You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
143 lines
3.1 KiB
143 lines
3.1 KiB
#!/bin/sh |
|
|
|
test_description='paths written by git-apply cannot escape the working tree' |
|
|
|
TEST_PASSES_SANITIZE_LEAK=true |
|
. ./test-lib.sh |
|
|
|
# tests will try to write to ../foo, and we do not |
|
# want them to escape the trash directory when they |
|
# fail |
|
test_expect_success 'bump git repo one level down' ' |
|
mkdir inside && |
|
mv .git inside/ && |
|
cd inside |
|
' |
|
|
|
# $1 = name of file |
|
# $2 = current path to file (if different) |
|
mkpatch_add () { |
|
rm -f "${2:-$1}" && |
|
cat <<-EOF |
|
diff --git a/$1 b/$1 |
|
new file mode 100644 |
|
index 0000000..53c74cd |
|
--- /dev/null |
|
+++ b/$1 |
|
@@ -0,0 +1 @@ |
|
+evil |
|
EOF |
|
} |
|
|
|
mkpatch_del () { |
|
echo evil >"${2:-$1}" && |
|
cat <<-EOF |
|
diff --git a/$1 b/$1 |
|
deleted file mode 100644 |
|
index 53c74cd..0000000 |
|
--- a/$1 |
|
+++ /dev/null |
|
@@ -1 +0,0 @@ |
|
-evil |
|
EOF |
|
} |
|
|
|
# $1 = name of file |
|
# $2 = content of symlink |
|
mkpatch_symlink () { |
|
rm -f "$1" && |
|
cat <<-EOF |
|
diff --git a/$1 b/$1 |
|
new file mode 120000 |
|
index 0000000..$(printf "%s" "$2" | git hash-object --stdin) |
|
--- /dev/null |
|
+++ b/$1 |
|
@@ -0,0 +1 @@ |
|
+$2 |
|
\ No newline at end of file |
|
EOF |
|
} |
|
|
|
test_expect_success 'cannot create file containing ..' ' |
|
mkpatch_add ../foo >patch && |
|
test_must_fail git apply patch && |
|
test_path_is_missing ../foo |
|
' |
|
|
|
test_expect_success 'can create file containing .. with --unsafe-paths' ' |
|
mkpatch_add ../foo >patch && |
|
git apply --unsafe-paths patch && |
|
test_path_is_file ../foo |
|
' |
|
|
|
test_expect_success 'cannot create file containing .. (index)' ' |
|
mkpatch_add ../foo >patch && |
|
test_must_fail git apply --index patch && |
|
test_path_is_missing ../foo |
|
' |
|
|
|
test_expect_success 'cannot create file containing .. with --unsafe-paths (index)' ' |
|
mkpatch_add ../foo >patch && |
|
test_must_fail git apply --index --unsafe-paths patch && |
|
test_path_is_missing ../foo |
|
' |
|
|
|
test_expect_success 'cannot delete file containing ..' ' |
|
mkpatch_del ../foo >patch && |
|
test_must_fail git apply patch && |
|
test_path_is_file ../foo |
|
' |
|
|
|
test_expect_success 'can delete file containing .. with --unsafe-paths' ' |
|
mkpatch_del ../foo >patch && |
|
git apply --unsafe-paths patch && |
|
test_path_is_missing ../foo |
|
' |
|
|
|
test_expect_success 'cannot delete file containing .. (index)' ' |
|
mkpatch_del ../foo >patch && |
|
test_must_fail git apply --index patch && |
|
test_path_is_file ../foo |
|
' |
|
|
|
test_expect_success SYMLINKS 'symlink escape via ..' ' |
|
{ |
|
mkpatch_symlink tmp .. && |
|
mkpatch_add tmp/foo ../foo |
|
} >patch && |
|
test_must_fail git apply patch && |
|
test_path_is_missing tmp && |
|
test_path_is_missing ../foo |
|
' |
|
|
|
test_expect_success SYMLINKS 'symlink escape via .. (index)' ' |
|
{ |
|
mkpatch_symlink tmp .. && |
|
mkpatch_add tmp/foo ../foo |
|
} >patch && |
|
test_must_fail git apply --index patch && |
|
test_path_is_missing tmp && |
|
test_path_is_missing ../foo |
|
' |
|
|
|
test_expect_success SYMLINKS 'symlink escape via absolute path' ' |
|
{ |
|
mkpatch_symlink tmp "$(pwd)" && |
|
mkpatch_add tmp/foo ../foo |
|
} >patch && |
|
test_must_fail git apply patch && |
|
test_path_is_missing tmp && |
|
test_path_is_missing ../foo |
|
' |
|
|
|
test_expect_success SYMLINKS 'symlink escape via absolute path (index)' ' |
|
{ |
|
mkpatch_symlink tmp "$(pwd)" && |
|
mkpatch_add tmp/foo ../foo |
|
} >patch && |
|
test_must_fail git apply --index patch && |
|
test_path_is_missing tmp && |
|
test_path_is_missing ../foo |
|
' |
|
|
|
test_done
|
|
|