From 2f494d26a65cde5da1ef797070bc439f2431265c Mon Sep 17 00:00:00 2001
From: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Date: Sat, 14 Aug 2021 12:37:02 +0200
Subject: Add a test case for the path traversal bug

Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
---
 .gitignore                           |   1 +
 configure.ac                         |   2 ++
 tests/Makemodule.am                  |   7 +++++++
 tests/rdsquashfs/pathtraversal.sh.in |  12 ++++++++++++
 tests/rdsquashfs/pathtraversal.sqfs  | Bin 0 -> 4096 bytes
 5 files changed, 22 insertions(+)
 create mode 100644 tests/rdsquashfs/pathtraversal.sh.in
 create mode 100644 tests/rdsquashfs/pathtraversal.sqfs

diff --git a/.gitignore b/.gitignore
index 3501319..2703619 100644
--- a/.gitignore
+++ b/.gitignore
@@ -42,6 +42,7 @@ m4/libtool.m4
 m4/lt*.m4
 Doxyfile
 tests/*.sh
+tests/rdsquashfs/*.sh
 /mknastyfs
 /mk42sqfs
 /list_files
diff --git a/configure.ac b/configure.ac
index b6cef1b..ebcbeda 100644
--- a/configure.ac
+++ b/configure.ac
@@ -252,6 +252,8 @@ AC_CONFIG_FILES([Doxyfile])
 AC_CONFIG_FILES([tests/cantrbry.sh], [chmod +x tests/cantrbry.sh])
 AC_CONFIG_FILES([tests/test_tar_sqfs.sh], [chmod +x tests/test_tar_sqfs.sh])
 AC_CONFIG_FILES([tests/pack_dir_root.sh], [chmod +x tests/pack_dir_root.sh])
+AC_CONFIG_FILES([tests/rdsquashfs/pathtraversal.sh],
+		[chmod +x tests/rdsquashfs/pathtraversal.sh])
 
 AC_OUTPUT([Makefile])
 
diff --git a/tests/Makemodule.am b/tests/Makemodule.am
index e1a3a26..414d239 100644
--- a/tests/Makemodule.am
+++ b/tests/Makemodule.am
@@ -272,3 +272,10 @@ EXTRA_DIST += $(top_srcdir)/tests/fstree1.txt
 EXTRA_DIST += $(top_srcdir)/tests/corpus/cantrbry.tar.xz
 EXTRA_DIST += $(top_srcdir)/tests/corpus/cantrbry.sha512
 EXTRA_DIST += $(top_srcdir)/tests/pack_dir_root.txt.ref
+EXTRA_DIST += $(top_srcdir)/tests/rdsquashfs/pathtraversal.sqfs
+
+if WINDOWS
+else
+check_SCRIPTS += tests/rdsquashfs/pathtraversal.sh
+TESTS += tests/rdsquashfs/pathtraversal.sh
+endif
diff --git a/tests/rdsquashfs/pathtraversal.sh.in b/tests/rdsquashfs/pathtraversal.sh.in
new file mode 100644
index 0000000..6dd9fab
--- /dev/null
+++ b/tests/rdsquashfs/pathtraversal.sh.in
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+RDSQFS="@abs_top_builddir@/rdsquashfs"
+REFFILE="@abs_top_srcdir@/tests/rdsquashfs/pathtraversal.sqfs"
+GOTCHA="/tmp/gotcha.txt"
+
+if "$RDSQFS" -u / -p . "$REFFILE"; then
+	if [ -e "$GOTCHA" ]; then
+		echo "Found $GOTCHA which should not be there"
+		exit 1
+	fi
+fi
diff --git a/tests/rdsquashfs/pathtraversal.sqfs b/tests/rdsquashfs/pathtraversal.sqfs
new file mode 100644
index 0000000..0c33bb3
Binary files /dev/null and b/tests/rdsquashfs/pathtraversal.sqfs differ
-- 
cgit v1.2.3