aboutsummaryrefslogtreecommitdiff
path: root/testsuite
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2017-07-24 17:20:13 +0200
committerDenys Vlasenko <vda.linux@googlemail.com>2017-07-24 17:20:13 +0200
commitb920a38dc0a87f5884444d4731a8b887b5e16018 (patch)
tree5d845976a9471e705183db9afbbe7885e9070b52 /testsuite
parentc810978552bc0133ba723ababaa178c8d53256e1 (diff)
downloadbusybox-b920a38dc0a87f5884444d4731a8b887b5e16018.tar.gz
tar: postpone creation of symlinks with "suspicious" targets. Closes 8411
function old new delta data_extract_all 968 1038 +70 tar_main 952 986 +34 scan_tree 258 262 +4 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 3/0 up/down: 108/0) Total: 108 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'testsuite')
-rwxr-xr-xtestsuite/tar.tests65
1 files changed, 54 insertions, 11 deletions
diff --git a/testsuite/tar.tests b/testsuite/tar.tests
index 9f7ce1587..1675b07b1 100755
--- a/testsuite/tar.tests
+++ b/testsuite/tar.tests
@@ -10,9 +10,6 @@ unset LC_COLLATE
unset LC_ALL
umask 022
-rm -rf tar.tempdir 2>/dev/null
-mkdir tar.tempdir && cd tar.tempdir || exit 1
-
# testing "test name" "script" "expected result" "file input" "stdin"
testing "Empty file is not a tarball" '\
@@ -53,6 +50,7 @@ dd if=/dev/zero bs=512 count=20 2>/dev/null | tar xvf - 2>&1; echo $?
"" ""
SKIP=
+mkdir tar.tempdir && cd tar.tempdir || exit 1
# "tar cf test.tar input input_dir/ input_hard1 input_hard2 input_hard1 input_dir/ input":
# GNU tar 1.26 records as hardlinks:
# input_hard2 -> input_hard1
@@ -64,7 +62,6 @@ SKIP=
# We also don't use "hrw-r--r--" notation for hardlinks in "tar tv" listing.
optional FEATURE_TAR_CREATE FEATURE_LS_SORTFILES
testing "tar hardlinks and repeated files" '\
-rm -rf input_* test.tar 2>/dev/null
>input_hard1
ln input_hard1 input_hard2
mkdir input_dir
@@ -95,10 +92,11 @@ drwxr-xr-x input_dir
" \
"" ""
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
optional FEATURE_TAR_CREATE FEATURE_LS_SORTFILES
testing "tar hardlinks mode" '\
-rm -rf input_* test.tar 2>/dev/null
>input_hard1
chmod 741 input_hard1
ln input_hard1 input_hard2
@@ -128,10 +126,11 @@ Ok: 0
" \
"" ""
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
optional FEATURE_TAR_CREATE FEATURE_LS_SORTFILES
testing "tar symlinks mode" '\
-rm -rf input_* test.tar 2>/dev/null
>input_file
chmod 741 input_file
ln -s input_file input_soft
@@ -159,10 +158,11 @@ lrwxrwxrwx input_file
" \
"" ""
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
optional FEATURE_TAR_CREATE FEATURE_TAR_LONG_OPTIONS
testing "tar --overwrite" "\
-rm -rf input_* test.tar 2>/dev/null
ln input input_hard
tar cf test.tar input_hard
echo WRONG >input
@@ -174,12 +174,13 @@ Ok
" \
"Ok\n" ""
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
test x"$SKIP_KNOWN_BUGS" = x"" && {
# Needs to be run under non-root for meaningful test
optional FEATURE_TAR_CREATE
testing "tar writing into read-only dir" '\
-rm -rf input_* test.tar 2>/dev/null
mkdir input_dir
>input_dir/input_file
chmod 550 input_dir
@@ -201,7 +202,9 @@ dr-xr-x--- input_dir
"" ""
SKIP=
}
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
# Had a bug where on extract autodetect first "switched off" -z
# and then failed to recognize .tgz extension
optional FEATURE_TAR_CREATE FEATURE_SEAMLESS_GZ GUNZIP
@@ -217,7 +220,9 @@ Ok
" \
"" ""
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
# Do we detect XZ-compressed data (even w/o .tar.xz or txz extension)?
# (the uuencoded hello_world.txz contains one empty file named "hello_world")
optional UUDECODE FEATURE_TAR_AUTODETECT FEATURE_SEAMLESS_XZ
@@ -236,7 +241,9 @@ AAAEWVo=
====
"
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
# On extract, everything up to and including last ".." component is stripped
optional FEATURE_TAR_CREATE
testing "tar strips /../ on extract" "\
@@ -255,7 +262,9 @@ Ok
" \
"" ""
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
# attack.tar.bz2 has symlink pointing to a system file
# followed by a regular file with the same name
# containing "root::0:0::/root:/bin/sh":
@@ -270,6 +279,7 @@ optional UUDECODE FEATURE_TAR_AUTODETECT FEATURE_SEAMLESS_BZ2
testing "tar does not extract into symlinks" "\
>>/tmp/passwd && uudecode -o input && tar xf input 2>&1 && rm passwd; cat /tmp/passwd; echo \$?
" "\
+tar: can't create symlink 'passwd' to '/tmp/passwd'
0
" \
"" "\
@@ -281,12 +291,15 @@ l4/V8LDoe90yiWJhOJvIypgEfxdyRThQkBVn/bI=
====
"
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+
+mkdir tar.tempdir && cd tar.tempdir || exit 1
# And same with -k
optional UUDECODE FEATURE_TAR_AUTODETECT FEATURE_SEAMLESS_BZ2
testing "tar -k does not extract into symlinks" "\
>>/tmp/passwd && uudecode -o input && tar xf input -k 2>&1 && rm passwd; cat /tmp/passwd; echo \$?
" "\
-tar: can't open 'passwd': File exists
+tar: can't create symlink 'passwd' to '/tmp/passwd'
0
" \
"" "\
@@ -298,7 +311,9 @@ l4/V8LDoe90yiWJhOJvIypgEfxdyRThQkBVn/bI=
====
"
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
+mkdir tar.tempdir && cd tar.tempdir || exit 1
optional UNICODE_SUPPORT FEATURE_TAR_GNU_EXTENSIONS FEATURE_SEAMLESS_BZ2 FEATURE_TAR_AUTODETECT
testing "Pax-encoded UTF8 names and symlinks" '\
tar xvf ../tar.utf8.tar.bz2 2>&1; echo $?
@@ -318,8 +333,36 @@ etc/ssl/certs/f80cc7f6.0 -> EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem
" \
"" ""
SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
-
-cd .. && rm -rf tar.tempdir || exit 1
+mkdir tar.tempdir && cd tar.tempdir || exit 1
+optional FEATURE_SEAMLESS_BZ2 FEATURE_TAR_AUTODETECT
+testing "Symlink attack: create symlink and then write through it" '\
+exec 2>&1
+uudecode -o input && tar xvf input; echo $?
+ls /tmp/bb_test_evilfile
+ls bb_test_evilfile
+ls symlink/bb_test_evilfile
+' "\
+anything.txt
+symlink
+symlink/bb_test_evilfile
+tar: can't create symlink 'symlink' to '/tmp'
+1
+ls: /tmp/bb_test_evilfile: No such file or directory
+ls: bb_test_evilfile: No such file or directory
+symlink/bb_test_evilfile
+" \
+"" "\
+begin-base64 644 tar_symlink_attack.tar.bz2
+QlpoOTFBWSZTWZgs7bQAALT/hMmQAFBAAf+AEMAGJPPv32AAAIAIMAC5thlR
+omAjAmCMADQT1BqNE0AEwAAjAEwElTKeo9NTR6h6gaeoA0DQNLVdwZZ5iNTk
+AQwCAV6S00QFJYhrlfFkVCEDEGtgNVqYrI0uK3ggnt30gqk4e1TTQm5QIAKa
+SJqzRGSFLMmOloHSAcvLiFxxRiQtQZF+qPxbo173ZDISOAoNoPN4PQPhBhKS
+n8fYaKlioCTzL2oXYczyUUIP4u5IpwoSEwWdtoA=
+====
+"
+SKIP=
+cd .. || exit 1; rm -rf tar.tempdir 2>/dev/null
exit $FAILCOUNT