[PATCH] tests/fake_snap: sanitize paths
Jeremy Allison
jra at samba.org
Mon Aug 28 22:56:04 UTC 2017
On Sat, Aug 26, 2017 at 11:40:37PM +0200, David Disseldorp via samba-technical wrote:
> Ensure fake_snap.pl can be run in taint mode (-T), by sanitizing paths
> and the PATH env. This fixes the following samba3.rpc.fsrvp selftest
> failures:
> Insecure dependency in mkdir while running setgid at (eval 2) line 4.
> snap create failed: NT_STATUS_UNSUCCESSFUL
> snap create failed for shadow copy of /home/ddiss/isms/samba/st/nt4_dc/share
>
> Bug: https://bugzilla.samba.org/show_bug.cgi?id=12988
>
> Signed-off-by: David Disseldorp <ddiss at samba.org>
LGTM. Pushed.
> source3/script/tests/fake_snap.pl | 19 ++++++++++++++++---
> 1 file changed, 16 insertions(+), 3 deletions(-)
>
> diff --git a/source3/script/tests/fake_snap.pl b/source3/script/tests/fake_snap.pl
> index d1233f375b0..18bbcb7142e 100755
> --- a/source3/script/tests/fake_snap.pl
> +++ b/source3/script/tests/fake_snap.pl
> @@ -5,14 +5,25 @@ use strict;
> use File::Path qw(rmtree);
> use POSIX ();
>
> +sub _untaint_path
> +{
> + my ($path) = @_;
> +
> + if ($path =~ /^(.*)$/) {
> + return $1;
> + }
> + die "bad path";
> +}
> +
> sub _create_snapshot
> {
> - my ($base_path) = @_;
> + my ($base_path) = _untaint_path(shift);
> my $time_str = POSIX::strftime("%Y.%m.%d-%H.%M.%S" , localtime());
> my $snap_path = $base_path . "/.snapshots/\@GMT-" . $time_str;
> my $ret;
>
> - POSIX::mkdir($base_path . "/.snapshots", 0777);
> + $ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH
> + POSIX::mkdir($base_path . "/.snapshots", 0755);
>
> # add trailing slash to src path to ensure that only contents is copied
> $ret = system("rsync", "-a", "--exclude=.snapshots/", "${base_path}/",
> @@ -28,7 +39,8 @@ sub _create_snapshot
>
> sub _delete_snapshot
> {
> - my ($base_path, $snap_path) = @_;
> + my $base_path = _untaint_path(shift);
> + my $snap_path = _untaint_path(shift);
>
> # we're doing a recursive delete, so do some sanity checks
> if ((index($snap_path, $base_path) != 0) || (index($snap_path, ".snapshots") == -1)) {
> @@ -36,6 +48,7 @@ sub _delete_snapshot
> return -1;
> }
>
> + $ENV{'PATH'} = '/bin:/usr/bin'; # untaint PATH
> rmtree($snap_path, {error => \my $err});
> if (@$err) {
> for my $diag (@$err) {
> --
> 2.13.5
>
>
More information about the samba-technical
mailing list