]> git.saurik.com Git - apple/xnu.git/blob - tests/invalid_setaudit_57414044.c
projects / apple / xnu.git / blob
? search:


dcb619ff924bc7954db348d50928825f159e7fbd
[apple/xnu.git] / tests / invalid_setaudit_57414044.c
1 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
2
3 #include <bsm/audit.h>
4 #include <bsm/audit_session.h>
5 #include <err.h>
6 #include <sysexits.h>
7 #include <unistd.h>
8 #include <errno.h>
9 #include <string.h>
10
11 #include <darwintest.h>
12 #include <darwintest_utils.h>
13
14 T_GLOBAL_META(T_META_RUN_CONCURRENTLY(true));
15
16 T_DECL(invalid_setaudit_57414044,
17 "Verify that auditing a setaudit_addr syscall which has an invalid "
18 "at_type field does not panic",
19 T_META_CHECK_LEAKS(false))
20 {
21 T_SETUPBEGIN;
22
23 int cond, ret = auditon(A_GETCOND, &cond, sizeof(cond));
24 if (ret == -1 && errno == ENOSYS) {
25 T_SKIP("no kernel support for auditing; can't test");
26 }
27 T_ASSERT_POSIX_SUCCESS(ret, "auditon A_GETCOND");
28 if (cond != AUC_AUDITING) {
29 T_SKIP("auditing is not enabled; can't test");
30 }
31
32 /* set up auditing to audit `setaudit_addr` */
33 auditpinfo_addr_t pinfo_addr = {.ap_pid = getpid()};
34 T_ASSERT_POSIX_SUCCESS(auditon(A_GETPINFO_ADDR, &pinfo_addr, sizeof(pinfo_addr)), NULL);
35 auditpinfo_t pinfo = {.ap_pid = getpid(), .ap_mask = pinfo_addr.ap_mask};
36 pinfo.ap_mask.am_failure |= 0x800; /* man 5 audit_class */
37 T_ASSERT_POSIX_SUCCESS(auditon(A_SETPMASK, &pinfo, sizeof(pinfo)), NULL);
38
39 T_SETUPEND;
40
41 struct auditinfo_addr a;
42 memset(&a, 0, sizeof(a));
43 a.ai_termid.at_type = 999;
44 T_ASSERT_POSIX_FAILURE(setaudit_addr(&a, sizeof(a)), EINVAL,
45 "setaudit_addr should fail due to invalid at_type");
46 }
mirror of XNU