diff options
| author | Sascha Silbe <silbe@linux.vnet.ibm.com> | 2016-08-18 20:46:03 +0200 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2016-08-19 12:44:11 +0100 |
| commit | 5f9f818ea88a013b2464563be354dd2f0f316407 (patch) | |
| tree | 01e9bee5a707f6274673e25b0e58808735793172 | |
| parent | 50455700092412d90ffaf57ee5d00f38f7d1cc5b (diff) | |
| download | qemu-5f9f818ea88a013b2464563be354dd2f0f316407.tar.gz | |
test-logging: don't hard-code paths in /tmp
Since f6880b7f [qemu-log: support simple pid substitution for logs],
test-logging creates files with hard-coded names in /tmp. In the best
case, this prevents multiple developers from running "make check" on
the same machine. In the worst case, it allows for symlink attacks,
enabling an attacker to overwrite files that are writable to the
developer running "make check".
Instead of hard-coding the paths, create a temporary directory using
g_dir_make_tmp() and clean it up afterwards.
Fixes: f6880b7f ("qemu-log: support simple pid substitution for logs")
Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Message-id: 1471545963-11720-3-git-send-email-silbe@linux.vnet.ibm.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| -rw-r--r-- | tests/test-logging.c | 48 |
1 files changed, 41 insertions, 7 deletions
diff --git a/tests/test-logging.c b/tests/test-logging.c index cdf13c6ba5..a12585f70a 100644 --- a/tests/test-logging.c +++ b/tests/test-logging.c @@ -25,6 +25,7 @@ */ #include "qemu/osdep.h" +#include <glib/gstdio.h> #include "qemu-common.h" #include "qapi/error.h" @@ -86,24 +87,57 @@ static void test_parse_range(void) error_free_or_abort(&err); } -static void test_parse_path(void) +static void set_log_path_tmp(char const *dir, char const *tpl, Error **errp) { + gchar *file_path = g_build_filename(dir, tpl, NULL); + + qemu_set_log_filename(file_path, errp); + g_free(file_path); +} + +static void test_parse_path(gconstpointer data) +{ + gchar const *tmp_path = data; Error *err = NULL; - qemu_set_log_filename("/tmp/qemu.log", &error_abort); - qemu_set_log_filename("/tmp/qemu-%d.log", &error_abort); - qemu_set_log_filename("/tmp/qemu.log.%d", &error_abort); + set_log_path_tmp(tmp_path, "qemu.log", &error_abort); + set_log_path_tmp(tmp_path, "qemu-%d.log", &error_abort); + set_log_path_tmp(tmp_path, "qemu.log.%d", &error_abort); - qemu_set_log_filename("/tmp/qemu-%d%d.log", &err); + set_log_path_tmp(tmp_path, "qemu-%d%d.log", &err); error_free_or_abort(&err); } +/* Remove a directory and all its entries (non-recursive). */ +static void rmdir_full(gchar const *root) +{ + GDir *root_gdir = g_dir_open(root, 0, NULL); + gchar const *entry_name; + + g_assert_nonnull(root_gdir); + while ((entry_name = g_dir_read_name(root_gdir)) != NULL) { + gchar *entry_path = g_build_filename(root, entry_name, NULL); + g_assert(g_remove(entry_path) == 0); + g_free(entry_path); + } + g_dir_close(root_gdir); + g_assert(g_rmdir(root) == 0); +} + int main(int argc, char **argv) { + gchar *tmp_path = g_dir_make_tmp("qemu-test-logging.XXXXXX", NULL); + int rc; + g_test_init(&argc, &argv, NULL); + g_assert_nonnull(tmp_path); g_test_add_func("/logging/parse_range", test_parse_range); - g_test_add_func("/logging/parse_path", test_parse_path); + g_test_add_data_func("/logging/parse_path", tmp_path, test_parse_path); + + rc = g_test_run(); - return g_test_run(); + rmdir_full(tmp_path); + g_free(tmp_path); + return rc; } |