Date: Fri, 1 Aug 2008 00:49:27 GMT From: Vincenzo Iozzo <snagg@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 146357 for review Message-ID: <200808010049.m710nRDt085849@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=146357 Change 146357 by snagg@snagg_macosx on 2008/08/01 00:49:12 some changes Affected files ... .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.c#5 edit .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.h#4 edit .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_open.c#3 edit .. //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/tests/open_test.c#2 delete Differences ... ==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.c#5 (text+ko) ==== @@ -1,6 +1,78 @@ #include "audit_pipe_regression_test_utils.h" +void init_channel_primary() +{ + key_t key; + key = 1000; + + mutex = sem_open(SEM_NAME,0,0644); + mutex_client = sem_open(SEM_CLIENT_NAME,0, 0644); + + if(mutex == SEM_FAILED || mutex_client == SEM_FAILED) + err(-1, "sem_open"); + + shmid = shmget(key,SHMSZ,0644); + if(shmid<0) + err(-1, "shmget"); + shm = shmat(shmid, NULL, 0); + +} + +void write_data(char *string) +{ + char *s; + int value; + + sem_wait(mutex_client); + s = shm; + for(;*string != '\0';string++) + *s++ = *string; + + *s++= '\0'; + sem_post(mutex); +} + +void write_end() +{ + write_data("END"); +} + +void write_string(char *data, char *field) +{ + char *string; + string = malloc(512); + if(string == NULL) + return; + snprintf(string, 512, "%s\\!!%s:**STRING", data, field); + write_data(string); + free(string); +} + +void write_int(int data, char *field) +{ + char *string; + + string = malloc(512); + if(string == NULL) + return; + snprintf(string, 512, "%d\\!!%s:**INT", data, field); + write_data(string); + free(string); +} + +void write_char(char data, char *field) +{ + char *string; + + string = malloc(512); + if(string == NULL) + return; + snprintf(string, 512, "%c\\!!%s:**INT", data, field); + write_data(string); + free(string); +} + void init_channel() { key_t key; @@ -320,7 +392,7 @@ struct stat s; if(fstat(fd, &s) == -1) - return -1; + return 0; if(attr.mode == s.st_mode && attr.uid == s.st_uid && attr.gid == s.st_gid && attr.nid == s.st_ino && attr.dev == s.st_dev) return 1; ==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/audit_pipe_regression_test_utils.h#4 (text+ko) ==== @@ -83,8 +83,13 @@ }; void init_channel(); +void init_channel_primary(); void end_channel(); char *read_string(); +void write_int(int data, char *field); +void write_string(char *data, char *field); +void write_char(char data, char *field); +void write_end(); char *get_descr(char *string); int parse_string(char *string); long get_int(char *string); ==== //depot/projects/soc2008/snagg-audit/tools/regression/audit/audit_pipe/specific-event/audit_pipe_event_open.c#3 (text+ko) ==== @@ -81,6 +81,50 @@ return head; } +void test_open() +{ + int fd; + + init_channel_primary(); + + fd = open("/tmp/sux", O_RDONLY); + + write_string("/tmp/sux", "path"); + write_int(O_RDONLY, "arg2"); + write_int(fd, "fd"); + write_int(fd, "ret"); + write_string(strerror(errno), "ret_val"); + write_end(); + + close(fd); + fd = open("/tmp/prot", O_WRONLY); + write_string("/tmp/prot", "path"); + write_int(O_WRONLY, "arg2"); + write_int(fd, "fd"); + write_int(fd, "ret"); + write_string(strerror(errno), "ret_val"); + write_end(); + + close(fd); + + fd = open("/tmp/prot", O_WRONLY | O_CREAT, 0666); + write_string("/tmp/prot", "path"); + write_int(O_WRONLY | O_CREAT, "arg2"); + write_int(0666, "arg3"); + write_int(fd, "fd"); + write_int(fd, "ret"); + write_string(strerror(errno), "ret_val"); + write_end(); + + close(fd); + + end_channel(); + + /* Let auditpipe flush all data */ + sleep(5); + return; +} + void validate(FILE *f, struct open_record *head, char *path, pid_t pid) { int i, ret, reclen, bytesread, to_parse; @@ -92,7 +136,7 @@ u_char type = 0; FILE *fp; - to_parse = NOT; + to_parse = WAITING; fp = fopen(path, "r"); if(fp == NULL) @@ -104,6 +148,7 @@ while(1) { + to_parse = WAITING; if(!err || reclen == -1) break; @@ -125,26 +170,10 @@ } bytesread += tok.len; - /* - * Need to skip the process prologue, a readlink - * (event number 22) with a path: /etc/malloc.conf - * is the last syscall of the prologue, - * from here on we can collect and compare data - */ - if(to_parse == 1) { - if(!strncmp(tok.tt.path.path, "/etc/malloc.conf", - tok.tt.path.len)) - to_parse = WAITING; - } - if(tok.tt.hdr32.e_type == 22) - to_parse = GOT_READLINK; - /* Check only open syscals */ - if(tok.tt.hdr32.e_type >= 72 && tok.tt.hdr32.e_type <= 83) { - if(to_parse == WAITING) - to_parse = VALID; - } - + if(tok.tt.hdr32.e_type >= 72 && tok.tt.hdr32.e_type <= 83) + to_parse = VALID; + if(to_parse == VALID) { switch(tok.id) { case AUT_PATH: @@ -207,30 +236,18 @@ int i, quit, fd, value, index, fdout, count; char *shared_string, *descr, path[512]; pid_t pid; - char **arg; struct open_record *head, *elem; FILE *f; index = 0; head = NULL; - if(argc < 2) - err(-1, "you have to specify at least a program path"); - init_channel(); - arg = malloc(argc); - if(arg == NULL) - err(-1, "MALLOC"); - - for(i = 1; i < argc; i++) - arg[i-1] = argv[i]; - arg[i - 1] = NULL; - pid = fork(); if(!pid) { sleep(15); - execve(argv[1], arg, NULL); + test_open(); } else { fd = setup_auditpipe(pid); snprintf(path, 512, "/tmp/audit-%d", pid); @@ -293,9 +310,8 @@ } } close_auditpipe(fd, fdout); - free(arg); end_channel(); - dump(path) + dump(path); f = init_log(pid); validate(f, head, path, pid); fclose(f);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200808010049.m710nRDt085849>