[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] scratch/merge-cedet-tests ded1e9b 109/316: EDE security te
From: |
Edward John Steere |
Subject: |
[Emacs-diffs] scratch/merge-cedet-tests ded1e9b 109/316: EDE security tests |
Date: |
Fri, 27 Jan 2017 20:03:32 +0000 (UTC) |
branch: scratch/merge-cedet-tests
commit ded1e9be9c3068c027f0939b596edc35fbea2b8f
Author: Eric Ludlam <address@hidden>
Commit: Edward John Steere <address@hidden>
EDE security tests
Tests for the security system in EDE that marks some project types as
unsafe. This makes sure that the user isn't pestered too much, and
that if they say yes or no the right thing happens.
---
test/manual/cedet/cedet/ede/secure-utest.el | 173 +++++++++++++++++++++++++++
1 file changed, 173 insertions(+)
diff --git a/test/manual/cedet/cedet/ede/secure-utest.el
b/test/manual/cedet/cedet/ede/secure-utest.el
new file mode 100644
index 0000000..32016b6
--- /dev/null
+++ b/test/manual/cedet/cedet/ede/secure-utest.el
@@ -0,0 +1,173 @@
+;;; secure-utest.el --- Test the security features of EDE.
+;;
+;; Copyright (C) 2014 Eric Ludlam
+;;
+;; Author: Eric Ludlam <address@hidden>
+;;
+;; This program is free software; you can redistribute it and/or
+;; modify it under the terms of the GNU General Public License as
+;; published by the Free Software Foundation, either version 3 of the
+;; License, or (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful, but
+;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+;; General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with this program. If not, see http://www.gnu.org/licenses/.
+
+;;; Commentary:
+;;
+;; EDE has several security features that prevents it from
+;; accidentally loading malicious code.
+
+;;; Code:
+
+(defclass ede-security-entry ()
+ ((file :initarg :file
+ :documentation
+ "The file to load in and test.")
+
+ (classp :initarg :classp
+ :documentation
+ "Class test predicate. It is passed the root project found.
+Use this to see if a project was loaded or not. Unsecure projects should
+not be loaded.")
+
+ (hazzard :initarg :hazzard
+ :documentation
+ "Non-nil if this entry is considered HAZARDOUS and shouldn't be
+loaded the first time.")
+
+ (has-config :initarg :has-config
+ :documentation
+ "Non-nil if this entry has a config file. These projects
+are considered SAFE, but will skip loading thier config file until explicitly
+permitted.")
+ ;; RESULTS
+ (init-state :initform nil)
+ (without-permission :initform nil)
+ (with-permission :initform nil)
+ )
+ "A testing entry for the security unit tests.")
+
+(defvar ede-security-project-entries
+ (list
+ (ede-security-entry "proj" :file "src/proj/TEST"
+ :classp 'ede-proj-project-p
+ :hazzard t
+ :has-config nil)
+
+ )
+ "List of project test entries to try.")
+
+(defun ede-security-question-yes (&rest R)
+ "Return that we want to add the project."
+ t)
+
+(defun ede-security-question-no (&rest R)
+ "Return that we DO NOT want to add the project."
+ nil)
+
+(defun ede-security-question-err (&rest R)
+ "Throw an error if the user is being pestered at the wrong time."
+ (error "Query posed at the wrong time!"))
+
+(defun ede-security-utest ()
+ "Execute security unit tests."
+ (interactive)
+ (save-excursion
+
+ ;; Protect from previous tests. Flush all project caches, and all known
projects.
+ (ede-flush-directory-hash)
+ (ede-flush-project-hash)
+ (setq ede-projects nil) ;; Whack all known projects.
+
+ ;; Enable the generic EDE project types so we can test them.
+ (ede-enable-generic-projects)
+
+ ;; Start Logging
+ (cedet-utest-log-setup "EDE SECURITY")
+
+ (set-buffer (semantic-find-file-noselect
+ (expand-file-name "cedet/ede/detect.el"
+ cedet-utest-root)))
+
+ (let ((ede-project-directories nil) ;; Force us to ADD projects.
+ (errlog nil)
+ )
+
+ (dolist (fle ede-security-project-entries)
+
+ (ede-security-test-one-entry fle)
+
+ )
+
+ ;; Close out the test suite.
+ (cedet-utest-log-shutdown
+ "EDE SECURITY"
+ (when errlog
+ (format "%s Failures found." (length errlog)))))
+
+ ))
+
+(defun ede-security-test-one-entry (entry)
+ "Test a project ENTRY. Use QUERYFCN as the replacement user query fcn."
+ (let ((ede-check-project-query-fcn 'ede-security-question-err)
+ )
+
+ ;; Make sure we have the files we think we have.
+ (when (not (file-exists-p (oref fle :file)))
+ (error "Cannot find unit test; file not found: %s" (oref fle :file)))
+
+ ;; Notes:
+ (message " Security Test for: %S" (oref fle :file))
+
+ ;; Do the load
+ (let ((fb (find-buffer-visiting (oref fle :file)))
+ (b (semantic-find-file-noselect (oref fle :file))))
+
+ (save-excursion
+ (set-buffer b)
+
+ ;; Run the EDE detection code. Firing up the mode isn't really needed.
+ ;; Don't protect this as with the detect-utest.el stuff. That should
+ ;; have vetted these projects. Now we are only testing if they
detected.
+ (ede-initialize-state-current-buffer)
+ (when (not (eq b (current-buffer)))
+ (error "Buffer changed during init!"))
+
+ (when ede-object-root-project
+ (error "Unsafe project was loaded without asking!"))
+
+ ;; Now do the same thing again, but this time by using the
+ ;; security fcn direcly, which is similar to forcing EDE to
+ ;; load the project by using the `ede' function. Say NO when
+ ;; it wants to ask the security question.
+ (setq ede-check-project-query-fcn 'ede-security-question-no)
+ (if (ede-check-project-directory default-directory)
+ (error "Unsafe project would have loaded even though we said no!"))
+
+ ;; Try again, this time really try to load the project, and also
+ ;; say YES when it asks the question.
+ (setq ede-check-project-query-fcn 'ede-security-question-yes)
+ (ede default-directory)
+
+ (when (not ede-object-root-project)
+ (error "Unsafe project was NOT loaded even though we said yes!"))
+
+ (unless (member (directory-file-name default-directory)
ede-project-directories)
+ (error "We asked to make it safe, but it wasn't added to the safe
dirs list."))
+
+ )
+ ;; If it wasn't already in memory, whack it.
+ (when (and b (not fb))
+ (kill-buffer b))
+ ))
+ )
+
+
+(provide 'cedet/ede/secure-utest)
+
+;;; secure-utest.el ends here
- [Emacs-diffs] scratch/merge-cedet-tests 573b4a5 059/316: Remove more temporary directories, (continued)
- [Emacs-diffs] scratch/merge-cedet-tests 573b4a5 059/316: Remove more temporary directories, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 3730a42 069/316: New include for cpproot test that is in a subdirectory., Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 4131d23 046/316: Fix typo in last commit., Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 6a63635 090/316: ("ede-proj-project"): Add scripts/cit-test.sh, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests e20716d 097/316: ("Lisp"): Added cogre as an aux package., Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 68ea5e3 098/316: (Lisp): Use preload compiler., Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests b94f97e 101/316: (Lisp): Add cit-externaldb.el, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 30a0375 099/316: ("cit"): Add cit-dist.el, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 7f97008 102/316: (Lisp): Add cit-android.el, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 007464d 104/316: (cit/Lisp): Add cit-projvar.el, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests ded1e9b 109/316: EDE security tests,
Edward John Steere <=
- [Emacs-diffs] scratch/merge-cedet-tests f91e2ce 114/316: New pretend system include for cpproot test., Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 3a7b458 110/316: Fixes for security tests, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 302b4d7 107/316: eieio: Move to obsolete and use the one that ships with Emacs, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 0e41dab 116/316: Move tests in cedet/semantic, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 309ef34 124/316: Move tests in cedet/semantic, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 800b575 081/316: Move tests in cedet/semantic, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 702d44d 139/316: Fix how the target file name is created, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 8d32d3a 160/316: Fix parsing of default values and display them in default formatter, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests a4e395c 156/316: Add a final call to ede list sanity check, Edward John Steere, 2017/01/27
- [Emacs-diffs] scratch/merge-cedet-tests 9ec7a1b 161/316: Move tests in cedet/semantic, Edward John Steere, 2017/01/27