From 6daca29a9c30637982f63fb70545da06dbda7302 Mon Sep 17 00:00:00 2001 From: Alan Falloon Date: Tue, 24 Oct 2023 16:33:50 -0400 Subject: [PATCH] Don't follow symlinks when deleting test outputs Update tools/test/test-setup.sh to not follow symlinks when deleting the contents of `$TEST_UNDECLARED_OUTPUTS_DIR` after creating the `$TEST_UNDECLARED_OUTPUTS_ZIP` when `--zip_undeclared_test_outputs` is enabled. This fixes a serious bug where an absolute symlink generated in the test could delete files anywhere on the filesystem. For example, a `sh_test` containing a line like: ln -s "$HOME" "$TEST_UNDECLARED_OUTPUTS_DIR/home" would have caused the users home directory to be deleted after copying it in to the output.zip. Change-Id: Ia4a8a9699e4e2f40498342af55babc5554a9ac93 --- tools/test/test-setup.sh | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/tools/test/test-setup.sh b/tools/test/test-setup.sh index b5f478a0bed755..48f2b6e7b03685 100755 --- a/tools/test/test-setup.sh +++ b/tools/test/test-setup.sh @@ -421,15 +421,16 @@ fi # Zip up undeclared outputs. if [[ -n "$TEST_UNDECLARED_OUTPUTS_ZIP" ]] && cd "$TEST_UNDECLARED_OUTPUTS_DIR"; then - shopt -s dotglob - if [[ "$(echo *)" != "*" ]]; then - # If * found nothing, echo printed the literal *. - # Otherwise echo printed the top-level files and directories. - # Pass files to zip with *, so paths with spaces aren't broken up. - # Remove original files after zipping them. - if ! zip_output="$(zip -qrm "$TEST_UNDECLARED_OUTPUTS_ZIP" -- * 2>&1)"; then + shopt -s dotglob nullglob + # Capture the contents of TEST_UNDECLARED_OUTPUTS_DIR prior to creating the output.zip + UNDECLARED_OUTPUTS=(*) + if [[ "${#UNDECLARED_OUTPUTS[@]}" != 0 ]]; then + if ! zip_output="$(zip -qr "$TEST_UNDECLARED_OUTPUTS_ZIP" -- "${UNDECLARED_OUTPUTS[@]}")" ; then echo >&2 "Could not create \"$TEST_UNDECLARED_OUTPUTS_ZIP\": $zip_output" fi + # Use 'rm' instead of 'zip -m' so that we don't follow symlinks when deleting the + # contents. + rm -r "${UNDECLARED_OUTPUTS[@]}" fi fi