in 2.19.2 t0061-run-command FAILs if . is in $PATH

in 2.19.2 t0061-run-command FAILs if . is in $PATH

[H.Merijn Brand]

[-- Attachment #1: Type: text/plain, Size: 3002 bytes --]

the test is explicitely checking that it should not find runnable
scripts outside $PATH, *assuming* $PATH does not have . in it

Having '.' in $PATH can be seen as a bad idea (and it most likely is),
but the tests should either remove '.' from $PATH before testing or
ignore that fail if $PATH does have '.', as it is not illegal

$ git-2.19.2/t 504 > prove -v t0061-run-command.sh
t0061-run-command.sh ..
ok 1 - start_command reports ENOENT (slash)
ok 2 - start_command reports ENOENT (no slash)
ok 3 - run_command can run a command
ok 4 - run_command is restricted to PATH
ok 5 - run_command can run a script without a #! line
ok 6 - run_command does not try to execute a directory
ok 7 - run_command passes over non-executable file
ok 8 - run_command reports EACCES
ok 9 - unreadable directory in PATH
ok 10 - run_command runs in parallel with more jobs available than tasks
ok 11 - run_command runs in parallel with as many jobs as tasks
ok 12 - run_command runs in parallel with more tasks than jobs available
ok 13 - run_command is asked to abort gracefully
ok 14 - run_command outputs
ok 15 - GIT_TRACE with environment variables
# passed all 15 test(s)
1..15
ok
All tests successful.
Files=1, Tests=15,  1 wallclock secs ( 0.04 usr  0.01 sys +  0.26 cusr  0.07 csys =  0.38 CPU)
Result: PASS

$ env PATH="$PATH"":." prove -v t0061-run-command.sh
t0061-run-command.sh ..
ok 1 - start_command reports ENOENT (slash)
ok 2 - start_command reports ENOENT (no slash)
ok 3 - run_command can run a command
not ok 4 - run_command is restricted to PATH
#
#               write_script should-not-run <<-\EOF &&
#               echo yikes
#               EOF
#               test_must_fail test-tool run-command run-command should-not-run
#
ok 5 - run_command can run a script without a #! line
ok 6 - run_command does not try to execute a directory
ok 7 - run_command passes over non-executable file
ok 8 - run_command reports EACCES
ok 9 - unreadable directory in PATH
ok 10 - run_command runs in parallel with more jobs available than tasks
ok 11 - run_command runs in parallel with as many jobs as tasks
ok 12 - run_command runs in parallel with more tasks than jobs available
ok 13 - run_command is asked to abort gracefully
ok 14 - run_command outputs
ok 15 - GIT_TRACE with environment variables
# failed 1 among 15 test(s)
1..15
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/15 subtests

Test Summary Report
-------------------
t0061-run-command.sh (Wstat: 256 Tests: 15 Failed: 1)
  Failed test:  4
  Non-zero exit status: 1
Files=1, Tests=15,  1 wallclock secs ( 0.03 usr  0.00 sys +  0.24 cusr  0.07 csys =  0.34 CPU)
Result: FAIL

-- 
H.Merijn Brand  http://tux.nl   Perl Monger  http://amsterdam.pm.org/
using perl5.00307 .. 5.29   porting perl5 on HP-UX, AIX, and openSUSE
http://mirrors.develooper.com/hpux/        http://www.test-smoke.org/
http://qa.perl.org   http://www.goldmark.org/jeff/stupid-disclaimers/

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 473 bytes --]

Re: in 2.19.2 t0061-run-command FAILs if . is in $PATH

[Johannes Schindelin]

Hi,

On Wed, 28 Nov 2018, H.Merijn Brand wrote:

> the test is explicitely checking that it should not find runnable
> scripts outside $PATH, *assuming* $PATH does not have . in it

Does this fix it for you?

-- snip --
diff --git a/t/t0061-run-command.sh b/t/t0061-run-command.sh
index f3f308920f04..4949fdfde88b 100755
--- a/t/t0061-run-command.sh
+++ b/t/t0061-run-command.sh
@@ -33,7 +33,14 @@ test_expect_success 'run_command can run a command' '
 	test_must_be_empty err
 '
 
-test_expect_success 'run_command is restricted to PATH' '
+test_lazy_prereq DOT_IN_PATH '
+	case ":$PATH:" in
+	*:.:*) true;;
+	*) false;;
+	esac
+'
+
+test_expect_success !DOT_IN_PATH 'run_command is restricted to PATH' '
 	write_script should-not-run <<-\EOF &&
 	echo yikes
 	EOF
-- snap --

If so, can you please provide a commit message for it (you can add my
Signed-off-by: line and your Tested-by: line).

Thanks,
Johannes


> 
> Having '.' in $PATH can be seen as a bad idea (and it most likely is),
> but the tests should either remove '.' from $PATH before testing or
> ignore that fail if $PATH does have '.', as it is not illegal
> 
> $ git-2.19.2/t 504 > prove -v t0061-run-command.sh
> t0061-run-command.sh ..
> ok 1 - start_command reports ENOENT (slash)
> ok 2 - start_command reports ENOENT (no slash)
> ok 3 - run_command can run a command
> ok 4 - run_command is restricted to PATH
> ok 5 - run_command can run a script without a #! line
> ok 6 - run_command does not try to execute a directory
> ok 7 - run_command passes over non-executable file
> ok 8 - run_command reports EACCES
> ok 9 - unreadable directory in PATH
> ok 10 - run_command runs in parallel with more jobs available than tasks
> ok 11 - run_command runs in parallel with as many jobs as tasks
> ok 12 - run_command runs in parallel with more tasks than jobs available
> ok 13 - run_command is asked to abort gracefully
> ok 14 - run_command outputs
> ok 15 - GIT_TRACE with environment variables
> # passed all 15 test(s)
> 1..15
> ok
> All tests successful.
> Files=1, Tests=15,  1 wallclock secs ( 0.04 usr  0.01 sys +  0.26 cusr  0.07 csys =  0.38 CPU)
> Result: PASS
> 
> $ env PATH="$PATH"":." prove -v t0061-run-command.sh
> t0061-run-command.sh ..
> ok 1 - start_command reports ENOENT (slash)
> ok 2 - start_command reports ENOENT (no slash)
> ok 3 - run_command can run a command
> not ok 4 - run_command is restricted to PATH
> #
> #               write_script should-not-run <<-\EOF &&
> #               echo yikes
> #               EOF
> #               test_must_fail test-tool run-command run-command should-not-run
> #
> ok 5 - run_command can run a script without a #! line
> ok 6 - run_command does not try to execute a directory
> ok 7 - run_command passes over non-executable file
> ok 8 - run_command reports EACCES
> ok 9 - unreadable directory in PATH
> ok 10 - run_command runs in parallel with more jobs available than tasks
> ok 11 - run_command runs in parallel with as many jobs as tasks
> ok 12 - run_command runs in parallel with more tasks than jobs available
> ok 13 - run_command is asked to abort gracefully
> ok 14 - run_command outputs
> ok 15 - GIT_TRACE with environment variables
> # failed 1 among 15 test(s)
> 1..15
> Dubious, test returned 1 (wstat 256, 0x100)
> Failed 1/15 subtests
> 
> Test Summary Report
> -------------------
> t0061-run-command.sh (Wstat: 256 Tests: 15 Failed: 1)
>   Failed test:  4
>   Non-zero exit status: 1
> Files=1, Tests=15,  1 wallclock secs ( 0.03 usr  0.00 sys +  0.24 cusr  0.07 csys =  0.34 CPU)
> Result: FAIL
> 
> -- 
> H.Merijn Brand  http://tux.nl   Perl Monger  http://amsterdam.pm.org/
> using perl5.00307 .. 5.29   porting perl5 on HP-UX, AIX, and openSUSE
> http://mirrors.develooper.com/hpux/        http://www.test-smoke.org/
> http://qa.perl.org   http://www.goldmark.org/jeff/stupid-disclaimers/
> 

Re: in 2.19.2 t0061-run-command FAILs if . is in $PATH

[Junio C Hamano]

Johannes Schindelin <Johannes.Schindelin@gmx.de> writes:

> -test_expect_success 'run_command is restricted to PATH' '
> +test_lazy_prereq DOT_IN_PATH '
> +	case ":$PATH:" in
> +	*:.:*) true;;
> +	*) false;;
> +	esac
> +'

An empty element in the colon-separated list also serves as an
instruction to pick up executable from $cwd, so

	case ":$PATH:" in
	*:.:** | *::*) true ;;
	*) false ;;
	esac

perhaps.

> +test_expect_success !DOT_IN_PATH 'run_command is restricted to PATH' '
>  	write_script should-not-run <<-\EOF &&
>  	echo yikes
>  	EOF
> -- snap --
>
> If so, can you please provide a commit message for it (you can add my
> Signed-off-by: line and your Tested-by: line).
>
> Thanks,
> Johannes

Re: in 2.19.2 t0061-run-command FAILs if . is in $PATH

[Johannes Schindelin]

Hi Merijn and Junio,

On Thu, 29 Nov 2018, Junio C Hamano wrote:

> Johannes Schindelin <Johannes.Schindelin@gmx.de> writes:
> 
> > -test_expect_success 'run_command is restricted to PATH' '
> > +test_lazy_prereq DOT_IN_PATH '
> > +	case ":$PATH:" in
> > +	*:.:*) true;;
> > +	*) false;;
> > +	esac
> > +'
> 
> An empty element in the colon-separated list also serves as an
> instruction to pick up executable from $cwd, so
> 
> 	case ":$PATH:" in
> 	*:.:** | *::*) true ;;
> 	*) false ;;
> 	esac
> 
> perhaps.

Good point.

Merijn, please be sure to squash this fix in before you submit the final
thing.

Thanks,
Johannes

> 
> > +test_expect_success !DOT_IN_PATH 'run_command is restricted to PATH' '
> >  	write_script should-not-run <<-\EOF &&
> >  	echo yikes
> >  	EOF
> > -- snap --
> >
> > If so, can you please provide a commit message for it (you can add my
> > Signed-off-by: line and your Tested-by: line).
> >
> > Thanks,
> > Johannes
>