add test for SECURE_SYMLINKS with absolute path

diff --git a/libarchive/test/test_write_disk_secure.c b/libarchive/test/test_write_disk_secure.c
index 4d67ce6f0e7f7604025e8b43aab25c8a3b2021a2..7cd66c41ac4e20731c173b27445e6a28dfd7db98 100644 (file)
--- a/libarchive/test/test_write_disk_secure.c
+++ b/libarchive/test/test_write_disk_secure.c
@@ -84,6 +84,27 @@ DEFINE_TEST(test_write_disk_secure)
        archive_entry_free(ae);
        assert(0 == archive_write_finish_entry(a));
 
+       /* Write an absolute symlink to /tmp. */
+       assert((ae = archive_entry_new()) != NULL);
+       archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_symlink");
+       archive_entry_set_mode(ae, S_IFLNK | 0777);
+       archive_entry_set_symlink(ae, "/tmp");
+       archive_write_disk_set_options(a, 0);
+       assert(0 == archive_write_header(a, ae));
+       assert(0 == archive_write_finish_entry(a));
+
+       /* With security checks enabled, this should fail. */
+       assert(archive_entry_clear(ae) != NULL);
+       archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_symlink/libarchive_test-test_write_disk_secure-absolute_symlink_path.tmp");
+       archive_entry_set_mode(ae, S_IFREG | 0777);
+       archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_SYMLINKS);
+       failure("Extracting a file through an absolute symlink should fail here.");
+       assertEqualInt(ARCHIVE_FAILED, archive_write_header(a, ae));
+       archive_entry_free(ae);
+       assertFileNotExists("/tmp/libarchive_test-test_write_disk_secure-absolute_symlink/libarchive_test-test_write_disk_secure-absolute_symlink_path.tmp");
+       assert(0 == unlink("/tmp/libarchive_test-test_write_disk_secure-absolute_symlink"));
+       unlink("/tmp/libarchive_test-test_write_disk_secure-absolute_symlink_path.tmp");
+
        /* Create another link. */
        assert((ae = archive_entry_new()) != NULL);
        archive_entry_copy_pathname(ae, "link_to_dir2");