Add tests for invalid file names in NARs

Note: in general, we rely on the OS to tell us if a name is invalid or
if two names normalize in the same way. But for security, we do want
to make sure that we catch '.', '..', slashes and NUL characters. (NUL
characters aren't really a security issue, but since they would be
truncated when we pass them to the OS, it would be canonicity problem.)
This commit is contained in:
Eelco Dolstra 2024-09-12 14:58:33 +02:00
parent 48477d4a3e
commit 421aa1add1
6 changed files with 20 additions and 0 deletions

BIN
tests/functional/dot.nar Normal file

Binary file not shown.

BIN
tests/functional/dotdot.nar Normal file

Binary file not shown.

BIN
tests/functional/empty.nar Normal file

Binary file not shown.

View file

@ -92,3 +92,23 @@ else
[[ -e $TEST_ROOT/out/â ]] [[ -e $TEST_ROOT/out/â ]]
[[ -e $TEST_ROOT/out/â ]] [[ -e $TEST_ROOT/out/â ]]
fi fi
# Unpacking a NAR with a NUL character in a file name should fail.
rm -rf "$TEST_ROOT/out"
expectStderr 1 nix-store --restore "$TEST_ROOT/out" < nul.nar | grepQuiet "NAR contains invalid file name 'f"
# Likewise for a '.' filename.
rm -rf "$TEST_ROOT/out"
expectStderr 1 nix-store --restore "$TEST_ROOT/out" < dot.nar | grepQuiet "NAR contains invalid file name '.'"
# Likewise for a '..' filename.
rm -rf "$TEST_ROOT/out"
expectStderr 1 nix-store --restore "$TEST_ROOT/out" < dotdot.nar | grepQuiet "NAR contains invalid file name '..'"
# Likewise for a filename containing a slash.
rm -rf "$TEST_ROOT/out"
expectStderr 1 nix-store --restore "$TEST_ROOT/out" < slash.nar | grepQuiet "NAR contains invalid file name 'x/y'"
# Likewise for an empty filename.
rm -rf "$TEST_ROOT/out"
expectStderr 1 nix-store --restore "$TEST_ROOT/out" < empty.nar | grepQuiet "NAR contains invalid file name ''"

BIN
tests/functional/nul.nar Normal file

Binary file not shown.

BIN
tests/functional/slash.nar Normal file

Binary file not shown.