Submitted here: https://github.com/freebsd/atf/pull/57 From 098b66269b1cf1d944b8b214ceb7ce9febde3682 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Mon, 29 Jan 2024 22:35:49 -0500 Subject: [PATCH] Fix use after free in execute_with_shell. The temporary string returned by atf::env::get would be used outside its statement, which is invalid and cause undefined behavior. Copy it to a local variable to avoid the issue. Fixes: https://github.com/freebsd/atf/issues/26 Fixes: https://github.com/freebsd/kyua/issues/223 Reported-by: Ruslan Bukin --- atf-sh/atf-check.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/atf-sh/atf-check.cpp b/atf-sh/atf-check.cpp index 41f0b13..9d6f7a8 100644 --- a/atf-sh/atf-check.cpp +++ b/atf-sh/atf-check.cpp @@ -436,7 +436,9 @@ execute_with_shell(char* const* argv) const std::string cmd = flatten_argv(argv); const char* sh_argv[4]; - sh_argv[0] = atf::env::get("ATF_SHELL", ATF_SHELL).c_str(); + const std::string shell = atf::env::get("ATF_SHELL", ATF_SHELL); + + sh_argv[0] = shell.c_str(); sh_argv[1] = "-c"; sh_argv[2] = cmd.c_str(); sh_argv[3] = NULL; base-commit: 18eb8168b70a0f934b4824b6391b55ac0b2f4fdf -- 2.41.0 ix/log/tests/guix-package.sh'>
path: root/tests/guix-package.sh
AgeCommit message (Expand)Author
2024-12-14tests: guix-package: Fix guix package --search test....This is a follow-up to commit 6f8c8a86d827627f503a803381bce7fbcf8f39a0 gnu: Fix synopsis in miscelaneous packages. Change-Id: I5f44e07544f80973fa6b306b2dcdf42ac3b56ad6 * tests/guix-package.sh: Search for GNU hello's changed synopsis "Example GNU package". Change-Id: I79f606afee348cb6d57d9c0d08e15cd9267d5ceb Janneke Nieuwenhuizen
2023-04-21tests: Fix checks for expected failures....Addresses <https://issues.guix.gnu.org/62406>. With 'set -e', a return status inverted with '!' does not cause the shell to exit immediately. Instead use '&& false' to indicate an expected failure. * tests/guix-archive.sh, tests/guix-build-branch.sh, tests/guix-build.sh, tests/guix-daemon.sh, tests/guix-download.sh, tests/guix-environment-container.sh, tests/guix-environment.sh, tests/guix-gc.sh, tests/guix-git-authenticate.sh, tests/guix-graph.sh, tests/guix-hash.sh, tests/guix-home.sh, tests/guix-pack-relocatable.sh, tests/guix-pack.sh, tests/guix-package-aliases.sh, tests/guix-package-net.sh, tests/guix-package.sh, tests/guix-refresh.sh, tests/guix-shell.sh, tests/guix-style.sh, tests/guix-system.sh: Replace uses of '! ...' with '... && false' or `test ! ...` as appropriate. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Eric Bavier
2022-12-20tests: Adjust 'guix package' test to latest package search metrics....With commit bbcd06e56c06376e640a7ac81a7109e7135a20f2, the command "guix package -s '^fileutils$'" would match the 'ocaml-fileutils' package, because its 'package-upstream-name*' is "fileutils". Work around it. Reported by Vagrant Cascadian. * tests/guix-package.sh: Change "fileutils" example to use a different package name. Ludovic Courtès