github.com/argoproj/argo-cd@v1.8.7/util/security/path_traversal_test.go

github.com/argoproj/argo-cd@v1.8.7/util/security/path_traversal_test.go (about)

     1  package security
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/stretchr/testify/assert"
     7  )
     8  
     9  func TestEnforceToCurrentRoot(t *testing.T) {
    10  	cleanDir, err := EnforceToCurrentRoot("/home/argo/helmapp/", "/home/argo/helmapp/values.yaml")
    11  	assert.NoError(t, err)
    12  	assert.Equal(t, "/home/argo/helmapp/values.yaml", cleanDir)
    13  
    14  	// File is outside current working directory
    15  	_, err = EnforceToCurrentRoot("/home/argo/helmapp/", "/home/values.yaml")
    16  	assert.Error(t, err)
    17  
    18  	// File is outside current working directory
    19  	_, err = EnforceToCurrentRoot("/home/argo/helmapp/", "/home/argo/helmapp/../differentapp/values.yaml")
    20  	assert.Error(t, err)
    21  
    22  	// Goes back and forth, but still legal
    23  	cleanDir, err = EnforceToCurrentRoot("/home/argo/helmapp/", "/home/argo/helmapp/../../argo/helmapp/values.yaml")
    24  	assert.NoError(t, err)
    25  	assert.Equal(t, "/home/argo/helmapp/values.yaml", cleanDir)
    26  }