Skip to content

Commit 2b8a153

Browse files
author
v.shepard
committed
PBCKP-306 add '_test' to tests files
1 parent 87dd3f2 commit 2b8a153

36 files changed

+42331
-0
lines changed

tests/CVE_2018_1058_test.py

Lines changed: 129 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,129 @@
1+
import os
2+
import unittest
3+
from .helpers.ptrack_helpers import ProbackupTest, ProbackupException
4+
5+
class CVE_2018_1058(ProbackupTest, unittest.TestCase):
6+
7+
# @unittest.skip("skip")
8+
def test_basic_default_search_path(self):
9+
""""""
10+
backup_dir = os.path.join(self.tmp_path, self.module_name, self.fname, 'backup')
11+
node = self.make_simple_node(
12+
base_dir=os.path.join(self.module_name, self.fname, 'node'),
13+
set_replication=True)
14+
15+
self.init_pb(backup_dir)
16+
self.add_instance(backup_dir, 'node', node)
17+
node.slow_start()
18+
19+
node.safe_psql(
20+
'postgres',
21+
"CREATE FUNCTION public.pgpro_edition() "
22+
"RETURNS text "
23+
"AS $$ "
24+
"BEGIN "
25+
" RAISE 'pg_probackup vulnerable!'; "
26+
"END "
27+
"$$ LANGUAGE plpgsql")
28+
29+
self.backup_node(backup_dir, 'node', node, backup_type='full', options=['--stream'])
30+
31+
# @unittest.skip("skip")
32+
def test_basic_backup_modified_search_path(self):
33+
""""""
34+
backup_dir = os.path.join(self.tmp_path, self.module_name, self.fname, 'backup')
35+
node = self.make_simple_node(
36+
base_dir=os.path.join(self.module_name, self.fname, 'node'),
37+
set_replication=True)
38+
self.set_auto_conf(node, options={'search_path': 'public,pg_catalog'})
39+
40+
self.init_pb(backup_dir)
41+
self.add_instance(backup_dir, 'node', node)
42+
node.slow_start()
43+
44+
node.safe_psql(
45+
'postgres',
46+
"CREATE FUNCTION public.pg_control_checkpoint(OUT timeline_id integer, OUT dummy integer) "
47+
"RETURNS record "
48+
"AS $$ "
49+
"BEGIN "
50+
" RAISE '% vulnerable!', 'pg_probackup'; "
51+
"END "
52+
"$$ LANGUAGE plpgsql")
53+
54+
node.safe_psql(
55+
'postgres',
56+
"CREATE FUNCTION public.pg_proc(OUT proname name, OUT dummy integer) "
57+
"RETURNS record "
58+
"AS $$ "
59+
"BEGIN "
60+
" RAISE '% vulnerable!', 'pg_probackup'; "
61+
"END "
62+
"$$ LANGUAGE plpgsql; "
63+
"CREATE VIEW public.pg_proc AS SELECT proname FROM public.pg_proc()")
64+
65+
self.backup_node(backup_dir, 'node', node, backup_type='full', options=['--stream'])
66+
67+
log_file = os.path.join(node.logs_dir, 'postgresql.log')
68+
with open(log_file, 'r') as f:
69+
log_content = f.read()
70+
self.assertFalse(
71+
'pg_probackup vulnerable!' in log_content)
72+
73+
# @unittest.skip("skip")
74+
def test_basic_checkdb_modified_search_path(self):
75+
""""""
76+
node = self.make_simple_node(
77+
base_dir=os.path.join(self.module_name, self.fname, 'node'),
78+
initdb_params=['--data-checksums'])
79+
self.set_auto_conf(node, options={'search_path': 'public,pg_catalog'})
80+
node.slow_start()
81+
82+
node.safe_psql(
83+
'postgres',
84+
"CREATE FUNCTION public.pg_database(OUT datname name, OUT oid oid, OUT dattablespace oid) "
85+
"RETURNS record "
86+
"AS $$ "
87+
"BEGIN "
88+
" RAISE 'pg_probackup vulnerable!'; "
89+
"END "
90+
"$$ LANGUAGE plpgsql; "
91+
"CREATE VIEW public.pg_database AS SELECT * FROM public.pg_database()")
92+
93+
node.safe_psql(
94+
'postgres',
95+
"CREATE FUNCTION public.pg_extension(OUT extname name, OUT extnamespace oid, OUT extversion text) "
96+
"RETURNS record "
97+
"AS $$ "
98+
"BEGIN "
99+
" RAISE 'pg_probackup vulnerable!'; "
100+
"END "
101+
"$$ LANGUAGE plpgsql; "
102+
"CREATE FUNCTION public.pg_namespace(OUT oid oid, OUT nspname name) "
103+
"RETURNS record "
104+
"AS $$ "
105+
"BEGIN "
106+
" RAISE 'pg_probackup vulnerable!'; "
107+
"END "
108+
"$$ LANGUAGE plpgsql; "
109+
"CREATE VIEW public.pg_extension AS SELECT * FROM public.pg_extension();"
110+
"CREATE VIEW public.pg_namespace AS SELECT * FROM public.pg_namespace();"
111+
)
112+
113+
try:
114+
self.checkdb_node(
115+
options=[
116+
'--amcheck',
117+
'--skip-block-validation',
118+
'-d', 'postgres', '-p', str(node.port)])
119+
self.assertEqual(
120+
1, 0,
121+
"Expecting Error because amcheck{,_next} not installed\n"
122+
" Output: {0} \n CMD: {1}".format(
123+
repr(self.output), self.cmd))
124+
except ProbackupException as e:
125+
self.assertIn(
126+
"WARNING: Extension 'amcheck' or 'amcheck_next' are not installed in database postgres",
127+
e.message,
128+
"\n Unexpected Error Message: {0}\n CMD: {1}".format(
129+
repr(e.message), self.cmd))

0 commit comments

Comments
 (0)