Browse code
Add another symlink breakout test
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Tibor Vass authored on 2014/12/04 04:04:51Showing 1 changed files
| ... | ... |
@@ -3175,3 +3175,57 @@ func TestBuildExoticShellInterpolation(t *testing.T) {
|
| 3175 | 3175 |
|
| 3176 | 3176 |
logDone("build - exotic shell interpolation")
|
| 3177 | 3177 |
} |
| 3178 |
+ |
|
| 3179 |
+func TestBuildSymlinkBreakout(t *testing.T) {
|
|
| 3180 |
+ name := "testbuildsymlinkbreakout" |
|
| 3181 |
+ tmpdir, err := ioutil.TempDir("", name)
|
|
| 3182 |
+ if err != nil {
|
|
| 3183 |
+ t.Fatal(err) |
|
| 3184 |
+ } |
|
| 3185 |
+ defer os.RemoveAll(tmpdir) |
|
| 3186 |
+ ctx := filepath.Join(tmpdir, "context") |
|
| 3187 |
+ if err := os.MkdirAll(ctx, 0755); err != nil {
|
|
| 3188 |
+ t.Fatal(err) |
|
| 3189 |
+ } |
|
| 3190 |
+ if err := ioutil.WriteFile(filepath.Join(ctx, "Dockerfile"), []byte(` |
|
| 3191 |
+ from busybox |
|
| 3192 |
+ add symlink.tar / |
|
| 3193 |
+ add inject /symlink/ |
|
| 3194 |
+ `), 0644); err != nil {
|
|
| 3195 |
+ t.Fatal(err) |
|
| 3196 |
+ } |
|
| 3197 |
+ inject := filepath.Join(ctx, "inject") |
|
| 3198 |
+ if err := ioutil.WriteFile(inject, nil, 0644); err != nil {
|
|
| 3199 |
+ t.Fatal(err) |
|
| 3200 |
+ } |
|
| 3201 |
+ f, err := os.Create(filepath.Join(ctx, "symlink.tar")) |
|
| 3202 |
+ if err != nil {
|
|
| 3203 |
+ t.Fatal(err) |
|
| 3204 |
+ } |
|
| 3205 |
+ w := tar.NewWriter(f) |
|
| 3206 |
+ w.WriteHeader(&tar.Header{
|
|
| 3207 |
+ Name: "symlink2", |
|
| 3208 |
+ Typeflag: tar.TypeSymlink, |
|
| 3209 |
+ Linkname: "/../../../../../../../../../../../../../../", |
|
| 3210 |
+ Uid: os.Getuid(), |
|
| 3211 |
+ Gid: os.Getgid(), |
|
| 3212 |
+ }) |
|
| 3213 |
+ w.WriteHeader(&tar.Header{
|
|
| 3214 |
+ Name: "symlink", |
|
| 3215 |
+ Typeflag: tar.TypeSymlink, |
|
| 3216 |
+ Linkname: filepath.Join("symlink2", tmpdir),
|
|
| 3217 |
+ Uid: os.Getuid(), |
|
| 3218 |
+ Gid: os.Getgid(), |
|
| 3219 |
+ }) |
|
| 3220 |
+ w.Close() |
|
| 3221 |
+ f.Close() |
|
| 3222 |
+ if _, err := buildImageFromContext(name, &FakeContext{Dir: ctx}, false); err != nil {
|
|
| 3223 |
+ t.Fatal(err) |
|
| 3224 |
+ } |
|
| 3225 |
+ if _, err := os.Lstat(filepath.Join(tmpdir, "inject")); err == nil {
|
|
| 3226 |
+ t.Fatal("symlink breakout - inject")
|
|
| 3227 |
+ } else if !os.IsNotExist(err) {
|
|
| 3228 |
+ t.Fatalf("unexpected error: %v", err)
|
|
| 3229 |
+ } |
|
| 3230 |
+ logDone("build - symlink breakout")
|
|
| 3231 |
+} |