diff options
Diffstat (limited to '')
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch.t | 74 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch/c-style.patch | 4 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch/ghost-hunk.patch | 7 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch/indent-header.patch | 9 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch/index-+++.patch | 4 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch/index-alone.patch | 3 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch/index-inert.patch | 8 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch/partial.patch | 3 |
8 files changed, 112 insertions, 0 deletions
diff --git a/scripts/t/Dpkg_Source_Patch.t b/scripts/t/Dpkg_Source_Patch.t new file mode 100644 index 0000000..aa5d437 --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch.t @@ -0,0 +1,74 @@ +#!/usr/bin/perl +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +use strict; +use warnings; + +use Test::More tests => 10; +use Test::Dpkg qw(:paths); + +use File::Path qw(make_path); + +BEGIN { + use_ok('Dpkg::Source::Patch'); +} + +my $datadir = test_get_data_path(); +my $tmpdir = test_get_temp_path(); + +sub test_patch_escape { + my ($name, $symlink, $patchname, $desc) = @_; + + make_path("$tmpdir/$name-tree"); + make_path("$tmpdir/$name-out"); + symlink "../$name-out", "$tmpdir/$name-tree/$symlink"; + + my $patch = Dpkg::Source::Patch->new(filename => "$datadir/$patchname"); + eval { + $patch->apply("$tmpdir/$name-tree", verbose => 0); + }; + ok(rmdir "$tmpdir/$name-out", $desc); +} + +# This is CVE-2014-0471 with GNU patch >= 2.7 +test_patch_escape('c-style-parsed', "\tmp", 'c-style.patch', + 'patch(1) prevents escape using known c-style encoded filename'); + +# This is CVE-2014-0471 with GNU patch < 2.7 +test_patch_escape('c-style-unknown', '\\tmp', 'c-style.patch', + 'patch(1) prevents escape using unknown c-style encoded filename'); + +# This is CVE-2014-3865 +test_patch_escape('index-alone', 'symlink', 'index-alone.patch', + 'patch(1) prevents escape using Index: w/o ---/+++ header'); +test_patch_escape('index-+++', 'symlink', 'index-+++.patch', + 'patch(1) prevents escape using Index: w/ only +++ header'); +test_patch_escape('index-inert', 'symlink', 'index-inert.patch', + 'patch(1) should not fail to apply using an inert Index:'); +ok(-e "$tmpdir/index-inert-tree/inert-file", + 'patch(1) applies correctly with inert Index:'); + +# This is CVE-2014-3864 +test_patch_escape('partial', 'symlink', 'partial.patch', + 'patch(1) prevents escape using partial +++ header'); + +test_patch_escape('ghost-hunk', 'symlink', 'ghost-hunk.patch', + 'patch(1) prevents escape using a disabling hunk'); + +# This is CVE-2017-8283 +test_patch_escape('indent-header', 'symlink', 'indent-header.patch', + 'patch(1) prevents escape using indented hunks'); + +1; diff --git a/scripts/t/Dpkg_Source_Patch/c-style.patch b/scripts/t/Dpkg_Source_Patch/c-style.patch new file mode 100644 index 0000000..290a640 --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch/c-style.patch @@ -0,0 +1,4 @@ +--- /dev/null ++++ "b/\tmp/c-style" +@@ -0,0 +1 @@ ++Escaped diff --git a/scripts/t/Dpkg_Source_Patch/ghost-hunk.patch b/scripts/t/Dpkg_Source_Patch/ghost-hunk.patch new file mode 100644 index 0000000..32c3efe --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch/ghost-hunk.patch @@ -0,0 +1,7 @@ +--- a/disable/partial-file ++++ b/disable/partial-file +@@ -0,0 +1,1 @@disable ++++ b/symlink/hunk-file +--- a/symlink/hunk-file +@@ -0,0 +1,1 @@ ++Escaped diff --git a/scripts/t/Dpkg_Source_Patch/indent-header.patch b/scripts/t/Dpkg_Source_Patch/indent-header.patch new file mode 100644 index 0000000..4bef008 --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch/indent-header.patch @@ -0,0 +1,9 @@ + --- /dev/null + +++ b/symlink/index-file + @@ -0,0 +1,1 @@ + +Escaped + +--- /dev/null ++++ b/dummy-file +@@ -0,0 +1,1 @@ ++Dummy to make the code see a valid hunk diff --git a/scripts/t/Dpkg_Source_Patch/index-+++.patch b/scripts/t/Dpkg_Source_Patch/index-+++.patch new file mode 100644 index 0000000..4ebc23e --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch/index-+++.patch @@ -0,0 +1,4 @@ +Index: index/symlink/index-file ++++ +@@ -0,0 +1,1 @@ ++Escaped diff --git a/scripts/t/Dpkg_Source_Patch/index-alone.patch b/scripts/t/Dpkg_Source_Patch/index-alone.patch new file mode 100644 index 0000000..904d3d1 --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch/index-alone.patch @@ -0,0 +1,3 @@ +Index: index/symlink/index-file +@@ -0,0 +1,1 @@ ++Escaped diff --git a/scripts/t/Dpkg_Source_Patch/index-inert.patch b/scripts/t/Dpkg_Source_Patch/index-inert.patch new file mode 100644 index 0000000..5d16c7d --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch/index-inert.patch @@ -0,0 +1,8 @@ +This could be a comment about the patch itself, where we could use an +Index: a/ header with /../ inside that could be interpreted as a +malicious pseudo-header, so we should not validate it, + +--- /dev/null ++++ b/inert-file +@@ -0,0 +1,1 @@ ++Inert diff --git a/scripts/t/Dpkg_Source_Patch/partial.patch b/scripts/t/Dpkg_Source_Patch/partial.patch new file mode 100644 index 0000000..0878858 --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch/partial.patch @@ -0,0 +1,3 @@ ++++ b/symlink/partial-file +@@ -0,0 +1,1 @@ ++Escaped |