aleksanaa/lix
0
0
Fork 0
forked from lix-project/lix
Code Pull requests Activity

* Added a test that make sure that users cannot register

Browse source 
specially-crafted derivations that produce output paths belonging to
  other derivations.  This could be used to inject malware into the
  store.
This commit is contained in:
Eelco Dolstra 2011-07-20 12:15:40 +00:00
parent 4bdb51e621
commit d2bfe1b071
3 changed files with 62 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
tests/Makefile.am
View file

@ -8,7 +8,7 @@ TESTS = init.sh hash.sh lang.sh add.sh simple.sh dependencies.sh \
referrers.sh user-envs.sh logging.sh nix-build.sh misc.sh fixed.sh \ referrers.sh user-envs.sh logging.sh nix-build.sh misc.sh fixed.sh \
gc-runtime.sh install-package.sh check-refs.sh filter-source.sh \ gc-runtime.sh install-package.sh check-refs.sh filter-source.sh \
remote-store.sh export.sh export-graph.sh negative-caching.sh \ remote-store.sh export.sh export-graph.sh negative-caching.sh \
binary-patching.sh timeout.sh binary-patching.sh timeout.sh secure-drv-outputs.sh
XFAIL_TESTS = XFAIL_TESTS =
@ -34,5 +34,6 @@ EXTRA_DIST = $(TESTS) \
negative-caching.nix \ negative-caching.nix \
binary-patching.nix \ binary-patching.nix \
timeout.nix timeout.builder.sh \ timeout.nix timeout.builder.sh \
secure-drv-outputs.nix \
$(wildcard lang/*.nix) $(wildcard lang/*.exp) $(wildcard lang/*.exp.xml) $(wildcard lang/*.flags) \ $(wildcard lang/*.nix) $(wildcard lang/*.exp) $(wildcard lang/*.exp.xml) $(wildcard lang/*.flags) \
common.sh.in common.sh.in

23
tests/secure-drv-outputs.nix Normal file
View file

@ -0,0 +1,23 @@
with import ./config.nix;
{
good = mkDerivation {
name = "good";
builder = builtins.toFile "builder"
''
mkdir $out
touch $out/good
'';
};
bad = mkDerivation {
name = "good";
builder = builtins.toFile "builder"
''
mkdir $out
touch $out/bad
'';
};
}

37
tests/secure-drv-outputs.sh Normal file
View file

@ -0,0 +1,37 @@
# Test that users cannot register specially-crafted derivations that
# produce output paths belonging to other derivations. This could be
# used to inject malware into the store.
source common.sh
clearStore
clearManifests
startDaemon
# Determine the output path of the "good" derivation.
goodOut=$($nixstore -q $($nixinstantiate ./secure-drv-outputs.nix -A good))
# Instantiate the "bad" derivation.
badDrv=$($nixinstantiate ./secure-drv-outputs.nix -A bad)
badOut=$($nixstore -q $badDrv)
# Rewrite the bad derivation to produce the output path of the good
# derivation.
rm -f $TEST_ROOT/bad.drv
sed -e "s|$badOut|$goodOut|g" < $badDrv > $TEST_ROOT/bad.drv
# Add the manipulated derivation to the store and build it. This
# should fail.
if badDrv2=$($nixstore --add $TEST_ROOT/bad.drv); then
$nixstore -r "$badDrv2"
fi
# Now build the good derivation.
goodOut2=$($nixbuild ./secure-drv-outputs.nix -A good)
test "$goodOut" = "$goodOut2"
if ! test -e "$goodOut"/good; then
echo "Bad derivation stole the output path of the good derivation!"
exit 1
fi