|
3 | 3 | # the BSD License: http://www.opensource.org/licenses/bsd-license.php |
4 | 4 | importos |
5 | 5 | importshutil |
| 6 | +importtempfile |
| 7 | +frompathlibimportPath |
6 | 8 | importsys |
7 | 9 | fromunittestimportskipIf |
8 | 10 |
|
|
12 | 14 | fromgit.cmdimportGit |
13 | 15 | fromgit.compatimportis_win |
14 | 16 | fromgit.configimportGitConfigParser,cp |
15 | | -fromgit.excimportInvalidGitRepositoryError,RepositoryDirtyError |
| 17 | +fromgit.excimport ( |
| 18 | +GitCommandError, |
| 19 | +InvalidGitRepositoryError, |
| 20 | +RepositoryDirtyError, |
| 21 | +UnsafeOptionError, |
| 22 | +UnsafeProtocolError, |
| 23 | +) |
16 | 24 | fromgit.objects.submodule.baseimportSubmodule |
17 | 25 | fromgit.objects.submodule.rootimportRootModule,RootUpdateProgress |
18 | 26 | fromgit.repo.funimportfind_submodule_git_dir,touch |
@@ -1090,3 +1098,109 @@ def test_add_no_clone_multi_options_argument(self, rwdir): |
1090 | 1098 | sm_config=GitConfigParser(file_or_files=osp.join(parent.git_dir,"modules",sm_name,"config")) |
1091 | 1099 | withself.assertRaises(cp.NoOptionError): |
1092 | 1100 | sm_config.get_value("core","eol") |
| 1101 | + |
| 1102 | +@with_rw_repo("HEAD") |
| 1103 | +deftest_submodule_add_unsafe_url(self,rw_repo): |
| 1104 | +urls= [ |
| 1105 | +"ext::sh -c touch% /tmp/pwn", |
| 1106 | +"fd::/foo", |
| 1107 | + ] |
| 1108 | +forurlinurls: |
| 1109 | +withself.assertRaises(UnsafeProtocolError): |
| 1110 | +Submodule.add(rw_repo,"new","new",url) |
| 1111 | + |
| 1112 | +@with_rw_repo("HEAD") |
| 1113 | +deftest_submodule_add_unsafe_url_allowed(self,rw_repo): |
| 1114 | +urls= [ |
| 1115 | +"ext::sh -c touch% /tmp/pwn", |
| 1116 | +"fd::/foo", |
| 1117 | + ] |
| 1118 | +forurlinurls: |
| 1119 | +# The URL will be allowed into the command, but the command will |
| 1120 | +# fail since we don't have that protocol enabled in the Git config file. |
| 1121 | +withself.assertRaises(GitCommandError): |
| 1122 | +Submodule.add(rw_repo,"new","new",url,allow_unsafe_protocols=True) |
| 1123 | + |
| 1124 | +@with_rw_repo("HEAD") |
| 1125 | +deftest_submodule_add_unsafe_options(self,rw_repo): |
| 1126 | +tmp_dir=Path(tempfile.mkdtemp()) |
| 1127 | +tmp_file=tmp_dir/"pwn" |
| 1128 | +unsafe_options= [ |
| 1129 | +f"--upload-pack='touch{tmp_file}'", |
| 1130 | +f"-u 'touch{tmp_file}'", |
| 1131 | +"--config=protocol.ext.allow=always", |
| 1132 | +"-c protocol.ext.allow=always", |
| 1133 | + ] |
| 1134 | +forunsafe_optioninunsafe_options: |
| 1135 | +withself.assertRaises(UnsafeOptionError): |
| 1136 | +Submodule.add(rw_repo,"new","new",str(tmp_dir),clone_multi_options=[unsafe_option]) |
| 1137 | + |
| 1138 | +@with_rw_repo("HEAD") |
| 1139 | +deftest_submodule_add_unsafe_options_allowed(self,rw_repo): |
| 1140 | +tmp_dir=Path(tempfile.mkdtemp()) |
| 1141 | +tmp_file=tmp_dir/"pwn" |
| 1142 | +unsafe_options= [ |
| 1143 | +f"--upload-pack='touch{tmp_file}'", |
| 1144 | +f"-u 'touch{tmp_file}'", |
| 1145 | +"--config=protocol.ext.allow=always", |
| 1146 | +"-c protocol.ext.allow=always", |
| 1147 | + ] |
| 1148 | +forunsafe_optioninunsafe_options: |
| 1149 | +withself.assertRaises(GitCommandError): |
| 1150 | +Submodule.add( |
| 1151 | +rw_repo,"new","new",str(tmp_dir),clone_multi_options=[unsafe_option],allow_unsafe_options=True |
| 1152 | + ) |
| 1153 | + |
| 1154 | +@with_rw_repo("HEAD") |
| 1155 | +deftest_submodule_update_unsafe_url(self,rw_repo): |
| 1156 | +urls= [ |
| 1157 | +"ext::sh -c touch% /tmp/pwn", |
| 1158 | +"fd::/foo", |
| 1159 | + ] |
| 1160 | +forurlinurls: |
| 1161 | +submodule=Submodule(rw_repo,b"\0"*20,name="new",path="new",url=url) |
| 1162 | +withself.assertRaises(UnsafeProtocolError): |
| 1163 | +submodule.update() |
| 1164 | + |
| 1165 | +@with_rw_repo("HEAD") |
| 1166 | +deftest_submodule_update_unsafe_url_allowed(self,rw_repo): |
| 1167 | +urls= [ |
| 1168 | +"ext::sh -c touch% /tmp/pwn", |
| 1169 | +"fd::/foo", |
| 1170 | + ] |
| 1171 | +forurlinurls: |
| 1172 | +submodule=Submodule(rw_repo,b"\0"*20,name="new",path="new",url=url) |
| 1173 | +# The URL will be allowed into the command, but the command will |
| 1174 | +# fail since we don't have that protocol enabled in the Git config file. |
| 1175 | +withself.assertRaises(GitCommandError): |
| 1176 | +submodule.update(allow_unsafe_protocols=True) |
| 1177 | + |
| 1178 | +@with_rw_repo("HEAD") |
| 1179 | +deftest_submodule_update_unsafe_options(self,rw_repo): |
| 1180 | +tmp_dir=Path(tempfile.mkdtemp()) |
| 1181 | +tmp_file=tmp_dir/"pwn" |
| 1182 | +unsafe_options= [ |
| 1183 | +f"--upload-pack='touch{tmp_file}'", |
| 1184 | +f"-u 'touch{tmp_file}'", |
| 1185 | +"--config=protocol.ext.allow=always", |
| 1186 | +"-c protocol.ext.allow=always", |
| 1187 | + ] |
| 1188 | +submodule=Submodule(rw_repo,b"\0"*20,name="new",path="new",url=str(tmp_dir)) |
| 1189 | +forunsafe_optioninunsafe_options: |
| 1190 | +withself.assertRaises(UnsafeOptionError): |
| 1191 | +submodule.update(clone_multi_options=[unsafe_option]) |
| 1192 | + |
| 1193 | +@with_rw_repo("HEAD") |
| 1194 | +deftest_submodule_update_unsafe_options_allowed(self,rw_repo): |
| 1195 | +tmp_dir=Path(tempfile.mkdtemp()) |
| 1196 | +tmp_file=tmp_dir/"pwn" |
| 1197 | +unsafe_options= [ |
| 1198 | +f"--upload-pack='touch{tmp_file}'", |
| 1199 | +f"-u 'touch{tmp_file}'", |
| 1200 | +"--config=protocol.ext.allow=always", |
| 1201 | +"-c protocol.ext.allow=always", |
| 1202 | + ] |
| 1203 | +submodule=Submodule(rw_repo,b"\0"*20,name="new",path="new",url=str(tmp_dir)) |
| 1204 | +forunsafe_optioninunsafe_options: |
| 1205 | +withself.assertRaises(GitCommandError): |
| 1206 | +submodule.update(clone_multi_options=[unsafe_option],allow_unsafe_options=True) |