MCPcopy
hub / github.com/docker/compose / TestValidatePathInBase

Function TestValidatePathInBase

pkg/remote/oci_test.go:27–118  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

25)
26
27func TestValidatePathInBase(t *testing.T) {
28 base := "/tmp/cache/compose"
29
30 tests := []struct {
31 name string
32 unsafePath string
33 wantErr bool
34 }{
35 {
36 name: "valid simple filename",
37 unsafePath: "compose.yaml",
38 wantErr: false,
39 },
40 {
41 name: "valid hashed filename",
42 unsafePath: "f8f9ede3d201ec37d5a5e3a77bbadab79af26035e53135e19571f50d541d390c.yaml",
43 wantErr: false,
44 },
45 {
46 name: "valid env file",
47 unsafePath: ".env",
48 wantErr: false,
49 },
50 {
51 name: "valid env file with suffix",
52 unsafePath: ".env.prod",
53 wantErr: false,
54 },
55 {
56 name: "unix path traversal",
57 unsafePath: "../../../etc/passwd",
58 wantErr: true,
59 },
60 {
61 name: "windows path traversal",
62 unsafePath: "..\\..\\..\\windows\\system32\\config\\sam",
63 wantErr: true,
64 },
65 {
66 name: "subdirectory unix",
67 unsafePath: "config/base.yaml",
68 wantErr: true,
69 },
70 {
71 name: "subdirectory windows",
72 unsafePath: "config\\base.yaml",
73 wantErr: true,
74 },
75 {
76 name: "absolute unix path",
77 unsafePath: "/etc/passwd",
78 wantErr: true,
79 },
80 {
81 name: "absolute windows path",
82 unsafePath: "C:\\windows\\system32\\config\\sam",
83 wantErr: true,
84 },

Callers

nothing calls this directly

Calls 2

validatePathInBaseFunction · 0.85
DirMethod · 0.45

Tested by

no test coverage detected