Add a test to verify ftruncate() in the Mac sandbox.

Prior to macOS 10.15, an inherited, open, writable FD could not be
ftruncate()d without an explicit sandbox rule. This verifies that
behavior and will catch any regressions in the future.

Bug: 1084565
Change-Id: I9b3d6b0f3b8e9cb1a02f975b33e16501482f23f2
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2451315Reviewed-by: Sébastien Marchand <sebmarchand@chromium.org>
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#814336}

sandbox/mac/sandbox_mac_compiler_unittest.mm

@@ -7,7 +7,12 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
+#include "base/files/file.h"
+#include "base/files/scoped_temp_dir.h"
+#include "base/mac/mac_util.h"
+#include "base/posix/eintr_wrapper.h"
 #include "base/process/kill.h"
+#include "base/strings/string_number_conversions.h"
 #include "base/test/multiprocess_test.h"
 #include "base/test/test_timeouts.h"
 #include "sandbox/mac/sandbox_compiler.h"
@@ -183,4 +188,67 @@ TEST_F(SandboxMacCompilerTest, SandboxCheckTest) {
   EXPECT_EQ(exit_code, 0);
 }
 
+MULTIPROCESS_TEST_MAIN(Ftruncate) {
+  std::string profile = "(version 1)"
+                        "(deny default (with no-log))";
+  SandboxCompiler compiler(profile);
+  std::string error;
+  CHECK(compiler.CompileAndApplyProfile(&error)) << error;
+
+  std::unique_ptr<base::Environment> env = base::Environment::Create();
+
+  std::string fd_string;
+  CHECK(env->GetVar("FD_TO_TRUNCATE", &fd_string));
+
+  int fd;
+  CHECK(base::StringToInt(fd_string, &fd));
+
+  const char kTestBuf[] = "hello";
+  CHECK_EQ(static_cast<ssize_t>(strlen(kTestBuf)),
+           HANDLE_EINTR(write(fd, kTestBuf, strlen(kTestBuf))));
+
+  return ftruncate(fd, 0) == 0 ? 0 : 15;
+}
+
+// Tests ftruncate() behavior on an inherited, open, writable FD. Prior to
+// macOS 10.15, the sandbox did not permit ftruncate (but it did permit regular
+// writing) on such FDs. This verifies the behavior before, on, and after macOS
+// 10.15. See https://crbug.com/1084565 for details.
+TEST_F(SandboxMacCompilerTest, Ftruncate) {
+  base::ScopedTempDir temp_dir;
+  ASSERT_TRUE(temp_dir.CreateUniqueTempDir());
+
+  base::File file(
+      temp_dir.GetPath().Append("file.txt"),
+      base::File::FLAG_CREATE | base::File::FLAG_READ | base::File::FLAG_WRITE);
+  ASSERT_TRUE(file.IsValid());
+
+  const std::string contents =
+      "Wouldn't it be nice to be able to use ftruncate?\n";
+  EXPECT_EQ(static_cast<int>(contents.length()),
+            file.WriteAtCurrentPos(contents.data(), contents.length()));
+  EXPECT_EQ(static_cast<int64_t>(contents.length()), file.GetLength());
+
+  base::PlatformFile fd = file.GetPlatformFile();
+
+  base::LaunchOptions options;
+  options.fds_to_remap.emplace_back(fd, fd);
+  options.environment["FD_TO_TRUNCATE"] = base::NumberToString(fd);
+
+  base::Process process = SpawnChildWithOptions("Ftruncate", options);
+  ASSERT_TRUE(process.IsValid());
+
+  int exit_code = 42;
+  EXPECT_TRUE(process.WaitForExitWithTimeout(TestTimeouts::action_max_timeout(),
+                                             &exit_code));
+
+  if (base::mac::IsAtLeastOS10_15()) {
+    EXPECT_EQ(0, exit_code);
+    EXPECT_EQ(0, file.GetLength());
+  } else {
+    EXPECT_EQ(15, exit_code);
+    EXPECT_GT(file.GetLength(), static_cast<int64_t>(contents.length()));
+  }
+}
+
 }  // namespace sandbox