← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/nova/oneiric-updates

« back to all changes in this revision

Viewing changes to .pc/CVE-2012-3447.patch/nova/tests/test_virt.py

  • Committer: Package Import Robot
  • Author(s): Jamie Strandboge
  • Date: 2012-08-17 13:55:33 UTC
  • Revision ID: package-import@ubuntu.com-20120817135533-987ztcloeqahiv01
Tags: 2011.3-0ubuntu6.10
* SECURITY UPDATE: Prohibit file injection writing to host filesystem
  - debian/patches/CVE-2012-3447.patch: update to perform the file name
    canonicalization as the root user
  - CVE-2012-3447

Show diffs side-by-side

added added

removed removed

Lines of Context:
.pc/CVE-2012-3447.patch/nova/tests/test_virt.py
 
1
# vim: tabstop=4 shiftwidth=4 softtabstop=4
 
2
 
 
3
# Copyright 2011 Isaku Yamahata
 
4
# All Rights Reserved.
 
5
#
 
6
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
 
7
#    not use this file except in compliance with the License. You may obtain
 
8
#    a copy of the License at
 
9
#
 
10
#         http://www.apache.org/licenses/LICENSE-2.0
 
11
#
 
12
#    Unless required by applicable law or agreed to in writing, software
 
13
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 
14
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 
15
#    License for the specific language governing permissions and limitations
 
16
#    under the License.
 
17
 
 
18
from nova import exception
 
19
from nova import flags
 
20
from nova import test
 
21
from nova.virt import disk
 
22
from nova.virt import driver
 
23
 
 
24
FLAGS = flags.FLAGS
 
25
 
 
26
 
 
27
class TestVirtDriver(test.TestCase):
 
28
    def test_block_device(self):
 
29
        swap = {'device_name': '/dev/sdb',
 
30
                'swap_size': 1}
 
31
        ephemerals = [{'num': 0,
 
32
                       'virtual_name': 'ephemeral0',
 
33
                       'device_name': '/dev/sdc1',
 
34
                       'size': 1}]
 
35
        block_device_mapping = [{'mount_device': '/dev/sde',
 
36
                                 'device_path': 'fake_device'}]
 
37
        block_device_info = {
 
38
                'root_device_name': '/dev/sda',
 
39
                'swap': swap,
 
40
                'ephemerals': ephemerals,
 
41
                'block_device_mapping': block_device_mapping}
 
42
 
 
43
        empty_block_device_info = {}
 
44
 
 
45
        self.assertEqual(
 
46
            driver.block_device_info_get_root(block_device_info), '/dev/sda')
 
47
        self.assertEqual(
 
48
            driver.block_device_info_get_root(empty_block_device_info), None)
 
49
        self.assertEqual(
 
50
            driver.block_device_info_get_root(None), None)
 
51
 
 
52
        self.assertEqual(
 
53
            driver.block_device_info_get_swap(block_device_info), swap)
 
54
        self.assertEqual(driver.block_device_info_get_swap(
 
55
            empty_block_device_info)['device_name'], None)
 
56
        self.assertEqual(driver.block_device_info_get_swap(
 
57
            empty_block_device_info)['swap_size'], 0)
 
58
        self.assertEqual(
 
59
            driver.block_device_info_get_swap({'swap': None})['device_name'],
 
60
            None)
 
61
        self.assertEqual(
 
62
            driver.block_device_info_get_swap({'swap': None})['swap_size'],
 
63
            0)
 
64
        self.assertEqual(
 
65
            driver.block_device_info_get_swap(None)['device_name'], None)
 
66
        self.assertEqual(
 
67
            driver.block_device_info_get_swap(None)['swap_size'], 0)
 
68
 
 
69
        self.assertEqual(
 
70
            driver.block_device_info_get_ephemerals(block_device_info),
 
71
            ephemerals)
 
72
        self.assertEqual(
 
73
            driver.block_device_info_get_ephemerals(empty_block_device_info),
 
74
            [])
 
75
        self.assertEqual(
 
76
            driver.block_device_info_get_ephemerals(None),
 
77
            [])
 
78
 
 
79
    def test_swap_is_usable(self):
 
80
        self.assertFalse(driver.swap_is_usable(None))
 
81
        self.assertFalse(driver.swap_is_usable({'device_name': None}))
 
82
        self.assertFalse(driver.swap_is_usable({'device_name': '/dev/sdb',
 
83
                                                'swap_size': 0}))
 
84
        self.assertTrue(driver.swap_is_usable({'device_name': '/dev/sdb',
 
85
                                                'swap_size': 1}))
 
86
 
 
87
 
 
88
class TestVirtDisk(test.TestCase):
 
89
    def test_check_safe_path(self):
 
90
        ret = disk._join_and_check_path_within_fs('/foo', 'etc',
 
91
                                                      'something.conf')
 
92
        self.assertEquals(ret, '/foo/etc/something.conf')
 
93
 
 
94
    def test_check_unsafe_path(self):
 
95
        self.assertRaises(exception.Invalid,
 
96
                          disk._join_and_check_path_within_fs,
 
97
                          '/foo', 'etc/../../../something.conf')
 
98
 
 
99
    def test_inject_files_with_bad_path(self):
 
100
        self.assertRaises(exception.Invalid,
 
101
                          disk._inject_file_into_fs,
 
102
                          '/tmp', '/etc/../../../../etc/passwd',
 
103
                         'hax')