From 09969852e91000f57a4874c1e18fe6b44c6f8ce8 Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Fri, 25 Mar 2022 09:55:42 +0100 Subject: [PATCH] Added tests of failure handling on invalid FS access --- CHANGES | 15 ++++++ test.sh | 138 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 149 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index 0821479..787a424 100644 --- a/CHANGES +++ b/CHANGES @@ -14,6 +14,21 @@ Testing: Musl libc has FOPEN_MAX=1000 which made bash dumping core on test EXCEED_FOPEN_MAX. + Added tests for failures of UNIX socket and GOPEN accesses to non + matching file system entries. + Tests: + CONNECT_TO_MISSING CONNECT_TO_DENIED CONNECT_TO_DIRECTORY + CONNECT_TO_ORPHANED CONNECT_TO_FILE CONNECT_TO_DGRAM + CONNECT_TO_SEQPACKET SEND_TO_MISSING SEND_TO_DENIED SEND_TO_DIRECTORY + SEND_TO_ORPHANED SEND_TO_FILE SEND_TO_STREAM SEND_TO_SEQPACKET + SENDTO_TO_MISSING SENDTO_TO_DENIED SENDTO_TO_DIRECTORY + SENDTO_TO_ORPHANED SENDTO_TO_FILE SENDTO_TO_STREAM SENDTO_TO_SEQPACKET + SEQPACKET_TO_MISSING SEQPACKET_TO_DENIED SEQPACKET_TO_DIRECTORY + SEQPACKET_TO_ORPHANED SEQPACKET_TO_FILE SEQPACKET_TO_STREAM + SEQPACKET_TO_DGRAM UNIX_TO_MISSING UNIX_TO_DENIED UNIX_TO_DIRECTORY + UNIX_TO_FILE UNIX_TO_ORPHANED GOPEN_TO_DENIED GOPEN_TO_DIRECTORY + GOPEN_TO_ORPHANED + ####################### V 1.7.4.3: Corrections: diff --git a/test.sh b/test.sh index ea4a202..c671bcc 100755 --- a/test.sh +++ b/test.sh @@ -2486,6 +2486,12 @@ waitfile () { return 1 } +# system dependent values +case "$UNAME" in + SunOS) SOCK_SEQPACKET=6 ;; + *) SOCK_SEQPACKET=5 ;; +esac + # generate a test certificate and key gentestcert () { local name="$1" @@ -3888,10 +3894,6 @@ case "$TESTS" in *%$N%*|*%functions%*|*%gopen%*|*%unix%*|*%listen%*|*%seqpacket%*|*%$NAME%*) TEST="$NAME: GOPEN on UNIX seqpacket socket" if ! eval $NUMCOND; then :; else - case "$UNAME" in - SunOS) SOCK_SEQPACKET=6 ;; - *) SOCK_SEQPACKET=5 ;; - esac ts="$td/test$N.socket" tf="$td/test$N.stdout" te="$td/test$N.stderr" @@ -15273,6 +15275,134 @@ PORT=$((PORT+1)) N=$((N+1)) +# Socats access to different types of file system entries using various kinds +# of addresses fails in a couple of useless combinations. These failures have +# to print an error message and exit with return code 1. +# Up to version 1.7.4.2 this desired behaviour was found for most combinations, +# however some fix in 1.7.4.3 degraded the overall result. +# This group of tests checks all known compinations. +while read entry method; do +if [ -z "$entry" ] || [[ "$entry" == \#* ]]; then continue; fi +NAME=$(toupper $method)_TO_$(toupper $entry) +case "$TESTS" in +*%$N%*|*%functions%*|*%bugs%*|*%socket%*|*%unix%*|*%$NAME%*) +#set -vx +TEST="$NAME: Failure handling on $method access to $entry" +# Create some kind of system entry and try to access it with some improper +# address. Check if Socat returns with rc 1 and prints an error message +if ! eval $NUMCOND; then :; else +ts="$td/test$N.socket" +tf="$td/test$N.stdout" +te="$td/test$N.stderr" +tdiff="$td/test$N.diff" +da="test$N $(date) $RANDOM" +printf "test $F_n $TEST... " $N +# create an invalid or non-matching UNIX socket +case "$entry" in + missing) pid0=; rm -f $ts ;; + denied) pid0=; rm -f $ts; touch $ts; chmod 000 $ts ;; + directory) pid0=; mkdir -p $ts ;; + orphaned) pid0= # the remainder of a UNIX socket in FS + $SOCAT $opts UNIX-LISTEN:$ts,unlink-close=0 /dev/null >${tf}0 2>${te}0 & + waitunixport $ts 1 + $SOCAT $opts /dev/null UNIX-CONNECT:$ts + ;; + file) pid0=; rm -f $ts; touch $ts ;; + stream) CMD0="$SOCAT $opts UNIX-LISTEN:$ts /dev/null" + $CMD0 >${tf}0 2>${te}0 & + pid0=$! ;; + dgram) CMD0="$SOCAT $opts -u UNIX-RECV:$ts /dev/null" + $CMD0 >${tf}0 2>${te}0 & + pid0=$! ;; + seqpacket) CMD0="$SOCAT $opts UNIX-LISTEN:$ts,socktype=$SOCK_SEQPACKET= /dev/null" + $CMD0 >${tf}0 2>${te}0 & + pid0=$! ;; +esac +[ "$pid0" ] && waitunixport $ts 1 +# try to access this socket +case "$method" in + connect) CMD1="$TRACE $SOCAT $opts -u - UNIX-CONNECT:$ts" ;; + send) CMD1="$TRACE $SOCAT $opts -u - UNIX-SEND:$ts" ;; + sendto) CMD1="$TRACE $SOCAT $opts -u - UNIX-SENDTO:$ts" ;; + seqpacket) CMD1="$TRACE $SOCAT $opts -u - UNIX-CONNECT:$ts,socktype=$SOCK_SEQPACKET" ;; + unix) CMD1="$TRACE $SOCAT $opts -u - UNIX-CLIENT:$ts" ;; + gopen) CMD1="$TRACE $SOCAT $opts -u - GOPEN:$ts" ;; +esac +echo "$da" |$CMD1 >"${tf}1" 2>"${te}1" +rc1=$? +[ "$pid0" ] && { kill $pid0 2>/dev/null; wait; } +if [ $rc1 != 1 ]; then + $PRINTF "$FAILED (bad return code $rc1)\n" + if [ "$pid0" ]; then + echo "$CMD0 &" >&2 + cat "${te}0" >&2 + fi + echo "$CMD1" >&2 + cat "${te}1" >&2 + numFAIL=$((numFAIL+1)) + listFAIL="$listFAIL $N" +elif nerr=$(grep ' E ' "${te}1" |wc -l); test "$nerr" -ne 1; then + $PRINTF "$FAILED ($nerr error message(s) instead of 1)\n" + if [ "$pid0" ]; then + echo "$CMD0 &" >&2 + cat "${te}0" >&2 + fi + echo "$CMD1" >&2 + cat "${te}1" >&2 + numFAIL=$((numFAIL+1)) + listFAIL="$listFAIL $N" +else + $PRINTF "$OK\n" + if [ "$VERBOSE" ]; then + if [ "$pid0" ]; then echo "$CMD0 &" >&2; fi + echo "$CMD1" >&2 + fi + numOK=$((numOK+1)) +fi +set +vx +fi # NUMCOND + ;; +esac +N=$((N+1)) +done <<<" +missing connect +denied connect +directory connect +orphaned connect +file connect +dgram connect +seqpacket connect +missing send +denied send +directory send +orphaned send +file send +stream send +seqpacket send +missing sendto +denied sendto +directory sendto +orphaned sendto +file sendto +stream sendto +seqpacket sendto +missing seqpacket +denied seqpacket +directory seqpacket +orphaned seqpacket +file seqpacket +stream seqpacket +dgram seqpacket +missing unix +denied unix +directory unix +file unix +orphaned unix +denied gopen +directory gopen +orphaned gopen +" + # end of common tests ##################################################################################