security/fortify
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 35 Wiki Activity
f9bf20a3c7
fortify/helper/bwrap_test.go
Ophestra f9bf20a3c7
All checks were successful
Test / Create distribution (push) Successful in 41s
Details
Test / Fortify (push) Successful in 3m3s
Details
Test / Data race detector (push) Successful in 4m32s
Details
Test / Fpkg (push) Successful in 4m47s
Details
Test / Flake checks (push) Successful in 1m3s
Details
helper: rearrange initialisation args 
This improves consistency across two different helper implementations.

Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-15 01:06:31 +09:00

116 lines
2.4 KiB
Go
Raw Blame History

package helper_test
import (
"context"
"errors"
"os"
"os/exec"
"strings"
"testing"
"time"
"git.gensokyo.uk/security/fortify/helper"
"git.gensokyo.uk/security/fortify/helper/bwrap"
)
func TestBwrap(t *testing.T) {
sc := &bwrap.Config{
Net: true,
Hostname: "localhost",
Chdir: "/nonexistent",
Clearenv: true,
NewSession: true,
DieWithParent: true,
AsInit: true,
}
t.Run("nonexistent bwrap name", func(t *testing.T) {
bubblewrapName := helper.BubblewrapName
helper.BubblewrapName = "/nonexistent"
t.Cleanup(func() {
helper.BubblewrapName = bubblewrapName
})
h := helper.MustNewBwrap(
context.Background(),
"fortify",
argsWt, false,
argF, nil,
sc, false, nil, nil,
)
if err := h.Start(); !errors.Is(err, os.ErrNotExist) {
t.Errorf("Start: error = %v, wantErr %v",
err, os.ErrNotExist)
}
})
t.Run("valid new helper nil check", func(t *testing.T) {
if got := helper.MustNewBwrap(
context.TODO(),
"fortify",
argsWt, false,
argF, nil,
sc, false, nil, nil,
); got == nil {
t.Errorf("MustNewBwrap(%#v, %#v, %#v) got nil",
sc, argsWt, "fortify")
return
}
})
t.Run("invalid bwrap config new helper panic", func(t *testing.T) {
defer func() {
wantPanic := "argument contains null character"
if r := recover(); r != wantPanic {
t.Errorf("MustNewBwrap: panic = %q, want %q",
r, wantPanic)
}
}()
helper.MustNewBwrap(
context.TODO(),
"fortify",
nil, false,
argF, nil,
&bwrap.Config{Hostname: "\x00"}, false, nil, nil,
)
})
t.Run("start without pipes", func(t *testing.T) {
helper.InternalReplaceExecCommand(t)
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
stdout, stderr := new(strings.Builder), new(strings.Builder)
h := helper.MustNewBwrap(
ctx, "crash-test-dummy",
nil, false,
argFChecked, func(cmd *exec.Cmd) { cmd.Stdout, cmd.Stderr = stdout, stderr },
sc, false, nil, nil,
)
if err := h.Start(); err != nil {
t.Errorf("Start: error = %v",
err)
return
}
if err := h.Wait(); err != nil {
t.Errorf("Wait() err = %v stderr = %s",
err, stderr)
}
})
t.Run("implementation compliance", func(t *testing.T) {
testHelper(t, func(ctx context.Context, cmdF func(cmd *exec.Cmd), stat bool) helper.Helper {
return helper.MustNewBwrap(
ctx, "crash-test-dummy",
argsWt, stat,
argF, cmdF,
sc, false, nil, nil,
)
})
})
}
Reference in New Issue View Git Blame Copy Permalink