1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // This file contains unit tests for the job object.
6
7 #include "base/win/scoped_process_information.h"
8 #include "sandbox/win/src/job.h"
9 #include "testing/gtest/include/gtest/gtest.h"
10
11 namespace sandbox {
12
13 // Tests the creation and destruction of the job.
TEST(JobTest,TestCreation)14 TEST(JobTest, TestCreation) {
15 // Scope the creation of Job.
16 {
17 // Create the job.
18 Job job;
19 ASSERT_EQ(ERROR_SUCCESS, job.Init(JOB_LOCKDOWN, L"my_test_job_name", 0));
20
21 // check if the job exists.
22 HANDLE job_handle = ::OpenJobObjectW(GENERIC_ALL, FALSE,
23 L"my_test_job_name");
24 ASSERT_TRUE(job_handle != NULL);
25
26 if (job_handle)
27 CloseHandle(job_handle);
28 }
29
30 // Check if the job is destroyed when the object goes out of scope.
31 HANDLE job_handle = ::OpenJobObjectW(GENERIC_ALL, FALSE, L"my_test_job_name");
32 ASSERT_TRUE(job_handle == NULL);
33 ASSERT_EQ(ERROR_FILE_NOT_FOUND, ::GetLastError());
34 }
35
36 // Tests the method "Detach".
TEST(JobTest,TestDetach)37 TEST(JobTest, TestDetach) {
38 HANDLE job_handle;
39 // Scope the creation of Job.
40 {
41 // Create the job.
42 Job job;
43 ASSERT_EQ(ERROR_SUCCESS, job.Init(JOB_LOCKDOWN, L"my_test_job_name", 0));
44
45 job_handle = job.Detach();
46 ASSERT_TRUE(job_handle != NULL);
47 }
48
49 // Check to be sure that the job is still alive even after the object is gone
50 // out of scope.
51 HANDLE job_handle_dup = ::OpenJobObjectW(GENERIC_ALL, FALSE,
52 L"my_test_job_name");
53 ASSERT_TRUE(job_handle_dup != NULL);
54
55 // Remove all references.
56 if (job_handle_dup)
57 ::CloseHandle(job_handle_dup);
58
59 if (job_handle)
60 ::CloseHandle(job_handle);
61
62 // Check if the jbo is really dead.
63 job_handle = ::OpenJobObjectW(GENERIC_ALL, FALSE, L"my_test_job_name");
64 ASSERT_TRUE(job_handle == NULL);
65 ASSERT_EQ(ERROR_FILE_NOT_FOUND, ::GetLastError());
66 }
67
68 // Tests the ui exceptions
TEST(JobTest,TestExceptions)69 TEST(JobTest, TestExceptions) {
70 HANDLE job_handle;
71 // Scope the creation of Job.
72 {
73 // Create the job.
74 Job job;
75 ASSERT_EQ(ERROR_SUCCESS, job.Init(JOB_LOCKDOWN, L"my_test_job_name",
76 JOB_OBJECT_UILIMIT_READCLIPBOARD));
77
78 job_handle = job.Detach();
79 ASSERT_TRUE(job_handle != NULL);
80
81 JOBOBJECT_BASIC_UI_RESTRICTIONS jbur = {0};
82 DWORD size = sizeof(jbur);
83 BOOL result = ::QueryInformationJobObject(job_handle,
84 JobObjectBasicUIRestrictions,
85 &jbur, size, &size);
86 ASSERT_TRUE(result);
87
88 ASSERT_EQ(jbur.UIRestrictionsClass & JOB_OBJECT_UILIMIT_READCLIPBOARD, 0);
89 ::CloseHandle(job_handle);
90 }
91
92 // Scope the creation of Job.
93 {
94 // Create the job.
95 Job job;
96 ASSERT_EQ(ERROR_SUCCESS, job.Init(JOB_LOCKDOWN, L"my_test_job_name", 0));
97
98 job_handle = job.Detach();
99 ASSERT_TRUE(job_handle != NULL);
100
101 JOBOBJECT_BASIC_UI_RESTRICTIONS jbur = {0};
102 DWORD size = sizeof(jbur);
103 BOOL result = ::QueryInformationJobObject(job_handle,
104 JobObjectBasicUIRestrictions,
105 &jbur, size, &size);
106 ASSERT_TRUE(result);
107
108 ASSERT_EQ(jbur.UIRestrictionsClass & JOB_OBJECT_UILIMIT_READCLIPBOARD,
109 JOB_OBJECT_UILIMIT_READCLIPBOARD);
110 ::CloseHandle(job_handle);
111 }
112 }
113
114 // Tests the error case when the job is initialized twice.
TEST(JobTest,DoubleInit)115 TEST(JobTest, DoubleInit) {
116 // Create the job.
117 Job job;
118 ASSERT_EQ(ERROR_SUCCESS, job.Init(JOB_LOCKDOWN, L"my_test_job_name", 0));
119 ASSERT_EQ(ERROR_ALREADY_INITIALIZED, job.Init(JOB_LOCKDOWN, L"test", 0));
120 }
121
122 // Tests the error case when we use a method and the object is not yet
123 // initialized.
TEST(JobTest,NoInit)124 TEST(JobTest, NoInit) {
125 Job job;
126 ASSERT_EQ(ERROR_NO_DATA, job.UserHandleGrantAccess(NULL));
127 ASSERT_EQ(ERROR_NO_DATA, job.AssignProcessToJob(NULL));
128 ASSERT_TRUE(job.Detach() == NULL);
129 }
130
131 // Tests the initialization of the job with different security level.
TEST(JobTest,SecurityLevel)132 TEST(JobTest, SecurityLevel) {
133 Job job1;
134 ASSERT_EQ(ERROR_SUCCESS, job1.Init(JOB_LOCKDOWN, L"job1", 0));
135
136 Job job2;
137 ASSERT_EQ(ERROR_SUCCESS, job2.Init(JOB_RESTRICTED, L"job2", 0));
138
139 Job job3;
140 ASSERT_EQ(ERROR_SUCCESS, job3.Init(JOB_LIMITED_USER, L"job3", 0));
141
142 Job job4;
143 ASSERT_EQ(ERROR_SUCCESS, job4.Init(JOB_INTERACTIVE, L"job4", 0));
144
145 Job job5;
146 ASSERT_EQ(ERROR_SUCCESS, job5.Init(JOB_UNPROTECTED, L"job5", 0));
147
148 // JOB_NONE means we run without a job object so Init should fail.
149 Job job6;
150 ASSERT_EQ(ERROR_BAD_ARGUMENTS, job6.Init(JOB_NONE, L"job6", 0));
151
152 Job job7;
153 ASSERT_EQ(ERROR_BAD_ARGUMENTS, job7.Init(
154 static_cast<JobLevel>(JOB_NONE+1), L"job7", 0));
155 }
156
157 // Tests the method "AssignProcessToJob".
TEST(JobTest,ProcessInJob)158 TEST(JobTest, ProcessInJob) {
159 // Create the job.
160 Job job;
161 ASSERT_EQ(ERROR_SUCCESS, job.Init(JOB_UNPROTECTED, L"job_test_process", 0));
162
163 BOOL result = FALSE;
164
165 wchar_t notepad[] = L"notepad";
166 STARTUPINFO si = { sizeof(si) };
167 PROCESS_INFORMATION temp_process_info = {};
168 result = ::CreateProcess(NULL, notepad, NULL, NULL, FALSE, 0, NULL, NULL, &si,
169 &temp_process_info);
170 ASSERT_TRUE(result);
171 base::win::ScopedProcessInformation pi(temp_process_info);
172 ASSERT_EQ(ERROR_SUCCESS, job.AssignProcessToJob(pi.process_handle()));
173
174 // Get the job handle.
175 HANDLE job_handle = job.Detach();
176
177 // Check if the process is in the job.
178 JOBOBJECT_BASIC_PROCESS_ID_LIST jbpidl = {0};
179 DWORD size = sizeof(jbpidl);
180 result = ::QueryInformationJobObject(job_handle,
181 JobObjectBasicProcessIdList,
182 &jbpidl, size, &size);
183 EXPECT_TRUE(result);
184
185 EXPECT_EQ(1, jbpidl.NumberOfAssignedProcesses);
186 EXPECT_EQ(1, jbpidl.NumberOfProcessIdsInList);
187 EXPECT_EQ(pi.process_id(), jbpidl.ProcessIdList[0]);
188
189 EXPECT_TRUE(::TerminateProcess(pi.process_handle(), 0));
190
191 EXPECT_TRUE(::CloseHandle(job_handle));
192 }
193
194 } // namespace sandbox
195