1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
package config
import (
"io/ioutil"
"os"
"os/exec"
"path/filepath"
"testing"
"github.com/stretchr/testify/require"
"gitlab.com/gitlab-org/gitaly/v14/proto/go/gitalypb"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
)
func TestConfigLocator_GetObjectDirectoryPath(t *testing.T) {
tmpDir, err := ioutil.TempDir("", "")
require.NoError(t, err)
defer os.RemoveAll(tmpDir)
repoPath := filepath.Join(tmpDir, "relative")
require.NoError(t, os.MkdirAll(repoPath, 0755))
cfg := Cfg{
Storages: []Storage{{
Name: "gitaly-1",
Path: filepath.Dir(repoPath),
}},
}
require.NoError(t, cfg.SetGitPath())
cmd := exec.Command(cfg.Git.BinPath, "init", "--bare", "--quiet")
cmd.Dir = repoPath
require.NoError(t, cmd.Run())
locator := NewLocator(cfg)
repoWithGitObjDir := func(dir string) *gitalypb.Repository {
return &gitalypb.Repository{
StorageName: "gitaly-1",
RelativePath: filepath.Base(repoPath),
GlRepository: "gl_repo",
GitObjectDirectory: dir,
}
}
testRepo := repoWithGitObjDir("")
testCases := []struct {
desc string
repo *gitalypb.Repository
path string
err codes.Code
}{
{
desc: "storages configured",
repo: repoWithGitObjDir("objects/"),
path: filepath.Join(repoPath, "objects/"),
},
{
desc: "no GitObjectDirectoryPath",
repo: testRepo,
err: codes.InvalidArgument,
},
{
desc: "with directory traversal",
repo: repoWithGitObjDir("../bazqux.git"),
err: codes.InvalidArgument,
},
{
desc: "valid path but doesn't exist",
repo: repoWithGitObjDir("foo../bazqux.git"),
err: codes.NotFound,
},
{
desc: "with sneaky directory traversal",
repo: repoWithGitObjDir("/../bazqux.git"),
err: codes.InvalidArgument,
},
{
desc: "with traversal outside repository",
repo: repoWithGitObjDir("objects/../.."),
err: codes.InvalidArgument,
},
{
desc: "with traversal outside repository with trailing separator",
repo: repoWithGitObjDir("objects/../../"),
err: codes.InvalidArgument,
},
{
desc: "with deep traversal at the end",
repo: repoWithGitObjDir("bazqux.git/../.."),
err: codes.InvalidArgument,
},
}
for _, tc := range testCases {
t.Run(tc.desc, func(t *testing.T) {
path, err := locator.GetObjectDirectoryPath(tc.repo)
if tc.err != codes.OK {
st, ok := status.FromError(err)
require.True(t, ok)
require.Equal(t, tc.err, st.Code())
return
}
require.NoError(t, err)
require.Equal(t, tc.path, path)
})
}
}
|