diff options
author | glebius <glebius@FreeBSD.org> | 2016-05-31 16:35:03 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2016-05-31 16:35:03 +0000 |
commit | a4a1ee276a9b4b2382dbed7d6d278b0a901a5d05 (patch) | |
tree | 59de8ba9bc739e7081aaf3f3c3a3279188d940ba /contrib/libarchive/libarchive/test | |
parent | 8a232783c3444677eb1faa3048123dda21767094 (diff) | |
download | FreeBSD-src-a4a1ee276a9b4b2382dbed7d6d278b0a901a5d05.zip FreeBSD-src-a4a1ee276a9b4b2382dbed7d6d278b0a901a5d05.tar.gz |
Merge r300361 by mm@:
Backport security fix for absolute path traversal
vulnerability in bsdcpio.
Security: CVE-2015-2304
Security: SA-16:22
Approved by: so
Diffstat (limited to 'contrib/libarchive/libarchive/test')
-rw-r--r-- | contrib/libarchive/libarchive/test/test_write_disk_secure.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/contrib/libarchive/libarchive/test/test_write_disk_secure.c b/contrib/libarchive/libarchive/test/test_write_disk_secure.c index 2345bfe..30b77f8 100644 --- a/contrib/libarchive/libarchive/test/test_write_disk_secure.c +++ b/contrib/libarchive/libarchive/test/test_write_disk_secure.c @@ -178,6 +178,29 @@ DEFINE_TEST(test_write_disk_secure) assert(S_ISDIR(st.st_mode)); archive_entry_free(ae); + /* + * Without security checks, we should be able to + * extract an absolute path. + */ + assert((ae = archive_entry_new()) != NULL); + archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp"); + archive_entry_set_mode(ae, S_IFREG | 0777); + assert(0 == archive_write_header(a, ae)); + assert(0 == archive_write_finish_entry(a)); + assertFileExists("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp"); + assert(0 == unlink("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp")); + + /* But with security checks enabled, this should fail. */ + assert(archive_entry_clear(ae) != NULL); + archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp"); + archive_entry_set_mode(ae, S_IFREG | 0777); + archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS); + failure("Extracting an absolute path should fail here."); + assertEqualInt(ARCHIVE_FAILED, archive_write_header(a, ae)); + archive_entry_free(ae); + assert(0 == archive_write_finish_entry(a)); + assertFileNotExists("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp"); + assertEqualInt(ARCHIVE_OK, archive_write_free(a)); /* Test the entries on disk. */ |