[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] scratch/merge-cedet-tests ded1e9b 109/316: EDE security te
From: |
Edward John Steere |
Subject: |
[Emacs-diffs] scratch/merge-cedet-tests ded1e9b 109/316: EDE security tests |
Date: |
Sat, 28 Jan 2017 09:09:52 +0000 (UTC) |
branch: scratch/merge-cedet-tests
commit ded1e9be9c3068c027f0939b596edc35fbea2b8f
Author: Eric Ludlam <address@hidden>
Commit: Edward John Steere <address@hidden>
EDE security tests
Tests for the security system in EDE that marks some project types as
unsafe. This makes sure that the user isn't pestered too much, and
that if they say yes or no the right thing happens.
---
test/manual/cedet/cedet/ede/secure-utest.el | 173 +++++++++++++++++++++++++++
1 file changed, 173 insertions(+)
diff --git a/test/manual/cedet/cedet/ede/secure-utest.el
b/test/manual/cedet/cedet/ede/secure-utest.el
new file mode 100644
index 0000000..32016b6
--- /dev/null
+++ b/test/manual/cedet/cedet/ede/secure-utest.el
@@ -0,0 +1,173 @@
+;;; secure-utest.el --- Test the security features of EDE.
+;;
+;; Copyright (C) 2014 Eric Ludlam
+;;
+;; Author: Eric Ludlam <address@hidden>
+;;
+;; This program is free software; you can redistribute it and/or
+;; modify it under the terms of the GNU General Public License as
+;; published by the Free Software Foundation, either version 3 of the
+;; License, or (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful, but
+;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+;; General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with this program. If not, see http://www.gnu.org/licenses/.
+
+;;; Commentary:
+;;
+;; EDE has several security features that prevents it from
+;; accidentally loading malicious code.
+
+;;; Code:
+
+(defclass ede-security-entry ()
+ ((file :initarg :file
+ :documentation
+ "The file to load in and test.")
+
+ (classp :initarg :classp
+ :documentation
+ "Class test predicate. It is passed the root project found.
+Use this to see if a project was loaded or not. Unsecure projects should
+not be loaded.")
+
+ (hazzard :initarg :hazzard
+ :documentation
+ "Non-nil if this entry is considered HAZARDOUS and shouldn't be
+loaded the first time.")
+
+ (has-config :initarg :has-config
+ :documentation
+ "Non-nil if this entry has a config file. These projects
+are considered SAFE, but will skip loading thier config file until explicitly
+permitted.")
+ ;; RESULTS
+ (init-state :initform nil)
+ (without-permission :initform nil)
+ (with-permission :initform nil)
+ )
+ "A testing entry for the security unit tests.")
+
+(defvar ede-security-project-entries
+ (list
+ (ede-security-entry "proj" :file "src/proj/TEST"
+ :classp 'ede-proj-project-p
+ :hazzard t
+ :has-config nil)
+
+ )
+ "List of project test entries to try.")
+
+(defun ede-security-question-yes (&rest R)
+ "Return that we want to add the project."
+ t)
+
+(defun ede-security-question-no (&rest R)
+ "Return that we DO NOT want to add the project."
+ nil)
+
+(defun ede-security-question-err (&rest R)
+ "Throw an error if the user is being pestered at the wrong time."
+ (error "Query posed at the wrong time!"))
+
+(defun ede-security-utest ()
+ "Execute security unit tests."
+ (interactive)
+ (save-excursion
+
+ ;; Protect from previous tests. Flush all project caches, and all known
projects.
+ (ede-flush-directory-hash)
+ (ede-flush-project-hash)
+ (setq ede-projects nil) ;; Whack all known projects.
+
+ ;; Enable the generic EDE project types so we can test them.
+ (ede-enable-generic-projects)
+
+ ;; Start Logging
+ (cedet-utest-log-setup "EDE SECURITY")
+
+ (set-buffer (semantic-find-file-noselect
+ (expand-file-name "cedet/ede/detect.el"
+ cedet-utest-root)))
+
+ (let ((ede-project-directories nil) ;; Force us to ADD projects.
+ (errlog nil)
+ )
+
+ (dolist (fle ede-security-project-entries)
+
+ (ede-security-test-one-entry fle)
+
+ )
+
+ ;; Close out the test suite.
+ (cedet-utest-log-shutdown
+ "EDE SECURITY"
+ (when errlog
+ (format "%s Failures found." (length errlog)))))
+
+ ))
+
+(defun ede-security-test-one-entry (entry)
+ "Test a project ENTRY. Use QUERYFCN as the replacement user query fcn."
+ (let ((ede-check-project-query-fcn 'ede-security-question-err)
+ )
+
+ ;; Make sure we have the files we think we have.
+ (when (not (file-exists-p (oref fle :file)))
+ (error "Cannot find unit test; file not found: %s" (oref fle :file)))
+
+ ;; Notes:
+ (message " Security Test for: %S" (oref fle :file))
+
+ ;; Do the load
+ (let ((fb (find-buffer-visiting (oref fle :file)))
+ (b (semantic-find-file-noselect (oref fle :file))))
+
+ (save-excursion
+ (set-buffer b)
+
+ ;; Run the EDE detection code. Firing up the mode isn't really needed.
+ ;; Don't protect this as with the detect-utest.el stuff. That should
+ ;; have vetted these projects. Now we are only testing if they
detected.
+ (ede-initialize-state-current-buffer)
+ (when (not (eq b (current-buffer)))
+ (error "Buffer changed during init!"))
+
+ (when ede-object-root-project
+ (error "Unsafe project was loaded without asking!"))
+
+ ;; Now do the same thing again, but this time by using the
+ ;; security fcn direcly, which is similar to forcing EDE to
+ ;; load the project by using the `ede' function. Say NO when
+ ;; it wants to ask the security question.
+ (setq ede-check-project-query-fcn 'ede-security-question-no)
+ (if (ede-check-project-directory default-directory)
+ (error "Unsafe project would have loaded even though we said no!"))
+
+ ;; Try again, this time really try to load the project, and also
+ ;; say YES when it asks the question.
+ (setq ede-check-project-query-fcn 'ede-security-question-yes)
+ (ede default-directory)
+
+ (when (not ede-object-root-project)
+ (error "Unsafe project was NOT loaded even though we said yes!"))
+
+ (unless (member (directory-file-name default-directory)
ede-project-directories)
+ (error "We asked to make it safe, but it wasn't added to the safe
dirs list."))
+
+ )
+ ;; If it wasn't already in memory, whack it.
+ (when (and b (not fb))
+ (kill-buffer b))
+ ))
+ )
+
+
+(provide 'cedet/ede/secure-utest)
+
+;;; secure-utest.el ends here
- [Emacs-diffs] scratch/merge-cedet-tests 4fe7a1c 085/316: Move tests in cedet/semantic, (continued)
- [Emacs-diffs] scratch/merge-cedet-tests 4fe7a1c 085/316: Move tests in cedet/semantic, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 89b52b8 087/316: New metaproject, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 6dfcb31 089/316: (Lisp): Add cit-srec.el (templates): New, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 79008df 084/316: Fake config.h for project detection purposes., Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 7f97008 102/316: (Lisp): Add cit-android.el, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests b94f97e 101/316: (Lisp): Add cit-externaldb.el, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 9641120 108/316: Fake configure.in for project detection purposes., Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests adc318b 115/316: New test file., Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 901dc28 119/316: New test file., Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests f580185 118/316: Expand preprocessor to handle macros which open or close scope., Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests ded1e9b 109/316: EDE security tests,
Edward John Steere <=
- [Emacs-diffs] scratch/merge-cedet-tests cc6e417 123/316: Improve test utilities re complation and deletion, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests c86be27 133/316: Move tests in cedet/semantic, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 216e4f4 129/316: Synchronize cedet/semantic with Emacs., Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 377e041 142/316: Move tests in cedet/semantic, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 702d44d 139/316: Fix how the target file name is created, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 7b417f2 131/316: Tests contributed by Barry OReilly, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests a3da4e8 121/316: Added new file to test completion on STL classes and namespace., Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 309ef34 124/316: Move tests in cedet/semantic, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests ae78cf0 140/316: Tests: Add ERT test for the C Bovinator, Edward John Steere, 2017/01/28
- [Emacs-diffs] scratch/merge-cedet-tests 39048f9 153/316: (ede-detect-utest): Re-run tests with inode optimization disabled., Edward John Steere, 2017/01/28