File 0004-repo-test-configuration-ownership-validation.patch of Package libgit2.25921
From caee92ee03694d33b4ce02b867696ca60c04fda2 Mon Sep 17 00:00:00 2001
From: Edward Thomson <ethomson@edwardthomson.com>
Date: Mon, 11 Apr 2022 17:07:20 +0100
Subject: [PATCH 04/20] repo: test configuration ownership validation
Test that we prevent opening directories that are not owned by
ourselves.
---
tests/repo/config.c | 1 -
tests/repo/open.c | 35 +++++++++++++++++++++++++++++++++++
2 files changed, 35 insertions(+), 1 deletion(-)
diff --git a/tests/repo/config.c b/tests/repo/config.c
index 6ca31f550..93d9e65a3 100644
--- a/tests/repo/config.c
+++ b/tests/repo/config.c
@@ -28,7 +28,6 @@ void test_repo_config__cleanup(void)
cl_assert(!git_path_isdir("alternate"));
cl_fixture_cleanup("empty_standard_repo");
-
}
void test_repo_config__can_open_global_when_there_is_no_file(void)
diff --git a/tests/repo/open.c b/tests/repo/open.c
index bd60c12c2..c7e7a4ccf 100644
--- a/tests/repo/open.c
+++ b/tests/repo/open.c
@@ -7,9 +7,12 @@
void test_repo_open__cleanup(void)
{
cl_git_sandbox_cleanup();
+ cl_fixture_cleanup("empty_standard_repo");
if (git_path_isdir("alternate"))
git_futils_rmdir_r("alternate", NULL, GIT_RMDIR_REMOVE_FILES);
+
+ git_path__set_owner(GIT_PATH_MOCK_OWNER_NONE);
}
void test_repo_open__bare_empty_repo(void)
@@ -453,3 +456,35 @@ void test_repo_open__force_bare(void)
git_repository_free(barerepo);
}
+void test_repo_open__validates_dir_ownership(void)
+{
+ git_repository *repo;
+
+ cl_fixture_sandbox("empty_standard_repo");
+ cl_git_pass(cl_rename("empty_standard_repo/.gitted", "empty_standard_repo/.git"));
+
+ /* When the current user owns the repo config, that's acceptable */
+ git_path__set_owner(GIT_PATH_MOCK_OWNER_CURRENT_USER);
+ cl_git_pass(git_repository_open(&repo, "empty_standard_repo"));
+ git_repository_free(repo);
+
+ /* When the system user owns the repo config, fail */
+ git_path__set_owner(GIT_PATH_MOCK_OWNER_SYSTEM);
+ cl_git_fail(git_repository_open(&repo, "empty_standard_repo"));
+
+ /* When an unknown user owns the repo config, fail */
+ git_path__set_owner(GIT_PATH_MOCK_OWNER_OTHER);
+ cl_git_fail(git_repository_open(&repo, "empty_standard_repo"));
+}
+
+void test_repo_open__can_allowlist_dirs_with_problematic_ownership(void)
+{
+ git_repository *repo;
+
+ cl_fixture_sandbox("empty_standard_repo");
+ cl_git_pass(cl_rename("empty_standard_repo/.gitted", "empty_standard_repo/.git"));
+
+ git_path__set_owner(GIT_PATH_MOCK_OWNER_OTHER);
+ cl_git_fail(git_repository_open(&repo, "empty_standard_repo"));
+
+}
--
2.37.1
