5341a31 pkg: add test for audit — HardenedBSD-pkg

HardenedBSD-pkg

rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9

HardenedBSD Package Manager

pkg: add test for audit

Baptiste Daroussin committed 1 month ago

commit 5341a31c2c7220ad015accfa65ca0efbf0d4da1b
parent b79c108

3 files changed +793 -0

modified tests/Makefile.autosetup

@@ -23,6 +23,7 @@ TESTS= \

 	kv
 TESTS_SH= \
 	frontend/audit.sh \
 	frontend/pkg.sh \
 	frontend/add.sh \
 	frontend/alias.sh \

@@ -52,6 +53,7 @@ TESTS_SH= \

 	frontend/query.sh \
 	frontend/register.sh \
 	frontend/repo.sh \
 	frontend/rquery.sh \
 	frontend/requires.sh \
 	frontend/rootdir.sh \
 	frontend/rubypuppet.sh \

added tests/frontend/audit.sh

@@ -0,0 +1,354 @@

 #! /usr/bin/env atf-sh
 . $(atf_get_srcdir)/test_environment.sh
 tests_init \
 	audit_vulnerable \
 	audit_not_vulnerable \
 	audit_empty_db \
 	audit_out_of_range \
 	audit_quiet \
 	audit_recursive \
 	audit_raw_json \
 	audit_raw_ucl \
 	audit_pattern \
 	audit_multiple_vulns \
 	audit_multiple_packages \
 	audit_glob_name \
 	audit_no_db
 # Helper: install test packages
 setup_packages() {
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "test" "test" "1.5" "/usr/local"
 	atf_check -o ignore pkg register -M test.ucl
 }
 # Helper: create a vuln XML with a vulnerability affecting test >=1.0 <2.0
 create_vuln_db() {
 	cat > vuln.xml << 'EOF'
 <?xml version="1.0" encoding="utf-8"?>
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="test-vuln-001">
     <topic>Test vulnerability in test package</topic>
     <affects>
       <package>
         <name>test</name>
         <range>
           <ge>1.0</ge>
           <lt>2.0</lt>
         </range>
       </package>
     </affects>
     <references>
       <cvename>CVE-2024-00001</cvename>
     </references>
   </vuln>
 </vuxml>
 EOF
 }
 audit_vulnerable_body() {
 	setup_packages
 	create_vuln_db
 	# test-1.5 is in range [1.0, 2.0) -> vulnerable
 	atf_check \
 		-o match:"test-1.5 is vulnerable" \
 		-o match:"Test vulnerability in test package" \
 		-o match:"CVE-2024-00001" \
 		-o match:"1 problem" \
 		-s exit:1 \
 		pkg audit -f vuln.xml
 }
 audit_not_vulnerable_body() {
 	# Install a package outside the vulnerable range
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "test" "test" "3.0" "/usr/local"
 	atf_check -o ignore pkg register -M test.ucl
 	create_vuln_db
 	# test-3.0 is NOT in range [1.0, 2.0) -> safe
 	atf_check \
 		-o match:"0 problem" \
 		-s exit:0 \
 		pkg audit -f vuln.xml
 }
 audit_empty_db_body() {
 	setup_packages
 	cat > vuln.xml << 'EOF'
 <?xml version="1.0" encoding="utf-8"?>
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
 </vuxml>
 EOF
 	# Empty vuln db -> no problems
 	atf_check \
 		-o match:"0 problem" \
 		-s exit:0 \
 		pkg audit -f vuln.xml
 }
 audit_out_of_range_body() {
 	setup_packages
 	# Vulnerability only affects versions < 1.0
 	cat > vuln.xml << 'EOF'
 <?xml version="1.0" encoding="utf-8"?>
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="old-vuln">
     <topic>Old vulnerability</topic>
     <affects>
       <package>
         <name>test</name>
         <range>
           <lt>1.0</lt>
         </range>
       </package>
     </affects>
     <references>
       <cvename>CVE-2020-99999</cvename>
     </references>
   </vuln>
 </vuxml>
 EOF
 	# test-1.5 >= 1.0, so not affected
 	atf_check \
 		-o match:"0 problem" \
 		-s exit:0 \
 		pkg audit -f vuln.xml
 }
 audit_quiet_body() {
 	setup_packages
 	create_vuln_db
 	# -q: quiet mode shows only package name-version
 	atf_check \
 		-o inline:"test-1.5\n" \
 		-s exit:1 \
 		pkg audit -qf vuln.xml
 }
 audit_recursive_body() {
 	setup_packages
 	create_vuln_db
 	# Create a package that depends on the vulnerable one
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "rdep" "rdep" "1.0" "/usr/local"
 	cat << EOF >> rdep.ucl
 deps: {
     test: {
         origin: test,
         version: "1.5"
     }
 }
 EOF
 	atf_check -o ignore pkg register -M rdep.ucl
 	# -r: show reverse dependencies of vulnerable packages
 	atf_check \
 		-o match:"test-1.5 is vulnerable" \
 		-o match:"rdep" \
 		-s exit:1 \
 		pkg audit -rf vuln.xml
 }
 audit_raw_json_body() {
 	atf_require python3 "Requires python3 to run this test"
 	setup_packages
 	create_vuln_db
 	# -Rjson: raw JSON output
 	atf_check \
 		-o save:out.json \
 		-s exit:1 \
 		pkg audit -f vuln.xml -Rjson
 	# Must be valid JSON
 	atf_check -o ignore -e empty python3 -m json.tool out.json
 	# Check content
 	atf_check \
 		-o inline:"1\n" \
 		python3 -c "import json; d=json.load(open('out.json')); print(d['pkg_count'])"
 	atf_check \
 		-o inline:"1.5\n" \
 		python3 -c "import json; d=json.load(open('out.json')); print(d['packages']['test']['version'])"
 	atf_check \
 		-o inline:"CVE-2024-00001\n" \
 		python3 -c "import json; d=json.load(open('out.json')); print(d['packages']['test']['issues'][0]['cve'][0])"
 }
 audit_raw_ucl_body() {
 	setup_packages
 	create_vuln_db
 	# -R: raw UCL output (default format)
 	atf_check \
 		-o match:"pkg_count = 1" \
 		-o match:"version.*1.5" \
 		-o match:"CVE-2024-00001" \
 		-s exit:1 \
 		pkg audit -f vuln.xml -R
 }
 audit_pattern_body() {
 	setup_packages
 	# Also install a safe package
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "safe" "safe" "1.0" "/usr/local"
 	atf_check -o ignore pkg register -M safe.ucl
 	create_vuln_db
 	# Audit only the vulnerable package by name
 	atf_check \
 		-o match:"1 problem" \
 		-s exit:1 \
 		pkg audit -f vuln.xml test
 	# Audit only the safe package by name
 	atf_check \
 		-o match:"0 problem" \
 		-s exit:0 \
 		pkg audit -f vuln.xml safe
 }
 audit_multiple_vulns_body() {
 	setup_packages
 	# Two vulnerabilities affecting the same package
 	cat > vuln.xml << 'EOF'
 <?xml version="1.0" encoding="utf-8"?>
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="vuln-001">
     <topic>First vulnerability</topic>
     <affects>
       <package>
         <name>test</name>
         <range>
           <ge>1.0</ge>
           <lt>2.0</lt>
         </range>
       </package>
     </affects>
     <references>
       <cvename>CVE-2024-00001</cvename>
     </references>
   </vuln>
   <vuln vid="vuln-002">
     <topic>Second vulnerability</topic>
     <affects>
       <package>
         <name>test</name>
         <range>
           <ge>1.0</ge>
           <le>1.5</le>
         </range>
       </package>
     </affects>
     <references>
       <cvename>CVE-2024-00002</cvename>
     </references>
   </vuln>
 </vuxml>
 EOF
 	# Both vulnerabilities should be reported
 	atf_check \
 		-o match:"CVE-2024-00001" \
 		-o match:"CVE-2024-00002" \
 		-o match:"2 problem" \
 		-s exit:1 \
 		pkg audit -f vuln.xml
 }
 audit_multiple_packages_body() {
 	# Install two packages, only one vulnerable
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "vuln" "vuln" "1.0" "/usr/local"
 	atf_check -o ignore pkg register -M vuln.ucl
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "safe" "safe" "1.0" "/usr/local"
 	atf_check -o ignore pkg register -M safe.ucl
 	cat > vuln.xml << 'EOF'
 <?xml version="1.0" encoding="utf-8"?>
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="vuln-pkg-001">
     <topic>Vulnerability in vuln package</topic>
     <affects>
       <package>
         <name>vuln</name>
         <range>
           <le>2.0</le>
         </range>
       </package>
     </affects>
     <references>
       <cvename>CVE-2024-99999</cvename>
     </references>
   </vuln>
 </vuxml>
 EOF
 	# Only vuln package should be flagged
 	atf_check \
 		-o match:"vuln-1.0 is vulnerable" \
 		-o match:"1 problem.*1 package" \
 		-s exit:1 \
 		pkg audit -f vuln.xml
 	# Quiet mode should only list the vulnerable one
 	atf_check \
 		-o inline:"vuln-1.0\n" \
 		-s exit:1 \
 		pkg audit -qf vuln.xml
 }
 audit_glob_name_body() {
 	# Vuln DB uses a glob pattern for package name
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "perl5-DBI" "perl5-DBI" "1.5" "/usr/local"
 	atf_check -o ignore pkg register -M perl5-DBI.ucl
 	cat > vuln.xml << 'EOF'
 <?xml version="1.0" encoding="utf-8"?>
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="perl-vuln-001">
     <topic>Vulnerability in perl DBI</topic>
     <affects>
       <package>
         <name>perl5*-DBI</name>
         <range>
           <lt>2.0</lt>
         </range>
       </package>
     </affects>
     <references>
       <cvename>CVE-2024-55555</cvename>
     </references>
   </vuln>
 </vuxml>
 EOF
 	# Glob pattern in vuln DB should match perl5-DBI
 	atf_check \
 		-o match:"perl5-DBI-1.5 is vulnerable" \
 		-o match:"CVE-2024-55555" \
 		-s exit:1 \
 		pkg audit -f vuln.xml
 }
 audit_no_db_body() {
 	setup_packages
 	# No vuln DB file -> error
 	atf_check \
 		-e match:"does not exist" \
 		-s exit:1 \
 		pkg audit -f /nonexistent/vuln.xml
 }

added tests/frontend/rquery.sh

@@ -0,0 +1,437 @@

 #! /usr/bin/env atf-sh
 . $(atf_get_srcdir)/test_environment.sh
 tests_init \
 	rquery_name_version \
 	rquery_all \
 	rquery_comment \
 	rquery_origin \
 	rquery_prefix \
 	rquery_deps \
 	rquery_rdeps \
 	rquery_options \
 	rquery_categories \
 	rquery_size \
 	rquery_eval \
 	rquery_eval_complex \
 	rquery_glob \
 	rquery_regex \
 	rquery_no_repo \
 	rquery_not_found \
 	rquery_multiple_pkgs \
 	rquery_multi_repo
 # Helper: set up a local file:// repo with rich packages
 setup_repo() {
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "dep" "dep" "1.0" "/usr/local"
 	cat << EOF >> dep.ucl
 categories: [net]
 EOF
 	atf_check pkg create -o ${TMPDIR}/repo -M dep.ucl
 	cat << EOF > test.ucl
 name: test
 origin: test
 version: "2.5"
 maintainer: test
 categories: [devel, test]
 comment: a test
 www: http://test
 prefix: /usr/local
 abi: "*"
 desc: <<EOD
 This is a test
 EOD
 deps: {
     dep: {
         origin: dep,
         version: "1.0"
     }
 }
 options: {
     "OPT1": "on",
     "OPT2": "off",
 }
 EOF
 	atf_check pkg create -o ${TMPDIR}/repo -M test.ucl
 	atf_check -o ignore pkg repo ${TMPDIR}/repo
 	mkdir -p ${TMPDIR}/reposconf
 	cat << EOF > ${TMPDIR}/reposconf/test.conf
 test: {
     url: file://${TMPDIR}/repo,
     enabled: true
 }
 EOF
 	atf_check -o ignore \
 		pkg -o REPOS_DIR="${TMPDIR}/reposconf" \
 		update
 	RDIR="${TMPDIR}/reposconf"
 }
 rquery_name_version_body() {
 	setup_repo
 	# %n %v: name and version
 	atf_check \
 		-o inline:"test-2.5\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%n-%v" test
 	atf_check \
 		-o inline:"dep-1.0\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%n-%v" dep
 }
 rquery_all_body() {
 	setup_repo
 	# -a: all packages
 	atf_check \
 		-o match:"dep" \
 		-o match:"test" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -Ua "%n"
 }
 rquery_comment_body() {
 	setup_repo
 	# %c: comment
 	atf_check \
 		-o inline:"a test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%c" test
 }
 rquery_origin_body() {
 	setup_repo
 	# %o: origin
 	atf_check \
 		-o inline:"test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%o" test
 }
 rquery_prefix_body() {
 	setup_repo
 	# %p: prefix
 	atf_check \
 		-o inline:"/usr/local\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%p" test
 }
 rquery_deps_body() {
 	setup_repo
 	# %dn %dv: dependency name and version
 	atf_check \
 		-o inline:"dep 1.0\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%dn %dv" test
 	# %#d: dep count
 	atf_check \
 		-o inline:"1\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%#d" test
 	# dep has no deps
 	atf_check \
 		-o inline:"0\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%#d" dep
 }
 rquery_rdeps_body() {
 	setup_repo
 	# %rn: reverse dep name
 	atf_check \
 		-o inline:"test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%rn" dep
 	# %#r: reverse dep count
 	atf_check \
 		-o inline:"1\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%#r" dep
 	# test has no rdeps
 	atf_check \
 		-o inline:"0\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%#r" test
 }
 rquery_options_body() {
 	setup_repo
 	# %Ok %Ov: option key and value
 	atf_check \
 		-o match:"OPT1" \
 		-o match:"OPT2" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%Ok %Ov" test
 	# %#O: option count
 	atf_check \
 		-o inline:"2\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%#O" test
 	# dep has no options
 	atf_check \
 		-o inline:"0\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%#O" dep
 }
 rquery_categories_body() {
 	setup_repo
 	# %Cn: category names
 	atf_check \
 		-o match:"devel" \
 		-o match:"test" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%Cn" test
 	# %#C: category count
 	atf_check \
 		-o inline:"2\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%#C" test
 	atf_check \
 		-o inline:"1\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%#C" dep
 }
 rquery_size_body() {
 	setup_repo
 	# %sh: human-readable size
 	atf_check \
 		-o match:"0" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%sh" test
 	# %sb: raw bytes
 	atf_check \
 		-o inline:"0\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%sb" test
 }
 rquery_eval_body() {
 	setup_repo
 	# -e: evaluation - match by name
 	atf_check \
 		-o inline:"test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e '%n == "test"' "%n"
 	# No match
 	atf_check \
 		-o empty \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e '%n == "nosuch"' "%n"
 	# Not equal
 	atf_check \
 		-o inline:"dep\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e '%n != "test"' "%n"
 	# Has deps
 	atf_check \
 		-o inline:"test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e "%#d > 0" "%n"
 	# Has no deps
 	atf_check \
 		-o inline:"dep\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e "%#d == 0" "%n"
 }
 rquery_eval_complex_body() {
 	setup_repo
 	# AND: has deps AND has options
 	atf_check \
 		-o inline:"test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e "%#d > 0 && %#O > 0" "%n"
 	# OR: has deps OR name is dep
 	atf_check \
 		-o match:"test" \
 		-o match:"dep" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e '%#d > 0 || %n == "dep"' "%n"
 	# No results with impossible condition
 	atf_check \
 		-o empty \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e "%#d > 0 && %#O == 0" "%n"
 	# Eval with explicit pattern
 	atf_check \
 		-o inline:"test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e '%n == "test"' "%n" test
 	# Eval with pattern that does not match
 	atf_check \
 		-o empty \
 		-s exit:1 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U -e '%n == "test"' "%n" nosuch
 }
 rquery_glob_body() {
 	setup_repo
 	# -g: glob match
 	atf_check \
 		-o inline:"test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -Ug "%n" 'tes*'
 	# Glob matching all
 	atf_check \
 		-o match:"test" \
 		-o match:"dep" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -Ug "%n" '*'
 	# Glob no match
 	atf_check \
 		-o empty \
 		-s exit:1 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -Ug "%n" 'zzz*'
 }
 rquery_regex_body() {
 	setup_repo
 	# -x: regex match
 	atf_check \
 		-o inline:"test\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -Ux "%n" '^tes'
 	# Regex match all
 	atf_check \
 		-o match:"test" \
 		-o match:"dep" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -Ux "%n" '.'
 	# Regex no match
 	atf_check \
 		-o empty \
 		-s exit:1 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -Ux "%n" '^zzz'
 }
 rquery_no_repo_body() {
 	# No repo configured
 	export REPOS_DIR=/nonexistent
 	atf_check \
 		-e match:"No active remote repositories" \
 		-s exit:3 \
 		pkg -C '' -R '' rquery -a "%n"
 }
 rquery_not_found_body() {
 	setup_repo
 	# Package not found
 	atf_check \
 		-o empty \
 		-s exit:1 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%n" nosuchpkg
 }
 rquery_multiple_pkgs_body() {
 	setup_repo
 	# Query two packages at once
 	atf_check \
 		-o match:"dep" \
 		-o match:"test" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%n" dep test
 	# Mixed format: name-version with comment
 	atf_check \
 		-o match:"dep-1.0: a test" \
 		-o match:"test-2.5: a test" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${RDIR}" rquery -U "%n-%v: %c" dep test
 }
 rquery_multi_repo_body() {
 	# Create two separate repos with different packages
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "alpha" "alpha" "1.0" "/usr/local"
 	atf_check pkg create -o ${TMPDIR}/repoA -M alpha.ucl
 	atf_check -s exit:0 sh ${RESOURCEDIR}/test_subr.sh new_pkg "beta" "beta" "2.0" "/usr/local"
 	atf_check pkg create -o ${TMPDIR}/repoB -M beta.ucl
 	atf_check -o ignore pkg repo ${TMPDIR}/repoA
 	atf_check -o ignore pkg repo ${TMPDIR}/repoB
 	mkdir -p ${TMPDIR}/reposconf
 	cat << EOF > ${TMPDIR}/reposconf/multi.conf
 repoA: {
     url: file://${TMPDIR}/repoA,
     enabled: true
 }
 repoB: {
     url: file://${TMPDIR}/repoB,
     enabled: true
 }
 EOF
 	atf_check -o ignore \
 		pkg -o REPOS_DIR="${TMPDIR}/reposconf" \
 		update
 	# Both repos queried by default
 	atf_check \
 		-o match:"alpha" \
 		-o match:"beta" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${TMPDIR}/reposconf" \
 		rquery -Ua "%n"
 	# -r: restrict to repoA
 	atf_check \
 		-o inline:"alpha\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${TMPDIR}/reposconf" \
 		rquery -Ur repoA -a "%n"
 	# -r: restrict to repoB
 	atf_check \
 		-o inline:"beta\n" \
 		-s exit:0 \
 		pkg -o REPOS_DIR="${TMPDIR}/reposconf" \
 		rquery -Ur repoB -a "%n"
 }