#include <errno.h>
	9	#include <string.h>
	10
	11	#include <darwintest.h>
	12	#include <darwintest_utils.h>
	13
	14	T_GLOBAL_META(T_META_RUN_CONCURRENTLY(true));
	15
	16	T_DECL(invalid_setaudit_57414044,
	17	"Verify that auditing a setaudit_addr syscall which has an invalid "
	18	"at_type field does not panic",
	19	T_META_CHECK_LEAKS(false))
	20	{
	21	T_SETUPBEGIN;
	22
	23	int cond, ret = auditon(A_GETCOND, &cond, sizeof(cond));
	24	if (ret == -1 && errno == ENOSYS) {
	25	T_SKIP("no kernel support for auditing; can't test");
	26	}
	27	T_ASSERT_POSIX_SUCCESS(ret, "auditon A_GETCOND");
	28	if (cond != AUC_AUDITING) {
	29	T_SKIP("auditing is not enabled; can't test");
	30	}
	31
	32	/* set up auditing to audit `setaudit_addr` */
	33	auditpinfo_addr_t pinfo_addr = {.ap_pid = getpid()};
	34	T_ASSERT_POSIX_SUCCESS(auditon(A_GETPINFO_ADDR, &pinfo_addr, sizeof(pinfo_addr)), NULL);
	35	auditpinfo_t pinfo = {.ap_pid = getpid(), .ap_mask = pinfo_addr.ap_mask};
	36	pinfo.ap_mask.am_failure \|= 0x800; /* man 5 audit_class */
	37	T_ASSERT_POSIX_SUCCESS(auditon(A_SETPMASK, &pinfo, sizeof(pinfo)), NULL);
	38
	39	T_SETUPEND;
	40
	41	struct auditinfo_addr a;
	42	memset(&a, 0, sizeof(a));
	43	a.ai_termid.at_type = 999;
	44	T_ASSERT_POSIX_FAILURE(setaudit_addr(&a, sizeof(a)), EINVAL,
	45	"setaudit_addr should fail due to invalid at_type");
	46	}