Merge branch '2913_sanitize'

* 2913_sanitize:
  Added parameter quotation
  Added tests for name_quote function.
  exec_get_export_variables(): reproduce bug in test
  Ticket #2913: CVE-2012-4463 mc-4.8.5: Does not sanitize MC_EXT_SELECTED variable properly

src/filemanager/ext.c

@@ -141,6 +141,24 @@ exec_get_file_name (const vfs_path_t * filename_vpath)
     return quote_func (vfs_path_get_last_path_str (localfilecopy_vpath), 0);
 }
 
+/* --------------------------------------------------------------------------------------------- */
+static char *
+exec_expand_format (char symbol, gboolean is_result_quoted)
+{
+    char *text;
+
+    text = expand_format (NULL, symbol, TRUE);
+    if (is_result_quoted && text != NULL)
+    {
+        char *quoted_text;
+
+        quoted_text = g_strdup_printf ("\"%s\"", text);
+        g_free (text);
+        text = quoted_text;
+    }
+    return text;
+}
+
 /* --------------------------------------------------------------------------------------------- */
 
 static char *
@@ -155,12 +173,13 @@ exec_get_export_variables (const vfs_path_t * filename_vpath)
     {
         const char symbol;
         const char *name;
+        const gboolean is_result_quoted;
     } export_variables[] = {
-        {'p', "MC_EXT_BASENAME"},
+        {'p', "MC_EXT_BASENAME", FALSE},
-        {'d', "MC_EXT_CURRENTDIR"},
+        {'d', "MC_EXT_CURRENTDIR", FALSE},
-        {'s', "MC_EXT_SELECTED"},
+        {'s', "MC_EXT_SELECTED", TRUE},
-        {'t', "MC_EXT_ONLYTAGGED"},
+        {'t', "MC_EXT_ONLYTAGGED", TRUE},
-        {'\0', NULL}
+        {'\0', NULL, FALSE}
     };
     /* *INDENT-ON* */
 
@@ -174,7 +193,8 @@ exec_get_export_variables (const vfs_path_t * filename_vpath)
 
     for (i = 0; export_variables[i].name != NULL; i++)
     {
-        text = expand_format (NULL, export_variables[i].symbol, TRUE);
+        text =
+            exec_expand_format (export_variables[i].symbol, export_variables[i].is_result_quoted);
         if (text != NULL)
         {
             g_string_append_printf (export_vars_string,

tests/lib/Makefile.am

@@ -6,6 +6,7 @@ LIBS=@CHECK_LIBS@  $(top_builddir)/lib/libmc.la
 TESTS = \
 	library_independ \
 	mc_build_filename \
+	name_quote \
 	serialize \
 	x_basename
 
@@ -17,6 +18,9 @@ library_independ_SOURCES = \
 mc_build_filename_SOURCES = \
 	mc_build_filename.c
 
+name_quote_SOURCES = \
+	name_quote.c
+
 serialize_SOURCES = \
 	serialize.c
 

tests/lib/name_quote.c

@@ -0,0 +1,140 @@
+/*
+   lib/vfs - Quote file names
+
+   Copyright (C) 2011
+   The Free Software Foundation, Inc.
+
+   Written by:
+   Slava Zanko <slavazanko@gmail.com>, 2011
+
+   This file is part of the Midnight Commander.
+
+   The Midnight Commander is free software: you can redistribute it
+   and/or modify it under the terms of the GNU General Public License as
+   published by the Free Software Foundation, either version 3 of the License,
+   or (at your option) any later version.
+
+   The Midnight Commander is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#define TEST_SUITE_NAME "/lib/util"
+
+#include <config.h>
+
+#include <check.h>
+
+#include "lib/global.h"
+#include "lib/util.h"
+
+
+static void
+setup (void)
+{
+}
+
+static void
+teardown (void)
+{
+}
+
+/* --------------------------------------------------------------------------------------------- */
+
+static const struct data_source1_struct
+{
+    gboolean input_quote_percent;
+    const char *input_string;
+
+    const char *expected_string;
+} data_source1[] =
+{
+    { TRUE, "%%", "%%%%"},
+    { FALSE, "%%", "%%"},
+};
+
+START_TEST (quote_percent_test)
+{
+    // given
+    char *actual_string;
+    const struct data_source1_struct test_data = data_source1[_i];
+
+    // when
+    actual_string = name_quote (test_data.input_string, test_data.input_quote_percent);
+
+    // then
+    g_assert_cmpstr (actual_string, ==, test_data.expected_string);
+
+    g_free (actual_string);
+}
+END_TEST
+
+/* --------------------------------------------------------------------------------------------- */
+
+static const struct data_source2_struct
+{
+    const char *input_string;
+
+    const char *expected_string;
+} data_source2[] =
+{
+    {"-", "./-"},
+    {"blabla-", "blabla-"},
+    {"\r\n\t", "\\\r\\\n\\\t"},
+    {"'\\\";?|[]{}<>`!$&*()", "\\'\\\\\\\"\\;\\?\\|\\[\\]\\{\\}\\<\\>\\`\\!\\$\\&\\*\\(\\)"},
+    {"a b c ", "a\\ b\\ c\\ "},
+    {"#", "\\#"},
+    {"blabla#", "blabla#"},
+    {"~", "\\~"},
+    {"blabla~", "blabla~"},
+};
+
+START_TEST (name_quote_test)
+{
+    // given
+    char *actual_string;
+    const struct data_source2_struct test_data = data_source2[_i];
+
+    // when
+    actual_string = name_quote (test_data.input_string, FALSE);
+
+    // then
+    g_assert_cmpstr (actual_string, ==, test_data.expected_string);
+
+    g_free (actual_string);
+}
+END_TEST
+
+/* --------------------------------------------------------------------------------------------- */
+
+int
+main (void)
+{
+    int number_failed;
+
+    Suite *s = suite_create (TEST_SUITE_NAME);
+    TCase *tc_core = tcase_create ("Core");
+    SRunner *sr;
+
+    tcase_add_checked_fixture (tc_core, setup, teardown);
+
+    /* Add new tests here: *************** */
+    tcase_add_loop_test (tc_core, quote_percent_test, 0, sizeof(data_source1)/sizeof(data_source1[0]));
+
+    tcase_add_loop_test (tc_core, name_quote_test, 0, sizeof(data_source2)/sizeof(data_source2[0]));
+    /* *********************************** */
+
+    suite_add_tcase (s, tc_core);
+    sr = srunner_create (s);
+    srunner_set_log (sr, "serialize.log");
+    srunner_run_all (sr, CK_NORMAL);
+    number_failed = srunner_ntests_failed (sr);
+    srunner_free (sr);
+    return (number_failed == 0) ? 0 : 1;
+}
+
+/* --------------------------------------------------------------------------------------------- */

tests/src/filemanager/Makefile.am

@@ -14,7 +14,8 @@ endif
 
 TESTS = \
 	do_panel_cd \
-	examine_cd
+	examine_cd \
+	exec_get_export_variables_ext
 
 check_PROGRAMS = $(TESTS)
 
@@ -23,3 +24,6 @@ do_panel_cd_SOURCES = \
 
 examine_cd_SOURCES = \
 	examine_cd.c
+
+exec_get_export_variables_ext_SOURCES = \
+	exec_get_export_variables_ext.c

tests/src/filemanager/exec_get_export_variables_ext.c

@@ -0,0 +1,136 @@
+/*
+   src/filemanager - filemanager functions
+
+   Copyright (C) 2011
+   The Free Software Foundation, Inc.
+
+   Written by:
+   Slava Zanko <slavazanko@gmail.com>, 2012
+
+   This file is part of the Midnight Commander.
+
+   The Midnight Commander is free software: you can redistribute it
+   and/or modify it under the terms of the GNU General Public License as
+   published by the Free Software Foundation, either version 3 of the License,
+   or (at your option) any later version.
+
+   The Midnight Commander is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#define TEST_SUITE_NAME "/src/filemanager"
+
+#include <config.h>
+
+#include <check.h>
+
+#include "lib/global.h"
+#include "src/vfs/local/local.c"
+
+#include "src/filemanager/midnight.c"
+
+#include "src/filemanager/ext.c"
+
+/* --------------------------------------------------------------------------------------------- */
+/* mocked functions */
+
+
+/* --------------------------------------------------------------------------------------------- */
+
+static void
+setup (void)
+{
+    str_init_strings (NULL);
+
+    vfs_init ();
+    init_localfs ();
+    vfs_setup_work_dir ();
+
+    mc_global.mc_run_mode = MC_RUN_FULL;
+    current_panel = g_new0(struct WPanel, 1);
+    current_panel->cwd_vpath = vfs_path_from_str("/home");
+    current_panel->dir.list = g_new (file_entry, MIN_FILES);
+    current_panel->dir.size = MIN_FILES;
+}
+
+static void
+teardown (void)
+{
+    vfs_shut ();
+    str_uninit_strings ();
+}
+
+/* --------------------------------------------------------------------------------------------- */
+
+START_TEST (sanitize_variables)
+{
+    // given
+    vfs_path_t * filename_vpath;
+    char *actual_string;
+    const char *expected_string;
+
+    current_panel->selected = 0;
+    current_panel->dir.list[0].fname = (char*) "selected file.txt";
+    current_panel->dir.list[1].fname = (char*) "tagged file1.txt";
+    current_panel->dir.list[1].f.marked = TRUE;
+    current_panel->dir.list[2].fname = (char*) "tagged file2.txt";
+    current_panel->dir.list[2].f.marked = TRUE;
+    current_panel->count = 3;
+
+    // when
+    filename_vpath = vfs_path_from_str("/tmp/blabla.txt");
+    actual_string = exec_get_export_variables (filename_vpath);
+    vfs_path_free (filename_vpath);
+
+    // then
+    expected_string = "\
+MC_EXT_FILENAME=/tmp/blabla.txt\n\
+export MC_EXT_FILENAME\n\
+MC_EXT_BASENAME=selected\\ file.txt\n\
+export MC_EXT_BASENAME\n\
+MC_EXT_CURRENTDIR=/home\n\
+export MC_EXT_CURRENTDIR\n\
+MC_EXT_SELECTED=selected\\ file.txt\n\
+export MC_EXT_SELECTED\n\
+MC_EXT_ONLYTAGGED=\"tagged\\ file1.txt tagged\\ file2.txt \"\n\
+export MC_EXT_ONLYTAGGED\n";
+
+    g_assert_cmpstr (actual_string, ==, expected_string);
+
+    g_free (actual_string);
+}
+
+END_TEST
+
+/* --------------------------------------------------------------------------------------------- */
+
+int
+main (void)
+{
+    int number_failed;
+
+    Suite *s = suite_create (TEST_SUITE_NAME);
+    TCase *tc_core = tcase_create ("Core");
+    SRunner *sr;
+
+    tcase_add_checked_fixture (tc_core, setup, teardown);
+
+    /* Add new tests here: *************** */
+    tcase_add_test (tc_core, sanitize_variables);
+    /* *********************************** */
+
+    suite_add_tcase (s, tc_core);
+    sr = srunner_create (s);
+    srunner_set_log (sr, "do_panel_cd.log");
+    srunner_run_all (sr, CK_NORMAL);
+    number_failed = srunner_ntests_failed (sr);
+    srunner_free (sr);
+    return (number_failed == 0) ? 0 : 1;
+}
+
+/* --------------------------------------------------------------------------------------------- */