diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2019-07-19 03:45:44 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-07-19 13:53:27 +1000 |
| commit | b4a7c9d2b5f928e0b902b580d35dc8b244a3aae0 (patch) | |
| tree | 44881589bca4af9dc7cb0c802e2574516215b4b1 | |
| parent | bca0582063f148c7ddf409ec51435a5a726bee4c (diff) | |
upstream: add regression tests for scp for out-of-destination path file
creation by Harry Sintonen via Jakub Jelen in bz3007
OpenBSD-Regress-ID: 01ae5fbc6ce400b2df5a84dc3152a9e31f354c07
| -rw-r--r-- | regress/scp-ssh-wrapper.sh | 14 | ||||
| -rw-r--r-- | regress/scp.sh | 14 |
2 files changed, 25 insertions, 3 deletions
diff --git a/regress/scp-ssh-wrapper.sh b/regress/scp-ssh-wrapper.sh index 59f1ff63..7fb21f42 100644 --- a/regress/scp-ssh-wrapper.sh +++ b/regress/scp-ssh-wrapper.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: scp-ssh-wrapper.sh,v 1.3 2014/01/26 10:49:17 djm Exp $ +# $OpenBSD: scp-ssh-wrapper.sh,v 1.4 2019/07/19 03:45:44 djm Exp $ # Placed in the Public Domain. printname () { @@ -51,6 +51,18 @@ badserver_4) echo "C755 2 file" echo "X" ;; +badserver_5) + echo "D0555 0 " + echo "X" + ;; +badserver_6) + echo "D0555 0 ." + echo "X" + ;; +badserver_7) + echo "C0755 2 extrafile" + echo "X" + ;; *) set -- $arg shift diff --git a/regress/scp.sh b/regress/scp.sh index 57cc7706..62400efa 100644 --- a/regress/scp.sh +++ b/regress/scp.sh @@ -1,4 +1,4 @@ -# $OpenBSD: scp.sh,v 1.10 2014/01/26 10:49:17 djm Exp $ +# $OpenBSD: scp.sh,v 1.11 2019/07/19 03:45:44 djm Exp $ # Placed in the Public Domain. tid="scp" @@ -25,6 +25,7 @@ export SCP # used in scp-ssh-wrapper.scp scpclean() { rm -rf ${COPY} ${COPY2} ${DIR} ${DIR2} mkdir ${DIR} ${DIR2} + chmod 755 ${DIR} ${DIR2} } verbose "$tid: simple copy local file to local file" @@ -101,7 +102,7 @@ if [ ! -z "$SUDO" ]; then $SUDO rm ${DIR2}/copy fi -for i in 0 1 2 3 4; do +for i in 0 1 2 3 4 5 6 7; do verbose "$tid: disallow bad server #$i" SCPTESTMODE=badserver_$i export DIR SCPTESTMODE @@ -113,6 +114,15 @@ for i in 0 1 2 3 4; do scpclean $SCP -r $scpopts somehost:${DATA} ${DIR2} >/dev/null 2>/dev/null [ -d ${DIR}/dotpathdir ] && fail "allows dir creation outside of subdir" + + scpclean + $SCP -pr $scpopts somehost:${DATA} ${DIR2} >/dev/null 2>/dev/null + [ ! -w ${DIR2} ] && fail "allows target root attribute change" + + scpclean + $SCP $scpopts somehost:${DATA} ${DIR2} >/dev/null 2>/dev/null + [ -e ${DIR2}/extrafile ] && fail "allows unauth object creation" + rm -f ${DIR2}/extrafile done verbose "$tid: detect non-directory target" |