X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=remote%2Fsync%2Ffiles_test.go;h=48d54fca062812974317958ae28ecbc8c77c0776;hb=4206e0dbca82f5df7d8e534f78cb737979880916;hp=39714594382445369936666719d625d4351cd820;hpb=9269fa3c94e700afc0be823f58ea473a2db8f3dc;p=safcm%2Fsafcm.git diff --git a/remote/sync/files_test.go b/remote/sync/files_test.go index 3971459..48d54fc 100644 --- a/remote/sync/files_test.go +++ b/remote/sync/files_test.go @@ -1,4 +1,4 @@ -// Copyright (C) 2021 Simon Ruderich +// Copyright (C) 2021-2022 Simon Ruderich // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by @@ -36,7 +36,7 @@ func TestSyncFiles(t *testing.T) { if err != nil { t.Fatal(err) } - defer os.Chdir(cwd) + defer os.Chdir(cwd) //nolint:errcheck err = os.RemoveAll("testdata") if err != nil { @@ -887,7 +887,7 @@ func TestSyncFile(t *testing.T) { if err != nil { t.Fatal(err) } - defer os.Chdir(cwd) + defer os.Chdir(cwd) //nolint:errcheck err = os.RemoveAll("testdata") if err != nil { @@ -963,7 +963,7 @@ func TestSyncFile(t *testing.T) { `4: files: "file" (group): will create`, `3: files: "file" (group): creating`, `4: files: "file" (group): creating temporary file ".file*"`, - `4: files: "file" (group): renaming "./.fileRND"`, + `4: files: "file" (group): renaming ".fileRND"`, }, nil, }, @@ -1116,7 +1116,7 @@ func TestSyncFile(t *testing.T) { `4: files: "file" (group): permission differs -rwxr-xr-x -> urwxr-xr-x`, `3: files: "file" (group): updating`, `4: files: "file" (group): creating temporary file ".file*"`, - `4: files: "file" (group): renaming "./.fileRND"`, + `4: files: "file" (group): renaming ".fileRND"`, }, nil, }, @@ -1174,7 +1174,7 @@ func TestSyncFile(t *testing.T) { `4: files: "file" (group): content differs`, `3: files: "file" (group): updating`, `4: files: "file" (group): creating temporary file ".file*"`, - `4: files: "file" (group): renaming "./.fileRND"`, + `4: files: "file" (group): renaming ".fileRND"`, }, nil, }, @@ -1734,7 +1734,7 @@ func TestSyncFile(t *testing.T) { `4: files: "path" (group): type differs L--------- -> ----------`, `3: files: "path" (group): updating`, `4: files: "path" (group): creating temporary file ".path*"`, - `4: files: "path" (group): renaming "./.pathRND"`, + `4: files: "path" (group): renaming ".pathRND"`, }, nil, }, @@ -1845,10 +1845,66 @@ func TestSyncFile(t *testing.T) { `3: files: "path" (group): updating`, `4: files: "path" (group): removing (due to type change)`, `4: files: "path" (group): creating temporary file ".path*"`, - `4: files: "path" (group): renaming "./.pathRND"`, + `4: files: "path" (group): renaming ".pathRND"`, }, nil, }, + { + "change: directory to file (non-empty)", + safcm.MsgSyncReq{}, + &safcm.File{ + Path: "path", + Mode: 0666, + Uid: -1, + Gid: -1, + OrigGroup: "group", + Data: []byte("content\n"), + }, + func() { + ft.CreateDirectory("path", 0777) + ft.CreateFile("path/file", "content\n", 0644) + }, + true, + []ft.File{ + root, + { + Path: "path", + Mode: fs.ModeDir | 0777, + }, + { + Path: "path/file", + Mode: 0644, + Data: []byte("content\n"), + }, + }, + safcm.MsgSyncResp{ + FileChanges: []safcm.FileChange{ + { + Path: "path", + Old: safcm.FileChangeInfo{ + Mode: fs.ModeDir | 0777, + User: user, + Uid: uid, + Group: group, + Gid: gid, + }, + New: safcm.FileChangeInfo{ + Mode: 0666, + User: user, + Uid: uid, + Group: group, + Gid: gid, + }, + }, + }, + }, + []string{ + `4: files: "path" (group): type differs d--------- -> ----------`, + `3: files: "path" (group): updating`, + `4: files: "path" (group): removing (due to type change)`, + }, + fmt.Errorf("will not replace non-empty directory, please remove manually"), + }, { "change: directory to symlink", @@ -1952,7 +2008,7 @@ func TestSyncFile(t *testing.T) { `4: files: "path" (group): type differs p--------- -> ----------`, `3: files: "path" (group): updating`, `4: files: "path" (group): creating temporary file ".path*"`, - `4: files: "path" (group): renaming "./.pathRND"`, + `4: files: "path" (group): renaming ".pathRND"`, }, nil, }, @@ -2116,6 +2172,94 @@ func TestSyncFile(t *testing.T) { nil, }, + // Symlink "attacks" + + { + "symlink in earlier path component", + safcm.MsgSyncReq{}, + &safcm.File{ + Path: "dir/file", + Mode: 0644, + Uid: -1, + Gid: -1, + OrigGroup: "group", + Data: []byte("content"), + }, + func() { + ft.CreateDirectory("tmp", 0755) + ft.CreateSymlink("dir", "tmp") + }, + false, + []ft.File{ + root, + { + Path: "dir", + Mode: fs.ModeSymlink | 0777, + Data: []byte("tmp"), + }, + { + Path: "tmp", + Mode: fs.ModeDir | 0755, + }, + }, + safcm.MsgSyncResp{}, + nil, + fmt.Errorf("symlink not permitted in path: \"dir\""), + }, + + // Border cases + + { + "relative path with leading dot", + safcm.MsgSyncReq{}, + &safcm.File{ + Path: "./dir/file", + Mode: 0644, + Uid: -1, + Gid: -1, + OrigGroup: "group", + Data: []byte("content"), + }, + func() { + ft.CreateDirectory("dir", 0755) + }, + true, + []ft.File{ + root, + { + Path: "dir", + Mode: fs.ModeDir | 0755, + }, + { + Path: "dir/file", + Mode: 0644, + Data: []byte("content"), + }, + }, + safcm.MsgSyncResp{ + FileChanges: []safcm.FileChange{ + { + Path: "./dir/file", + Created: true, + New: safcm.FileChangeInfo{ + Mode: 0644, + User: user, + Uid: uid, + Group: group, + Gid: gid, + }, + }, + }, + }, + []string{ + `4: files: "./dir/file" (group): will create`, + `3: files: "./dir/file" (group): creating`, + `4: files: "./dir/file" (group): creating temporary file "dir/.file*"`, + `4: files: "./dir/file" (group): renaming "dir/.fileRND"`, + }, + nil, + }, + // Diffs {