1 /*-
2 * Copyright (c) 2018 Kristof Provost <kp@FreeBSD.org>
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23 * SUCH DAMAGE.
24 */
25
26 #include <sys/param.h>
27 #include <sys/module.h>
28 #include <sys/types.h>
29 #include <sys/ioctl.h>
30 #include <sys/socket.h>
31
32 #include <net/if.h>
33 #include <net/pfvar.h>
34
35 #include <fcntl.h>
36 #include <stdio.h>
37
38 #include <atf-c.h>
39
40 static int dev;
41
42 #define COMMON_HEAD() \
43 if (modfind("pf") == -1) \
44 atf_tc_skip("pf not loaded"); \
45 dev = open("/dev/pf", O_RDWR); \
46 if (dev == -1) \
47 atf_tc_skip("Failed to open /dev/pf");
48
49 #define COMMON_CLEANUP() \
50 close(dev);
51
52 static void
common_init_tbl(struct pfr_table * tbl)53 common_init_tbl(struct pfr_table *tbl)
54 {
55 bzero(tbl, sizeof(struct pfr_table));
56 strcpy(tbl->pfrt_anchor, "anchor");
57 strcpy(tbl->pfrt_name, "name");
58 tbl->pfrt_flags = 0;
59 tbl->pfrt_fback = 0;
60 }
61
62 ATF_TC_WITH_CLEANUP(addtables);
ATF_TC_HEAD(addtables,tc)63 ATF_TC_HEAD(addtables, tc)
64 {
65 atf_tc_set_md_var(tc, "require.user", "root");
66 }
67
ATF_TC_BODY(addtables,tc)68 ATF_TC_BODY(addtables, tc)
69 {
70 struct pfioc_table io;
71 struct pfr_table tbl;
72 struct pfr_table tbls[4];
73 int flags;
74
75 COMMON_HEAD();
76
77 flags = 0;
78
79 bzero(&io, sizeof(io));
80 io.pfrio_flags = flags;
81 io.pfrio_buffer = &tbl;
82 io.pfrio_esize = sizeof(tbl);
83
84 /* Negative size */
85 io.pfrio_size = -1;
86 if (ioctl(dev, DIOCRADDTABLES, &io) == 0)
87 atf_tc_fail("Request with size -1 succeeded");
88
89 /* Overly large size */
90 io.pfrio_size = 1 << 24;
91 if (ioctl(dev, DIOCRADDTABLES, &io) == 0)
92 atf_tc_fail("Request with size 1 << 24 succeeded");
93
94 /* NULL buffer */
95 io.pfrio_size = 1;
96 io.pfrio_buffer = NULL;
97 if (ioctl(dev, DIOCRADDTABLES, &io) == 0)
98 atf_tc_fail("Request with NULL buffer succeeded");
99
100 /* This can provoke a memory leak, see r331225. */
101 io.pfrio_size = 4;
102 for (int i = 0; i < io.pfrio_size; i++)
103 common_init_tbl(&tbls[i]);
104
105 io.pfrio_buffer = &tbls;
106 ioctl(dev, DIOCRADDTABLES, &io);
107 }
108
ATF_TC_CLEANUP(addtables,tc)109 ATF_TC_CLEANUP(addtables, tc)
110 {
111 COMMON_CLEANUP();
112 }
113
114 ATF_TC_WITH_CLEANUP(deltables);
ATF_TC_HEAD(deltables,tc)115 ATF_TC_HEAD(deltables, tc)
116 {
117 atf_tc_set_md_var(tc, "require.user", "root");
118 }
119
ATF_TC_BODY(deltables,tc)120 ATF_TC_BODY(deltables, tc)
121 {
122 struct pfioc_table io;
123 struct pfr_table tbl;
124 int flags;
125
126 COMMON_HEAD();
127
128 flags = 0;
129
130 bzero(&io, sizeof(io));
131 io.pfrio_flags = flags;
132 io.pfrio_buffer = &tbl;
133 io.pfrio_esize = sizeof(tbl);
134
135 /* Negative size */
136 io.pfrio_size = -1;
137 if (ioctl(dev, DIOCRDELTABLES, &io) == 0)
138 atf_tc_fail("Request with size -1 succeeded");
139
140 /* Overly large size */
141 io.pfrio_size = 1 << 24;
142 if (ioctl(dev, DIOCRDELTABLES, &io) == 0)
143 atf_tc_fail("Request with size 1 << 24 succeeded");
144
145 /* NULL buffer */
146 io.pfrio_size = 1;
147 io.pfrio_buffer = NULL;
148 if (ioctl(dev, DIOCRDELTABLES, &io) == 0)
149 atf_tc_fail("Request with NULL buffer succeeded");
150 }
151
ATF_TC_CLEANUP(deltables,tc)152 ATF_TC_CLEANUP(deltables, tc)
153 {
154 COMMON_CLEANUP();
155 }
156
157 ATF_TC_WITH_CLEANUP(gettables);
ATF_TC_HEAD(gettables,tc)158 ATF_TC_HEAD(gettables, tc)
159 {
160 atf_tc_set_md_var(tc, "require.user", "root");
161 }
162
ATF_TC_BODY(gettables,tc)163 ATF_TC_BODY(gettables, tc)
164 {
165 struct pfioc_table io;
166 struct pfr_table tbl;
167 int flags;
168
169 COMMON_HEAD();
170
171 flags = 0;
172
173 bzero(&io, sizeof(io));
174 io.pfrio_flags = flags;
175 io.pfrio_buffer = &tbl;
176 io.pfrio_esize = sizeof(tbl);
177
178 /* Negative size. This will succeed, because the kernel will not copy
179 * tables than it has. */
180 io.pfrio_size = -1;
181 if (ioctl(dev, DIOCRGETTABLES, &io) != 0)
182 atf_tc_fail("Request with size -1 failed");
183
184 /* Overly large size. See above. */
185 io.pfrio_size = 1 << 24;
186 if (ioctl(dev, DIOCRGETTABLES, &io) != 0)
187 atf_tc_fail("Request with size 1 << 24 failed");
188 }
189
ATF_TC_CLEANUP(gettables,tc)190 ATF_TC_CLEANUP(gettables, tc)
191 {
192 COMMON_CLEANUP();
193 }
194
195 ATF_TC_WITH_CLEANUP(gettstats);
ATF_TC_HEAD(gettstats,tc)196 ATF_TC_HEAD(gettstats, tc)
197 {
198 atf_tc_set_md_var(tc, "require.user", "root");
199 }
200
ATF_TC_BODY(gettstats,tc)201 ATF_TC_BODY(gettstats, tc)
202 {
203 struct pfioc_table io;
204 struct pfr_tstats stats;
205 int flags;
206
207 COMMON_HEAD();
208
209 flags = 0;
210
211 bzero(&io, sizeof(io));
212 io.pfrio_flags = flags;
213 io.pfrio_buffer = &stats;
214 io.pfrio_esize = sizeof(stats);
215
216 /* Negative size. This will succeed, because the kernel will not copy
217 * tables than it has. */
218 io.pfrio_size = -1;
219 if (ioctl(dev, DIOCRGETTSTATS, &io) != 0)
220 atf_tc_fail("Request with size -1 failed");
221
222 /* Overly large size. See above. */
223 io.pfrio_size = 1 << 24;
224 if (ioctl(dev, DIOCRGETTSTATS, &io) != 0)
225 atf_tc_fail("Request with size 1 << 24 failed");
226 }
227
ATF_TC_CLEANUP(gettstats,tc)228 ATF_TC_CLEANUP(gettstats, tc)
229 {
230 COMMON_CLEANUP();
231 }
232
233 ATF_TC_WITH_CLEANUP(clrtstats);
ATF_TC_HEAD(clrtstats,tc)234 ATF_TC_HEAD(clrtstats, tc)
235 {
236 atf_tc_set_md_var(tc, "require.user", "root");
237 }
238
ATF_TC_BODY(clrtstats,tc)239 ATF_TC_BODY(clrtstats, tc)
240 {
241 struct pfioc_table io;
242 struct pfr_table tbl;
243 int flags;
244
245 COMMON_HEAD();
246
247 flags = 0;
248
249 common_init_tbl(&tbl);
250
251 bzero(&io, sizeof(io));
252 io.pfrio_flags = flags;
253 io.pfrio_buffer = &tbl;
254 io.pfrio_esize = sizeof(tbl);
255
256 /* Negative size. This will succeed, because the kernel will not copy
257 * tables than it has. */
258 io.pfrio_size = -1;
259 if (ioctl(dev, DIOCRCLRTSTATS, &io) != 0)
260 atf_tc_fail("Request with size -1 failed ");
261
262 /* Overly large size. See above. */
263 io.pfrio_size = 1 << 24;
264 if (ioctl(dev, DIOCRCLRTSTATS, &io) != 0)
265 atf_tc_fail("Request with size 1 << 24 failed");
266
267 io.pfrio_size = sizeof(tbl);
268 io.pfrio_buffer = NULL;
269 if (ioctl(dev, DIOCRCLRTSTATS, &io) == 0)
270 atf_tc_fail("Request with NULL buffer succeeded");
271 }
272
ATF_TC_CLEANUP(clrtstats,tc)273 ATF_TC_CLEANUP(clrtstats, tc)
274 {
275 COMMON_CLEANUP();
276 }
277
278 ATF_TC_WITH_CLEANUP(settflags);
ATF_TC_HEAD(settflags,tc)279 ATF_TC_HEAD(settflags, tc)
280 {
281 atf_tc_set_md_var(tc, "require.user", "root");
282 }
283
ATF_TC_BODY(settflags,tc)284 ATF_TC_BODY(settflags, tc)
285 {
286 struct pfioc_table io;
287 struct pfr_table tbl;
288 int flags;
289
290 COMMON_HEAD();
291
292 flags = 0;
293
294 common_init_tbl(&tbl);
295
296 bzero(&io, sizeof(io));
297 io.pfrio_flags = flags;
298 io.pfrio_buffer = &tbl;
299 io.pfrio_esize = sizeof(tbl);
300
301 /* Negative size. This will succeed, because the kernel will not copy
302 * tables than it has. */
303 io.pfrio_size = -1;
304 if (ioctl(dev, DIOCRSETTFLAGS, &io) != 0)
305 atf_tc_fail("Request with size -1 failed");
306
307 /* Overly large size. See above. */
308 io.pfrio_size = 1 << 28;
309 if (ioctl(dev, DIOCRSETTFLAGS, &io) != 0)
310 atf_tc_fail("Request with size 1 << 24 failed");
311
312 /* NULL buffer */
313 io.pfrio_buffer = NULL;
314 if (ioctl(dev, DIOCRSETTFLAGS, &io) != -1)
315 atf_tc_fail("Request with NULL buffer succeeded");
316 }
317
ATF_TC_CLEANUP(settflags,tc)318 ATF_TC_CLEANUP(settflags, tc)
319 {
320 COMMON_CLEANUP();
321 }
322
323 ATF_TC_WITH_CLEANUP(addaddrs);
ATF_TC_HEAD(addaddrs,tc)324 ATF_TC_HEAD(addaddrs, tc)
325 {
326 atf_tc_set_md_var(tc, "require.user", "root");
327 }
328
ATF_TC_BODY(addaddrs,tc)329 ATF_TC_BODY(addaddrs, tc)
330 {
331 struct pfioc_table io;
332 struct pfr_addr addr;
333
334 COMMON_HEAD();
335
336 bzero(&addr, sizeof(addr));
337 bzero(&io, sizeof(io));
338 io.pfrio_flags = 0;
339 io.pfrio_buffer = &addr;
340 io.pfrio_esize = sizeof(addr);
341
342 /* Negative size. */
343 io.pfrio_size = -1;
344 if (ioctl(dev, DIOCRADDADDRS, &io) == 0)
345 atf_tc_fail("Request with size -1 succeeded");
346
347 /* Overly large size. */
348 io.pfrio_size = 1 << 28;
349 if (ioctl(dev, DIOCRADDADDRS, &io) == 0)
350 atf_tc_fail("Reuqest with size 1 << 28 failed");
351 }
352
ATF_TC_CLEANUP(addaddrs,tc)353 ATF_TC_CLEANUP(addaddrs, tc)
354 {
355 COMMON_CLEANUP();
356 }
357
358 ATF_TC_WITH_CLEANUP(deladdrs);
ATF_TC_HEAD(deladdrs,tc)359 ATF_TC_HEAD(deladdrs, tc)
360 {
361 atf_tc_set_md_var(tc, "require.user", "root");
362 }
363
ATF_TC_BODY(deladdrs,tc)364 ATF_TC_BODY(deladdrs, tc)
365 {
366 struct pfioc_table io;
367 struct pfr_addr addr;
368
369 COMMON_HEAD();
370
371 bzero(&addr, sizeof(addr));
372 bzero(&io, sizeof(io));
373 io.pfrio_flags = 0;
374 io.pfrio_buffer = &addr;
375 io.pfrio_esize = sizeof(addr);
376
377 /* Negative size. */
378 io.pfrio_size = -1;
379 if (ioctl(dev, DIOCRDELADDRS, &io) == 0)
380 atf_tc_fail("Request with size -1 succeeded");
381
382 /* Overly large size. */
383 io.pfrio_size = 1 << 28;
384 if (ioctl(dev, DIOCRDELADDRS, &io) == 0)
385 atf_tc_fail("Reuqest with size 1 << 28 failed");
386 }
387
ATF_TC_CLEANUP(deladdrs,tc)388 ATF_TC_CLEANUP(deladdrs, tc)
389 {
390 COMMON_CLEANUP();
391 }
392
393 ATF_TC_WITH_CLEANUP(setaddrs);
ATF_TC_HEAD(setaddrs,tc)394 ATF_TC_HEAD(setaddrs, tc)
395 {
396 atf_tc_set_md_var(tc, "require.user", "root");
397 }
398
ATF_TC_BODY(setaddrs,tc)399 ATF_TC_BODY(setaddrs, tc)
400 {
401 struct pfioc_table io;
402 struct pfr_addr addr;
403
404 COMMON_HEAD();
405
406 bzero(&addr, sizeof(addr));
407 bzero(&io, sizeof(io));
408 io.pfrio_flags = 0;
409 io.pfrio_buffer = &addr;
410 io.pfrio_esize = sizeof(addr);
411
412 /* Negative size. */
413 io.pfrio_size = -1;
414 if (ioctl(dev, DIOCRSETADDRS, &io) == 0)
415 atf_tc_fail("Request with size -1 succeeded");
416
417 /* Overly large size. */
418 io.pfrio_size = 1 << 28;
419 if (ioctl(dev, DIOCRSETADDRS, &io) == 0)
420 atf_tc_fail("Reuqest with size 1 << 28 failed");
421 }
422
ATF_TC_CLEANUP(setaddrs,tc)423 ATF_TC_CLEANUP(setaddrs, tc)
424 {
425 COMMON_CLEANUP();
426 }
427
428 ATF_TC_WITH_CLEANUP(getaddrs);
ATF_TC_HEAD(getaddrs,tc)429 ATF_TC_HEAD(getaddrs, tc)
430 {
431 atf_tc_set_md_var(tc, "require.user", "root");
432 }
433
ATF_TC_BODY(getaddrs,tc)434 ATF_TC_BODY(getaddrs, tc)
435 {
436 struct pfioc_table io;
437 struct pfr_addr addr;
438
439 COMMON_HEAD();
440
441 bzero(&addr, sizeof(addr));
442 bzero(&io, sizeof(io));
443 io.pfrio_flags = 0;
444 io.pfrio_buffer = &addr;
445 io.pfrio_esize = sizeof(addr);
446
447 common_init_tbl(&io.pfrio_table);
448
449 /* Negative size. */
450 io.pfrio_size = -1;
451 if (ioctl(dev, DIOCRGETADDRS, &io) == 0)
452 atf_tc_fail("Request with size -1 succeeded");
453
454 /* Overly large size. */
455 io.pfrio_size = 1 << 24;
456 if (ioctl(dev, DIOCRGETADDRS, &io) == 0)
457 atf_tc_fail("Request with size 1 << 24 failed");
458 }
459
ATF_TC_CLEANUP(getaddrs,tc)460 ATF_TC_CLEANUP(getaddrs, tc)
461 {
462 COMMON_CLEANUP();
463 }
464
465 ATF_TC_WITH_CLEANUP(getastats);
ATF_TC_HEAD(getastats,tc)466 ATF_TC_HEAD(getastats, tc)
467 {
468 atf_tc_set_md_var(tc, "require.user", "root");
469 }
470
ATF_TC_BODY(getastats,tc)471 ATF_TC_BODY(getastats, tc)
472 {
473 struct pfioc_table io;
474 struct pfr_astats astats;
475
476 COMMON_HEAD();
477
478 bzero(&astats, sizeof(astats));
479 bzero(&io, sizeof(io));
480 io.pfrio_flags = 0;
481 io.pfrio_buffer = &astats;
482 io.pfrio_esize = sizeof(astats);
483
484 common_init_tbl(&io.pfrio_table);
485
486 /* Negative size. */
487 io.pfrio_size = -1;
488 if (ioctl(dev, DIOCRGETASTATS, &io) == 0)
489 atf_tc_fail("Request with size -1 succeeded");
490
491 /* Overly large size. */
492 io.pfrio_size = 1 << 24;
493 if (ioctl(dev, DIOCRGETASTATS, &io) == 0)
494 atf_tc_fail("Request with size 1 << 24 failed");
495 }
496
ATF_TC_CLEANUP(getastats,tc)497 ATF_TC_CLEANUP(getastats, tc)
498 {
499 COMMON_CLEANUP();
500 }
501
502 ATF_TC_WITH_CLEANUP(clrastats);
ATF_TC_HEAD(clrastats,tc)503 ATF_TC_HEAD(clrastats, tc)
504 {
505 atf_tc_set_md_var(tc, "require.user", "root");
506 }
507
ATF_TC_BODY(clrastats,tc)508 ATF_TC_BODY(clrastats, tc)
509 {
510 struct pfioc_table io;
511 struct pfr_addr addr;
512
513 COMMON_HEAD();
514
515 bzero(&addr, sizeof(addr));
516 bzero(&io, sizeof(io));
517 io.pfrio_flags = 0;
518 io.pfrio_buffer = &addr;
519 io.pfrio_esize = sizeof(addr);
520
521 common_init_tbl(&io.pfrio_table);
522
523 /* Negative size. */
524 io.pfrio_size = -1;
525 if (ioctl(dev, DIOCRCLRASTATS, &io) == 0)
526 atf_tc_fail("Request with size -1 succeeded");
527
528 /* Overly large size. */
529 io.pfrio_size = 1 << 24;
530 if (ioctl(dev, DIOCRCLRASTATS, &io) == 0)
531 atf_tc_fail("Request with size 1 << 24 failed");
532 }
533
ATF_TC_CLEANUP(clrastats,tc)534 ATF_TC_CLEANUP(clrastats, tc)
535 {
536 COMMON_CLEANUP();
537 }
538
539 ATF_TC_WITH_CLEANUP(tstaddrs);
ATF_TC_HEAD(tstaddrs,tc)540 ATF_TC_HEAD(tstaddrs, tc)
541 {
542 atf_tc_set_md_var(tc, "require.user", "root");
543 }
544
ATF_TC_BODY(tstaddrs,tc)545 ATF_TC_BODY(tstaddrs, tc)
546 {
547 struct pfioc_table io;
548 struct pfr_addr addr;
549
550 COMMON_HEAD();
551
552 bzero(&addr, sizeof(addr));
553 bzero(&io, sizeof(io));
554 io.pfrio_flags = 0;
555 io.pfrio_buffer = &addr;
556 io.pfrio_esize = sizeof(addr);
557
558 common_init_tbl(&io.pfrio_table);
559
560 /* Negative size. */
561 io.pfrio_size = -1;
562 if (ioctl(dev, DIOCRTSTADDRS, &io) == 0)
563 atf_tc_fail("Request with size -1 succeeded");
564
565 /* Overly large size. */
566 io.pfrio_size = 1 << 24;
567 if (ioctl(dev, DIOCRTSTADDRS, &io) == 0)
568 atf_tc_fail("Request with size 1 << 24 failed");
569 }
570
ATF_TC_CLEANUP(tstaddrs,tc)571 ATF_TC_CLEANUP(tstaddrs, tc)
572 {
573 COMMON_CLEANUP();
574 }
575
576 ATF_TC_WITH_CLEANUP(inadefine);
ATF_TC_HEAD(inadefine,tc)577 ATF_TC_HEAD(inadefine, tc)
578 {
579 atf_tc_set_md_var(tc, "require.user", "root");
580 }
581
ATF_TC_BODY(inadefine,tc)582 ATF_TC_BODY(inadefine, tc)
583 {
584 struct pfioc_table io;
585 struct pfr_addr addr;
586
587 COMMON_HEAD();
588
589 bzero(&addr, sizeof(addr));
590 bzero(&io, sizeof(io));
591 io.pfrio_flags = 0;
592 io.pfrio_buffer = &addr;
593 io.pfrio_esize = sizeof(addr);
594
595 common_init_tbl(&io.pfrio_table);
596
597 /* Negative size. */
598 io.pfrio_size = -1;
599 if (ioctl(dev, DIOCRINADEFINE, &io) == 0)
600 atf_tc_fail("Request with size -1 succeeded");
601
602 /* Overly large size. */
603 io.pfrio_size = 1 << 24;
604 if (ioctl(dev, DIOCRINADEFINE, &io) == 0)
605 atf_tc_fail("Request with size 1 << 24 failed");
606 }
607
ATF_TC_CLEANUP(inadefine,tc)608 ATF_TC_CLEANUP(inadefine, tc)
609 {
610 COMMON_CLEANUP();
611 }
612
613 ATF_TC_WITH_CLEANUP(igetifaces);
ATF_TC_HEAD(igetifaces,tc)614 ATF_TC_HEAD(igetifaces, tc)
615 {
616 atf_tc_set_md_var(tc, "require.user", "root");
617 }
618
ATF_TC_BODY(igetifaces,tc)619 ATF_TC_BODY(igetifaces, tc)
620 {
621 struct pfioc_iface io;
622 struct pfi_kif kif;
623
624 COMMON_HEAD();
625
626 bzero(&io, sizeof(io));
627 io.pfiio_flags = 0;
628 io.pfiio_buffer = &kif;
629 io.pfiio_esize = sizeof(kif);
630
631 /* Negative size */
632 io.pfiio_size = -1;
633 if (ioctl(dev, DIOCIGETIFACES, &io) == 0)
634 atf_tc_fail("request with size -1 succeeded");
635
636 /* Overflow size */
637 io.pfiio_size = 1 << 31;
638 if (ioctl(dev, DIOCIGETIFACES, &io) == 0)
639 atf_tc_fail("request with size 1 << 31 succeeded");
640 }
641
ATF_TC_CLEANUP(igetifaces,tc)642 ATF_TC_CLEANUP(igetifaces, tc)
643 {
644 COMMON_CLEANUP();
645 }
646
647 ATF_TC_WITH_CLEANUP(cxbegin);
ATF_TC_HEAD(cxbegin,tc)648 ATF_TC_HEAD(cxbegin, tc)
649 {
650 atf_tc_set_md_var(tc, "require.user", "root");
651 }
652
ATF_TC_BODY(cxbegin,tc)653 ATF_TC_BODY(cxbegin, tc)
654 {
655 struct pfioc_trans io;
656 struct pfioc_trans_e ioe;
657
658 COMMON_HEAD();
659
660 bzero(&io, sizeof(io));
661 io.esize = sizeof(ioe);
662 io.array = &ioe;
663
664 /* Negative size */
665 io.size = -1;
666 if (ioctl(dev, DIOCXBEGIN, &io) == 0)
667 atf_tc_fail("request with size -1 succeeded");
668
669 /* Overflow size */
670 io.size = 1 << 30;
671 if (ioctl(dev, DIOCXBEGIN, &io) == 0)
672 atf_tc_fail("request with size 1 << 30 succeeded");
673
674 /* NULL buffer */
675 io.size = 1;
676 io.array = NULL;
677 if (ioctl(dev, DIOCXBEGIN, &io) == 0)
678 atf_tc_fail("request with size -1 succeeded");
679 }
680
ATF_TC_CLEANUP(cxbegin,tc)681 ATF_TC_CLEANUP(cxbegin, tc)
682 {
683 COMMON_CLEANUP();
684 }
685
686 ATF_TC_WITH_CLEANUP(cxrollback);
ATF_TC_HEAD(cxrollback,tc)687 ATF_TC_HEAD(cxrollback, tc)
688 {
689 atf_tc_set_md_var(tc, "require.user", "root");
690 }
691
ATF_TC_BODY(cxrollback,tc)692 ATF_TC_BODY(cxrollback, tc)
693 {
694 struct pfioc_trans io;
695 struct pfioc_trans_e ioe;
696
697 COMMON_HEAD();
698
699 bzero(&io, sizeof(io));
700 io.esize = sizeof(ioe);
701 io.array = &ioe;
702
703 /* Negative size */
704 io.size = -1;
705 if (ioctl(dev, DIOCXROLLBACK, &io) == 0)
706 atf_tc_fail("request with size -1 succeeded");
707
708 /* Overflow size */
709 io.size = 1 << 30;
710 if (ioctl(dev, DIOCXROLLBACK, &io) == 0)
711 atf_tc_fail("request with size 1 << 30 succeeded");
712
713 /* NULL buffer */
714 io.size = 1;
715 io.array = NULL;
716 if (ioctl(dev, DIOCXROLLBACK, &io) == 0)
717 atf_tc_fail("request with size -1 succeeded");
718 }
719
ATF_TC_CLEANUP(cxrollback,tc)720 ATF_TC_CLEANUP(cxrollback, tc)
721 {
722 COMMON_CLEANUP();
723 }
724
725 ATF_TC_WITH_CLEANUP(commit);
ATF_TC_HEAD(commit,tc)726 ATF_TC_HEAD(commit, tc)
727 {
728 atf_tc_set_md_var(tc, "require.user", "root");
729 }
730
ATF_TC_BODY(commit,tc)731 ATF_TC_BODY(commit, tc)
732 {
733 struct pfioc_trans io;
734 struct pfioc_trans_e ioe;
735
736 COMMON_HEAD();
737
738 bzero(&io, sizeof(io));
739 io.esize = sizeof(ioe);
740 io.array = &ioe;
741
742 /* Negative size */
743 io.size = -1;
744 if (ioctl(dev, DIOCXCOMMIT, &io) == 0)
745 atf_tc_fail("request with size -1 succeeded");
746
747 /* Overflow size */
748 io.size = 1 << 30;
749 if (ioctl(dev, DIOCXCOMMIT, &io) == 0)
750 atf_tc_fail("request with size 1 << 30 succeeded");
751
752 /* NULL buffer */
753 io.size = 1;
754 io.array = NULL;
755 if (ioctl(dev, DIOCXCOMMIT, &io) == 0)
756 atf_tc_fail("request with size -1 succeeded");
757 }
758
ATF_TC_CLEANUP(commit,tc)759 ATF_TC_CLEANUP(commit, tc)
760 {
761 COMMON_CLEANUP();
762 }
763
764 ATF_TC_WITH_CLEANUP(getsrcnodes);
ATF_TC_HEAD(getsrcnodes,tc)765 ATF_TC_HEAD(getsrcnodes, tc)
766 {
767 atf_tc_set_md_var(tc, "require.user", "root");
768 }
769
ATF_TC_BODY(getsrcnodes,tc)770 ATF_TC_BODY(getsrcnodes, tc)
771 {
772 struct pfioc_src_nodes psn;
773
774 COMMON_HEAD();
775
776 bzero(&psn, sizeof(psn));
777
778 psn.psn_len = -1;
779 if (ioctl(dev, DIOCGETSRCNODES, &psn) != 0)
780 atf_tc_fail("request with size -1 failed");
781
782 psn.psn_len = 1 << 30;
783 if (ioctl(dev, DIOCGETSRCNODES, &psn) != 0)
784 atf_tc_fail("request with size << 30 failed");
785
786 psn.psn_len = 1 << 31;
787 if (ioctl(dev, DIOCGETSRCNODES, &psn) != 0)
788 atf_tc_fail("request with size << 30 failed");
789 }
790
ATF_TC_CLEANUP(getsrcnodes,tc)791 ATF_TC_CLEANUP(getsrcnodes, tc)
792 {
793 COMMON_CLEANUP();
794 }
795
796 ATF_TC_WITH_CLEANUP(tag);
ATF_TC_HEAD(tag,tc)797 ATF_TC_HEAD(tag, tc)
798 {
799 atf_tc_set_md_var(tc, "require.user", "root");
800 }
801
ATF_TC_BODY(tag,tc)802 ATF_TC_BODY(tag, tc)
803 {
804 struct pfioc_rule rule;
805
806 COMMON_HEAD();
807
808 memset(&rule, 0x42, sizeof(rule));
809
810 rule.ticket = 0;
811 rule.pool_ticket = 0;
812 rule.anchor[0] = 0;
813
814 rule.rule.return_icmp = 0;
815 bzero(&rule.rule.src, sizeof(rule.rule.src));
816 bzero(&rule.rule.dst, sizeof(rule.rule.dst));
817
818 rule.rule.ifname[0] = 0;
819 rule.rule.action = 0;
820 rule.rule.rtableid = 0;
821
822 rule.rule.tagname[0] = 0;
823
824 for (int i = 0; i < 10; i++)
825 ioctl(dev, DIOCADDRULE, &rule);
826 }
827
ATF_TC_CLEANUP(tag,tc)828 ATF_TC_CLEANUP(tag, tc)
829 {
830 COMMON_CLEANUP();
831 }
832
833 ATF_TC_WITH_CLEANUP(rpool_mtx);
ATF_TC_HEAD(rpool_mtx,tc)834 ATF_TC_HEAD(rpool_mtx, tc)
835 {
836 atf_tc_set_md_var(tc, "require.user", "root");
837 }
838
ATF_TC_BODY(rpool_mtx,tc)839 ATF_TC_BODY(rpool_mtx, tc)
840 {
841 struct pfioc_rule rule;
842
843 COMMON_HEAD();
844
845 memset(&rule, 0, sizeof(rule));
846
847 rule.ticket = 0;
848 rule.pool_ticket = 0;
849 rule.anchor[0] = 0;
850
851 rule.rule.return_icmp = 0;
852 bzero(&rule.rule.src, sizeof(rule.rule.src));
853 bzero(&rule.rule.dst, sizeof(rule.rule.dst));
854
855 rule.rule.ifname[0] = 0;
856 rule.rule.action = 0;
857 rule.rule.rtableid = 0;
858
859 rule.rule.tagname[0] = 0;
860 rule.rule.action = 42;
861
862 ioctl(dev, DIOCADDRULE, &rule);
863 }
864
ATF_TC_CLEANUP(rpool_mtx,tc)865 ATF_TC_CLEANUP(rpool_mtx, tc)
866 {
867 COMMON_CLEANUP();
868 }
869
870 ATF_TC_WITH_CLEANUP(rpool_mtx2);
ATF_TC_HEAD(rpool_mtx2,tc)871 ATF_TC_HEAD(rpool_mtx2, tc)
872 {
873 atf_tc_set_md_var(tc, "require.user", "root");
874 }
875
ATF_TC_BODY(rpool_mtx2,tc)876 ATF_TC_BODY(rpool_mtx2, tc)
877 {
878 struct pfioc_rule rule;
879
880 COMMON_HEAD();
881
882 memset(&rule, 0, sizeof(rule));
883
884 rule.pool_ticket = 1000000;
885 rule.action = PF_CHANGE_ADD_HEAD;
886 rule.rule.af = AF_INET;
887
888 ioctl(dev, DIOCCHANGERULE, &rule);
889 }
890
ATF_TC_CLEANUP(rpool_mtx2,tc)891 ATF_TC_CLEANUP(rpool_mtx2, tc)
892 {
893 COMMON_CLEANUP();
894 }
895
896
ATF_TP_ADD_TCS(tp)897 ATF_TP_ADD_TCS(tp)
898 {
899 ATF_TP_ADD_TC(tp, addtables);
900 ATF_TP_ADD_TC(tp, deltables);
901 ATF_TP_ADD_TC(tp, gettables);
902 ATF_TP_ADD_TC(tp, getastats);
903 ATF_TP_ADD_TC(tp, gettstats);
904 ATF_TP_ADD_TC(tp, clrtstats);
905 ATF_TP_ADD_TC(tp, settflags);
906 ATF_TP_ADD_TC(tp, addaddrs);
907 ATF_TP_ADD_TC(tp, deladdrs);
908 ATF_TP_ADD_TC(tp, setaddrs);
909 ATF_TP_ADD_TC(tp, getaddrs);
910 ATF_TP_ADD_TC(tp, clrastats);
911 ATF_TP_ADD_TC(tp, tstaddrs);
912 ATF_TP_ADD_TC(tp, inadefine);
913 ATF_TP_ADD_TC(tp, igetifaces);
914 ATF_TP_ADD_TC(tp, cxbegin);
915 ATF_TP_ADD_TC(tp, cxrollback);
916 ATF_TP_ADD_TC(tp, commit);
917 ATF_TP_ADD_TC(tp, getsrcnodes);
918 ATF_TP_ADD_TC(tp, tag);
919 ATF_TP_ADD_TC(tp, rpool_mtx);
920 ATF_TP_ADD_TC(tp, rpool_mtx2);
921
922 return (atf_no_error());
923 }
924