diff options
author | Jacob Vosmaer <jacob@gitlab.com> | 2018-03-29 20:33:55 +0300 |
---|---|---|
committer | Jacob Vosmaer <jacob@gitlab.com> | 2018-03-29 20:33:59 +0300 |
commit | 28ba807fa4ce6b36c2eff63bc836771da6547dd6 (patch) | |
tree | aa5217475fee2bf73d8f36001b43f9039b169c89 | |
parent | 7667ad88c5489206cf334524045ba38cc5029bd8 (diff) |
Capture status quo in testsdeployer
-rw-r--r-- | internal/deploy/extractzip_test.go | 18 | ||||
-rw-r--r-- | internal/deploy/testdata/.gitignore | 1 | ||||
-rw-r--r-- | internal/deploy/testdata/test3.zip | bin | 0 -> 636 bytes |
3 files changed, 19 insertions, 0 deletions
diff --git a/internal/deploy/extractzip_test.go b/internal/deploy/extractzip_test.go index 2f15ff03..dd27050b 100644 --- a/internal/deploy/extractzip_test.go +++ b/internal/deploy/extractzip_test.go @@ -32,6 +32,24 @@ func TestExtractZip(t *testing.T) { return err == ErrNoPublicFiles }, }, + { + desc: "archive with evil symlink", + archive: "testdata/test3.zip", + mustExist: map[string]string{ + // The test3.zip archive contains a symlink to /etc/passwd. This test + // asserts that instead of that symlink, we get a regular file whose + // contents are "/etc/passwd". If the extracted "public/passwd" was an + // actual symlink we would get the contents of the /etc/passwd file of + // the system where the test runs. + "public/passwd": "/etc/passwd", + // The "public/bar" symlink tries to point to "foo" but we don't support + // symlinks at the moment. Instead it creates a regular file with + // contents "bar". TODO: support valid symlinks? + "public/bar": "foo", + // "foo" is a regular file with contents "not-bar" + "public/foo": "not-bar\n", + }, + }, } for _, tc := range testCases { diff --git a/internal/deploy/testdata/.gitignore b/internal/deploy/testdata/.gitignore new file mode 100644 index 00000000..c75eeccc --- /dev/null +++ b/internal/deploy/testdata/.gitignore @@ -0,0 +1 @@ +/public diff --git a/internal/deploy/testdata/test3.zip b/internal/deploy/testdata/test3.zip Binary files differnew file mode 100644 index 00000000..1af5da34 --- /dev/null +++ b/internal/deploy/testdata/test3.zip |