Merge pull request #280 from kmaglione/unlisted-signing

[WIP] Add support for validating unlisted add-ons as gatekeeper for auto...

.travis.yml

@@ -11,7 +11,7 @@ before_install:
 install:
   - pip install tox
 script:
-  - SPIDERMONKEY_INSTALLATION=`pwd`/spidermonkey/js tox -v -e $TOX_ENV --recreate
+  - tox -v -e $TOX_ENV --recreate
 notifications:
   irc:
     channels:

tests/compat/test_gecko30.py

@@ -28,11 +28,6 @@ def test_pattern(self, pat):
         yield (test_pattern, self,
                "resource://gre/modules/SpellCheckDictionaryBootstrap.js")
 
-    def test_setting__proto__(self):
-        self.run_script_for_compat("var myObj = {}; myObj.__proto__ = {};")
-        self.assert_silent()
-        self.assert_compat_warning(type_="warning")
-
     def test_reading__proto__(self):
         self.run_script_for_compat("console.log(myObj.__proto__.foo);")
         self.assert_silent()

tests/helper.py

@@ -1,3 +1,4 @@
+import collections
 import sys
 
 from validator.submain import populate_chrome_manifest
@@ -78,30 +79,45 @@ def setup_err(self, for_appversions=None):
             self.err.detected_Type = self.detected_type
 
     def assert_failed(self, with_errors=False, with_warnings=None):
-        """First, asserts that the error bundle registers a failure
-        (recognizing whether warnings are acknowledged). Second, if
-        `with_errors`is True, the presence of errors is asserted. If it is not
-        true (default), it is tested that errors are not present. If
-        `with_warnings` is not None, the presence of warnings is tested just
-        like `with_errors`.
-
+        """
+        Asserts that the error bundle has registered a failure. If
+        `with_warnings` is any true value, or `None`, a warning is
+        considered a failure.
+
+        `with_warnings` or `with_errors` may be any of the following:
+
+        * True: Messages of this type must be present.
+        * False: Messages of this type must not be present.
+        * None: Messages of this type may or may not be present.
+        * Iterable of dicts: For dict returned by the iterator, at least
+        one message must have a matching item for every key/value pair in the
+        dict.
         """
         assert self.err.failed(
             fail_on_warnings=with_warnings or with_warnings is None), \
-                "Test did not fail; failure was expected."
-
-        if with_errors:
-            assert self.err.errors, "Errors were expected."
-        elif self.err.errors:
-            raise AssertionError("Tests found unexpected errors: %s" %
-                                self.err.print_summary(verbose=True))
-
-        if with_warnings is not None:
-            if with_warnings:
-                assert self.err.warnings, "Warnings were expected."
-            elif self.err.warnings:
-                raise ("Tests found unexpected warnings: %s" %
-                           self.err.print_summary())
+            "Test did not fail; failure was expected."
+
+        def find_message(messages, props):
+            # Returns true if any message in messages has all of the
+            # key/value pairs in props.
+            return any(set(props.iteritems()) <= set(message.iteritems())
+                       for message in messages)
+
+        def test_messages(mtype, expected):
+            messages = getattr(self.err, mtype)
+
+            if isinstance(expected, collections.Iterable):
+                assert all(find_message(messages, props)
+                           for props in expected)
+            elif expected:
+                assert messages, "Expected %s." % mtype
+            elif expected is not None:
+                assert not messages, ("Tests found unexpected %s: %s" %
+                                      mtype,
+                                      self.err.print_summary(verbose=True))
+
+        test_messages('errors', with_errors)
+        test_messages('warnings', with_warnings)
 
     def assert_notices(self):
         """Assert that notices have been generated during the validation

tests/resources/installrdf/shouldnt_exist.rdf

@@ -8,6 +8,7 @@
 	<em:type>2</em:type>
 
 	<em:updateURL>true</em:updateURL>
+	<em:updateKey>meh</em:updateKey>
 
 	<em:id>bastatestapp1@basta.mozilla.com</em:id>
 	<em:version>1.2.3.4</em:version>

tests/test_chromemanifest_testcases.py

@@ -1,3 +1,5 @@
+from nose.tools import eq_
+
 import validator.testcases.chromemanifest as tc_chromemanifest
 from validator.errorbundler import ErrorBundle
 from validator.chromemanifest import ChromeManifest
@@ -37,6 +39,15 @@ def test_js_categories_gecko2():
     tc_chromemanifest.test_categories(err)
     assert err.failed()
 
+    warning = {"id": ("testcases_chromemanifest", "test_resourcemodules",
+                      "resource_modules"),
+               "message": "Potentially dangerous category entry",
+               "signing_severity": "medium",
+               "editors_only": True}
+    msg = err.warnings[0]
+    for key, value in warning.iteritems():
+        eq_(msg[key], value)
+
 
 def test_js_categories_gecko1():
     """Test that JS categories raise problems for space-delimited values."""

tests/test_js_functions.py

@@ -57,6 +57,38 @@ def test_createElement():
     document.createElement();
     """)
 
+def test_enablePrivilege():
+    """Tests that enablePrivilege throws a warning."""
+
+    err = _do_test_raw("""
+        netscape.security.PrivilegeManager.enablePrivilege()
+    """)
+    assert err.warnings
+
+    eq_(err.warnings[0]["id"],
+        ("js", "traverser", "dangerous_global"))
+    eq_(err.warnings[0]["signing_severity"], "high")
+
+def test_privileged_unprivileged_interaction():
+    """Tests that functions which may lead to privilege escalation are
+    detected."""
+
+    for meth in "cloneInto", "exportFunction":
+        err = _do_test_raw("""
+            Cu.%s(foo)
+        """ % meth)
+        assert err.warnings
+
+        eq_(err.warnings[0]["id"],
+            ("js", "traverser", "dangerous_global"))
+        eq_(err.warnings[0]["signing_severity"], "low")
+
+    for form in ("var obj = { __exposedProps__: {} };",
+                 "var obj = {}; obj.__exposedProps__ = {};"):
+        err = _do_test_raw(form)
+        assert err.warnings
+        eq_(err.warnings[0]["signing_severity"], "high")
+
 def test_synchronous_xhr():
     "Tests that syncrhonous AJAX requests are marked as dangerous"
 

tests/test_js_instanceactions.py

@@ -92,7 +92,7 @@ def test_setAttribute():
     assert _do_test_raw("""
     var x = "foo";
     x.setAttribute("onfoo", "bar");
-    """).notices
+    """).failed()
 
 
 def test_callexpression_argument_traversal():

tests/test_js_instanceproperties.py

@@ -1,4 +1,5 @@
 from mock import patch
+from nose.tools import eq_
 
 from validator.compat import FX18_DEFINITION
 
@@ -98,10 +99,11 @@ def test_on_event():
     x.onclick = function() {};
     """).failed()
 
-    assert _do_test_raw("""
-    var x = foo();
-    x.onclick = "bar";
-    """).failed()
+    err = _do_test_raw("""
+    x.attr({ onclick: "bar" });
+    """)
+    assert err.failed()
+    eq_(err.warnings[0]["signing_severity"], "medium")
 
 
 def test_on_event_null():