From patchwork Thu Aug 18 18:46:03 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Sascha Silbe X-Patchwork-Id: 660508 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3sFZpf5Zz5z9t0X for ; Fri, 19 Aug 2016 04:47:38 +1000 (AEST) Received: from localhost ([::1]:53951 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1baSLo-0005Ml-Hi for incoming@patchwork.ozlabs.org; Thu, 18 Aug 2016 14:47:36 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:60128) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1baSKh-0004ig-Pd for qemu-devel@nongnu.org; Thu, 18 Aug 2016 14:46:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1baSKZ-0002BX-PY for qemu-devel@nongnu.org; Thu, 18 Aug 2016 14:46:26 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:45529) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1baSKZ-0002BL-HQ for qemu-devel@nongnu.org; Thu, 18 Aug 2016 14:46:19 -0400 Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.11/8.16.0.11) with SMTP id u7IIiBG5048812 for ; Thu, 18 Aug 2016 14:46:19 -0400 Received: from e06smtp11.uk.ibm.com (e06smtp11.uk.ibm.com [195.75.94.107]) by mx0a-001b2d01.pphosted.com with ESMTP id 24wfj4ftut-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 18 Aug 2016 14:46:18 -0400 Received: from localhost by e06smtp11.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 18 Aug 2016 19:46:16 +0100 Received: from d06dlp03.portsmouth.uk.ibm.com (9.149.20.15) by e06smtp11.uk.ibm.com (192.168.101.141) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 18 Aug 2016 19:46:13 +0100 X-IBM-Helo: d06dlp03.portsmouth.uk.ibm.com X-IBM-MailFrom: silbe@linux.vnet.ibm.com X-IBM-RcptTo: qemu-devel@nongnu.org Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by d06dlp03.portsmouth.uk.ibm.com (Postfix) with ESMTP id 1B2311B0806E for ; Thu, 18 Aug 2016 19:47:50 +0100 (BST) Received: from d06av01.portsmouth.uk.ibm.com (d06av01.portsmouth.uk.ibm.com [9.149.37.212]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id u7IIkDmO66191366 for ; Thu, 18 Aug 2016 18:46:13 GMT Received: from d06av01.portsmouth.uk.ibm.com (localhost [127.0.0.1]) by d06av01.portsmouth.uk.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id u7IIkCFX013482 for ; Thu, 18 Aug 2016 12:46:12 -0600 Received: from oc4731375738.boeblingen.de.ibm.com (dyn-9-152-222-110.boeblingen.de.ibm.com [9.152.222.110]) by d06av01.portsmouth.uk.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id u7IIkBZB013433 (version=TLSv1/SSLv3 cipher=AES256-SHA256 bits=256 verify=NO); Thu, 18 Aug 2016 12:46:12 -0600 From: Sascha Silbe To: qemu-devel@nongnu.org, Paolo Bonzini Date: Thu, 18 Aug 2016 20:46:03 +0200 X-Mailer: git-send-email 1.9.1 In-Reply-To: <1471545963-11720-1-git-send-email-silbe@linux.vnet.ibm.com> References: <1471545963-11720-1-git-send-email-silbe@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 16081818-0040-0000-0000-000002C22789 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 16081818-0041-0000-0000-00001CA27BC2 Message-Id: <1471545963-11720-3-git-send-email-silbe@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-08-18_09:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=2 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1604210000 definitions=main-1608180246 X-MIME-Autoconverted: from 8bit to quoted-printable by mx0a-001b2d01.pphosted.com id u7IIiBG5048812 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] X-Received-From: 148.163.156.1 Subject: [Qemu-devel] [PATCH v2 2/2] test-logging: don't hard-code paths in /tmp X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , =?UTF-8?q?Alex=20Benn=C3=A9e?= , Markus Armbruster Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" Since f6880b7f [qemu-log: support simple pid substitution for logs], test-logging creates files with hard-coded names in /tmp. In the best case, this prevents multiple developers from running "make check" on the same machine. In the worst case, it allows for symlink attacks, enabling an attacker to overwrite files that are writable to the developer running "make check". Instead of hard-coding the paths, create a temporary directory using g_dir_make_tmp() and clean it up afterwards. Fixes: f6880b7f ("qemu-log: support simple pid substitution for logs") Signed-off-by: Sascha Silbe --- v1→v2: - Factor out g_build_filename() + qemu_set_log_filename() + g_free() into helper set_log_path_tmp(). - Replace rmtree() spawning "rm -rf" with rmdir_full() using glib directory handling (non-recursive). Private to test-logging for now. tests/test-logging.c | 48 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 41 insertions(+), 7 deletions(-) diff --git a/tests/test-logging.c b/tests/test-logging.c index cdf13c6..a12585f 100644 --- a/tests/test-logging.c +++ b/tests/test-logging.c @@ -25,6 +25,7 @@ */ #include "qemu/osdep.h" +#include #include "qemu-common.h" #include "qapi/error.h" @@ -86,24 +87,57 @@ static void test_parse_range(void) error_free_or_abort(&err); } -static void test_parse_path(void) +static void set_log_path_tmp(char const *dir, char const *tpl, Error **errp) { + gchar *file_path = g_build_filename(dir, tpl, NULL); + + qemu_set_log_filename(file_path, errp); + g_free(file_path); +} + +static void test_parse_path(gconstpointer data) +{ + gchar const *tmp_path = data; Error *err = NULL; - qemu_set_log_filename("/tmp/qemu.log", &error_abort); - qemu_set_log_filename("/tmp/qemu-%d.log", &error_abort); - qemu_set_log_filename("/tmp/qemu.log.%d", &error_abort); + set_log_path_tmp(tmp_path, "qemu.log", &error_abort); + set_log_path_tmp(tmp_path, "qemu-%d.log", &error_abort); + set_log_path_tmp(tmp_path, "qemu.log.%d", &error_abort); - qemu_set_log_filename("/tmp/qemu-%d%d.log", &err); + set_log_path_tmp(tmp_path, "qemu-%d%d.log", &err); error_free_or_abort(&err); } +/* Remove a directory and all its entries (non-recursive). */ +static void rmdir_full(gchar const *root) +{ + GDir *root_gdir = g_dir_open(root, 0, NULL); + gchar const *entry_name; + + g_assert_nonnull(root_gdir); + while ((entry_name = g_dir_read_name(root_gdir)) != NULL) { + gchar *entry_path = g_build_filename(root, entry_name, NULL); + g_assert(g_remove(entry_path) == 0); + g_free(entry_path); + } + g_dir_close(root_gdir); + g_assert(g_rmdir(root) == 0); +} + int main(int argc, char **argv) { + gchar *tmp_path = g_dir_make_tmp("qemu-test-logging.XXXXXX", NULL); + int rc; + g_test_init(&argc, &argv, NULL); + g_assert_nonnull(tmp_path); g_test_add_func("/logging/parse_range", test_parse_range); - g_test_add_func("/logging/parse_path", test_parse_path); + g_test_add_data_func("/logging/parse_path", tmp_path, test_parse_path); - return g_test_run(); + rc = g_test_run(); + + rmdir_full(tmp_path); + g_free(tmp_path); + return rc; }