Add tests for .gitmodules validation

Add tests to ensure that pushes containing invalid .gitmodules content are rejected. Without the previous commit that updates JGit to fix CVE-2018-17456 [1], these tests fail. [1] https://nvd.nist.gov/vuln/detail/CVE-2018-17456 Change-Id: Id07a9560ff224ce4971f3e848656b987ac9357c2
2018-10-07 14:08:16 +09:00 · 2018-10-07 14:08:16 +09:00 · 685bb84644
parent 527e01513e
commit 685bb84644
1 changed files with 57 additions and 0 deletions
--- a/gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/git/GitmodulesIT.java
+++ b/gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/git/GitmodulesIT.java
@ -0,0 +1,57 @@
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.acceptance.git;
+
+import com.google.gerrit.acceptance.AbstractDaemonTest;
+import org.eclipse.jgit.api.errors.TransportException;
+import org.eclipse.jgit.junit.TestRepository;
+import org.eclipse.jgit.lib.Config;
+import org.eclipse.jgit.transport.RefSpec;
+import org.junit.Test;
+
+public class GitmodulesIT extends AbstractDaemonTest {
+  @Test
+  public void invalidSubmoduleURLIsRejected() throws Exception {
+    pushGitmodules("name", "-invalid-url", "path", "Invalid submodule URL");
+  }
+
+  @Test
+  public void invalidSubmodulePathIsRejected() throws Exception {
+    pushGitmodules("name", "http://somewhere", "-invalid-path", "Invalid submodule path");
+  }
+
+  @Test
+  public void invalidSubmoduleNameIsRejected() throws Exception {
+    pushGitmodules("-invalid-name", "http://somewhere", "path", "Invalid submodule name");
+  }
+
+  private void pushGitmodules(String name, String url, String path, String expectedErrorMessage)
+      throws Exception {
+    Config config = new Config();
+    config.setString("submodule", name, "url", url);
+    config.setString("submodule", name, "path", path);
+    TestRepository<?> repo = cloneProject(project);
+    repo.branch("HEAD")
+        .commit()
+        .insertChangeId()
+        .message("subject: adding new subscription")
+        .add(".gitmodules", config.toText().toString())
+        .create();
+
+    exception.expectMessage(expectedErrorMessage);
+    exception.expect(TransportException.class);
+    repo.git().push().setRemote("origin").setRefSpecs(new RefSpec("HEAD:refs/for/master")).call();
+  }
+}