summaryrefslogtreecommitdiff
path: root/test/integration
diff options
context:
space:
mode:
Diffstat (limited to 'test/integration')
-rwxr-xr-xtest/integration/test-cve-2020-2735025
-rwxr-xr-xtest/integration/test-github-111-invalid-armember8
2 files changed, 29 insertions, 4 deletions
diff --git a/test/integration/test-cve-2020-27350 b/test/integration/test-cve-2020-27350
new file mode 100755
index 000000000..a32bf95e5
--- /dev/null
+++ b/test/integration/test-cve-2020-27350
@@ -0,0 +1,25 @@
+#!/bin/sh
+set -e
+
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
+setupenvironment
+configarchitecture "amd64"
+
+${APTTESTHELPERSBINDIR}/createdeb-cve-2020-27350 crash crash.deb
+testequal "E: Invalid archive member header" runapt ${APTTESTHELPERSBINDIR}/testdeb ./crash.deb
+
+${APTTESTHELPERSBINDIR}/createdeb-cve-2020-27350 loop loop.deb
+testequal "E: Invalid archive member header" runapt ${APTTESTHELPERSBINDIR}/testdeb ./loop.deb
+
+${APTTESTHELPERSBINDIR}/createdeb-cve-2020-27350 long-name long-name.deb
+testequal "E: Long name to large: 67108865 bytes > 1048576 bytes" runapt ${APTTESTHELPERSBINDIR}/extract-control long-name.deb control
+
+${APTTESTHELPERSBINDIR}/createdeb-cve-2020-27350 long-link long-link.deb
+testequal "E: Long name to large: 67108865 bytes > 1048576 bytes" runapt ${APTTESTHELPERSBINDIR}/extract-control long-link.deb control
+
+${APTTESTHELPERSBINDIR}/createdeb-cve-2020-27350 long-control long-control.deb
+testequal "E: Control file too large: 67108865 > 67108864 bytes" runapt ${APTTESTHELPERSBINDIR}/extract-control long-control.deb control
+
+${APTTESTHELPERSBINDIR}/createdeb-cve-2020-27350 too-long-control too-long-control.deb
+testequal "E: Tar member too large: $((128 * 1024 * 1024 * 1024 + 1)) > $((128 * 1024 * 1024 * 1024)) bytes" runapt ${APTTESTHELPERSBINDIR}/extract-control too-long-control.deb control
diff --git a/test/integration/test-github-111-invalid-armember b/test/integration/test-github-111-invalid-armember
index ec2163bf6..1e095eef3 100755
--- a/test/integration/test-github-111-invalid-armember
+++ b/test/integration/test-github-111-invalid-armember
@@ -10,19 +10,19 @@ setupaptarchive
# this used to crash, but it should treat it as an invalid member header
touch ' '
ar -q test.deb ' '
-testsuccessequal "E: Invalid archive member header" ${BUILDDIRECTORY}/../test/interactive-helper/testdeb test.deb
+testsuccessequal "E: Invalid archive member header" ${APTTESTHELPERSBINDIR}/testdeb test.deb
rm test.deb
touch 'x'
ar -q test.deb 'x'
-testsuccessequal "E: This is not a valid DEB archive, missing 'debian-binary' member" ${BUILDDIRECTORY}/../test/interactive-helper/testdeb test.deb
+testsuccessequal "E: This is not a valid DEB archive, missing 'debian-binary' member" ${APTTESTHELPERSBINDIR}/testdeb test.deb
# <name><size> [ other fields] - name is not nul terminated here, it ends in .
msgmsg "Unterminated ar member name"
printf '!<arch>\0120123456789ABCDE.A123456789A.01234.01234.0123456.012345678.0.' > test.deb
-testsuccessequal "E: Invalid archive member header" ${BUILDDIRECTORY}/../test/interactive-helper/testdeb test.deb
+testsuccessequal "E: Invalid archive member header" ${APTTESTHELPERSBINDIR}/testdeb test.deb
# unused source code for generating $tar below
@@ -85,4 +85,4 @@ cp control.tar.gz data.tar.gz
touch debian-binary
rm test.deb
ar -q test.deb debian-binary control.tar.gz data.tar.gz
-testsuccessequal "W: Unknown TAR header type 88" ${BUILDDIRECTORY}/../test/interactive-helper/testdeb test.deb
+testsuccessequal "W: Unknown TAR header type 88" ${APTTESTHELPERSBINDIR}/testdeb test.deb
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 21:27:26 +0000