abdullah alamoudi has uploaded a new change for review. https://asterix-gerrit.ics.uci.edu/1905
Change subject: [ASTERIXDB-2004][TEST] Prevent Tests from writing outside target ...................................................................... [ASTERIXDB-2004][TEST] Prevent Tests from writing outside target - user model changes: no - storage format changes: no - interface changes: no details: - Some tests access data and queries outside the module. When that happens, the base path can contain ../ which can lead to results being written outside target. This change removes all ../ from the path of the actual results. Change-Id: If100c33780fa436ddb2a8e64f3901251156f5524 --- M asterixdb/asterix-test-framework/src/main/java/org/apache/asterix/testframework/context/TestCaseContext.java 1 file changed, 16 insertions(+), 5 deletions(-) git pull ssh://asterix-gerrit.ics.uci.edu:29418/asterixdb refs/changes/05/1905/1 diff --git a/asterixdb/asterix-test-framework/src/main/java/org/apache/asterix/testframework/context/TestCaseContext.java b/asterixdb/asterix-test-framework/src/main/java/org/apache/asterix/testframework/context/TestCaseContext.java index ff914b5..effe537 100644 --- a/asterixdb/asterix-test-framework/src/main/java/org/apache/asterix/testframework/context/TestCaseContext.java +++ b/asterixdb/asterix-test-framework/src/main/java/org/apache/asterix/testframework/context/TestCaseContext.java @@ -186,9 +186,20 @@ public File getActualResultFile(CompilationUnit cUnit, File expectedFile, File actualResultsBase) { File path = actualResultsBase; - path = new File(path, testSuite.getResultOffsetPath()); - path = new File(path, testCase.getFilePath()); - return new File(path, cUnit.getOutputDir().getValue() + File.separator + expectedFile.getName()); + String resultOffsetPath = removeUpward(testSuite.getResultOffsetPath()); + path = new File(path, resultOffsetPath); + String testCaseFilePath = removeUpward(testCase.getFilePath()); + String expectedFilePath = removeUpward(expectedFile.getName()); + path = new File(path, testCaseFilePath); + return new File(path, cUnit.getOutputDir().getValue() + File.separator + expectedFilePath); + } + + private String removeUpward(String filePath) { + String evil = ".." + File.separatorChar; + while (filePath.contains(evil)) { + filePath = filePath.replace(evil, ""); + } + return filePath; } @Override @@ -224,8 +235,8 @@ File tsFile = new File(tsRoot, tsXMLFilePath); TestSuiteParser tsp = new TestSuiteParser(); TestSuite ts = tsp.parse(tsFile); - List<TestCaseContext> tccs = new ArrayList<TestCaseContext>(); - List<TestGroup> tgPath = new ArrayList<TestGroup>(); + List<TestCaseContext> tccs = new ArrayList<>(); + List<TestGroup> tgPath = new ArrayList<>(); addContexts(tsRoot, ts, tgPath, ts.getTestGroup(), tccs); return tccs; } -- To view, visit https://asterix-gerrit.ics.uci.edu/1905 To unsubscribe, visit https://asterix-gerrit.ics.uci.edu/settings Gerrit-MessageType: newchange Gerrit-Change-Id: If100c33780fa436ddb2a8e64f3901251156f5524 Gerrit-PatchSet: 1 Gerrit-Project: asterixdb Gerrit-Branch: master Gerrit-Owner: abdullah alamoudi <bamou...@gmail.com>