django/tests/utils_tests/test_archive.py

import os
import stat
import sys
import tempfile
import unittest

from django.core.exceptions import SuspiciousOperation
from django.test import SimpleTestCase
from django.utils import archive


class TestArchive(unittest.TestCase):

    def setUp(self):
        self.testdir = os.path.join(os.path.dirname(__file__), 'archives')
        self.old_cwd = os.getcwd()
        os.chdir(self.testdir)

    def tearDown(self):
        os.chdir(self.old_cwd)

    def test_extract_function(self):
        for entry in os.scandir(self.testdir):
            with self.subTest(entry.name), tempfile.TemporaryDirectory() as tmpdir:
                archive.extract(entry.path, tmpdir)
                self.assertTrue(os.path.isfile(os.path.join(tmpdir, '1')))
                self.assertTrue(os.path.isfile(os.path.join(tmpdir, '2')))
                self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', '1')))
                self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', '2')))
                self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', 'bar', '1')))
                self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', 'bar', '2')))

    @unittest.skipIf(sys.platform == 'win32', 'Python on Windows has a limited os.chmod().')
    def test_extract_file_permissions(self):
        """archive.extract() preserves file permissions."""
        mask = stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO
        umask = os.umask(0)
        os.umask(umask)  # Restore the original umask.
        for entry in os.scandir(self.testdir):
            if entry.name.startswith('leadpath_'):
                continue
            with self.subTest(entry.name), tempfile.TemporaryDirectory() as tmpdir:
                archive.extract(entry.path, tmpdir)
                # An executable file in the archive has executable permissions.
                filepath = os.path.join(tmpdir, 'executable')
                self.assertEqual(os.stat(filepath).st_mode & mask, 0o775)
                # A file is readable even if permission data is missing.
                filepath = os.path.join(tmpdir, 'no_permissions')
                self.assertEqual(os.stat(filepath).st_mode & mask, 0o666 & ~umask)


class TestArchiveInvalid(SimpleTestCase):
    def test_extract_function_traversal(self):
        archives_dir = os.path.join(os.path.dirname(__file__), 'traversal_archives')
        tests = [
            ('traversal.tar', '..'),
            ('traversal_absolute.tar', '/tmp/evil.py'),
        ]
        if sys.platform == 'win32':
            tests += [
                ('traversal_disk_win.tar', 'd:evil.py'),
                ('traversal_disk_win.zip', 'd:evil.py'),
            ]
        msg = "Archive contains invalid path: '%s'"
        for entry, invalid_path in tests:
            with self.subTest(entry), tempfile.TemporaryDirectory() as tmpdir:
                with self.assertRaisesMessage(SuspiciousOperation, msg % invalid_path):
                    archive.extract(os.path.join(archives_dir, entry), tmpdir)
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00			`import os`
Fixed #26494 -- Made Archive.extract() preserve file permissions. 2016-12-02 00:05:08 +08:00			`import stat`
			`import sys`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00			`import tempfile`
Stopped using django.utils.unittest in the test suite. Refs #20680. 2013-07-01 20:22:27 +08:00			`import unittest`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00
[3.2.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews. Thanks Wang Baohua for the report. Backport of 05413afa8c18cdb978fcdf470e09f7a12b234a23 from master. 2021-01-22 19:23:18 +08:00			`from django.core.exceptions import SuspiciousOperation`
			`from django.test import SimpleTestCase`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`from django.utils import archive`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00

Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`class TestArchive(unittest.TestCase):`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00
			`def setUp(self):`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`self.testdir = os.path.join(os.path.dirname(__file__), 'archives')`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00			`self.old_cwd = os.getcwd()`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`os.chdir(self.testdir)`
Fixed #17042 -- Extended startproject and startapp management commands to better handle custom app and project templates. Many thanks to Preston Holmes for his initial patch and Alex Gaynor, Carl Meyer, Donald Stufft, Jacob Kaplan-Moss and Julien Phalip for code reviewing. * Added ability to pass the project or app directory path as the second argument * Added ``--template`` option for specifying custom project and app templates * Cleaned up admin_scripts tests a little while I was there git-svn-id: http://code.djangoproject.com/svn/django/trunk@17246 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2011-12-23 06:38:02 +08:00
			`def tearDown(self):`
			`os.chdir(self.old_cwd)`

			`def test_extract_function(self):`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`for entry in os.scandir(self.testdir):`
			`with self.subTest(entry.name), tempfile.TemporaryDirectory() as tmpdir:`
			`archive.extract(entry.path, tmpdir)`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, '1')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, '2')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', '1')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', '2')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', 'bar', '1')))`
			`self.assertTrue(os.path.isfile(os.path.join(tmpdir, 'foo', 'bar', '2')))`
Fixed #22681 -- Made TarArchive recognize leading directories properly. 2014-05-22 20:12:22 +08:00
Fixed #26494 -- Made Archive.extract() preserve file permissions. 2016-12-02 00:05:08 +08:00			`@unittest.skipIf(sys.platform == 'win32', 'Python on Windows has a limited os.chmod().')`
			`def test_extract_file_permissions(self):`
Refs #30160 -- Simplified and improved tests for django.utils.archive. The file executable should have 0o775 permission not only u=x. The file no_permissions should have 0o644 u=r. 2019-02-16 07:59:51 +08:00			`"""archive.extract() preserves file permissions."""`
			`mask = stat.S_IRWXU \| stat.S_IRWXG \| stat.S_IRWXO`
			`umask = os.umask(0)`
			`os.umask(umask) # Restore the original umask.`
			`for entry in os.scandir(self.testdir):`
			`if entry.name.startswith('leadpath_'):`
			`continue`
			`with self.subTest(entry.name), tempfile.TemporaryDirectory() as tmpdir:`
			`archive.extract(entry.path, tmpdir)`
			`# An executable file in the archive has executable permissions.`
			`filepath = os.path.join(tmpdir, 'executable')`
			`self.assertEqual(os.stat(filepath).st_mode & mask, 0o775)`
			`# A file is readable even if permission data is missing.`
			`filepath = os.path.join(tmpdir, 'no_permissions')`
Fixed #30807 -- Fixed TestArchive.test_extract_file_permissions() when umask is 0o000. Fixed test that checks permissions on files extracted from archives with no permissions set, to not assume a default umask of 0o002. Test regression in c95d063e776e849cf1a0bf616c654165cb89c706. 2020-06-29 13:51:43 +08:00			`self.assertEqual(os.stat(filepath).st_mode & mask, 0o666 & ~umask)`
[3.2.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract(). Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews. Thanks Wang Baohua for the report. Backport of 05413afa8c18cdb978fcdf470e09f7a12b234a23 from master. 2021-01-22 19:23:18 +08:00

			`class TestArchiveInvalid(SimpleTestCase):`
			`def test_extract_function_traversal(self):`
			`archives_dir = os.path.join(os.path.dirname(__file__), 'traversal_archives')`
			`tests = [`
			`('traversal.tar', '..'),`
			`('traversal_absolute.tar', '/tmp/evil.py'),`
			`]`
			`if sys.platform == 'win32':`
			`tests += [`
			`('traversal_disk_win.tar', 'd:evil.py'),`
			`('traversal_disk_win.zip', 'd:evil.py'),`
			`]`
			`msg = "Archive contains invalid path: '%s'"`
			`for entry, invalid_path in tests:`
			`with self.subTest(entry), tempfile.TemporaryDirectory() as tmpdir:`
			`with self.assertRaisesMessage(SuspiciousOperation, msg % invalid_path):`
			`archive.extract(os.path.join(archives_dir, entry), tmpdir)`