t/t4139-apply-escape.sh at reftables-rust

freshlybakedca.ke / git
fork atom
Git fork
fork atom
git / t / t4139-apply-escape.sh
at reftables-rust 142 lines 3.2 kB view raw
wrap content
Patrick Steinhardt t: remove TEST_PASSES_SANITIZE_LEAK annotations 1y ago
fc1ddf42
  1#!/bin/sh
  2
  3test_description='paths written by git-apply cannot escape the working tree'
  4
  5. ./test-lib.sh
  6
  7# tests will try to write to ../foo, and we do not
  8# want them to escape the trash directory when they
  9# fail
 10test_expect_success 'bump git repo one level down' '
 11	mkdir inside &&
 12	mv .git inside/ &&
 13	cd inside
 14'
 15
 16# $1 = name of file
 17# $2 = current path to file (if different)
 18mkpatch_add () {
 19	rm -f "${2:-$1}" &&
 20	cat <<-EOF
 21	diff --git a/$1 b/$1
 22	new file mode 100644
 23	index 0000000..53c74cd
 24	--- /dev/null
 25	+++ b/$1
 26	@@ -0,0 +1 @@
 27	+evil
 28	EOF
 29}
 30
 31mkpatch_del () {
 32	echo evil >"${2:-$1}" &&
 33	cat <<-EOF
 34	diff --git a/$1 b/$1
 35	deleted file mode 100644
 36	index 53c74cd..0000000
 37	--- a/$1
 38	+++ /dev/null
 39	@@ -1 +0,0 @@
 40	-evil
 41	EOF
 42}
 43
 44# $1 = name of file
 45# $2 = content of symlink
 46mkpatch_symlink () {
 47	rm -f "$1" &&
 48	cat <<-EOF
 49	diff --git a/$1 b/$1
 50	new file mode 120000
 51	index 0000000..$(printf "%s" "$2" | git hash-object --stdin)
 52	--- /dev/null
 53	+++ b/$1
 54	@@ -0,0 +1 @@
 55	+$2
 56	\ No newline at end of file
 57	EOF
 58}
 59
 60test_expect_success 'cannot create file containing ..' '
 61	mkpatch_add ../foo >patch &&
 62	test_must_fail git apply patch &&
 63	test_path_is_missing ../foo
 64'
 65
 66test_expect_success 'can create file containing .. with --unsafe-paths' '
 67	mkpatch_add ../foo >patch &&
 68	git apply --unsafe-paths patch &&
 69	test_path_is_file ../foo
 70'
 71
 72test_expect_success  'cannot create file containing .. (index)' '
 73	mkpatch_add ../foo >patch &&
 74	test_must_fail git apply --index patch &&
 75	test_path_is_missing ../foo
 76'
 77
 78test_expect_success  'cannot create file containing .. with --unsafe-paths (index)' '
 79	mkpatch_add ../foo >patch &&
 80	test_must_fail git apply --index --unsafe-paths patch &&
 81	test_path_is_missing ../foo
 82'
 83
 84test_expect_success 'cannot delete file containing ..' '
 85	mkpatch_del ../foo >patch &&
 86	test_must_fail git apply patch &&
 87	test_path_is_file ../foo
 88'
 89
 90test_expect_success 'can delete file containing .. with --unsafe-paths' '
 91	mkpatch_del ../foo >patch &&
 92	git apply --unsafe-paths patch &&
 93	test_path_is_missing ../foo
 94'
 95
 96test_expect_success 'cannot delete file containing .. (index)' '
 97	mkpatch_del ../foo >patch &&
 98	test_must_fail git apply --index patch &&
 99	test_path_is_file ../foo
100'
101
102test_expect_success SYMLINKS 'symlink escape via ..' '
103	{
104		mkpatch_symlink tmp .. &&
105		mkpatch_add tmp/foo ../foo
106	} >patch &&
107	test_must_fail git apply patch &&
108	test_path_is_missing tmp &&
109	test_path_is_missing ../foo
110'
111
112test_expect_success SYMLINKS 'symlink escape via .. (index)' '
113	{
114		mkpatch_symlink tmp .. &&
115		mkpatch_add tmp/foo ../foo
116	} >patch &&
117	test_must_fail git apply --index patch &&
118	test_path_is_missing tmp &&
119	test_path_is_missing ../foo
120'
121
122test_expect_success SYMLINKS 'symlink escape via absolute path' '
123	{
124		mkpatch_symlink tmp "$(pwd)" &&
125		mkpatch_add tmp/foo ../foo
126	} >patch &&
127	test_must_fail git apply patch &&
128	test_path_is_missing tmp &&
129	test_path_is_missing ../foo
130'
131
132test_expect_success SYMLINKS 'symlink escape via absolute path (index)' '
133	{
134		mkpatch_symlink tmp "$(pwd)" &&
135		mkpatch_add tmp/foo ../foo
136	} >patch &&
137	test_must_fail git apply --index patch &&
138	test_path_is_missing tmp &&
139	test_path_is_missing ../foo
140'
141
142test_done