Skip to content

Commit 78af6b5

Browse files
ethomsonethomson
committed
repo: add tests for bare repo permissions
Ensure that we test opening a bare repository with odd permissions.
1 parent f51f664 commit 78af6b5

File tree

1 file changed

+67
-0
lines changed

1 file changed

+67
-0
lines changed

tests/libgit2/repo/open.c

Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ void test_repo_open__cleanup(void)
1616
{
1717
cl_git_sandbox_cleanup();
1818
cl_fixture_cleanup("empty_standard_repo");
19+
cl_fixture_cleanup("testrepo.git");
1920
cl_fixture_cleanup("__global_config");
2021

2122
if (git_fs_path_isdir("alternate"))
@@ -493,6 +494,28 @@ void test_repo_open__validates_dir_ownership(void)
493494
cl_git_fail(git_repository_open(&repo, "empty_standard_repo"));
494495
}
495496

497+
void test_repo_open__validates_bare_repo_ownership(void)
498+
{
499+
git_repository *repo;
500+
501+
cl_git_pass(git_libgit2_opts(GIT_OPT_SET_OWNER_VALIDATION, 1));
502+
503+
cl_fixture_sandbox("testrepo.git");
504+
505+
/* When the current user owns the repo config, that's acceptable */
506+
git_fs_path__set_owner(GIT_FS_PATH_MOCK_OWNER_CURRENT_USER);
507+
cl_git_pass(git_repository_open(&repo, "testrepo.git"));
508+
git_repository_free(repo);
509+
510+
/* When the system user owns the repo config, fail */
511+
git_fs_path__set_owner(GIT_FS_PATH_MOCK_OWNER_SYSTEM);
512+
cl_git_fail(git_repository_open(&repo, "testrepo.git"));
513+
514+
/* When an unknown user owns the repo config, fail */
515+
git_fs_path__set_owner(GIT_FS_PATH_MOCK_OWNER_OTHER);
516+
cl_git_fail(git_repository_open(&repo, "testrepo.git"));
517+
}
518+
496519
void test_repo_open__can_allowlist_dirs_with_problematic_ownership(void)
497520
{
498521
git_repository *repo;
@@ -538,6 +561,50 @@ void test_repo_open__can_allowlist_dirs_with_problematic_ownership(void)
538561
git_str_dispose(&config_data);
539562
}
540563

564+
void test_repo_open__can_allowlist_bare_gitdir(void)
565+
{
566+
git_repository *repo;
567+
git_str config_path = GIT_STR_INIT,
568+
config_filename = GIT_STR_INIT,
569+
config_data = GIT_STR_INIT;
570+
571+
cl_git_pass(git_libgit2_opts(GIT_OPT_SET_OWNER_VALIDATION, 1));
572+
573+
cl_fixture_sandbox("testrepo.git");
574+
575+
git_fs_path__set_owner(GIT_FS_PATH_MOCK_OWNER_OTHER);
576+
cl_git_fail(git_repository_open(&repo, "testrepo.git"));
577+
578+
/* Add safe.directory options to the global configuration */
579+
git_str_joinpath(&config_path, clar_sandbox_path(), "__global_config");
580+
cl_must_pass(p_mkdir(config_path.ptr, 0777));
581+
git_libgit2_opts(GIT_OPT_SET_SEARCH_PATH, GIT_CONFIG_LEVEL_GLOBAL, config_path.ptr);
582+
583+
git_str_joinpath(&config_filename, config_path.ptr, ".gitconfig");
584+
585+
git_str_printf(&config_data,
586+
"[foo]\n" \
587+
"\tbar = Foobar\n" \
588+
"\tbaz = Baz!\n" \
589+
"[safe]\n" \
590+
"\tdirectory = /non/existent/path\n" \
591+
"\tdirectory = /\n" \
592+
"\tdirectory = c:\\\\temp\n" \
593+
"\tdirectory = %s/%s\n" \
594+
"\tdirectory = /tmp\n" \
595+
"[bar]\n" \
596+
"\tfoo = barfoo\n",
597+
clar_sandbox_path(), "testrepo.git");
598+
cl_git_rewritefile(config_filename.ptr, config_data.ptr);
599+
600+
cl_git_pass(git_repository_open(&repo, "testrepo.git"));
601+
git_repository_free(repo);
602+
603+
git_str_dispose(&config_path);
604+
git_str_dispose(&config_filename);
605+
git_str_dispose(&config_data);
606+
}
607+
541608
void test_repo_open__can_reset_safe_directory_list(void)
542609
{
543610
git_repository *repo;

0 commit comments

Comments
 (0)