Bug#1033078: marked as done (unblock: flatpak/1.14.4-1) (2/2)
From
Debian Bug Tracking System@21:1/5 to
All on Fri Mar 17 09:50:01 2023
[continued from previous message]
g_assert_false (g_hash_table_lookup_extended (lowest->filesystems, "host-reset", NULL, NULL));
@@ -273,20 +280,28 @@
gpointer value;
context_parse_args (lowest,
+ &local_error,
"--filesystem=/one",
NULL);
+ g_assert_no_error (local_error);
context_parse_args (mid_low,
+ &local_error,
"--nofilesystem=host:reset",
"--filesystem=/two",
NULL);
+ g_assert_no_error (local_error);
context_parse_args (mid_high,
+ &local_error,
"--filesystem=host",
"--filesystem=/three",
NULL);
+ g_assert_no_error (local_error);
context_parse_args (highest,
+ &local_error,
"--nofilesystem=host",
"--filesystem=/four",
NULL);
+ g_assert_no_error (local_error);
g_assert_false (g_hash_table_lookup_extended (lowest->filesystems, "host", NULL, NULL));
g_assert_false (g_hash_table_lookup_extended (lowest->filesystems, "host-reset", NULL, NULL));
@@ -427,6 +442,65 @@
}
}
+const char *invalid_path_args[] = {
+ "--filesystem=/\033[J:ro",
+ "--filesystem=/\033[J",
+ "--persist=\033[J",
+};
+
+/* CVE-2023-28101 */
+static void
+test_validate_path_args (void)
+{
+ gsize idx;
+
+ for (idx = 0; idx < G_N_ELEMENTS (invalid_path_args); idx++)
+ {
+ g_autoptr(FlatpakContext) context = flatpak_context_new ();
+ g_autoptr(GError) local_error = NULL;
+ const char *path = invalid_path_args[idx];
+
+ context_parse_args (context, &local_error, path, NULL);
+ g_assert_error (local_error, G_IO_ERROR, G_IO_ERROR_INVALID_DATA);
+ g_assert (strstr (local_error->message, "Non-graphical character"));
+ }
+}
+
+typedef struct {
+ const char *key;
+ const char *value;
+} PathValidityData;
+
+PathValidityData invalid_path_meta[] = {
+ {FLATPAK_METADATA_KEY_FILESYSTEMS, "\033[J"},
+ {FLATPAK_METADATA_KEY_PERSISTENT, "\033[J"},
+};
+
+/* CVE-2023-28101 */
+static void
+test_validate_path_meta (void)
+{
+ gsize idx;
+
+ for (idx = 0; idx < G_N_ELEMENTS (invalid_path_meta); idx++)
+ {
+ g_autoptr(FlatpakContext) context = flatpak_context_new ();
+ g_autoptr(GKeyFile) metakey = g_key_file_new ();
+ g_autoptr(GError) local_error = NULL;
+ PathValidityData *data = &invalid_path_meta[idx];
+ gboolean ret = FALSE;
+
+ g_key_file_set_string_list (metakey, FLATPAK_METADATA_GROUP_CONTEXT,
+ data->key, &data->value, 1);
+
+ ret = flatpak_context_load_metadata (context, metakey, &local_error);
+ g_assert_false (ret);
+ g_assert_error (local_error, G_IO_ERROR, G_IO_ERROR_INVALID_DATA);
+ g_assert (strstr (local_error->message, "Non-graphical character"));
+ }
+
+}
+
int
main (int argc, char *argv[])
{
@@ -435,6 +509,8 @@
g_test_add_func ("/context/env", test_context_env);
g_test_add_func ("/context/env-fd", test_context_env_fd);
g_test_add_func ("/context/merge-fs", test_context_merge_fs);
+ g_test_add_func ("/context/validate-path-args", test_validate_path_args);
+ g_test_add_func ("/context/validate-path-meta", test_validate_path_meta);
return g_test_run ();
}
diff -Nru flatpak-1.14.3/tests/test-info.sh flatpak-1.14.4/tests/test-info.sh --- flatpak-1.14.3/tests/test-info.sh 2022-11-17 18:07:49.000000000 +0000
+++ flatpak-1.14.4/tests/test-info.sh 2023-03-16 09:55:13.000000000 +0000
@@ -6,9 +6,9 @@
skip_revokefs_without_fuse
-echo "1..7"
+echo "1..8"
-setup_repo
+INCLUDE_SPECIAL_CHARACTER=1 setup_repo
install_repo
COMMIT=`${FLATPAK} ${U} info --show-commit org.test.Hello`
@@ -19,9 +19,17 @@
ok "info -rcos"
+${FLATPAK} info --show-metadata org.test.Hello > info
+
+# CVE-2023-28101
+assert_file_has_content info "name=org\.test\.Hello"
+assert_file_has_content info "^A=x\\\\x09y"
+
+ok "info --show-metadata"
+
${FLATPAK} info --show-permissions org.test.Hello > info
-assert_file_empty info
+assert_file_has_content info "^A=x\\\\x09y"
ok "info --show-permissions"
diff -Nru flatpak-1.14.3/tests/test-seccomp.sh flatpak-1.14.4/tests/test-seccomp.sh
--- flatpak-1.14.3/tests/test-seccomp.sh 2022-11-17 18:07:49.000000000 +0000
+++ flatpak-1.14.4/tests/test-seccomp.sh 2023-03-16 09:55:13.000000000 +000