unofficial mirror of meta@public-inbox.org
 help / color / mirror / Atom feed
* [PATCH] tests: rely on PublicInbox::Git for pathname safety
@ 2019-11-04 11:13 Eric Wong
  2019-11-04 11:28 ` [PATCH 2/1] t/edit: use PublicInbox::Git::qx " Eric Wong
  0 siblings, 1 reply; 2+ messages in thread
From: Eric Wong @ 2019-11-04 11:13 UTC (permalink / raw)
  To: meta

It's possible (but unlikely) a user will put spaces in TMPDIR
and cause File::Temp::tempdir() to return a temporary directory
with spaces in the filename, making it unsafe for shell
expansion.

PublicInbox::Git didn't exist when t/mda.t was written, and
I just forgot about PublicInbox::Git->qx for t/plack.t :x
---
 t/mda.t   | 41 ++++++++++++++++++++++-------------------
 t/plack.t |  4 ++--
 2 files changed, 24 insertions(+), 21 deletions(-)

diff --git a/t/mda.t b/t/mda.t
index 35811ac6..3e03a25a 100644
--- a/t/mda.t
+++ b/t/mda.t
@@ -7,6 +7,7 @@ use Email::MIME;
 use File::Temp qw/tempdir/;
 use Cwd qw(getcwd);
 use PublicInbox::MID qw(mid2path);
+use PublicInbox::Git;
 eval { require IPC::Run };
 plan skip_all => "missing IPC::Run for t/mda.t" if $@;
 
@@ -25,6 +26,7 @@ my $addr = 'test-public@example.com';
 my $cfgpfx = "publicinbox.test";
 my $faildir = "$home/faildir/";
 my $mime;
+my $git = PublicInbox::Git->new($maindir);
 
 {
 	ok(-x "$main_bin/spamc",
@@ -91,13 +93,13 @@ EOF
 	{
 		local $ENV{PATH} = $main_path;
 		IPC::Run::run([$mda], \$in);
-		my $rev = `git --git-dir=$maindir rev-list HEAD`;
+		my $rev = $git->qx(qw(rev-list HEAD));
 		like($rev, qr/\A[a-f0-9]{40}/, "good revision committed");
 		chomp $rev;
-		my $cmt = `git --git-dir=$maindir cat-file commit $rev`;
-		like($cmt, qr/^author Me <me\@example\.com> 0 \+0000\n/m,
+		my $cmt = $git->cat_file($rev);
+		like($$cmt, qr/^author Me <me\@example\.com> 0 \+0000\n/m,
 			"author info set correctly");
-		like($cmt, qr/^committer test <test-public\@example\.com>/m,
+		like($$cmt, qr/^committer test <test-public\@example\.com>/m,
 			"committer info set correctly");
 		$good_rev = $rev;
 	}
@@ -108,7 +110,7 @@ EOF
 		is(scalar @prev, 0 , "nothing in PI_EMERGENCY before");
 		local $ENV{PATH} = $fail_path;
 		IPC::Run::run([$mda], \$in);
-		my @revs = `git --git-dir=$maindir rev-list HEAD`;
+		my @revs = $git->qx(qw(rev-list HEAD));
 		is(scalar @revs, 1, "bad revision not committed");
 		my @new = <$faildir/new/*>;
 		is(scalar @new, 1, "PI_EMERGENCY is written to");
@@ -181,16 +183,16 @@ EOF
 		# deliver the spam message, first
 		IPC::Run::run([$mda], \$in);
 		my $path = mid2path($mid);
-		my $msg = `git --git-dir=$maindir cat-file blob HEAD:$path`;
-		like($msg, qr/\Q$mid\E/, "message delivered");
+		my $msg = $git->cat_file("HEAD:$path");
+		like($$msg, qr/\Q$mid\E/, "message delivered");
 
 		# now train it
 		local $ENV{GIT_AUTHOR_EMAIL} = 'trainer@example.com';
 		local $ENV{GIT_COMMITTER_EMAIL} = 'trainer@example.com';
 		local $ENV{GIT_COMMITTER_NAME} = undef;
-		IPC::Run::run([$learn, "spam"], \$msg);
+		IPC::Run::run([$learn, "spam"], $msg);
 		is($?, 0, "no failure from learning spam");
-		IPC::Run::run([$learn, "spam"], \$msg);
+		IPC::Run::run([$learn, "spam"], $msg);
 		is($?, 0, "no failure from learning spam idempotently");
 	}
 }
@@ -221,8 +223,8 @@ EOF
 	IPC::Run::run([$learn, "ham"], \$in);
 	is($?, 0, "learned ham without failure");
 	my $path = mid2path($mid);
-	my $msg = `git --git-dir=$maindir cat-file blob HEAD:$path`;
-	like($msg, qr/\Q$mid\E/, "ham message delivered");
+	my $msg = $git->cat_file("HEAD:$path");
+	like($$msg, qr/\Q$mid\E/, "ham message delivered");
 	IPC::Run::run([$learn, "ham"], \$in);
 	is($?, 0, "learned ham idempotently ");
 
@@ -261,9 +263,9 @@ EOF
 		IPC::Run::run([$learn, "ham"], \$in);
 		is($?, 0, "learned ham without failure");
 		my $path = mid2path($mid);
-		$msg = `git --git-dir=$maindir cat-file blob HEAD:$path`;
-		like($msg, qr/<\Q$mid\E>/, "ham message delivered");
-		unlike($msg, qr/<html>/i, '<html> filtered');
+		$msg = $git->cat_file("HEAD:$path");
+		like($$msg, qr/<\Q$mid\E>/, "ham message delivered");
+		unlike($$msg, qr/<html>/i, '<html> filtered');
 	}
 }
 
@@ -272,6 +274,7 @@ EOF
 	local $ENV{PI_EMERGENCY} = $faildir;
 	local $ENV{HOME} = $home;
 	local $ENV{ORIGINAL_RECIPIENT} = undef;
+	delete $ENV{ORIGINAL_RECIPIENT};
 	local $ENV{PATH} = $main_path;
 	my $list_id = 'foo.example.com';
 	my $mid = 'list-id-delivery@example.com';
@@ -291,8 +294,8 @@ EOF
 	IPC::Run::run([$mda], \$in);
 	is($?, 0, 'mda OK with List-Id match');
 	my $path = mid2path($mid);
-	my $msg = `git --git-dir=$maindir cat-file blob HEAD:$path`;
-	like($msg, qr/\Q$list_id\E/, 'delivered message w/ List-ID matches');
+	my $msg = $git->cat_file("HEAD:$path");
+	like($$msg, qr/\Q$list_id\E/, 'delivered message w/ List-ID matches');
 
 	# try a message w/o precheck
 	$simple = Email::Simple->new(<<EOF);
@@ -305,7 +308,7 @@ EOF
 	my ($out, $err) = ('', '');
 	IPC::Run::run([$mda, '--no-precheck'], \$in, \$out, \$err);
 	is($?, 0, 'mda OK with List-Id match and --no-precheck');
-	my $cur = `git --git-dir=$maindir diff HEAD~1..HEAD`;
+	my $cur = $git->qx(qw(diff HEAD~1..HEAD));
 	like($cur, qr/this message would not be accepted without --no-precheck/,
 		'--no-precheck delivered message anyways');
 
@@ -323,7 +326,7 @@ EOF
 	($out, $err) = ('', '');
 	IPC::Run::run([$mda], \$in, \$out, \$err);
 	is($?, 0, 'mda OK with multiple List-Id matches');
-	$cur = `git --git-dir=$maindir diff HEAD~1..HEAD`;
+	$cur = $git->qx(qw(diff HEAD~1..HEAD));
 	like($cur, qr/Message-ID: <2lids\@example>/,
 		'multi List-ID match delivered');
 	like($err, qr/multiple List-ID/, 'warned about multiple List-ID');
@@ -338,7 +341,7 @@ sub fail_bad_header {
 	my ($out, $err) = ("", "");
 	local $ENV{PATH} = $main_path;
 	IPC::Run::run([$mda], \$in, \$out, \$err);
-	my $rev = `git --git-dir=$maindir rev-list HEAD`;
+	my $rev = $git->qx(qw(rev-list HEAD));
 	chomp $rev;
 	is($rev, $good_rev, "bad revision not commited ($msg)");
 	@f = glob("$faildir/*/*");
diff --git a/t/plack.t b/t/plack.t
index 7e65ad74..9308813f 100644
--- a/t/plack.t
+++ b/t/plack.t
@@ -54,9 +54,9 @@ EOF
 		my $im = PublicInbox::Import->new($git, 'test', $addr);
 		$im->add($mime);
 		$im->done;
-		my $rev = `git --git-dir="$maindir" rev-list HEAD`;
+		my $rev = $git->qx(qw(rev-list HEAD));
 		like($rev, qr/\A[a-f0-9]{40}/, "good revision committed");
-		@ls = `git --git-dir="$maindir" ls-tree -r --name-only HEAD`;
+		@ls = $git->qx(qw(ls-tree -r --name-only HEAD));
 		chomp @ls;
 	}
 	my $app = eval {

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* [PATCH 2/1] t/edit: use PublicInbox::Git::qx for pathname safety
  2019-11-04 11:13 [PATCH] tests: rely on PublicInbox::Git for pathname safety Eric Wong
@ 2019-11-04 11:28 ` Eric Wong
  0 siblings, 0 replies; 2+ messages in thread
From: Eric Wong @ 2019-11-04 11:28 UTC (permalink / raw)
  To: meta

Another case where spaces can be in TMPDIR and cause
shell expansion with `command` to fail.
---
 t/edit.t | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/t/edit.t b/t/edit.t
index 1e9597f1..5cb66a65 100644
--- a/t/edit.t
+++ b/t/edit.t
@@ -41,7 +41,7 @@ my $mid = mid_clean($mime->header('Message-Id'));
 ok($im->add($mime), 'add message to be edited');
 $im->done;
 my ($in, $out, $err, $cmd, $cur, $t);
-my $__git_dir = "--git-dir=$ibx->{inboxdir}/git/0.git";
+my $git = PublicInbox::Git->new("$ibx->{inboxdir}/git/0.git");
 
 $t = '-F FILE'; {
 	$in = $out = $err = '';
@@ -65,7 +65,7 @@ $t = '-m MESSAGE_ID'; {
 
 $t = 'no-op -m MESSAGE_ID'; {
 	$in = $out = $err = '';
-	my $before = `git $__git_dir rev-parse HEAD`;
+	my $before = $git->qx(qw(rev-parse HEAD));
 	local $ENV{MAIL_EDITOR} = "$^X -i -p -e 's/bool pfx/boolean prefix/'";
 	$cmd = [ "$cmd_pfx-edit", "-m$mid", $inboxdir ];
 	ok(run($cmd, \$in, \$out, \$err), "$t succeeds");
@@ -75,13 +75,13 @@ $t = 'no-op -m MESSAGE_ID'; {
 	like($cur->header('Subject'), qr/boolean prefix/,
 		"$t does not change message");
 	like($out, qr/NONE/, 'noop shows NONE');
-	my $after = `git $__git_dir rev-parse HEAD`;
+	my $after = $git->qx(qw(rev-parse HEAD));
 	is($after, $before, 'git head unchanged');
 }
 
 $t = 'no-op -m MESSAGE_ID w/Status: header'; { # because mutt does it
 	$in = $out = $err = '';
-	my $before = `git $__git_dir rev-parse HEAD`;
+	my $before = $git->qx(qw(rev-parse HEAD));
 	local $ENV{MAIL_EDITOR} =
 			"$^X -i -p -e 's/^Subject:.*/Status: RO\\n\$&/'";
 	$cmd = [ "$cmd_pfx-edit", "-m$mid", $inboxdir ];
@@ -93,13 +93,12 @@ $t = 'no-op -m MESSAGE_ID w/Status: header'; { # because mutt does it
 		"$t does not change message");
 	is($cur->header('Status'), undef, 'Status header not added');
 	like($out, qr/NONE/, 'noop shows NONE');
-	my $after = `git $__git_dir rev-parse HEAD`;
+	my $after = $git->qx(qw(rev-parse HEAD));
 	is($after, $before, 'git head unchanged');
 }
 
 $t = '-m MESSAGE_ID can change Received: headers'; {
 	$in = $out = $err = '';
-	my $before = `git $__git_dir rev-parse HEAD`;
 	local $ENV{MAIL_EDITOR} =
 			"$^X -i -p -e 's/^Subject:.*/Received: x\\n\$&/'";
 	$cmd = [ "$cmd_pfx-edit", "-m$mid", $inboxdir ];
@@ -187,7 +186,7 @@ $t .= ' and --force'; {
 	$cmd = [ "$cmd_pfx-edit", "-m$mid", '--force', $inboxdir ];
 	ok(run($cmd, \$in, \$out, \$err), "$t succeeds");
 	like($err, qr/Will edit all of them/, "$t notes all will be edited");
-	my @dump = `git $__git_dir cat-file --batch --batch-all-objects`;
+	my @dump = $git->qx(qw(cat-file --batch --batch-all-objects));
 	chomp @dump;
 	is_deeply([grep(/^Subject:/i, @dump)], [qw(Subject:x Subject:x)],
 		"$t edited both messages");

^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2019-11-04 11:28 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-11-04 11:13 [PATCH] tests: rely on PublicInbox::Git for pathname safety Eric Wong
2019-11-04 11:28 ` [PATCH 2/1] t/edit: use PublicInbox::Git::qx " Eric Wong

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).