ci: skip GitHub workflow runs for already-tested commits/trees
[git.git] / t / t4139-apply-escape.sh
blob45b5660a47d88f736aa777641084d13b45852969
1 #!/bin/sh
3 test_description='paths written by git-apply cannot escape the working tree'
4 . ./test-lib.sh
6 # tests will try to write to ../foo, and we do not
7 # want them to escape the trash directory when they
8 # fail
9 test_expect_success 'bump git repo one level down' '
10 mkdir inside &&
11 mv .git inside/ &&
12 cd inside
15 # $1 = name of file
16 # $2 = current path to file (if different)
17 mkpatch_add () {
18 rm -f "${2:-$1}" &&
19 cat <<-EOF
20 diff --git a/$1 b/$1
21 new file mode 100644
22 index 0000000..53c74cd
23 --- /dev/null
24 +++ b/$1
25 @@ -0,0 +1 @@
26 +evil
27 EOF
30 mkpatch_del () {
31 echo evil >"${2:-$1}" &&
32 cat <<-EOF
33 diff --git a/$1 b/$1
34 deleted file mode 100644
35 index 53c74cd..0000000
36 --- a/$1
37 +++ /dev/null
38 @@ -1 +0,0 @@
39 -evil
40 EOF
43 # $1 = name of file
44 # $2 = content of symlink
45 mkpatch_symlink () {
46 rm -f "$1" &&
47 cat <<-EOF
48 diff --git a/$1 b/$1
49 new file mode 120000
50 index 0000000..$(printf "%s" "$2" | git hash-object --stdin)
51 --- /dev/null
52 +++ b/$1
53 @@ -0,0 +1 @@
54 +$2
55 \ No newline at end of file
56 EOF
59 test_expect_success 'cannot create file containing ..' '
60 mkpatch_add ../foo >patch &&
61 test_must_fail git apply patch &&
62 test_path_is_missing ../foo
65 test_expect_success 'can create file containing .. with --unsafe-paths' '
66 mkpatch_add ../foo >patch &&
67 git apply --unsafe-paths patch &&
68 test_path_is_file ../foo
71 test_expect_success 'cannot create file containing .. (index)' '
72 mkpatch_add ../foo >patch &&
73 test_must_fail git apply --index patch &&
74 test_path_is_missing ../foo
77 test_expect_success 'cannot create file containing .. with --unsafe-paths (index)' '
78 mkpatch_add ../foo >patch &&
79 test_must_fail git apply --index --unsafe-paths patch &&
80 test_path_is_missing ../foo
83 test_expect_success 'cannot delete file containing ..' '
84 mkpatch_del ../foo >patch &&
85 test_must_fail git apply patch &&
86 test_path_is_file ../foo
89 test_expect_success 'can delete file containing .. with --unsafe-paths' '
90 mkpatch_del ../foo >patch &&
91 git apply --unsafe-paths patch &&
92 test_path_is_missing ../foo
95 test_expect_success 'cannot delete file containing .. (index)' '
96 mkpatch_del ../foo >patch &&
97 test_must_fail git apply --index patch &&
98 test_path_is_file ../foo
101 test_expect_success SYMLINKS 'symlink escape via ..' '
103 mkpatch_symlink tmp .. &&
104 mkpatch_add tmp/foo ../foo
105 } >patch &&
106 test_must_fail git apply patch &&
107 test_path_is_missing tmp &&
108 test_path_is_missing ../foo
111 test_expect_success SYMLINKS 'symlink escape via .. (index)' '
113 mkpatch_symlink tmp .. &&
114 mkpatch_add tmp/foo ../foo
115 } >patch &&
116 test_must_fail git apply --index patch &&
117 test_path_is_missing tmp &&
118 test_path_is_missing ../foo
121 test_expect_success SYMLINKS 'symlink escape via absolute path' '
123 mkpatch_symlink tmp "$(pwd)" &&
124 mkpatch_add tmp/foo ../foo
125 } >patch &&
126 test_must_fail git apply patch &&
127 test_path_is_missing tmp &&
128 test_path_is_missing ../foo
131 test_expect_success SYMLINKS 'symlink escape via absolute path (index)' '
133 mkpatch_symlink tmp "$(pwd)" &&
134 mkpatch_add tmp/foo ../foo
135 } >patch &&
136 test_must_fail git apply --index patch &&
137 test_path_is_missing tmp &&
138 test_path_is_missing ../foo
141 test_done