d2bfe1b071
specially-crafted derivations that produce output paths belonging to other derivations. This could be used to inject malware into the store.
38 lines
1 KiB
Bash
38 lines
1 KiB
Bash
# Test that users cannot register specially-crafted derivations that
|
|
# produce output paths belonging to other derivations. This could be
|
|
# used to inject malware into the store.
|
|
|
|
source common.sh
|
|
|
|
clearStore
|
|
clearManifests
|
|
|
|
startDaemon
|
|
|
|
# Determine the output path of the "good" derivation.
|
|
goodOut=$($nixstore -q $($nixinstantiate ./secure-drv-outputs.nix -A good))
|
|
|
|
# Instantiate the "bad" derivation.
|
|
badDrv=$($nixinstantiate ./secure-drv-outputs.nix -A bad)
|
|
badOut=$($nixstore -q $badDrv)
|
|
|
|
# Rewrite the bad derivation to produce the output path of the good
|
|
# derivation.
|
|
rm -f $TEST_ROOT/bad.drv
|
|
sed -e "s|$badOut|$goodOut|g" < $badDrv > $TEST_ROOT/bad.drv
|
|
|
|
# Add the manipulated derivation to the store and build it. This
|
|
# should fail.
|
|
if badDrv2=$($nixstore --add $TEST_ROOT/bad.drv); then
|
|
$nixstore -r "$badDrv2"
|
|
fi
|
|
|
|
# Now build the good derivation.
|
|
goodOut2=$($nixbuild ./secure-drv-outputs.nix -A good)
|
|
test "$goodOut" = "$goodOut2"
|
|
|
|
if ! test -e "$goodOut"/good; then
|
|
echo "Bad derivation stole the output path of the good derivation!"
|
|
exit 1
|
|
fi
|