1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "sandbox/win/sandbox_poc/pocdll/exports.h"
6 #include "sandbox/win/sandbox_poc/pocdll/utils.h"
7
8 // This file contains the tests used to verify the security of the file system.
9
10 // Tries to open a file and outputs the result.
11 // "path" can contain environment variables.
12 // "output" is the stream for the logging.
TryOpenFile(const wchar_t * path,FILE * output)13 void TryOpenFile(const wchar_t *path, FILE *output) {
14 wchar_t path_expanded[MAX_PATH] = {0};
15 DWORD size = ::ExpandEnvironmentStrings(path, path_expanded, MAX_PATH - 1);
16 if (!size) {
17 fprintf(output, "[ERROR] Cannot expand \"%S\". Error %ld.\r\n", path,
18 ::GetLastError());
19 }
20
21 HANDLE file;
22 file = ::CreateFile(path_expanded,
23 GENERIC_READ,
24 FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
25 NULL, // No security attributes
26 OPEN_EXISTING,
27 FILE_FLAG_BACKUP_SEMANTICS,
28 NULL); // No template
29
30 if (file && INVALID_HANDLE_VALUE != file) {
31 fprintf(output, "[GRANTED] Opening file \"%S\". Handle 0x%p\r\n", path,
32 file);
33 ::CloseHandle(file);
34 } else {
35 fprintf(output, "[BLOCKED] Opening file \"%S\". Error %ld.\r\n", path,
36 ::GetLastError());
37 }
38 }
39
TestFileSystem(HANDLE log)40 void POCDLL_API TestFileSystem(HANDLE log) {
41 HandleToFile handle2file;
42 FILE *output = handle2file.Translate(log, "w");
43
44 TryOpenFile(L"%SystemDrive%", output);
45 TryOpenFile(L"%SystemRoot%", output);
46 TryOpenFile(L"%ProgramFiles%", output);
47 TryOpenFile(L"%SystemRoot%\\System32", output);
48 TryOpenFile(L"%SystemRoot%\\explorer.exe", output);
49 TryOpenFile(L"%SystemRoot%\\Cursors\\arrow_i.cur", output);
50 TryOpenFile(L"%AllUsersProfile%", output);
51 TryOpenFile(L"%UserProfile%", output);
52 TryOpenFile(L"%Temp%", output);
53 TryOpenFile(L"%AppData%", output);
54 }
55