1303 files changed, 32187 insertions, 57138 deletions
diff --git a/testsuite/tar.tests b/testsuite/tar.tests index 4929f4e..9f7ce15 100755 --- a/testsuite/tar.tests +++ b/testsuite/tar.tests @@ -24,7 +24,7 @@ tar: short read "" "" SKIP= -optional FEATURE_SEAMLESS_GZ +optional FEATURE_SEAMLESS_GZ GUNZIP # In NOMMU case, "invalid magic" message comes from gunzip child process. # Otherwise, it comes from tar. # Need to fix output up to avoid false positive. @@ -53,6 +53,15 @@ dd if=/dev/zero bs=512 count=20 2>/dev/null | tar xvf - 2>&1; echo $? "" "" SKIP= +# "tar cf test.tar input input_dir/ input_hard1 input_hard2 input_hard1 input_dir/ input": +# GNU tar 1.26 records as hardlinks: +# input_hard2 -> input_hard1 +# input_hard1 -> input_hard1 (!!!) +# input_dir/file -> input_dir/file +# input -> input +# As of 1.24.0, we don't record last two: for them, nlink==1 +# and we check for "hardlink"ness only files with nlink!=1 +# We also don't use "hrw-r--r--" notation for hardlinks in "tar tv" listing. optional FEATURE_TAR_CREATE FEATURE_LS_SORTFILES testing "tar hardlinks and repeated files" '\ rm -rf input_* test.tar 2>/dev/null @@ -64,6 +73,7 @@ chmod -R 644 * chmod 755 input_dir tar cf test.tar input input_dir/ input_hard1 input_hard2 input_hard1 input_dir/ input tar tvf test.tar | sed "s/.*[0-9] input/input/" +rm -rf input_dir tar xf test.tar 2>&1 echo Ok: $? ls -l . input_dir/* | grep input_ | sed "s/\\(^[^ ]*\\) .* input/\\1 input/" @@ -194,7 +204,7 @@ SKIP= # Had a bug where on extract autodetect first "switched off" -z # and then failed to recognize .tgz extension -optional FEATURE_TAR_CREATE FEATURE_SEAMLESS_GZ +optional FEATURE_TAR_CREATE FEATURE_SEAMLESS_GZ GUNZIP testing "tar extract tgz" "\ dd count=1 bs=1M if=/dev/zero of=F0 2>/dev/null tar -czf F0.tgz F0 @@ -246,6 +256,69 @@ Ok "" "" SKIP= +# attack.tar.bz2 has symlink pointing to a system file +# followed by a regular file with the same name +# containing "root::0:0::/root:/bin/sh": +# lrwxrwxrwx root/root passwd -> /tmp/passwd +# -rw-r--r-- root/root passwd +# naive tar implementation may end up creating the symlink +# and then writing into it. +# The correct implementation unlinks target before +# creating the second file. +# We test that /tmp/passwd remains empty: +optional UUDECODE FEATURE_TAR_AUTODETECT FEATURE_SEAMLESS_BZ2 +testing "tar does not extract into symlinks" "\ +>>/tmp/passwd && uudecode -o input && tar xf input 2>&1 && rm passwd; cat /tmp/passwd; echo \$? +" "\ +0 +" \ +"" "\ +begin-base64 644 attack.tar.bz2 +QlpoOTFBWSZTWRVn/bIAAKt7hMqwAEBAAP2QAhB0Y96AAACACCAAlISgpqe0 +po0DIaDynqAkpDRP1ANAhiYNSPR8VchKhAz0AK59+DA6FcMKBggOARIJdVHL +DGllrjs20ATUgR1HmccBX3EhoMnpMJaNyggmxgLDMz54lBnBTJO/1L1lbMS4 +l4/V8LDoe90yiWJhOJvIypgEfxdyRThQkBVn/bI= +==== +" +SKIP= +# And same with -k +optional UUDECODE FEATURE_TAR_AUTODETECT FEATURE_SEAMLESS_BZ2 +testing "tar -k does not extract into symlinks" "\ +>>/tmp/passwd && uudecode -o input && tar xf input -k 2>&1 && rm passwd; cat /tmp/passwd; echo \$? +" "\ +tar: can't open 'passwd': File exists +0 +" \ +"" "\ +begin-base64 644 attack.tar.bz2 +QlpoOTFBWSZTWRVn/bIAAKt7hMqwAEBAAP2QAhB0Y96AAACACCAAlISgpqe0 +po0DIaDynqAkpDRP1ANAhiYNSPR8VchKhAz0AK59+DA6FcMKBggOARIJdVHL +DGllrjs20ATUgR1HmccBX3EhoMnpMJaNyggmxgLDMz54lBnBTJO/1L1lbMS4 +l4/V8LDoe90yiWJhOJvIypgEfxdyRThQkBVn/bI= +==== +" +SKIP= + +optional UNICODE_SUPPORT FEATURE_TAR_GNU_EXTENSIONS FEATURE_SEAMLESS_BZ2 FEATURE_TAR_AUTODETECT +testing "Pax-encoded UTF8 names and symlinks" '\ +tar xvf ../tar.utf8.tar.bz2 2>&1; echo $? +export LANG=en_US.UTF-8 +ls -l etc/ssl/certs/* | sed "s:.*etc/:etc/:" | sort +unset LANG +rm -rf etc usr +' "\ +etc/ssl/certs/3b2716e5.0 +etc/ssl/certs/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem +etc/ssl/certs/f80cc7f6.0 +usr/share/ca-certificates/mozilla/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt +0 +etc/ssl/certs/3b2716e5.0 -> EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem +etc/ssl/certs/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem -> /usr/share/ca-certificates/mozilla/EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.crt +etc/ssl/certs/f80cc7f6.0 -> EBG_Elektronik_Sertifika_Hizmet_Sağlayıcısı.pem +" \ +"" "" +SKIP= + cd .. && rm -rf tar.tempdir || exit 1 |