1#!/bin/sh23test_description='paths written by git-apply cannot escape the working tree'4. ./test-lib.sh56# tests will try to write to ../foo, and we do not7# want them to escape the trash directory when they8# fail9test_expect_success 'bump git repo one level down' '10mkdir inside &&11mv .git inside/ &&12cd inside13'1415# $1 = name of file16# $2 = current path to file (if different)17mkpatch_add () {18rm -f "${2:-$1}" &&19cat <<-EOF20diff --git a/$1 b/$121new file mode 10064422index 0000000..53c74cd23--- /dev/null24+++ b/$125@@ -0,0 +1 @@26+evil27EOF28}2930mkpatch_del () {31echo evil >"${2:-$1}" &&32cat <<-EOF33diff --git a/$1 b/$134deleted file mode 10064435index 53c74cd..000000036--- a/$137+++ /dev/null38@@ -1 +0,0 @@39-evil40EOF41}4243# $1 = name of file44# $2 = content of symlink45mkpatch_symlink () {46rm -f "$1" &&47cat <<-EOF48diff --git a/$1 b/$149new file mode 12000050index 0000000..$(printf "%s" "$2" | git hash-object --stdin)51--- /dev/null52+++ b/$153@@ -0,0 +1 @@54+$255\ No newline at end of file56EOF57}5859test_expect_success 'cannot create file containing ..' '60mkpatch_add ../foo >patch &&61test_must_fail git apply patch &&62test_path_is_missing ../foo63'6465test_expect_success 'can create file containing .. with --unsafe-paths' '66mkpatch_add ../foo >patch &&67git apply --unsafe-paths patch &&68test_path_is_file ../foo69'7071test_expect_success 'cannot create file containing .. (index)' '72mkpatch_add ../foo >patch &&73test_must_fail git apply --index patch &&74test_path_is_missing ../foo75'7677test_expect_success 'cannot create file containing .. with --unsafe-paths (index)' '78mkpatch_add ../foo >patch &&79test_must_fail git apply --index --unsafe-paths patch &&80test_path_is_missing ../foo81'8283test_expect_success 'cannot delete file containing ..' '84mkpatch_del ../foo >patch &&85test_must_fail git apply patch &&86test_path_is_file ../foo87'8889test_expect_success 'can delete file containing .. with --unsafe-paths' '90mkpatch_del ../foo >patch &&91git apply --unsafe-paths patch &&92test_path_is_missing ../foo93'9495test_expect_success 'cannot delete file containing .. (index)' '96mkpatch_del ../foo >patch &&97test_must_fail git apply --index patch &&98test_path_is_file ../foo99'100101test_expect_success SYMLINKS 'symlink escape via ..' '102{103mkpatch_symlink tmp .. &&104mkpatch_add tmp/foo ../foo105} >patch &&106test_must_fail git apply patch &&107test_path_is_missing tmp &&108test_path_is_missing ../foo109'110111test_expect_success SYMLINKS 'symlink escape via .. (index)' '112{113mkpatch_symlink tmp .. &&114mkpatch_add tmp/foo ../foo115} >patch &&116test_must_fail git apply --index patch &&117test_path_is_missing tmp &&118test_path_is_missing ../foo119'120121test_expect_success SYMLINKS 'symlink escape via absolute path' '122{123mkpatch_symlink tmp "$(pwd)" &&124mkpatch_add tmp/foo ../foo125} >patch &&126test_must_fail git apply patch &&127test_path_is_missing tmp &&128test_path_is_missing ../foo129'130131test_expect_success SYMLINKS 'symlink escape via absolute path (index)' '132{133mkpatch_symlink tmp "$(pwd)" &&134mkpatch_add tmp/foo ../foo135} >patch &&136test_must_fail git apply --index patch &&137test_path_is_missing tmp &&138test_path_is_missing ../foo139'140141test_done