ports/mc
ports/mc
1
1
Форкнуть 0
Код Релизы 2 Активность

Merge branch '2913_sanitize'

Просмотр исходного кода 
* 2913_sanitize:
  Added parameter quotation
  Added tests for name_quote function.
  exec_get_export_variables(): reproduce bug in test
  Ticket #2913: CVE-2012-4463 mc-4.8.5: Does not sanitize MC_EXT_SELECTED variable properly
Этот коммит содержится в:
Slava Zanko 2012-11-29 13:22:00 +03:00
родитель bf475ce339 a51df499cd
Коммит 4ee4959cea
5 изменённых файлов: 311 добавлений и 7 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

32
src/filemanager/ext.c
Просмотреть файл

@ -141,6 +141,24 @@ exec_get_file_name (const vfs_path_t * filename_vpath)
return quote_func (vfs_path_get_last_path_str (localfilecopy_vpath), 0);
}
/* --------------------------------------------------------------------------------------------- */
static char *
exec_expand_format (char symbol, gboolean is_result_quoted)
{
char *text;
text = expand_format (NULL, symbol, TRUE);
if (is_result_quoted && text != NULL)
{
char *quoted_text;
quoted_text = g_strdup_printf ("\"%s\"", text);
g_free (text);
text = quoted_text;
}
return text;
}
/* --------------------------------------------------------------------------------------------- */
static char *
@ -155,12 +173,13 @@ exec_get_export_variables (const vfs_path_t * filename_vpath)
{
const char symbol;
const char *name;
const gboolean is_result_quoted;
} export_variables[] = {
{'p', "MC_EXT_BASENAME"},
{'d', "MC_EXT_CURRENTDIR"},
{'s', "MC_EXT_SELECTED"},
{'t', "MC_EXT_ONLYTAGGED"},
{'\0', NULL}
{'p', "MC_EXT_BASENAME", FALSE},
{'d', "MC_EXT_CURRENTDIR", FALSE},
{'s', "MC_EXT_SELECTED", TRUE},
{'t', "MC_EXT_ONLYTAGGED", TRUE},
{'\0', NULL, FALSE}
};
/* *INDENT-ON* */
@ -174,7 +193,8 @@ exec_get_export_variables (const vfs_path_t * filename_vpath)
for (i = 0; export_variables[i].name != NULL; i++)
{
text = expand_format (NULL, export_variables[i].symbol, TRUE);
text =
exec_expand_format (export_variables[i].symbol, export_variables[i].is_result_quoted);
if (text != NULL)
{
g_string_append_printf (export_vars_string,

4
tests/lib/Makefile.am
Просмотреть файл

@ -6,6 +6,7 @@ LIBS=@CHECK_LIBS@ $(top_builddir)/lib/libmc.la
TESTS = \
library_independ \
mc_build_filename \
name_quote \
serialize \
x_basename
@ -17,6 +18,9 @@ library_independ_SOURCES = \
mc_build_filename_SOURCES = \
mc_build_filename.c
name_quote_SOURCES = \
name_quote.c
serialize_SOURCES = \
serialize.c

140
tests/lib/name_quote.c Обычный файл
Просмотреть файл

@ -0,0 +1,140 @@
/*
lib/vfs - Quote file names
Copyright (C) 2011
The Free Software Foundation, Inc.
Written by:
Slava Zanko <slavazanko@gmail.com>, 2011
This file is part of the Midnight Commander.
The Midnight Commander is free software: you can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.
The Midnight Commander is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#define TEST_SUITE_NAME "/lib/util"
#include <config.h>
#include <check.h>
#include "lib/global.h"
#include "lib/util.h"
static void
setup (void)
{
}
static void
teardown (void)
{
}
/* --------------------------------------------------------------------------------------------- */
static const struct data_source1_struct
{
gboolean input_quote_percent;
const char *input_string;
const char *expected_string;
} data_source1[] =
{
{ TRUE, "%%", "%%%%"},
{ FALSE, "%%", "%%"},
};
START_TEST (quote_percent_test)
{
// given
char *actual_string;
const struct data_source1_struct test_data = data_source1[_i];
// when
actual_string = name_quote (test_data.input_string, test_data.input_quote_percent);
// then
g_assert_cmpstr (actual_string, ==, test_data.expected_string);
g_free (actual_string);
}
END_TEST
/* --------------------------------------------------------------------------------------------- */
static const struct data_source2_struct
{
const char *input_string;
const char *expected_string;
} data_source2[] =
{
{"-", "./-"},
{"blabla-", "blabla-"},
{"\r\n\t", "\\\r\\\n\\\t"},
{"'\\\";?|[]{}<>`!$&*()", "\\'\\\\\\\"\\;\\?\\|\\[\\]\\{\\}\\<\\>\\`\\!\\$\\&\\*\\(\\)"},
{"a b c ", "a\\ b\\ c\\ "},
{"#", "\\#"},
{"blabla#", "blabla#"},
{"~", "\\~"},
{"blabla~", "blabla~"},
};
START_TEST (name_quote_test)
{
// given
char *actual_string;
const struct data_source2_struct test_data = data_source2[_i];
// when
actual_string = name_quote (test_data.input_string, FALSE);
// then
g_assert_cmpstr (actual_string, ==, test_data.expected_string);
g_free (actual_string);
}
END_TEST
/* --------------------------------------------------------------------------------------------- */
int
main (void)
{
int number_failed;
Suite *s = suite_create (TEST_SUITE_NAME);
TCase *tc_core = tcase_create ("Core");
SRunner *sr;
tcase_add_checked_fixture (tc_core, setup, teardown);
/* Add new tests here: *************** */
tcase_add_loop_test (tc_core, quote_percent_test, 0, sizeof(data_source1)/sizeof(data_source1[0]));
tcase_add_loop_test (tc_core, name_quote_test, 0, sizeof(data_source2)/sizeof(data_source2[0]));
/* *********************************** */
suite_add_tcase (s, tc_core);
sr = srunner_create (s);
srunner_set_log (sr, "serialize.log");
srunner_run_all (sr, CK_NORMAL);
number_failed = srunner_ntests_failed (sr);
srunner_free (sr);
return (number_failed == 0) ? 0 : 1;
}
/* --------------------------------------------------------------------------------------------- */

6
tests/src/filemanager/Makefile.am
Просмотреть файл

@ -14,7 +14,8 @@ endif
TESTS = \
do_panel_cd \
examine_cd
examine_cd \
exec_get_export_variables_ext
check_PROGRAMS = $(TESTS)
@ -23,3 +24,6 @@ do_panel_cd_SOURCES = \
examine_cd_SOURCES = \
examine_cd.c
exec_get_export_variables_ext_SOURCES = \
exec_get_export_variables_ext.c

136
tests/src/filemanager/exec_get_export_variables_ext.c Обычный файл
Просмотреть файл

@ -0,0 +1,136 @@
/*
src/filemanager - filemanager functions
Copyright (C) 2011
The Free Software Foundation, Inc.
Written by:
Slava Zanko <slavazanko@gmail.com>, 2012
This file is part of the Midnight Commander.
The Midnight Commander is free software: you can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.
The Midnight Commander is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#define TEST_SUITE_NAME "/src/filemanager"
#include <config.h>
#include <check.h>
#include "lib/global.h"
#include "src/vfs/local/local.c"
#include "src/filemanager/midnight.c"
#include "src/filemanager/ext.c"
/* --------------------------------------------------------------------------------------------- */
/* mocked functions */
/* --------------------------------------------------------------------------------------------- */
static void
setup (void)
{
str_init_strings (NULL);
vfs_init ();
init_localfs ();
vfs_setup_work_dir ();
mc_global.mc_run_mode = MC_RUN_FULL;
current_panel = g_new0(struct WPanel, 1);
current_panel->cwd_vpath = vfs_path_from_str("/home");
current_panel->dir.list = g_new (file_entry, MIN_FILES);
current_panel->dir.size = MIN_FILES;
}
static void
teardown (void)
{
vfs_shut ();
str_uninit_strings ();
}
/* --------------------------------------------------------------------------------------------- */
START_TEST (sanitize_variables)
{
// given
vfs_path_t * filename_vpath;
char *actual_string;
const char *expected_string;
current_panel->selected = 0;
current_panel->dir.list[0].fname = (char*) "selected file.txt";
current_panel->dir.list[1].fname = (char*) "tagged file1.txt";
current_panel->dir.list[1].f.marked = TRUE;
current_panel->dir.list[2].fname = (char*) "tagged file2.txt";
current_panel->dir.list[2].f.marked = TRUE;
current_panel->count = 3;
// when
filename_vpath = vfs_path_from_str("/tmp/blabla.txt");
actual_string = exec_get_export_variables (filename_vpath);
vfs_path_free (filename_vpath);
// then
expected_string = "\
MC_EXT_FILENAME=/tmp/blabla.txt\n\
export MC_EXT_FILENAME\n\
MC_EXT_BASENAME=selected\\ file.txt\n\
export MC_EXT_BASENAME\n\
MC_EXT_CURRENTDIR=/home\n\
export MC_EXT_CURRENTDIR\n\
MC_EXT_SELECTED=selected\\ file.txt\n\
export MC_EXT_SELECTED\n\
MC_EXT_ONLYTAGGED=\"tagged\\ file1.txt tagged\\ file2.txt \"\n\
export MC_EXT_ONLYTAGGED\n";
g_assert_cmpstr (actual_string, ==, expected_string);
g_free (actual_string);
}
END_TEST
/* --------------------------------------------------------------------------------------------- */
int
main (void)
{
int number_failed;
Suite *s = suite_create (TEST_SUITE_NAME);
TCase *tc_core = tcase_create ("Core");
SRunner *sr;
tcase_add_checked_fixture (tc_core, setup, teardown);
/* Add new tests here: *************** */
tcase_add_test (tc_core, sanitize_variables);
/* *********************************** */
suite_add_tcase (s, tc_core);
sr = srunner_create (s);
srunner_set_log (sr, "do_panel_cd.log");
srunner_run_all (sr, CK_NORMAL);
number_failed = srunner_ntests_failed (sr);
srunner_free (sr);
return (number_failed == 0) ? 0 : 1;
}
/* --------------------------------------------------------------------------------------------- */