[gentoo-commits] proj/sandbox:stable-2.x commit in: tests/

[gentoo-commits] proj/sandbox:stable-2.x commit in: tests/

[Mike Gilbert]

commit:     9a224dc58838a40f9cde565bb52fd125ab002d49
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Wed Jan  8 04:08:29 2025 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Wed Jan  8 04:08:29 2025 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=9a224dc5

tests: fix testsuite generation for out-of-source build

Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 tests/local.mk | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/local.mk b/tests/local.mk
index 8bf5da5..4f166cc 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -142,12 +142,12 @@ clean-local:
 TESTSUITE_LIST = $(top_srcdir)/%D%/testsuite.list.at
 AUTOTEST = $(AUTOM4TE) --language=autotest
 $(TESTSUITE): $(AT_FILES) $(TESTSUITE_LIST)
-	@$(MKDIR_P) $(top_srcdir)/%D%
-	$(AM_V_GEN)cd $(top_srcdir)/%D% && $(AUTOTEST) -I. -o testsuite.tmp testsuite.at
-	$(AM_V_at)mv $@.tmp $@
+	@$(MKDIR_P) '$(top_srcdir)/%D%'
+	$(AM_V_GEN)$(AUTOTEST) -I'%D%' -I'$(top_srcdir)/%D%' -o '$@.tmp' '$@.at'
+	$(AM_V_at)mv '$@.tmp' '$@'
 
 $(TESTSUITE_LIST): $(AT_FILES)
 	@$(MKDIR_P) $(top_srcdir)/%D%
 	$(AM_V_GEN)( echo "dnl DO NOT EDIT: GENERATED BY MAKEFILE.AM"; \
 	$(GREP) -l -e '^SB_CHECK' -e '^AT_CHECK' $(AT_FILES) | LC_ALL=C sort | \
-		$(SED) -e 's:^[^/]*/%D%/:sb_inc([:' -e 's:[.]at$$:]):' ) > $@
+		$(SED) -e 's:^.*/%D%/:sb_inc([:' -e 's:[.]at$$:]):' ) > $@

[gentoo-commits] proj/sandbox:master commit in: tests/

[Mike Gilbert]

commit:     9a224dc58838a40f9cde565bb52fd125ab002d49
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Wed Jan  8 04:08:29 2025 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Wed Jan  8 04:08:29 2025 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=9a224dc5

tests: fix testsuite generation for out-of-source build

Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 tests/local.mk | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/local.mk b/tests/local.mk
index 8bf5da5..4f166cc 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -142,12 +142,12 @@ clean-local:
 TESTSUITE_LIST = $(top_srcdir)/%D%/testsuite.list.at
 AUTOTEST = $(AUTOM4TE) --language=autotest
 $(TESTSUITE): $(AT_FILES) $(TESTSUITE_LIST)
-	@$(MKDIR_P) $(top_srcdir)/%D%
-	$(AM_V_GEN)cd $(top_srcdir)/%D% && $(AUTOTEST) -I. -o testsuite.tmp testsuite.at
-	$(AM_V_at)mv $@.tmp $@
+	@$(MKDIR_P) '$(top_srcdir)/%D%'
+	$(AM_V_GEN)$(AUTOTEST) -I'%D%' -I'$(top_srcdir)/%D%' -o '$@.tmp' '$@.at'
+	$(AM_V_at)mv '$@.tmp' '$@'
 
 $(TESTSUITE_LIST): $(AT_FILES)
 	@$(MKDIR_P) $(top_srcdir)/%D%
 	$(AM_V_GEN)( echo "dnl DO NOT EDIT: GENERATED BY MAKEFILE.AM"; \
 	$(GREP) -l -e '^SB_CHECK' -e '^AT_CHECK' $(AT_FILES) | LC_ALL=C sort | \
-		$(SED) -e 's:^[^/]*/%D%/:sb_inc([:' -e 's:[.]at$$:]):' ) > $@
+		$(SED) -e 's:^.*/%D%/:sb_inc([:' -e 's:[.]at$$:]):' ) > $@

[gentoo-commits] proj/sandbox:stable-2.x commit in: tests/

[Mike Gilbert]

commit:     f0c2f2fddb668c78d3204bd6dcf212d784351584
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Wed Jan  8 03:22:39 2025 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Wed Jan  8 03:22:39 2025 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=f0c2f2fd

Revert "tests: fix testsuite generation for out-of-source build"

Reverts: bc08f469a9d147d4e31a6801af92c59126c41430
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 tests/local.mk | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/local.mk b/tests/local.mk
index 1e2ea9e..8bf5da5 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -142,7 +142,8 @@ clean-local:
 TESTSUITE_LIST = $(top_srcdir)/%D%/testsuite.list.at
 AUTOTEST = $(AUTOM4TE) --language=autotest
 $(TESTSUITE): $(AT_FILES) $(TESTSUITE_LIST)
-	$(AM_V_GEN)$(AUTOTEST) -I'$(top_srcdir)/%D%' -o $@.tmp $@.at
+	@$(MKDIR_P) $(top_srcdir)/%D%
+	$(AM_V_GEN)cd $(top_srcdir)/%D% && $(AUTOTEST) -I. -o testsuite.tmp testsuite.at
 	$(AM_V_at)mv $@.tmp $@
 
 $(TESTSUITE_LIST): $(AT_FILES)

[gentoo-commits] proj/sandbox:stable-2.x commit in: tests/

[Mike Gilbert]

commit:     bc08f469a9d147d4e31a6801af92c59126c41430
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Wed Jan  8 03:03:38 2025 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Wed Jan  8 03:03:38 2025 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=bc08f469

tests: fix testsuite generation for out-of-source build

Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 tests/local.mk | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/tests/local.mk b/tests/local.mk
index 8bf5da5..1e2ea9e 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -142,8 +142,7 @@ clean-local:
 TESTSUITE_LIST = $(top_srcdir)/%D%/testsuite.list.at
 AUTOTEST = $(AUTOM4TE) --language=autotest
 $(TESTSUITE): $(AT_FILES) $(TESTSUITE_LIST)
-	@$(MKDIR_P) $(top_srcdir)/%D%
-	$(AM_V_GEN)cd $(top_srcdir)/%D% && $(AUTOTEST) -I. -o testsuite.tmp testsuite.at
+	$(AM_V_GEN)$(AUTOTEST) -I'$(top_srcdir)/%D%' -o $@.tmp $@.at
 	$(AM_V_at)mv $@.tmp $@
 
 $(TESTSUITE_LIST): $(AT_FILES)

[gentoo-commits] proj/sandbox:stable-2.x commit in: tests/

[Sam James]

commit:     d37d82ff00bc2e4b0a10b50679f5233e0d056cb7
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon Nov 11 10:33:42 2024 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Nov 11 22:48:36 2024 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=d37d82ff

tests: handle traps on NULL input for utimensat

When building with -fisolate-erroneous-paths-attribute, GCC turns
the call to utimensat w/ a NULL arg into a trap because of its nonnull
attribute(s). Workaround that in the test.

Bug: https://bugs.gentoo.org/549108
Signed-off-by: Sam James <sam <AT> gentoo.org>
(cherry picked from commit b8a6ddb6fc1832abc1b396f285b864858bb18026)

 tests/utimensat-0.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tests/utimensat-0.c b/tests/utimensat-0.c
index 99c3fa4..4e8b89c 100644
--- a/tests/utimensat-0.c
+++ b/tests/utimensat-0.c
@@ -1,3 +1,6 @@
+#pragma GCC push_options
+#pragma GCC optimize("-fno-isolate-erroneous-paths-dereference,-fno-isolate-erroneous-paths-attribute")
+
 #define CONFIG HAVE_UTIMENSAT
 #define FUNC utimensat
 #define SFUNC "utimensat"
@@ -20,3 +23,5 @@
 	int flags = at_get_flags(s);
 
 #include "test-skel-0.c"
+
+#pragma GCC pop_options

[gentoo-commits] proj/sandbox:stable-2.x commit in: tests/

[Mike Gilbert]

commit:     378995f8efc182f42c4e553eacb081cd67bb2f2a
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Sat Jul  1 20:52:34 2023 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sat Jul  1 23:53:01 2023 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=378995f8

tests: use explicit adddeny() calls in fchmod and fchown tests.

When running the test suite under portage, the entire build directory
will be writable because portage adds PORTAGE_TMPDIR to SANDBOX_WRITE
(thanks floppym). This breaks the tests for these two wrappers, since
they expect to fail when trying to write above $PWD.

To avoid that, we create a new file to call fchown/fchmod on, and then
explicitly deny access to it.

Closes: https://bugs.gentoo.org/909445
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
(cherry picked from commit e5032c6b89621db0475e36fb06c2905b6a9c024c)

 tests/fchmod-1.sh | 6 +++++-
 tests/fchown-1.sh | 6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/tests/fchmod-1.sh b/tests/fchmod-1.sh
index db404ba..140d84f 100755
--- a/tests/fchmod-1.sh
+++ b/tests/fchmod-1.sh
@@ -4,11 +4,15 @@
 #
 
 addwrite $PWD
+rm -f deny || exit 1
+touch deny || exit 1
+adddeny $PWD/deny
 
 # The sandbox doesn't log anything when it returns a junk file
 # descriptor? It doesn't look like we can test the contents of
 # sandbox.log here... instead, we just have to count on fchmod
 # failing, which it does if you use O_RDWR, and it *should* if you use
 # O_RDONLY (because that won't stop the change of permissions).
-fchmod-0 $(stat --format='%#04a' ../..) ../.. && exit 1
+fchmod-0 $(stat --format='%#04a' $PWD/deny) $PWD/deny && exit 1
+
 exit 0

diff --git a/tests/fchown-1.sh b/tests/fchown-1.sh
index 1b4a173..6c1178e 100755
--- a/tests/fchown-1.sh
+++ b/tests/fchown-1.sh
@@ -4,11 +4,15 @@
 #
 
 addwrite $PWD
+rm -f deny || exit 1
+touch deny || exit 1
+adddeny $PWD/deny
 
 # The sandbox doesn't log anything when it returns a junk file
 # descriptor? It doesn't look like we can test the contents of
 # sandbox.log here... instead, we just have to count on fchown
 # failing, which it does if you use O_RDWR, and it *should* if you use
 # O_RDONLY (because that won't stop the change of ownership).
-fchown-0 ${SB_UID} ${SB_GID} ../.. && exit 1
+fchown-0 ${SB_UID} ${SB_GID} $PWD/deny && exit 1
+
 exit 0

[gentoo-commits] proj/sandbox:stable-2.x commit in: tests/

[Mike Gilbert]

commit:     88ffe50668ff8ffc25324ab62c0e4de85509a5de
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Sun Jan 28 01:05:02 2018 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Thu Jun 22 13:55:26 2023 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=88ffe506

tests: add test case for fchown/fchmod with O_RDONLY.

Bug: https://bugs.gentoo.org/599706
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 tests/fchmod-0.c  | 35 +++++++++++++++++++++++++++++++++++
 tests/fchmod-1.sh | 14 ++++++++++++++
 tests/fchmod.at   |  1 +
 tests/fchown-0.c  | 34 ++++++++++++++++++++++++++++++++++
 tests/fchown-1.sh | 14 ++++++++++++++
 tests/fchown.at   |  1 +
 tests/local.mk    |  2 ++
 7 files changed, 101 insertions(+)

diff --git a/tests/fchmod-0.c b/tests/fchmod-0.c
new file mode 100644
index 0000000..de0c237
--- /dev/null
+++ b/tests/fchmod-0.c
@@ -0,0 +1,35 @@
+/*
+ * https://bugs.gentoo.org/599706
+ *
+ */
+
+#include "headers.h"
+
+int main(int argc, char *argv[])
+{
+	if (argc < 2)
+		return -2;
+
+	int mode = 0;
+	sscanf(argv[1], "%i", &mode);
+	/* The sandbox catches this:
+	 *
+	 *   int fd = open(argv[2], O_RDWR);
+	 *
+	 * And it /should/ catch this:
+	 *
+	 *    int fd = open(argv[2], O_RDONLY);
+	 *
+	 * ...but the latter only works when /proc/self/fd/%i
+	 * is available.
+	 *
+	 */
+#ifdef SANDBOX_PROC_SELF_FD
+	int fd = open(argv[2], O_RDONLY);
+#else
+	int fd = open(argv[2], O_RDWR);
+#endif
+	int fchmod_result = fchmod(fd, (mode_t)mode);
+	close(fd);
+	return fchmod_result;
+}

diff --git a/tests/fchmod-1.sh b/tests/fchmod-1.sh
new file mode 100755
index 0000000..db404ba
--- /dev/null
+++ b/tests/fchmod-1.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# https://bugs.gentoo.org/599706
+#
+
+addwrite $PWD
+
+# The sandbox doesn't log anything when it returns a junk file
+# descriptor? It doesn't look like we can test the contents of
+# sandbox.log here... instead, we just have to count on fchmod
+# failing, which it does if you use O_RDWR, and it *should* if you use
+# O_RDONLY (because that won't stop the change of permissions).
+fchmod-0 $(stat --format='%#04a' ../..) ../.. && exit 1
+exit 0

diff --git a/tests/fchmod.at b/tests/fchmod.at
new file mode 100644
index 0000000..081d7d2
--- /dev/null
+++ b/tests/fchmod.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/fchown-0.c b/tests/fchown-0.c
new file mode 100644
index 0000000..7fdca73
--- /dev/null
+++ b/tests/fchown-0.c
@@ -0,0 +1,34 @@
+/*
+ * https://bugs.gentoo.org/599706
+ *
+ */
+
+#include "headers.h"
+
+int main(int argc, char *argv[])
+{
+	if (argc < 3)
+		return -2;
+
+	uid_t uid = atoi(argv[1]);
+	gid_t gid = atoi(argv[2]);
+	/* The sandbox catches this:
+	 *
+	 *   int fd = open(argv[3], O_RDWR);
+	 *
+	 * And it /should/ catch this:
+	 *
+	 *    int fd = open(argv[3], O_RDONLY);
+	 *
+	 * ...but the latter only works when /proc/self/fd/%i
+	 * is available.
+	 */
+#ifdef SANDBOX_PROC_SELF_FD
+	int fd = open(argv[3], O_RDONLY);
+#else
+	int fd = open(argv[3], O_RDWR);
+#endif
+	int fchown_result = fchown(fd, uid, gid);
+	close(fd);
+	return fchown_result;
+}

diff --git a/tests/fchown-1.sh b/tests/fchown-1.sh
new file mode 100755
index 0000000..1b4a173
--- /dev/null
+++ b/tests/fchown-1.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# https://bugs.gentoo.org/599706
+#
+
+addwrite $PWD
+
+# The sandbox doesn't log anything when it returns a junk file
+# descriptor? It doesn't look like we can test the contents of
+# sandbox.log here... instead, we just have to count on fchown
+# failing, which it does if you use O_RDWR, and it *should* if you use
+# O_RDONLY (because that won't stop the change of ownership).
+fchown-0 ${SB_UID} ${SB_GID} ../.. && exit 1
+exit 0

diff --git a/tests/fchown.at b/tests/fchown.at
new file mode 100644
index 0000000..081d7d2
--- /dev/null
+++ b/tests/fchown.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/local.mk b/tests/local.mk
index 86a8a65..2f429e6 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -29,7 +29,9 @@ check_PROGRAMS += \
 	%D%/execv-0 \
 	%D%/execvp-0 \
 	%D%/faccessat-0 \
+	%D%/fchmod-0 \
 	%D%/fchmodat-0 \
+	%D%/fchown-0 \
 	%D%/fchownat-0 \
 	%D%/fopen-0 \
 	%D%/fopen64-0 \

[gentoo-commits] proj/sandbox:stable-2.x commit in: tests/

[Mike Gilbert]

commit:     817965df90b7f421da65d2e1355957b588d8d2fe
Author:     Michael Orlitzky <mjo <AT> gentoo <DOT> org>
AuthorDate: Sun Jan 28 03:38:26 2018 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Thu Jun 22 13:55:26 2023 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=817965df

tests: add more tests to make sure fchown/fchmod are handled correctly.

Closes: https://bugs.gentoo.org/599706
Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 tests/fchmod-2.sh | 11 +++++++++++
 tests/fchmod.at   |  1 +
 tests/fchown-2.sh | 11 +++++++++++
 tests/fchown.at   |  1 +
 4 files changed, 24 insertions(+)

diff --git a/tests/fchmod-2.sh b/tests/fchmod-2.sh
new file mode 100755
index 0000000..96d7cc9
--- /dev/null
+++ b/tests/fchmod-2.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Ensure that fchmod() doesn't trigger spurious violations in the most
+# basic of cases.
+#
+addwrite $PWD
+
+# This should not trigger a violation.
+rm -f file
+touch file
+fchmod-0 0644 file || exit 1

diff --git a/tests/fchmod.at b/tests/fchmod.at
index 081d7d2..d364b4b 100644
--- a/tests/fchmod.at
+++ b/tests/fchmod.at
@@ -1 +1,2 @@
 SB_CHECK(1)
+SB_CHECK(2)

diff --git a/tests/fchown-2.sh b/tests/fchown-2.sh
new file mode 100755
index 0000000..dedfbe4
--- /dev/null
+++ b/tests/fchown-2.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# Ensure that fchown() doesn't trigger spurious violations in the most
+# basic of cases.
+#
+addwrite $PWD
+
+# This should not trigger a violation.
+rm -f file
+touch file
+fchown-0 ${SB_UID} ${SB_GID} file || exit 1

diff --git a/tests/fchown.at b/tests/fchown.at
index 081d7d2..d364b4b 100644
--- a/tests/fchown.at
+++ b/tests/fchown.at
@@ -1 +1,2 @@
 SB_CHECK(1)
+SB_CHECK(2)