anomy-bugs

Solaris tweaks for testcases

From: Rick Troxel (25709@xyz.molar.is)
Date: Thu 19 Jun 2003 - 22:29:45 GMT

  • Next message: Paul Wallingford: "Security bug in Anomy HTML Cleaner"

    Hi, I've just installed the Anomy Sanitizer on two Solaris boxes:

    A. Sparc running Solaris 7 with perl v5.6.1
    B. Sparc running Solaris 8 with perl v5.8.0

    I found the following tweaks were necessary in order to pass the
    testcases:

    1. Ksh instead of Bourne shell in testall.sh
    2. Ksh instead of bash in sanitizer.filenames.hlp
    3. Separate a multiline variable definition from its export in
       sanitizer.base64.t
    4. Allow for /bin/false return value of 255 in sanitizer.base64.t and
       sanitizer.filenames.t
    5. Specify /usr/ucb/echo to support -n argument in sanitizer.base64.t
    6. Replace -e file test with -f in sanitizer.fprotd.t
    7. Replace $(...) syntax by `...` backtics in sanitizer.msg-crlf.t
       and sanitizer.rev1_58.t

    This appeared to be a minimal set of changes for me, on both boxes.

    Here are the diffs:

    *** testall.sh.ORIG Fri Oct 26 16:50:01 2001
    --- testall.sh Wed Jun 18 15:49:00 2003
    ***************
    *** 1,4 ****
    ! #!/bin/sh

      # Set default variables.
      #
    --- 1,4 ----
    ! #!/bin/ksh

      # Set default variables.
      #
    *** sanitizer.filenames.hlp.ORIG Tue Oct 22 12:29:19 2002
    --- sanitizer.filenames.hlp Thu Jun 19 14:15:20 2003
    ***************
    *** 1,4 ****
    ! #!/bin/bash
      #
      # This is a simple script for testing the advanced FileScan API.
      #
    --- 1,4 ----
    ! #!/bin/ksh
      #
      # This is a simple script for testing the advanced FileScan API.
      #
    *** sanitizer.base64.t.ORIG Tue Sep 17 13:51:44 2002
    --- sanitizer.base64.t Thu Jun 19 17:36:46 2003
    ***************
    *** 11,17 ****
      rm -f test.log test.out
      touch test.log test.out

    ! export BASE64_DATA="\
      DQoNCg0KAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAAJAAAAPgAAACAAAAADAAAAXgAA//BASE64
      AA8AAAACAAAAbQAAH35KUEVHUGhGbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIw//BASE64
      6gVnJK8bZBOD1Fak9o9rKxGSuaqTWxYb41+Xvz0rupyja3Q9KlKHLZbD7e5dJVJO//BASE64
    --- 11,17 ----
      rm -f test.log test.out
      touch test.log test.out

    ! BASE64_DATA="\
      DQoNCg0KAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAAJAAAAPgAAACAAAAADAAAAXgAA//BASE64
      AA8AAAACAAAAbQAAH35KUEVHUGhGbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIw//BASE64
      6gVnJK8bZBOD1Fak9o9rKxGSuaqTWxYb41+Xvz0rupyja3Q9KlKHLZbD7e5dJVJO//BASE64
    ***************
    *** 23,28 ****
    --- 23,29 ----
      Y/E1s2vjHw9clEM91auy53XFv+7U+mUZmP8A3z+VecpbqxBQfLkEHbnac9+P881I//BASE64
      dzbk4E0Lh0HTAOPunkcNg89KoSu2RnOK4zT7m5splurKaSGdcBXQkZ56HjkHHIPB//BASE64
      "
    + export BASE64_DATA

      for FLI in 0 1 2; do
          echo "Setting feat_log_inline = $FLI" >>test.out
    ***************
    *** 33,39 ****
                                     "feat_log_inline = $FLI" \
                                  'file_list_rules = 1' \
                                  'file_name_tpl = /tmp/att-$$$-$F' \
    ! 'file_list_1_scanner = 0:1::/bin/false' \
                                  'file_list_1_policy = unknown:unknown:unknown:unknown' \
                                  'file_list_1 = .exe$' \
                                   <<EOF 2>>test.log >>test.out
    --- 34,40 ----
                                     "feat_log_inline = $FLI" \
                                  'file_list_rules = 1' \
                                  'file_name_tpl = /tmp/att-$$$-$F' \
    ! 'file_list_1_scanner = 0:1,255::/bin/false' \
                                  'file_list_1_policy = unknown:unknown:unknown:unknown' \
                                  'file_list_1 = .exe$' \
                                   <<EOF 2>>test.log >>test.out
    ***************
    *** 70,76 ****
      ///BASE64///

      EOF
    ! echo -n "Total base64 encoded data: " >>test.out
          grep '//BASE64' <test.out | wc >>test.out
          echo "*** Exit code was $? ***" >>test.out
      done
    --- 71,77 ----
      ///BASE64///

      EOF
    ! /usr/ucb/echo -n "Total base64 encoded data: " >>test.out
          grep '//BASE64' <test.out | wc >>test.out
          echo "*** Exit code was $? ***" >>test.out
      done
    *** sanitizer.filenames.t.ORIG Tue Oct 22 12:21:55 2002
    --- sanitizer.filenames.t Thu Jun 19 15:04:03 2003
    ***************
    *** 15,21 ****
      $ANOMY/bin/sanitizer.pl -nofprot $SAN_CONF \
          'feat_force_name = 1' \
          'file_list_rules = 11' \
    ! 'file_list_1_scanner = 0:1::/bin/false' \
          'file_list_1_policy = unknown^10:unknown^10:unknown:unknown' \
          'file_list_1 = .txt$' \
          'file_list_2_policy = save' \
    --- 15,21 ----
      $ANOMY/bin/sanitizer.pl -nofprot $SAN_CONF \
          'feat_force_name = 1' \
          'file_list_rules = 11' \
    ! 'file_list_1_scanner = 0:1,255::/bin/false' \
          'file_list_1_policy = unknown^10:unknown^10:unknown:unknown' \
          'file_list_1 = .txt$' \
          'file_list_2_policy = save' \
    *** sanitizer.fprotd.t.ORIG Tue Sep 17 13:55:36 2002
    --- sanitizer.fprotd.t Thu Jun 19 17:42:00 2003
    ***************
    *** 11,17 ****
      rm -f test.log test.out
      touch test.log test.out

    ! if [ ! -e /usr/local/bin/f-prot ]; then
          # F-Prot not installed, fake a successful run.
          echo -n "SKIPPED: F-Prot not installed. " >&2
          cat $TEST_RESULTS/sanitizer.fprotd.ok >test.out
    --- 11,17 ----
      rm -f test.log test.out
      touch test.log test.out

    ! if [ ! -f /usr/local/bin/f-prot ]; then
          # F-Prot not installed, fake a successful run.
          echo -n "SKIPPED: F-Prot not installed. " >&2
          cat $TEST_RESULTS/sanitizer.fprotd.ok >test.out
    *** sanitizer.msg-crlf.t.ORIG Tue Sep 24 12:50:25 2002
    --- sanitizer.msg-crlf.t Thu Jun 19 18:02:16 2003
    ***************
    *** 9,15 ****

      tac

    ! CRHACK=$(perl -e 'print "\rX-Evil-Header: boo";')

      rm -f ./.tmp.* test.log test.out
      for a in 0 1 2 3; do
    --- 9,15 ----

      tac

    ! CRHACK=`perl -e 'print "\rX-Evil-Header: boo";'`

      rm -f ./.tmp.* test.log test.out
      for a in 0 1 2 3; do
    *** sanitizer.rev1_58.t.ORIG Wed May 7 07:32:26 2003
    --- sanitizer.rev1_58.t Thu Jun 19 17:59:53 2003
    ***************
    *** 12,19 ****
      tac

      # Test data:
    ! QPDATA=$(cat sanitizer.rev1_58.t \
    ! |perl -MMIME::QuotedPrint -npe '$_=encode_qp($_);s/-/=2D/g')

      $ANOMY/bin/sanitizer.pl -nofprot $SAN_CONF \
          'file_list_rules = 1' \
    --- 12,19 ----
      tac

      # Test data:
    ! QPDATA=`cat sanitizer.rev1_58.t \
    ! |perl -MMIME::QuotedPrint -npe '$_=encode_qp($_);s/-/=2D/g'`

      $ANOMY/bin/sanitizer.pl -nofprot $SAN_CONF \
          'file_list_rules = 1' \

    With the possible exceptions of #s 2 and 5, I believe these changes
    would make your test suite more robust.

    Best regards,

    -- 
          Rick Troxel      25709@xyz.molar.is     301/435-2983
    /////////////////////////////////////////////////////////////////
    All effort and exertion put forth by man from the fullness of his
    heart is worship, if it  is prompted  by the  highest motives and
    the will to do service to humanity.                 --Abdu'l-Baha
    



    hosted by molar.is