From 9c6c4190d8edcb4d9b3444db173ed6d77a3123f4 Mon Sep 17 00:00:00 2001 From: Klaus Aehlig Date: Wed, 8 Jun 2022 16:00:03 +0200 Subject: Disallow upwards-facing inputs in actions and tree constructors --- test/end-to-end/actions/conflicts.sh | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'test/end-to-end/actions') diff --git a/test/end-to-end/actions/conflicts.sh b/test/end-to-end/actions/conflicts.sh index 0adf0476..b0852ff5 100755 --- a/test/end-to-end/actions/conflicts.sh +++ b/test/end-to-end/actions/conflicts.sh @@ -18,6 +18,10 @@ cat > RULES <<'EOI' , "key": "./foo.txt" , "value": {"type": "BLOB", "data": "Same String"} } + , { "type": "singleton_map" + , "key": "bar/baz/../../not-upwards.txt" + , "value": {"type": "BLOB", "data": "unrelated"} + } ] } ] @@ -185,6 +189,27 @@ cat > RULES <<'EOI' , "body": {"type": "RESULT", "artifacts": {"type": "var", "name": "out"}} } } +, "upwards-inputs": + { "expression": + { "type": "let*" + , "bindings": + [ [ "map" + , { "type": "singleton_map" + , "key": "bar/../../foo.txt" + , "value": {"type": "BLOB", "data": "Some content"} + } + ] + , [ "out" + , { "type": "ACTION" + , "inputs": {"type": "var", "name": "map"} + , "outs": ["out"] + , "cmd": ["cp", "../foo.txt", "out"] + } + ] + ] + , "body": {"type": "RESULT", "artifacts": {"type": "var", "name": "out"}} + } + } } EOI cat > TARGETS <<'EOI' @@ -196,6 +221,7 @@ cat > TARGETS <<'EOI' , "artifacts-tree-conflict": {"type": "artifacts-tree-conflict"} , "runfiles-tree-conflict": {"type": "runfiles-tree-conflict"} , "file-file-conflict": {"type": "file-file-conflict"} +, "upwards-inputs": {"type": "upwards-inputs"} } EOI @@ -230,5 +256,9 @@ echo ./bin/tool-under-test analyse -f log file-file-conflict 2>&1 && exit 1 || : grep -i 'error.*.*conflict.*foo/bar/baz.txt' log +echo +./bin/tool-under-test analyse -f log upwards-inputs 2>&1 && exit 1 || : +grep -i 'error.*\.\./foo.txt' log + echo echo DONE -- cgit v1.2.3