diff options
author | Paul Eggleton <paul.eggleton@linux.intel.com> | 2015-04-17 15:26:59 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-04-24 11:33:15 +0100 |
commit | 523aaea8e2be33acd417ae8cbaa7de93bb9e3d63 (patch) | |
tree | f1745fef96966cae51c1ffb80c70ee0fa8637e9f /bitbake | |
parent | e625a82af2d7cfb04a0a895d2a395c02676f3680 (diff) | |
download | poky-523aaea8e2be33acd417ae8cbaa7de93bb9e3d63.tar.gz |
bitbake: lib/bb/utils: add safeguard against recursively deleting things we shouldn't
Add some very basic safeguard against recursively deleting paths such
as / and /home in the event of bugs or user mistakes.
Addresses [YOCTO #7620].
(Bitbake master rev: 56cddeb9e1e4d249f84ccd6ef65db245636e38ea)
(Bitbake rev: aa56ab0593b36abb4d7d2303ab19eb80d9cee93d)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'bitbake')
-rw-r--r-- | bitbake/lib/bb/tests/utils.py | 50 | ||||
-rw-r--r-- | bitbake/lib/bb/utils.py | 21 |
2 files changed, 71 insertions, 0 deletions
diff --git a/bitbake/lib/bb/tests/utils.py b/bitbake/lib/bb/tests/utils.py index 7c50b1d786..677b3872ba 100644 --- a/bitbake/lib/bb/tests/utils.py +++ b/bitbake/lib/bb/tests/utils.py | |||
@@ -21,6 +21,7 @@ | |||
21 | 21 | ||
22 | import unittest | 22 | import unittest |
23 | import bb | 23 | import bb |
24 | import os | ||
24 | 25 | ||
25 | class VerCmpString(unittest.TestCase): | 26 | class VerCmpString(unittest.TestCase): |
26 | 27 | ||
@@ -51,3 +52,52 @@ class VerCmpString(unittest.TestCase): | |||
51 | result = bb.utils.explode_dep_versions2("foo ( =1.10 )") | 52 | result = bb.utils.explode_dep_versions2("foo ( =1.10 )") |
52 | self.assertEqual(result, correctresult) | 53 | self.assertEqual(result, correctresult) |
53 | 54 | ||
55 | def test_vercmp_string_op(self): | ||
56 | compareops = [('1', '1', '=', True), | ||
57 | ('1', '1', '==', True), | ||
58 | ('1', '1', '!=', False), | ||
59 | ('1', '1', '>', False), | ||
60 | ('1', '1', '<', False), | ||
61 | ('1', '1', '>=', True), | ||
62 | ('1', '1', '<=', True), | ||
63 | ('1', '0', '=', False), | ||
64 | ('1', '0', '==', False), | ||
65 | ('1', '0', '!=', True), | ||
66 | ('1', '0', '>', True), | ||
67 | ('1', '0', '<', False), | ||
68 | ('1', '0', '>>', True), | ||
69 | ('1', '0', '<<', False), | ||
70 | ('1', '0', '>=', True), | ||
71 | ('1', '0', '<=', False), | ||
72 | ('0', '1', '=', False), | ||
73 | ('0', '1', '==', False), | ||
74 | ('0', '1', '!=', True), | ||
75 | ('0', '1', '>', False), | ||
76 | ('0', '1', '<', True), | ||
77 | ('0', '1', '>>', False), | ||
78 | ('0', '1', '<<', True), | ||
79 | ('0', '1', '>=', False), | ||
80 | ('0', '1', '<=', True)] | ||
81 | |||
82 | for arg1, arg2, op, correctresult in compareops: | ||
83 | result = bb.utils.vercmp_string_op(arg1, arg2, op) | ||
84 | self.assertEqual(result, correctresult, 'vercmp_string_op("%s", "%s", "%s") != %s' % (arg1, arg2, op, correctresult)) | ||
85 | |||
86 | # Check that clearly invalid operator raises an exception | ||
87 | self.assertRaises(bb.utils.VersionStringException, bb.utils.vercmp_string_op, '0', '0', '$') | ||
88 | |||
89 | |||
90 | class Path(unittest.TestCase): | ||
91 | def test_unsafe_delete_path(self): | ||
92 | checkitems = [('/', True), | ||
93 | ('//', True), | ||
94 | ('///', True), | ||
95 | (os.getcwd().count(os.sep) * ('..' + os.sep), True), | ||
96 | (os.environ.get('HOME', '/home/test'), True), | ||
97 | ('/home/someone', True), | ||
98 | ('/home/other/', True), | ||
99 | ('/home/other/subdir', False), | ||
100 | ('', False)] | ||
101 | for arg1, correctresult in checkitems: | ||
102 | result = bb.utils._check_unsafe_delete_path(arg1) | ||
103 | self.assertEqual(result, correctresult, '_check_unsafe_delete_path("%s") != %s' % (arg1, correctresult)) | ||
diff --git a/bitbake/lib/bb/utils.py b/bitbake/lib/bb/utils.py index 0be45e1af6..478bc3d83e 100644 --- a/bitbake/lib/bb/utils.py +++ b/bitbake/lib/bb/utils.py | |||
@@ -578,11 +578,30 @@ def build_environment(d): | |||
578 | if export: | 578 | if export: |
579 | os.environ[var] = d.getVar(var, True) or "" | 579 | os.environ[var] = d.getVar(var, True) or "" |
580 | 580 | ||
581 | def _check_unsafe_delete_path(path): | ||
582 | """ | ||
583 | Basic safeguard against recursively deleting something we shouldn't. If it returns True, | ||
584 | the caller should raise an exception with an appropriate message. | ||
585 | NOTE: This is NOT meant to be a security mechanism - just a guard against silly mistakes | ||
586 | with potentially disastrous results. | ||
587 | """ | ||
588 | extra = '' | ||
589 | # HOME might not be /home/something, so in case we can get it, check against it | ||
590 | homedir = os.environ.get('HOME', '') | ||
591 | if homedir: | ||
592 | extra = '|%s' % homedir | ||
593 | if re.match('(/|//|/home|/home/[^/]*%s)$' % extra, os.path.abspath(path)): | ||
594 | return True | ||
595 | return False | ||
596 | |||
581 | def remove(path, recurse=False): | 597 | def remove(path, recurse=False): |
582 | """Equivalent to rm -f or rm -rf""" | 598 | """Equivalent to rm -f or rm -rf""" |
583 | if not path: | 599 | if not path: |
584 | return | 600 | return |
585 | if recurse: | 601 | if recurse: |
602 | for name in glob.glob(path): | ||
603 | if _check_unsafe_delete_path(path): | ||
604 | raise Exception('bb.utils.remove: called with dangerous path "%s" and recurse=True, refusing to delete!' % path) | ||
586 | # shutil.rmtree(name) would be ideal but its too slow | 605 | # shutil.rmtree(name) would be ideal but its too slow |
587 | subprocess.call(['rm', '-rf'] + glob.glob(path)) | 606 | subprocess.call(['rm', '-rf'] + glob.glob(path)) |
588 | return | 607 | return |
@@ -596,6 +615,8 @@ def remove(path, recurse=False): | |||
596 | def prunedir(topdir): | 615 | def prunedir(topdir): |
597 | # Delete everything reachable from the directory named in 'topdir'. | 616 | # Delete everything reachable from the directory named in 'topdir'. |
598 | # CAUTION: This is dangerous! | 617 | # CAUTION: This is dangerous! |
618 | if _check_unsafe_delete_path(topdir): | ||
619 | raise Exception('bb.utils.prunedir: called with dangerous path "%s", refusing to delete!' % topdir) | ||
599 | for root, dirs, files in os.walk(topdir, topdown = False): | 620 | for root, dirs, files in os.walk(topdir, topdown = False): |
600 | for name in files: | 621 | for name in files: |
601 | os.remove(os.path.join(root, name)) | 622 | os.remove(os.path.join(root, name)) |