From a1e2523cab7be7350beea13e785d5741a5c94b27 Mon Sep 17 00:00:00 2001
From: Enno Boland <g@s01.de>
Date: Thu, 10 Aug 2023 14:10:17 +0200
Subject: [PATCH] test/tools: import path traversal tests from squahfs-tools-ng

This adds a test for the path traversal vulnerability in rdsquashfs and
adapted to work with sqsh-unpack.

Thanks to @AgentD and the squahfs-tools-ng project to provide these tests.
---
 test/meson.build                                 |   1 +
 test/tools/unpack/pathtraversal/README.md        |   1 +
 test/tools/unpack/pathtraversal/pathtraversal.sh |  11 +++++++++++
 .../unpack/pathtraversal/pathtraversal.sqfs      | Bin 0 -> 4096 bytes
 4 files changed, 13 insertions(+)
 create mode 100644 test/tools/unpack/pathtraversal/README.md
 create mode 100644 test/tools/unpack/pathtraversal/pathtraversal.sh
 create mode 100644 test/tools/unpack/pathtraversal/pathtraversal.sqfs

diff --git a/test/meson.build b/test/meson.build
index dbbebca13..a24dfdd71 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -42,6 +42,7 @@ sqsh_extended_test = [
     'tools/cat/large-file-uncompressed.sh',
     'tools/read-chunk/tail.sh',
     'tools/unpack/repack.sh',
+    'tools/unpack/pathtraversal/pathtraversal.sh',
 ]
 sqsh_extended_fs_test = [
     'tools/fs/large-file.sh',
diff --git a/test/tools/unpack/pathtraversal/README.md b/test/tools/unpack/pathtraversal/README.md
new file mode 100644
index 000000000..9301883c9
--- /dev/null
+++ b/test/tools/unpack/pathtraversal/README.md
@@ -0,0 +1 @@
+These script and archives are taken from the [squashfs-tools-ng project](https://github.com/AgentD/squashfs-tools-ng/tree/72c8155d9fc0eaeac72c053f46ebb7b231d4596a/bin/rdsquashfs/test)
diff --git a/test/tools/unpack/pathtraversal/pathtraversal.sh b/test/tools/unpack/pathtraversal/pathtraversal.sh
new file mode 100644
index 000000000..723b406dd
--- /dev/null
+++ b/test/tools/unpack/pathtraversal/pathtraversal.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+REFFILE="$SOURCE_ROOT/test/tools/ls/pathtraversal/pathtraversal.sqfs"
+GOTCHA="/tmp/gotcha.txt"
+
+if "$SQSH_UNPACK" "$REFFILE" / ""; then
+	if [ -e "$GOTCHA" ]; then
+		echo "Found $GOTCHA which should not be there"
+		exit 1
+	fi
+fi
diff --git a/test/tools/unpack/pathtraversal/pathtraversal.sqfs b/test/tools/unpack/pathtraversal/pathtraversal.sqfs
new file mode 100644
index 0000000000000000000000000000000000000000..0c33bb3a7ef15aa494e764d6aef201d4d4645d62
GIT binary patch
literal 4096
zcmc~OE-YqcfC2#s&B(yR5WvL9zyjnpK&7M^Aq-(C{T~WuLgnv5X_z>S4#~(YR!Gat
zNma;5ELKQLP0dqCE=o--Nlj5G$tcP%P0vtBR47O+$xtXMN-Rq)Do)H%NGeU&<8orC
zxRsm~ap(jCtAZPoz<+iof%`&Dl9H154qe^gkeQ|s#*!3f@Y_CSo@5rE$J{#4JVwR6
zCqAw5coib~<UkI?l5N~&dLT0r8W`L(&K@~%a>Bg$NpmKy2oDNm5>91H5;r(|<iR7!
zDGVX!I1-r{cHClXU}*sPf*0yV5PKAihQMeDjE2By2#kinXb6mkz-S1JhQMeDjE2By
L2#kinum}MFJ=<Ur

literal 0
HcmV?d00001