diff options
| author |  netblue30 <netblue30@yahoo.com> | 2015-10-18 11:07:49 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2015-10-18 11:07:49 -0400 |
| commit | 6d39f22968c7cf2a51cb162664589770c84aac69 (patch) | |
| tree | 8a717a0324b43a8134182ceeee6455b59535b465 | |
| parent | --hostname (diff) | |
| download | firejail-6d39f22968c7cf2a51cb162664589770c84aac69.tar.gz firejail-6d39f22968c7cf2a51cb162664589770c84aac69.tar.zst firejail-6d39f22968c7cf2a51cb162664589770c84aac69.zip | |
testing
| -rw-r--r-- | src/firejail/fs_dev.c | 1 | ||||
| -rw-r--r-- | src/firejail/main.c | 4 | ||||
| -rw-r--r-- | src/firejail/network.c | 2 | ||||
| -rwxr-xr-x | test/hostname.exp (renamed from test/name.exp) | 0 | ||||
| -rwxr-xr-x | test/net_mtu.exp | 30 | ||||
| -rwxr-xr-x | test/noroot.exp | 7 | ||||
| -rwxr-xr-x | test/option-join.exp | 6 | ||||
| -rwxr-xr-x | test/quiet.exp | 17 | ||||
| -rwxr-xr-x | test/test.sh | 12 |
9 files changed, 60 insertions, 19 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 881f20b1f..ee67a5696 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
| @@ -76,6 +76,7 @@ void fs_private_dev(void){ | |||
| 76 | fs_build_mnt_dir(); | 76 | fs_build_mnt_dir(); |
| 77 | 77 | ||
| 78 | if (have_dri) { | 78 | if (have_dri) { |
| 79 | /* coverity[toctou] */ | ||
| 79 | rv = mkdir(DRI_DIR, 0755); | 80 | rv = mkdir(DRI_DIR, 0755); |
| 80 | if (rv == -1) | 81 | if (rv == -1) |
| 81 | errExit("mkdir"); | 82 | errExit("mkdir"); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 3d6d4cfb3..8d2664c16 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -946,10 +946,6 @@ int main(int argc, char **argv) { | |||
| 946 | fprintf(stderr, "Error: no network device configured\n"); | 946 | fprintf(stderr, "Error: no network device configured\n"); |
| 947 | return 1; | 947 | return 1; |
| 948 | } | 948 | } |
| 949 | if (br->mtu) { | ||
| 950 | fprintf(stderr, "Error: cannot configure mtu twice for the same interface\n"); | ||
| 951 | return 1; | ||
| 952 | } | ||
| 953 | 949 | ||
| 954 | if (sscanf(argv[i] + 6, "%d", &br->mtu) != 1 || br->mtu < 68 || br->mtu > 9198) { | 950 | if (sscanf(argv[i] + 6, "%d", &br->mtu) != 1 || br->mtu < 68 || br->mtu > 9198) { |
| 955 | fprintf(stderr, "Error: invalid mtu value\n"); | 951 | fprintf(stderr, "Error: invalid mtu value\n"); |
diff --git a/src/firejail/network.c b/src/firejail/network.c index 5469bbcd1..461946d83 100644 --- a/src/firejail/network.c +++ b/src/firejail/network.c | |||
| @@ -106,6 +106,7 @@ int net_get_mtu(const char *ifname) { | |||
| 106 | if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) | 106 | if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) |
| 107 | errExit("socket"); | 107 | errExit("socket"); |
| 108 | 108 | ||
| 109 | memset(&ifr, 0, sizeof(ifr)); | ||
| 109 | ifr.ifr_addr.sa_family = AF_INET; | 110 | ifr.ifr_addr.sa_family = AF_INET; |
| 110 | strncpy(ifr.ifr_name, ifname, IFNAMSIZ); | 111 | strncpy(ifr.ifr_name, ifname, IFNAMSIZ); |
| 111 | if (ioctl(s, SIOCGIFMTU, (caddr_t)&ifr) == 0) | 112 | if (ioctl(s, SIOCGIFMTU, (caddr_t)&ifr) == 0) |
| @@ -133,6 +134,7 @@ void net_set_mtu(const char *ifname, int mtu) { | |||
| 133 | if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) | 134 | if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) |
| 134 | errExit("socket"); | 135 | errExit("socket"); |
| 135 | 136 | ||
| 137 | memset(&ifr, 0, sizeof(ifr)); | ||
| 136 | ifr.ifr_addr.sa_family = AF_INET; | 138 | ifr.ifr_addr.sa_family = AF_INET; |
| 137 | strncpy(ifr.ifr_name, ifname, IFNAMSIZ); | 139 | strncpy(ifr.ifr_name, ifname, IFNAMSIZ); |
| 138 | ifr.ifr_mtu = mtu; | 140 | ifr.ifr_mtu = mtu; |
diff --git a/test/name.exp b/test/hostname.exp index 42f78dd12..42f78dd12 100755 --- a/test/name.exp +++ b/test/hostname.exp | |||
diff --git a/test/net_mtu.exp b/test/net_mtu.exp new file mode 100755 index 000000000..2940241c1 --- /dev/null +++ b/test/net_mtu.exp | |||
| @@ -0,0 +1,30 @@ | |||
| 1 | #!/usr/bin/expect -f | ||
| 2 | |||
| 3 | set timeout 10 | ||
| 4 | spawn $env(SHELL) | ||
| 5 | match_max 100000 | ||
| 6 | |||
| 7 | # check ip address | ||
| 8 | send -- "firejail --net=br0 --mtu=1000\r" | ||
| 9 | expect { | ||
| 10 | timeout {puts "TESTING ERROR 1\n";exit} | ||
| 11 | "Child process initialized" | ||
| 12 | } | ||
| 13 | sleep 1 | ||
| 14 | |||
| 15 | send -- "ip link show\r" | ||
| 16 | expect { | ||
| 17 | timeout {puts "TESTING ERROR 2\n";exit} | ||
| 18 | "eth0" | ||
| 19 | } | ||
| 20 | expect { | ||
| 21 | timeout {puts "TESTING ERROR 3\n";exit} | ||
| 22 | "mtu 1000" | ||
| 23 | } | ||
| 24 | expect { | ||
| 25 | timeout {puts "TESTING ERROR 4\n";exit} | ||
| 26 | "state UP" | ||
| 27 | } | ||
| 28 | |||
| 29 | puts "\nall done\n" | ||
| 30 | |||
diff --git a/test/noroot.exp b/test/noroot.exp index d16c28dbe..37d55fe78 100755 --- a/test/noroot.exp +++ b/test/noroot.exp | |||
| @@ -51,13 +51,6 @@ expect { | |||
| 51 | } | 51 | } |
| 52 | puts "\n" | 52 | puts "\n" |
| 53 | 53 | ||
| 54 | send -- "cat /etc/hostname\r" | ||
| 55 | expect { | ||
| 56 | timeout {puts "TESTING ERROR 3\n";exit} | ||
| 57 | "noroot-sandbox" | ||
| 58 | } | ||
| 59 | puts "\n" | ||
| 60 | |||
| 61 | send -- "ping 0\r" | 54 | send -- "ping 0\r" |
| 62 | expect { | 55 | expect { |
| 63 | timeout {puts "TESTING ERROR 4\n";exit} | 56 | timeout {puts "TESTING ERROR 4\n";exit} |
diff --git a/test/option-join.exp b/test/option-join.exp index ad8ba73e0..6250e87a2 100755 --- a/test/option-join.exp +++ b/test/option-join.exp | |||
| @@ -17,10 +17,6 @@ expect { | |||
| 17 | timeout {puts "TESTING ERROR 1\n";exit} | 17 | timeout {puts "TESTING ERROR 1\n";exit} |
| 18 | "Switching to pid" | 18 | "Switching to pid" |
| 19 | } | 19 | } |
| 20 | expect { | ||
| 21 | timeout {puts "TESTING ERROR 2 (join) \n";exit} | ||
| 22 | "@svntesting" | ||
| 23 | } | ||
| 24 | sleep 1 | 20 | sleep 1 |
| 25 | 21 | ||
| 26 | 22 | ||
| @@ -40,4 +36,4 @@ expect { | |||
| 40 | } | 36 | } |
| 41 | sleep 1 | 37 | sleep 1 |
| 42 | 38 | ||
| 43 | puts "\n" | 39 | puts "\nall done\n" |
diff --git a/test/quiet.exp b/test/quiet.exp new file mode 100755 index 000000000..fa46aebf2 --- /dev/null +++ b/test/quiet.exp | |||
| @@ -0,0 +1,17 @@ | |||
| 1 | #!/usr/bin/expect -f | ||
| 2 | |||
| 3 | set timeout 4 | ||
| 4 | spawn $env(SHELL) | ||
| 5 | match_max 100000 | ||
| 6 | |||
| 7 | # check ip address | ||
| 8 | send -- "firejail --net=br0 --quiet\r" | ||
| 9 | expect { | ||
| 10 | "Child process initialized" {puts "TESTING ERROR 1\n";exit} | ||
| 11 | "Interface" {puts "TESTING ERROR 1\n";exit} | ||
| 12 | } | ||
| 13 | sleep 1 | ||
| 14 | send -- "\r" | ||
| 15 | |||
| 16 | puts "\nall done\n" | ||
| 17 | |||
diff --git a/test/test.sh b/test/test.sh index 80aa7f3e8..7d43a5786 100755 --- a/test/test.sh +++ b/test/test.sh | |||
| @@ -125,9 +125,6 @@ ls -al > tmpreadonly | |||
| 125 | sleep 5 | 125 | sleep 5 |
| 126 | rm -f tmpreadonly | 126 | rm -f tmpreadonly |
| 127 | 127 | ||
| 128 | echo "TESTING: name" | ||
| 129 | ./name.exp | ||
| 130 | |||
| 131 | echo "TESTING: zsh" | 128 | echo "TESTING: zsh" |
| 132 | ./shell_zsh.exp | 129 | ./shell_zsh.exp |
| 133 | 130 | ||
| @@ -354,6 +351,9 @@ echo "TESTING: read/write /var/lock" | |||
| 354 | echo "TESTING: read/write /dev/shm" | 351 | echo "TESTING: read/write /dev/shm" |
| 355 | ./fs_dev_shm.exp | 352 | ./fs_dev_shm.exp |
| 356 | 353 | ||
| 354 | echo "TESTING: quiet" | ||
| 355 | ./quiet.exp | ||
| 356 | |||
| 357 | echo "TESTING: local network" | 357 | echo "TESTING: local network" |
| 358 | ./net_local.exp | 358 | ./net_local.exp |
| 359 | 359 | ||
| @@ -366,6 +366,12 @@ echo "TESTING: network IP" | |||
| 366 | echo "TESTING: network MAC" | 366 | echo "TESTING: network MAC" |
| 367 | ./net_mac.exp | 367 | ./net_mac.exp |
| 368 | 368 | ||
| 369 | echo "TESTING: network MTU" | ||
| 370 | ./net_mtu.exp | ||
| 371 | |||
| 372 | echo "TESTING: network hostname" | ||
| 373 | ./hostname.exp | ||
| 374 | |||
| 369 | echo "TESTING: network bad IP" | 375 | echo "TESTING: network bad IP" |
| 370 | ./net_badip.exp | 376 | ./net_badip.exp |
| 371 | 377 | ||