1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "sandbox/win/sandbox_poc/pocdll/exports.h" 6 #include "sandbox/win/sandbox_poc/pocdll/utils.h" 7 8 // This file contains the tests used to verify the security of the file system. 9 10 // Tries to open a file and outputs the result. 11 // "path" can contain environment variables. 12 // "output" is the stream for the logging. 13 void TryOpenFile(wchar_t *path, FILE *output) { 14 wchar_t path_expanded[MAX_PATH] = {0}; 15 DWORD size = ::ExpandEnvironmentStrings(path, path_expanded, MAX_PATH - 1); 16 if (!size) { 17 fprintf(output, "[ERROR] Cannot expand \"%S\". Error %S.\r\n", path, 18 ::GetLastError()); 19 } 20 21 HANDLE file; 22 file = ::CreateFile(path_expanded, 23 GENERIC_READ, 24 FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, 25 NULL, // No security attributes 26 OPEN_EXISTING, 27 FILE_FLAG_BACKUP_SEMANTICS, 28 NULL); // No template 29 30 if (file && INVALID_HANDLE_VALUE != file) { 31 fprintf(output, "[GRANTED] Opening file \"%S\". Handle 0x%p\r\n", path, 32 file); 33 ::CloseHandle(file); 34 } else { 35 fprintf(output, "[BLOCKED] Opening file \"%S\". Error %d.\r\n", path, 36 ::GetLastError()); 37 } 38 } 39 40 void POCDLL_API TestFileSystem(HANDLE log) { 41 HandleToFile handle2file; 42 FILE *output = handle2file.Translate(log, "w"); 43 44 TryOpenFile(L"%SystemDrive%", output); 45 TryOpenFile(L"%SystemRoot%", output); 46 TryOpenFile(L"%ProgramFiles%", output); 47 TryOpenFile(L"%SystemRoot%\\System32", output); 48 TryOpenFile(L"%SystemRoot%\\explorer.exe", output); 49 TryOpenFile(L"%SystemRoot%\\Cursors\\arrow_i.cur", output); 50 TryOpenFile(L"%AllUsersProfile%", output); 51 TryOpenFile(L"%UserProfile%", output); 52 TryOpenFile(L"%Temp%", output); 53 TryOpenFile(L"%AppData%", output); 54 } 55
