summaryrefslogtreecommitdiff
path: root/test/integration/test-cve-2019-3462-dequote-injection
blob: 23cef4faedc05fb5f37b72dac7aa0e8986632f25 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#!/bin/sh
set -e

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"
setupenvironment
configarchitecture 'amd64'

# build two uncompressed packages
buildsimplenativepackage 'alpha' 'all' '1' 'unstable' '' '' 'section' 'optional' '' 'none'

setupaptarchive --no-update
ORIGINAL_SHA256=$(sha256sum aptarchive/pool/alpha_1_all.deb | awk '{print $1}')
ORIGINAL_SIZE=$(wc -c aptarchive/pool/alpha_1_all.deb | awk '{print $1}')
SHA256="DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF"
changetowebserver

runwithbaduri() {
	local BADURI="$1"
	local ERRMSG="$2"
	shift 2
	local BADFETCH="http://localhost:${APTHTTPPORT}/pool/alpha_1_all.deb"
	if [ "$#" = '0' ]; then
		BADFETCH="http://localhost:${APTHTTPPORT}/pool/$BADURI"
	fi
	webserverconfig aptwebserver::redirect::replace::alpha_1_all.deb "$BADURI"

	testsuccess apt update -o debug::http=1 -o debug::pkgacquire::worker=1 "$@"

	testfailureequal "Reading package lists...
Building dependency tree...
The following NEW packages will be installed:
  alpha
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 20.7 kB of archives.
After this operation, 11.3 kB of additional disk space will be used.
Err:1 http://localhost:${APTHTTPPORT} unstable/main all alpha all 1
  $ERRMSG
E: Failed to fetch $BADFETCH  $ERRMSG
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?" aptget install alpha "$@"
}
runwithbaduri "beeta_1_all.deb%0a%0a201%20URI%20Done%0aURI:%20http://localhost:${APTHTTPPORT}/pool/beeta_1_all.deb%0aFilename:%20${TMPWORKINGDIRECTORY}/rootdir/var/cache/apt/archives/partial/alpha_1_all.deb%0aSize:%2020672%0aLast-Modified:%20Fri,%2018%20Jan%202019%2009:52:02%20+0000%0aSHA256-Hash:%20${SHA256}%0aChecksum-FileSize-Hash:%2012345%0a%0a%0a" 'SECURITY: URL redirect target contains control characters, rejecting.' -o Acquire::Send-URI-Encoded=false
rm -rf rootdir/var/lib/apt/lists
runwithbaduri "beeta_1_all.deb%250a%250a201%2520URI%2520Done%250aURI:%2520http://localhost:${APTHTTPPORT}/pool/beeta_1_all.deb%250aFilename:%2520${TMPWORKINGDIRECTORY}/rootdir/var/cache/apt/archives/partial/alpha_1_all.deb%250aSize:%252020672%250aLast-Modified:%2520Fri,%252018%2520Jan%25202019%252009:52:02%2520+0000%250aSHA256-Hash:%2520${SHA256}%250aChecksum-FileSize-Hash:%252012345%250a%250a%0a" 'SECURITY: URL redirect target contains control characters, rejecting.' -o Acquire::Send-URI-Encoded=false

# without de- and reencoding, we just trigger an error in our webserver as it refuses URIs containing '//'
rm -rf rootdir/var/lib/apt/lists
runwithbaduri "beeta_1_all.deb%0a%0a201%20URI%20Done%0aURI:%20http://localhost:${APTHTTPPORT}/pool/beeta_1_all.deb%0aFilename:%20${TMPWORKINGDIRECTORY}/rootdir/var/cache/apt/archives/partial/alpha_1_all.deb%0aSize:%2020672%0aLast-Modified:%20Fri,%2018%20Jan%202019%2009:52:02%20+0000%0aSHA256-Hash:%20${SHA256}%0aChecksum-FileSize-Hash:%2012345%0a%0a%0a" '400  Bad Request'
rm -rf rootdir/var/lib/apt/lists
runwithbaduri "beeta_1_all.deb%250a%250a201%2520URI%2520Done%250aURI:%2520http://localhost:${APTHTTPPORT}/pool/beeta_1_all.deb%250aFilename:%2520${TMPWORKINGDIRECTORY}/rootdir/var/cache/apt/archives/partial/alpha_1_all.deb%250aSize:%252020672%250aLast-Modified:%2520Fri,%252018%2520Jan%25202019%252009:52:02%2520+0000%250aSHA256-Hash:%2520${SHA256}%250aChecksum-FileSize-Hash:%252012345%250a%250a%0a" '400  Bad Request'

# For reference, the following is the original reproducer/bug. It has
# been disabled using exit 0, as it will fail in fixed versions.
exit 0

testfailureequal "Reading package lists...
Building dependency tree...
The following NEW packages will be installed:
  alpha
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 20.7 kB of archives.
After this operation, 11.3 kB of additional disk space will be used.
Err:1 http://localhost:${APTHTTPPORT} unstable/main all alpha all 1
  Hash Sum mismatch
  Hashes of expected file:
   - SHA256:$ORIGINAL_SHA256
   - Filesize:$ORIGINAL_SIZE [weak]
  Hashes of received file:
   - SHA256:DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF
   - Filesize:12345 [weak]
  Last modification reported: Fri, 18 Jan 2019 09:52:02 +0000
E: Failed to fetch http://localhost:${APTHTTPPORT}/pool/beeta_1_all.deb  Hash Sum mismatch
   Hashes of expected file:
    - SHA256:$ORIGINAL_SHA256
    - Filesize:$ORIGINAL_SIZE [weak]
   Hashes of received file:
    - SHA256:DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF
    - Filesize:12345 [weak]
   Last modification reported: Fri, 18 Jan 2019 09:52:02 +0000
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?" aptget install alpha