124 lines
5 KiB
C++
124 lines
5 KiB
C++
// Copyright (c) Microsoft Corporation.
|
|
// Licensed under the MIT license.
|
|
//
|
|
// A series of tests for the TerminalPage::_isTrustedCommandline function.
|
|
// That's a heuristic function for deciding if we should automatically trust
|
|
// certain commandlines by default. The logic in there is weird and there are
|
|
// lots of edge cases, so it's easier to just write a unit test.
|
|
|
|
#include "pch.h"
|
|
|
|
#include "../TerminalApp/TerminalPage.h"
|
|
|
|
using namespace Microsoft::Console;
|
|
using namespace TerminalApp;
|
|
using namespace winrt::TerminalApp;
|
|
using namespace winrt::Microsoft::Terminal::Settings::Model;
|
|
|
|
using namespace WEX::Logging;
|
|
using namespace WEX::TestExecution;
|
|
using namespace WEX::Common;
|
|
|
|
using namespace winrt::Windows::ApplicationModel::DataTransfer;
|
|
using namespace winrt::Windows::Foundation::Collections;
|
|
using namespace winrt::Windows::System;
|
|
using namespace winrt::Windows::UI::Xaml;
|
|
using namespace winrt::Windows::UI::Xaml::Controls;
|
|
using namespace winrt::Windows::UI::Core;
|
|
using namespace winrt::Windows::UI::Text;
|
|
|
|
namespace winrt
|
|
{
|
|
namespace MUX = Microsoft::UI::Xaml;
|
|
namespace WUX = Windows::UI::Xaml;
|
|
using IInspectable = Windows::Foundation::IInspectable;
|
|
}
|
|
|
|
namespace TerminalAppLocalTests
|
|
{
|
|
class TrustCommandlineTests
|
|
{
|
|
BEGIN_TEST_CLASS(TrustCommandlineTests)
|
|
END_TEST_CLASS()
|
|
|
|
TEST_METHOD(SimpleTests);
|
|
TEST_METHOD(TestCommandlineWithArgs);
|
|
TEST_METHOD(TestCommandlineWithSpaces);
|
|
TEST_METHOD(TestCommandlineWithEnvVars);
|
|
TEST_METHOD(WslTests);
|
|
TEST_METHOD(TestPwshLocation);
|
|
|
|
bool trust(std::wstring_view cmdline);
|
|
};
|
|
|
|
bool TrustCommandlineTests::trust(std::wstring_view cmdline)
|
|
{
|
|
return implementation::TerminalPage::_isTrustedCommandline(cmdline);
|
|
}
|
|
|
|
void TrustCommandlineTests::SimpleTests()
|
|
{
|
|
VERIFY_IS_TRUE(trust(L"C:\\Windows\\System32\\cmd.exe"));
|
|
VERIFY_IS_TRUE(trust(L"C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe"));
|
|
VERIFY_IS_FALSE(trust(L"C:\\Windows\\System32\\i-definitely-don't-exist.exe"));
|
|
|
|
Log::Comment(L"These are not fully qualified, and _shouldn't_ be trusted");
|
|
VERIFY_IS_FALSE(trust(L"cmd.exe"));
|
|
VERIFY_IS_FALSE(trust(L"powershell.exe"));
|
|
}
|
|
|
|
void TrustCommandlineTests::TestCommandlineWithArgs()
|
|
{
|
|
Log::Comment(L"These are sneaky things that _shouldn't_ be trusted");
|
|
VERIFY_IS_FALSE(trust(L"C:\\Windows\\System32\\cmd.exe /k echo Boo!"));
|
|
VERIFY_IS_FALSE(trust(L"C:\\Windows\\System32\\cmd.exe /k echo Boo! & cmd.exe"));
|
|
}
|
|
|
|
void TrustCommandlineTests::TestCommandlineWithSpaces()
|
|
{
|
|
Log::Comment(L"This is a valid place for powershell to live, and the space can be tricky");
|
|
VERIFY_IS_TRUE(trust(L"C:\\Program Files\\PowerShell\\7\\pwsh.exe"));
|
|
|
|
Log::Comment(L"These are sneaky things that _shouldn't_ be trusted");
|
|
VERIFY_IS_FALSE(trust(L"C:\\Windows\\System 32\\cmd.exe"));
|
|
VERIFY_IS_FALSE(trust(L"C:\\Windows\\System32\\ cmd.exe"));
|
|
VERIFY_IS_FALSE(trust(L"C:\\Windows\\System32\\cmd.exe /c cmd.exe"));
|
|
}
|
|
|
|
void TrustCommandlineTests::TestCommandlineWithEnvVars()
|
|
{
|
|
Log::Comment(L"Make sure we auto-expand environment variables");
|
|
|
|
VERIFY_IS_TRUE(trust(L"%WINDIR%\\system32\\cmd.exe"));
|
|
VERIFY_IS_TRUE(trust(L"%WINDIR%\\system32\\WindowsPowerShell\\v1.0\\powershell.exe"));
|
|
VERIFY_IS_TRUE(trust(L"%ProgramFiles%\\PowerShell\\7\\pwsh.exe"));
|
|
}
|
|
|
|
void TrustCommandlineTests::WslTests()
|
|
{
|
|
Log::Comment(L"We are explicitly deciding to not auto-approve "
|
|
L"`wsl.exe -d distro`-like commandlines. If we change this"
|
|
L" policy, remove this test.");
|
|
|
|
VERIFY_IS_FALSE(trust(L"C:\\Windows\\System32\\wsl"));
|
|
VERIFY_IS_TRUE(trust(L"C:\\Windows\\System32\\wsl.exe"), L"This we will trust though, since it's an exe in system32");
|
|
VERIFY_IS_FALSE(trust(L"C:\\Windows\\System32\\wsl.exe -d Ubuntu"));
|
|
VERIFY_IS_FALSE(trust(L"wsl.exe"));
|
|
}
|
|
|
|
void TrustCommandlineTests::TestPwshLocation()
|
|
{
|
|
Log::Comment(L"Test various locations that pwsh.exe can be in");
|
|
|
|
VERIFY_IS_TRUE(trust(L"%ProgramFiles%\\PowerShell\\7\\pwsh.exe"));
|
|
VERIFY_IS_TRUE(trust(L"%LOCALAPPDATA%\\Microsoft\\WindowsApps\\pwsh.exe"));
|
|
VERIFY_IS_TRUE(trust(L"%ProgramFiles%\\PowerShell\\10\\pwsh.exe"));
|
|
VERIFY_IS_TRUE(trust(L"%ProgramFiles%\\PowerShell\\7.1.5\\pwsh.exe"));
|
|
|
|
Log::Comment(L"These are sneaky things that _shouldn't_ be trusted");
|
|
VERIFY_IS_FALSE(trust(L"%ProgramFiles%\\PowerShell\\7\\pwsh.exe bad-stuff pwsh.exe"));
|
|
VERIFY_IS_FALSE(trust(L"%ProgramFiles%\\PowerShell\\7\\pwsh.exe bad-stuff c:\\pwsh.exe"));
|
|
VERIFY_IS_FALSE(trust(L"%ProgramFiles%\\PowerShell\\7\\pwsh.exe bad-stuff c:\\ %ProgramFiles%\\PowerShell\\7\\pwsh.exe"));
|
|
}
|
|
}
|