From 9c5928b5aa3716f7441694da24982cecacb7a061 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bartek=20Iwa=C5=84czuk?= <biwanczuk@gmail.com>
Date: Sun, 17 Apr 2022 17:47:24 +0200
Subject: fix: panic when trying to pledge permissions before restoring
 previous pledge (#14306)

This commit fixes and edge case, where testing/benching code could pledge new
permission set before restoring the previous pledge.

Appropriate panics were added and tests that assert that process is killed
in case of "recursive pledge".
---
 cli/ops/testing.rs | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'cli/ops/testing.rs')

diff --git a/cli/ops/testing.rs b/cli/ops/testing.rs
index 16544dd98..3a57d307b 100644
--- a/cli/ops/testing.rs
+++ b/cli/ops/testing.rs
@@ -122,6 +122,9 @@ pub fn op_pledge_test_permissions(
   let worker_permissions = create_child_permissions(parent_permissions, args)?;
   let parent_permissions = parent_permissions.clone();
 
+  if state.try_take::<PermissionsHolder>().is_some() {
+    panic!("pledge test permissions called before restoring previous pledge");
+  }
   state.put::<PermissionsHolder>(PermissionsHolder(token, parent_permissions));
 
   // NOTE: This call overrides current permission set for the worker
-- 
cgit v1.2.3