github.com/sijibomii/docker@v0.0.0-20231230191044-5cf6ca554647/pkg/symlink/fs_unix_test.go (about) 1 // +build !windows 2 3 // Licensed under the Apache License, Version 2.0; See LICENSE.APACHE 4 5 package symlink 6 7 import ( 8 "fmt" 9 "io/ioutil" 10 "os" 11 "path/filepath" 12 "testing" 13 ) 14 15 // TODO Windows: This needs some serious work to port to Windows. For now, 16 // turning off testing in this package. 17 18 type dirOrLink struct { 19 path string 20 target string 21 } 22 23 func makeFs(tmpdir string, fs []dirOrLink) error { 24 for _, s := range fs { 25 s.path = filepath.Join(tmpdir, s.path) 26 if s.target == "" { 27 os.MkdirAll(s.path, 0755) 28 continue 29 } 30 if err := os.MkdirAll(filepath.Dir(s.path), 0755); err != nil { 31 return err 32 } 33 if err := os.Symlink(s.target, s.path); err != nil && !os.IsExist(err) { 34 return err 35 } 36 } 37 return nil 38 } 39 40 func testSymlink(tmpdir, path, expected, scope string) error { 41 rewrite, err := FollowSymlinkInScope(filepath.Join(tmpdir, path), filepath.Join(tmpdir, scope)) 42 if err != nil { 43 return err 44 } 45 expected, err = filepath.Abs(filepath.Join(tmpdir, expected)) 46 if err != nil { 47 return err 48 } 49 if expected != rewrite { 50 return fmt.Errorf("Expected %q got %q", expected, rewrite) 51 } 52 return nil 53 } 54 55 func TestFollowSymlinkAbsolute(t *testing.T) { 56 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkAbsolute") 57 if err != nil { 58 t.Fatal(err) 59 } 60 defer os.RemoveAll(tmpdir) 61 if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/a/d", target: "/b"}}); err != nil { 62 t.Fatal(err) 63 } 64 if err := testSymlink(tmpdir, "testdata/fs/a/d/c/data", "testdata/b/c/data", "testdata"); err != nil { 65 t.Fatal(err) 66 } 67 } 68 69 func TestFollowSymlinkRelativePath(t *testing.T) { 70 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRelativePath") 71 if err != nil { 72 t.Fatal(err) 73 } 74 defer os.RemoveAll(tmpdir) 75 if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/i", target: "a"}}); err != nil { 76 t.Fatal(err) 77 } 78 if err := testSymlink(tmpdir, "testdata/fs/i", "testdata/fs/a", "testdata"); err != nil { 79 t.Fatal(err) 80 } 81 } 82 83 func TestFollowSymlinkSkipSymlinksOutsideScope(t *testing.T) { 84 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkSkipSymlinksOutsideScope") 85 if err != nil { 86 t.Fatal(err) 87 } 88 defer os.RemoveAll(tmpdir) 89 if err := makeFs(tmpdir, []dirOrLink{ 90 {path: "linkdir", target: "realdir"}, 91 {path: "linkdir/foo/bar"}, 92 }); err != nil { 93 t.Fatal(err) 94 } 95 if err := testSymlink(tmpdir, "linkdir/foo/bar", "linkdir/foo/bar", "linkdir/foo"); err != nil { 96 t.Fatal(err) 97 } 98 } 99 100 func TestFollowSymlinkInvalidScopePathPair(t *testing.T) { 101 if _, err := FollowSymlinkInScope("toto", "testdata"); err == nil { 102 t.Fatal("expected an error") 103 } 104 } 105 106 func TestFollowSymlinkLastLink(t *testing.T) { 107 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkLastLink") 108 if err != nil { 109 t.Fatal(err) 110 } 111 defer os.RemoveAll(tmpdir) 112 if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/a/d", target: "/b"}}); err != nil { 113 t.Fatal(err) 114 } 115 if err := testSymlink(tmpdir, "testdata/fs/a/d", "testdata/b", "testdata"); err != nil { 116 t.Fatal(err) 117 } 118 } 119 120 func TestFollowSymlinkRelativeLinkChangeScope(t *testing.T) { 121 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRelativeLinkChangeScope") 122 if err != nil { 123 t.Fatal(err) 124 } 125 defer os.RemoveAll(tmpdir) 126 if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/a/e", target: "../b"}}); err != nil { 127 t.Fatal(err) 128 } 129 if err := testSymlink(tmpdir, "testdata/fs/a/e/c/data", "testdata/fs/b/c/data", "testdata"); err != nil { 130 t.Fatal(err) 131 } 132 // avoid letting allowing symlink e lead us to ../b 133 // normalize to the "testdata/fs/a" 134 if err := testSymlink(tmpdir, "testdata/fs/a/e", "testdata/fs/a/b", "testdata/fs/a"); err != nil { 135 t.Fatal(err) 136 } 137 } 138 139 func TestFollowSymlinkDeepRelativeLinkChangeScope(t *testing.T) { 140 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkDeepRelativeLinkChangeScope") 141 if err != nil { 142 t.Fatal(err) 143 } 144 defer os.RemoveAll(tmpdir) 145 146 if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/a/f", target: "../../../../test"}}); err != nil { 147 t.Fatal(err) 148 } 149 // avoid letting symlink f lead us out of the "testdata" scope 150 // we don't normalize because symlink f is in scope and there is no 151 // information leak 152 if err := testSymlink(tmpdir, "testdata/fs/a/f", "testdata/test", "testdata"); err != nil { 153 t.Fatal(err) 154 } 155 // avoid letting symlink f lead us out of the "testdata/fs" scope 156 // we don't normalize because symlink f is in scope and there is no 157 // information leak 158 if err := testSymlink(tmpdir, "testdata/fs/a/f", "testdata/fs/test", "testdata/fs"); err != nil { 159 t.Fatal(err) 160 } 161 } 162 163 func TestFollowSymlinkRelativeLinkChain(t *testing.T) { 164 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRelativeLinkChain") 165 if err != nil { 166 t.Fatal(err) 167 } 168 defer os.RemoveAll(tmpdir) 169 170 // avoid letting symlink g (pointed at by symlink h) take out of scope 171 // TODO: we should probably normalize to scope here because ../[....]/root 172 // is out of scope and we leak information 173 if err := makeFs(tmpdir, []dirOrLink{ 174 {path: "testdata/fs/b/h", target: "../g"}, 175 {path: "testdata/fs/g", target: "../../../../../../../../../../../../root"}, 176 }); err != nil { 177 t.Fatal(err) 178 } 179 if err := testSymlink(tmpdir, "testdata/fs/b/h", "testdata/root", "testdata"); err != nil { 180 t.Fatal(err) 181 } 182 } 183 184 func TestFollowSymlinkBreakoutPath(t *testing.T) { 185 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkBreakoutPath") 186 if err != nil { 187 t.Fatal(err) 188 } 189 defer os.RemoveAll(tmpdir) 190 191 // avoid letting symlink -> ../directory/file escape from scope 192 // normalize to "testdata/fs/j" 193 if err := makeFs(tmpdir, []dirOrLink{{path: "testdata/fs/j/k", target: "../i/a"}}); err != nil { 194 t.Fatal(err) 195 } 196 if err := testSymlink(tmpdir, "testdata/fs/j/k", "testdata/fs/j/i/a", "testdata/fs/j"); err != nil { 197 t.Fatal(err) 198 } 199 } 200 201 func TestFollowSymlinkToRoot(t *testing.T) { 202 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkToRoot") 203 if err != nil { 204 t.Fatal(err) 205 } 206 defer os.RemoveAll(tmpdir) 207 208 // make sure we don't allow escaping to / 209 // normalize to dir 210 if err := makeFs(tmpdir, []dirOrLink{{path: "foo", target: "/"}}); err != nil { 211 t.Fatal(err) 212 } 213 if err := testSymlink(tmpdir, "foo", "", ""); err != nil { 214 t.Fatal(err) 215 } 216 } 217 218 func TestFollowSymlinkSlashDotdot(t *testing.T) { 219 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkSlashDotdot") 220 if err != nil { 221 t.Fatal(err) 222 } 223 defer os.RemoveAll(tmpdir) 224 tmpdir = filepath.Join(tmpdir, "dir", "subdir") 225 226 // make sure we don't allow escaping to / 227 // normalize to dir 228 if err := makeFs(tmpdir, []dirOrLink{{path: "foo", target: "/../../"}}); err != nil { 229 t.Fatal(err) 230 } 231 if err := testSymlink(tmpdir, "foo", "", ""); err != nil { 232 t.Fatal(err) 233 } 234 } 235 236 func TestFollowSymlinkDotdot(t *testing.T) { 237 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkDotdot") 238 if err != nil { 239 t.Fatal(err) 240 } 241 defer os.RemoveAll(tmpdir) 242 tmpdir = filepath.Join(tmpdir, "dir", "subdir") 243 244 // make sure we stay in scope without leaking information 245 // this also checks for escaping to / 246 // normalize to dir 247 if err := makeFs(tmpdir, []dirOrLink{{path: "foo", target: "../../"}}); err != nil { 248 t.Fatal(err) 249 } 250 if err := testSymlink(tmpdir, "foo", "", ""); err != nil { 251 t.Fatal(err) 252 } 253 } 254 255 func TestFollowSymlinkRelativePath2(t *testing.T) { 256 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRelativePath2") 257 if err != nil { 258 t.Fatal(err) 259 } 260 defer os.RemoveAll(tmpdir) 261 262 if err := makeFs(tmpdir, []dirOrLink{{path: "bar/foo", target: "baz/target"}}); err != nil { 263 t.Fatal(err) 264 } 265 if err := testSymlink(tmpdir, "bar/foo", "bar/baz/target", ""); err != nil { 266 t.Fatal(err) 267 } 268 } 269 270 func TestFollowSymlinkScopeLink(t *testing.T) { 271 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkScopeLink") 272 if err != nil { 273 t.Fatal(err) 274 } 275 defer os.RemoveAll(tmpdir) 276 277 if err := makeFs(tmpdir, []dirOrLink{ 278 {path: "root2"}, 279 {path: "root", target: "root2"}, 280 {path: "root2/foo", target: "../bar"}, 281 }); err != nil { 282 t.Fatal(err) 283 } 284 if err := testSymlink(tmpdir, "root/foo", "root/bar", "root"); err != nil { 285 t.Fatal(err) 286 } 287 } 288 289 func TestFollowSymlinkRootScope(t *testing.T) { 290 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkRootScope") 291 if err != nil { 292 t.Fatal(err) 293 } 294 defer os.RemoveAll(tmpdir) 295 296 expected, err := filepath.EvalSymlinks(tmpdir) 297 if err != nil { 298 t.Fatal(err) 299 } 300 rewrite, err := FollowSymlinkInScope(tmpdir, "/") 301 if err != nil { 302 t.Fatal(err) 303 } 304 if rewrite != expected { 305 t.Fatalf("expected %q got %q", expected, rewrite) 306 } 307 } 308 309 func TestFollowSymlinkEmpty(t *testing.T) { 310 res, err := FollowSymlinkInScope("", "") 311 if err != nil { 312 t.Fatal(err) 313 } 314 wd, err := os.Getwd() 315 if err != nil { 316 t.Fatal(err) 317 } 318 if res != wd { 319 t.Fatalf("expected %q got %q", wd, res) 320 } 321 } 322 323 func TestFollowSymlinkCircular(t *testing.T) { 324 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkCircular") 325 if err != nil { 326 t.Fatal(err) 327 } 328 defer os.RemoveAll(tmpdir) 329 330 if err := makeFs(tmpdir, []dirOrLink{{path: "root/foo", target: "foo"}}); err != nil { 331 t.Fatal(err) 332 } 333 if err := testSymlink(tmpdir, "root/foo", "", "root"); err == nil { 334 t.Fatal("expected an error for foo -> foo") 335 } 336 337 if err := makeFs(tmpdir, []dirOrLink{ 338 {path: "root/bar", target: "baz"}, 339 {path: "root/baz", target: "../bak"}, 340 {path: "root/bak", target: "/bar"}, 341 }); err != nil { 342 t.Fatal(err) 343 } 344 if err := testSymlink(tmpdir, "root/foo", "", "root"); err == nil { 345 t.Fatal("expected an error for bar -> baz -> bak -> bar") 346 } 347 } 348 349 func TestFollowSymlinkComplexChainWithTargetPathsContainingLinks(t *testing.T) { 350 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkComplexChainWithTargetPathsContainingLinks") 351 if err != nil { 352 t.Fatal(err) 353 } 354 defer os.RemoveAll(tmpdir) 355 356 if err := makeFs(tmpdir, []dirOrLink{ 357 {path: "root2"}, 358 {path: "root", target: "root2"}, 359 {path: "root/a", target: "r/s"}, 360 {path: "root/r", target: "../root/t"}, 361 {path: "root/root/t/s/b", target: "/../u"}, 362 {path: "root/u/c", target: "."}, 363 {path: "root/u/x/y", target: "../v"}, 364 {path: "root/u/v", target: "/../w"}, 365 }); err != nil { 366 t.Fatal(err) 367 } 368 if err := testSymlink(tmpdir, "root/a/b/c/x/y/z", "root/w/z", "root"); err != nil { 369 t.Fatal(err) 370 } 371 } 372 373 func TestFollowSymlinkBreakoutNonExistent(t *testing.T) { 374 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkBreakoutNonExistent") 375 if err != nil { 376 t.Fatal(err) 377 } 378 defer os.RemoveAll(tmpdir) 379 380 if err := makeFs(tmpdir, []dirOrLink{ 381 {path: "root/slash", target: "/"}, 382 {path: "root/sym", target: "/idontexist/../slash"}, 383 }); err != nil { 384 t.Fatal(err) 385 } 386 if err := testSymlink(tmpdir, "root/sym/file", "root/file", "root"); err != nil { 387 t.Fatal(err) 388 } 389 } 390 391 func TestFollowSymlinkNoLexicalCleaning(t *testing.T) { 392 tmpdir, err := ioutil.TempDir("", "TestFollowSymlinkNoLexicalCleaning") 393 if err != nil { 394 t.Fatal(err) 395 } 396 defer os.RemoveAll(tmpdir) 397 398 if err := makeFs(tmpdir, []dirOrLink{ 399 {path: "root/sym", target: "/foo/bar"}, 400 {path: "root/hello", target: "/sym/../baz"}, 401 }); err != nil { 402 t.Fatal(err) 403 } 404 if err := testSymlink(tmpdir, "root/hello", "root/foo/baz", "root"); err != nil { 405 t.Fatal(err) 406 } 407 }