;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2015, 2016 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . (define-module (test-cve) #:use-module (guix cve) #:use-module (srfi srfi-1) #:use-module (srfi srfi-64)) (define %sample (search-path %load-path "tests/cve-sample.xml")) (define (vulnerability id packages) (make-struct (@@ (guix cve) ) 0 id packages)) (define %expected-vulnerabilities ;; What we should get when reading %SAMPLE. (list ;; CVE-2003-0001 has no "/a" in its product list so it is omitted. ;; CVE-2004-0230 lists "tcp" as an application, but lacks a version number. (vulnerability "CVE-2008-2335" '(("phpvid" "1.2" "1.1"))) (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" "3.5") ("jasper" "1.900.1"))) (vulnerability "CVE-2009-3301" '(("openoffice.org" "2.3.0" "2.2.1" "2.1.0"))) ;; CVE-2015-8330 has no software list. )) (test-begin "cve") (test-equal "xml->vulnerabilities" %expected-vulnerabilities (call-with-input-file %sample xml->vulnerabilities)) (test-equal "vulnerabilities->lookup-proc" (list (list (first %expected-vulnerabilities)) '() '() (list (second %expected-vulnerabilities)) (list (third %expected-vulnerabilities))) (let* ((vulns (call-with-input-file %sample xml->vulnerabilities)) (lookup (vulnerabilities->lookup-proc vulns))) (list (lookup "phpvid") (lookup "jasper" "2.0") (lookup "foobar") (lookup "jasper" "1.900.1") (lookup "openoffice.org" "2.3.0")))) (test-end "cve") 'list nowrap'>AgeCommit message (Expand)Author 2019-04-16tests: Gracefully skip zlib test when zlib is missing....* tests/zlib.scm: Use 'test-skip' instead of (exit 77) when (zlib-available?) returns false. Ludovic Courtès 2017-10-11zlib: Fix memory leak due to revealed ports not being GC'd....Fixes <https://bugs.gnu.org/28784>. This mostly reverts 81a0f1cdf12e7bcc34c1203f034a323fa8f52cf5, which introduced a regression: revealed ports are *never* GC'd (contrary to what Guile's manual suggests). In addition to the revert, 'close-procedure' now explicitly swallows EBADF errors when 'close-port' is called. * guix/zlib.scm (close-procedure): New procedure. (make-gzip-input-port)[gzfile]: Use 'fileno' instead of 'port->fdes'. Use 'close-procedure' instead of 'gzclose'. (make-gzip-output-port): Likewise. * tests/zlib.scm ("compression/decompression pipe"): Use 'port-closed?' to determine whether PARENT has been closed. Ludovic Courtès 2017-03-15zlib: Don't rely on EBADF being ignored by 'fport_close'....In 2.2, 'fport_close' no longer swallows EBADF and instead raises a 'system-error' for this. This commit adjusts for 2.2. * guix/zlib.scm (close-procedure): Remove. (make-gzip-input-port): Use 'port->fdes' instead of 'fileno'. Use 'gzclose' instead of 'close-procedure'. (make-gzip-output-port): Likewise. * tests/zlib.scm ("compression/decompression pipe"): Don't check whether PARENT is closed using 'port-closed?'. Instead, use 'seek' on the underlying FD and check for EBADF. Ludovic Courtès 2016-07-19Add (guix zlib)....* guix/zlib.scm, tests/zlib.scm: New files. * Makefile.am (MODULES): Add guix/zlib.scm. (SCM_TESTS): Add tests/zlib.scm. * m4/guix.m4 (GUIX_LIBGCRYPT_LIBDIR): New macro. * configure.ac (LIBGCRYPT_LIBDIR): Use it. Define and substitute 'LIBZ'. * guix/config.scm.in (%libz): New variable. Ludovic Courtès