...

Source file src/github.com/Microsoft/hcsshim/internal/safefile/safeopen_admin_test.go

Documentation: github.com/Microsoft/hcsshim/internal/safefile

     1  //go:build windows && admin
     2  // +build windows,admin
     3  
     4  package safefile
     5  
     6  import (
     7  	"os"
     8  	"path/filepath"
     9  	"syscall"
    10  	"testing"
    11  
    12  	"github.com/Microsoft/hcsshim/internal/winapi"
    13  )
    14  
    15  func TestOpenRelative(t *testing.T) {
    16  	badroot, err := tempRoot(t)
    17  	if err != nil {
    18  		t.Fatal(err)
    19  	}
    20  
    21  	root, err := tempRoot(t)
    22  	if err != nil {
    23  		t.Fatal(err)
    24  	}
    25  
    26  	// Create a file
    27  	f, err := OpenRelative("foo", root, 0, syscall.FILE_SHARE_READ, winapi.FILE_CREATE, 0)
    28  	if err != nil {
    29  		t.Fatal(err)
    30  	}
    31  	f.Close()
    32  
    33  	// Create a directory
    34  	err = MkdirRelative("dir", root)
    35  	if err != nil {
    36  		t.Fatal(err)
    37  	}
    38  
    39  	// Create a directory stack
    40  	err = MkdirAllRelative("dir/and/then/some/subdir", root)
    41  	if err != nil {
    42  		t.Fatal(err)
    43  	}
    44  
    45  	// Create a file in the bad root
    46  	f, err = os.Create(filepath.Join(badroot.Name(), "badfile"))
    47  	if err != nil {
    48  		t.Fatal(err)
    49  	}
    50  	f.Close()
    51  
    52  	// Create a directory symlink to the bad root
    53  	err = os.Symlink(badroot.Name(), filepath.Join(root.Name(), "dsymlink"))
    54  	if err != nil {
    55  		t.Fatal(err)
    56  	}
    57  
    58  	// Create a file symlink to the bad file
    59  	err = os.Symlink(filepath.Join(badroot.Name(), "badfile"), filepath.Join(root.Name(), "symlink"))
    60  	if err != nil {
    61  		t.Fatal(err)
    62  	}
    63  
    64  	// Make sure opens cannot happen through the symlink
    65  	f, err = OpenRelative("dsymlink/foo", root, 0, syscall.FILE_SHARE_READ, winapi.FILE_CREATE, 0)
    66  	if err == nil {
    67  		f.Close()
    68  		t.Fatal("created file in wrong tree!")
    69  	}
    70  	t.Log(err)
    71  
    72  	// Make sure directory stacks cannot pass through a symlink
    73  	err = MkdirAllRelative("dsymlink/and/then/some/subdir", root)
    74  	if err == nil {
    75  		t.Fatal("created a directory tree through a symlink")
    76  	}
    77  	t.Log(err)
    78  
    79  	// Check again using EnsureNotReparsePointRelative
    80  	err = EnsureNotReparsePointRelative("dsymlink", root)
    81  	if err == nil {
    82  		t.Fatal("reparse check should have failed")
    83  	}
    84  	t.Log(err)
    85  
    86  	// Make sure links work
    87  	err = LinkRelative("foo", root, "hardlink", root)
    88  	if err != nil {
    89  		t.Fatal(err)
    90  	}
    91  
    92  	// Even inside directories
    93  	err = LinkRelative("foo", root, "dir/bar", root)
    94  	if err != nil {
    95  		t.Fatal(err)
    96  	}
    97  
    98  	// Make sure links cannot happen through the symlink
    99  	err = LinkRelative("foo", root, "dsymlink/hardlink", root)
   100  	if err == nil {
   101  		f.Close()
   102  		t.Fatal("created link in wrong tree!")
   103  	}
   104  	t.Log(err)
   105  
   106  	// In either direction
   107  	err = LinkRelative("dsymlink/badfile", root, "bar", root)
   108  	if err == nil {
   109  		f.Close()
   110  		t.Fatal("created link in wrong tree!")
   111  	}
   112  	t.Log(err)
   113  
   114  	// Make sure remove cannot happen through the symlink
   115  	err = RemoveRelative("symlink/badfile", root)
   116  	if err == nil {
   117  		t.Fatal("remove in wrong tree!")
   118  	}
   119  
   120  	// Remove the symlink
   121  	err = RemoveAllRelative("symlink", root)
   122  	if err != nil {
   123  		t.Fatal(err)
   124  	}
   125  
   126  	// Make sure it's not possible to escape with .. (NT doesn't support .. at the kernel level)
   127  	f, err = OpenRelative("..", root, syscall.GENERIC_READ, syscall.FILE_SHARE_READ, winapi.FILE_OPEN, 0)
   128  	if err == nil {
   129  		f.Close()
   130  		t.Fatal("escaped the directory")
   131  	}
   132  	t.Log(err)
   133  
   134  	// Should not have touched the other directory
   135  	if _, err = os.Lstat(filepath.Join(badroot.Name(), "badfile")); err != nil {
   136  		t.Fatal(err)
   137  	}
   138  }
   139  

View as plain text