neocgit

a more 'modern' version of cgit
Log | Files | Refs | Submodules | README | LICENSE | git clone https://git.ne02ptzero.me/git/neocgit

commit dd1f0e5f1b4de00c98fe7444915864b7271e09fe
parent 9844c60755cbad8000bca759741bfe113035a8eb
Author: Jason A. Donenfeld <Jason@zx2c4.com>
Date:   Mon,  8 Apr 2013 22:18:21 +0200

tests: Make sure that git does not access $HOME

With the latest changes to prevent git from accessing configuration
files that it should not, it's important to be sure that we won't
have further breakage in the future.

Use strace to implement a test to make sure cgit does not access()
anything built from $HOME.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Diffstat:
Atests/t0109-gitconfig.sh | 25+++++++++++++++++++++++++
1 file changed, 25 insertions(+), 0 deletions(-)

diff --git a/tests/t0109-gitconfig.sh b/tests/t0109-gitconfig.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +test_description='Ensure that git does not access $HOME' +. ./setup.sh + +test -n "$(which strace 2>/dev/null)" || { + skip_all='Skipping access validation tests: strace not found' + test_done + exit +} + +test_expect_success 'no access to $HOME' ' + non_existant_path="/path/to/some/place/that/does/not/possibly/exist" + while test -d "$non_existant_path"; do + non_existant_path="$non_existant_path/$(date +%N)" + done + strace \ + -E HOME="$non_existant_path" \ + -E CGIT_CONFIG="$PWD/cgitrc" \ + -E QUERY_STRING="url=foo/commit" \ + -e access -f -o strace.out cgit + test_must_fail grep "$non_existant_path" strace.out +' + +test_done