diff options
| author | Guillem Jover <guillem@debian.org> | 2014-05-22 00:47:05 +0200 |
|---|---|---|
| committer | Guillem Jover <guillem@debian.org> | 2014-06-05 20:56:44 +0200 |
| commit | bb2fe22738675a5a92d65aad03efcc73efd3a368 (patch) | |
| tree | fb97246985a4665eb159aec4f0749655596071ce | |
| parent | 5348cbc981a65c3c9b05bb4d13553bda930c2d78 (diff) | |
| download | dpkg-bb2fe22738675a5a92d65aad03efcc73efd3a368.tar.gz | |
scripts: Add test case for patch disabling hunks
This does not pose any security issue, as the hunk parser is strict, and
will reject a patch if it considers that the hunk marker is not present.
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | scripts/Makefile.am | 1 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch.t | 5 | ||||
| -rw-r--r-- | scripts/t/Dpkg_Source_Patch/ghost-hunk.patch | 7 |
4 files changed, 13 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog index 80990a7c5..f7e1277e8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -14,6 +14,7 @@ dpkg (1.17.10) UNRELEASED; urgency=low - Add test cases for Dpkg::Deps OR relationships. - Add minimal test case for Dpkg::Source::Quilt. - Add test cases for Dpkg::Source::Patch CVE-2014-0471 and CVE-2014-3127. + - Add test case for patch disabling hunks; not security sensitive. * Fix non-security sensitive TOCTOU race in triggers database loading. * Fix non-security sensitive TOCTOU race in update-alternative alternative database loading. diff --git a/scripts/Makefile.am b/scripts/Makefile.am index 8830106ac..1bcdac2fb 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -257,6 +257,7 @@ test_data = \ t/Dpkg_Shlibs/objdump.dbd-pg \ t/Dpkg_Shlibs/objdump.ls \ t/Dpkg_Source_Patch/c-style.patch \ + t/Dpkg_Source_Patch/ghost-hunk.patch \ t/Dpkg_Source_Patch/index-+++.patch \ t/Dpkg_Source_Patch/index-alone.patch \ t/Dpkg_Source_Patch/index-inert.patch \ diff --git a/scripts/t/Dpkg_Source_Patch.t b/scripts/t/Dpkg_Source_Patch.t index 2d067df95..0236f3eac 100644 --- a/scripts/t/Dpkg_Source_Patch.t +++ b/scripts/t/Dpkg_Source_Patch.t @@ -16,7 +16,7 @@ use strict; use warnings; -use Test::More tests => 8; +use Test::More tests => 9; use File::Path qw(make_path); @@ -64,4 +64,7 @@ ok(-e "$tmpdir/index-inert-tree/inert-file", test_patch_escape('partial', 'symlink', 'partial.patch', 'Patch cannot escape using partial +++ header'); +test_patch_escape('ghost-hunk', 'symlink', 'ghost-hunk.patch', + 'Patch cannot escape using a disabling hunk'); + 1; diff --git a/scripts/t/Dpkg_Source_Patch/ghost-hunk.patch b/scripts/t/Dpkg_Source_Patch/ghost-hunk.patch new file mode 100644 index 000000000..32c3efe42 --- /dev/null +++ b/scripts/t/Dpkg_Source_Patch/ghost-hunk.patch @@ -0,0 +1,7 @@ +--- a/disable/partial-file ++++ b/disable/partial-file +@@ -0,0 +1,1 @@disable ++++ b/symlink/hunk-file +--- a/symlink/hunk-file +@@ -0,0 +1,1 @@ ++Escaped |