django1/tests/utils_tests/test_archive.py

import os
import stat
import sys
import tempfile
import unittest

from django.core.exceptions import SuspiciousOperation
from django.test import SimpleTestCase
from django.utils import archive

try:
    import bz2  # NOQA
    HAS_BZ2 = True
except ImportError:
    HAS_BZ2 = False

try:
    import lzma  # NOQA
    HAS_LZMA = True
except ImportError:
    HAS_LZMA = False


class TestArchive(unittest.TestCase):

    def setUp(self):
        self.testdir = os.path.join(os.path.dirname(__file__), 'archives')
        self.old_cwd = os.getcwd()
        os.chdir(self.testdir)

    def tearDown(self):
        os.chdir(self.old_cwd)

    def test_extract_function(self):
        with os.scandir(self.testdir) as entries:
            for entry in entries:
                with self.subTest(entry.name), tempfile.TemporaryDirectory() as tmpdir:
                    if (
                        (entry.name.endswith('.bz2') and not HAS_BZ2) or
                        (entry.name.endswith(('.lzma', '.xz')) and not HAS_LZMA)
                    ):
                        continue
                    archive.extract(entry.path, tmpdir)
                    self.assertTrue(os.path.isfile(os.path.join(tmpdir, '1')))
                    self.assertTrue(os.path.isfile(os.path.join(tmpdir, '2')))
                    self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', '1')))
                    self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', '2')))
                    self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', 'bar', '1')))
                    self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', 'bar', '2')))

    @unittest.skipIf(sys.platform == 'win32', 'Python on Windows has a limited os.chmod().')
    def test_extract_file_permissions(self):
        """archive.extract() preserves file permissions."""
        mask = stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO
        umask = os.umask(0)
        os.umask(umask)  # Restore the original umask.
        with os.scandir(self.testdir) as entries:
            for entry in entries:
                if (
                    entry.name.startswith('leadpath_') or
                    (entry.name.endswith('.bz2') and not HAS_BZ2) or
                    (entry.name.endswith(('.lzma', '.xz')) and not HAS_LZMA)
                ):
                    continue
                with self.subTest(entry.name), tempfile.TemporaryDirectory() as tmpdir:
                    archive.extract(entry.path, tmpdir)
                    # An executable file in the archive has executable
                    # permissions.
                    filepath = os.path.join(tmpdir, 'executable')
                    self.assertEqual(os.stat(filepath).st_mode & mask, 0o775)
                    # A file is readable even if permission data is missing.
                    filepath = os.path.join(tmpdir, 'no_permissions')
                    self.assertEqual(os.stat(filepath).st_mode & mask, 0o666 & ~umask)


class TestArchiveInvalid(SimpleTestCase):
    def test_extract_function_traversal(self):
        archives_dir = os.path.join(os.path.dirname(__file__), 'traversal_archives')
        tests = [
            ('traversal.tar', '..'),
            ('traversal_absolute.tar', '/tmp/evil.py'),
        ]
        if sys.platform == 'win32':
            tests += [
                ('traversal_disk_win.tar', 'd:evil.py'),
                ('traversal_disk_win.zip', 'd:evil.py'),
            ]
        msg = "Archive contains invalid path: '%s'"
        for entry, invalid_path in tests:
            with self.subTest(entry), tempfile.TemporaryDirectory() as tmpdir:
                with self.assertRaisesMessage(SuspiciousOperation, msg % invalid_path):
                    archive.extract(os.path.join(archives_dir, entry), tmpdir)
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00			`import os`
Fixed #26494 -- Made Archive.extract() preserve file permissions. 2016-12-02 00:05:08 +08:00			`import stat`
			`import sys`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00			`import tempfile`
Stopped using django.utils.unittest in the test suite. Refs #20680. 2013-07-01 20:22:27 +08:00			`import unittest`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00
Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews. Thanks Wang Baohua for the report. 2021-01-22 19:23:18 +08:00			`from django.core.exceptions import SuspiciousOperation`
			`from django.test import SimpleTestCase`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`from django.utils import archive`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00
Skipped test_archive tests when bz2/lzma module is not installed. 2021-02-04 21:08:43 +08:00			`try:`
			`import bz2 # NOQA`
			`HAS_BZ2 = True`
			`except ImportError:`
			`HAS_BZ2 = False`

			`try:`
			`import lzma # NOQA`
			`HAS_LZMA = True`
			`except ImportError:`
			`HAS_LZMA = False`

Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`class TestArchive(unittest.TestCase):`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00
			`def setUp(self):`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`self.testdir = os.path.join(os.path.dirname(__file__), 'archives')`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00			`self.old_cwd = os.getcwd()`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`os.chdir(self.testdir)`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00
			`def tearDown(self):`
			`os.chdir(self.old_cwd)`

			`def test_extract_function(self):`
Fixed #32821 -- Updated os.scandir() uses to use a context manager. 2021-06-06 14:56:34 +08:00			`with os.scandir(self.testdir) as entries:`
			`for entry in entries:`
			`with self.subTest(entry.name), tempfile.TemporaryDirectory() as tmpdir:`
			`if (`
			`(entry.name.endswith('.bz2') and not HAS_BZ2) or`
			`(entry.name.endswith(('.lzma', '.xz')) and not HAS_LZMA)`
			`):`
			`continue`
			`archive.extract(entry.path, tmpdir)`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, '1')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, '2')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', '1')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', '2')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', 'bar', '1')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', 'bar', '2')))`
Fixed #22681 -- Made TarArchive recognize leading directories properly. 2014-05-22 20:12:22 +08:00
Fixed #26494 -- Made Archive.extract() preserve file permissions. 2016-12-02 00:05:08 +08:00			`@unittest.skipIf(sys.platform == 'win32', 'Python on Windows has a limited os.chmod().')`
			`def test_extract_file_permissions(self):`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`"""archive.extract() preserves file permissions."""`
			`mask = stat.S_IRWXU \| stat.S_IRWXG \| stat.S_IRWXO`
			`umask = os.umask(0)`
			`os.umask(umask) # Restore the original umask.`
Fixed #32821 -- Updated os.scandir() uses to use a context manager. 2021-06-06 14:56:34 +08:00			`with os.scandir(self.testdir) as entries:`
			`for entry in entries:`
			`if (`
			`entry.name.startswith('leadpath_') or`
			`(entry.name.endswith('.bz2') and not HAS_BZ2) or`
			`(entry.name.endswith(('.lzma', '.xz')) and not HAS_LZMA)`
			`):`
			`continue`
			`with self.subTest(entry.name), tempfile.TemporaryDirectory() as tmpdir:`
			`archive.extract(entry.path, tmpdir)`
			`# An executable file in the archive has executable`
			`# permissions.`
			`filepath = os.path.join(tmpdir, 'executable')`
			`self.assertEqual(os.stat(filepath).st_mode & mask, 0o775)`
			`# A file is readable even if permission data is missing.`
			`filepath = os.path.join(tmpdir, 'no_permissions')`
			`self.assertEqual(os.stat(filepath).st_mode & mask, 0o666 & ~umask)`
Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews. Thanks Wang Baohua for the report. 2021-01-22 19:23:18 +08:00

			`class TestArchiveInvalid(SimpleTestCase):`
			`def test_extract_function_traversal(self):`
			`archives_dir = os.path.join(os.path.dirname(__file__), 'traversal_archives')`
			`tests = [`
			`('traversal.tar', '..'),`
			`('traversal_absolute.tar', '/tmp/evil.py'),`
			`]`
			`if sys.platform == 'win32':`
			`tests += [`
			`('traversal_disk_win.tar', 'd:evil.py'),`
			`('traversal_disk_win.zip', 'd:evil.py'),`
			`]`
			`msg = "Archive contains invalid path: '%s'"`
			`for entry, invalid_path in tests:`
			`with self.subTest(entry), tempfile.TemporaryDirectory() as tmpdir:`
			`with self.assertRaisesMessage(SuspiciousOperation, msg % invalid_path):`
			`archive.extract(os.path.join(archives_dir, entry), tmpdir)`