Drop shellshock test; use recent examples in test/README.md

2021-05-27 16:46:20 -07:00 · 2021-05-27 16:46:20 -07:00 · 56ad0ad3cd
parent c14eb53445
commit 56ad0ad3cd
7 changed files with 20 additions and 143 deletions
--- a/test/README.md
+++ b/test/README.md
@ -6,7 +6,7 @@
 $ ./run.sh

 usage: run.sh [-t test ...] image:tag [...]
-   ie: run.sh debian:wheezy
+   ie: run.sh debian:buster
       run.sh -t utc python:3
       run.sh -t utc python:3 -t python-hy

@ -14,54 +14,37 @@ This script processes the specified Docker images to test their running
 environments.
 ```

-Run all the tests that are applicable to the `debian:wheezy` image:
+Run all the tests that are applicable to the `debian:buster` image:

 ```console
-$ ./run.sh debian:wheezy
-testing debian:wheezy
-	'utc' [1/2]...passed
-	'cve-2014--shellshock' [2/2]...passed
+$ ./run.sh debian:buster
+testing debian:buster
+	'utc' [1/4]...passed
+	'no-hard-coded-passwords' [2/4]...passed
+	'override-cmd' [3/4]...passed
+	'debian-apt-get' [4/4]...passed
 ```

-Try to run just the `python-hy` test against the `debian:wheezy` image: (which doesn't contain Python)
+Try to run just the `python-hy` test against the `debian:buster` image: (which doesn't contain Python)

 ```console
-$ ./run.sh -t python-hy debian:wheezy
-testing debian:wheezy
+$ ./run.sh -t python-hy debian:buster
+testing debian:buster
+	image has no tests...skipping
 ```

-Run the `utc` test against both the `python:3` and `python:2` images:
+Run the `utc` and `python-hy` tests against `python:3`, `pypy:3`, and `debian:buster`:

 ```console
-$ ./run.sh -t utc python:3 python:2
-testing python:3
-	'utc' [1/1]...passed
-testing python:2
-	'utc' [1/1]...passed
-```
-
-Run the `utc` and `python-hy` tests against `python:3`, `python:2`, and `debian:wheezy`:
-
-```console
-$ ./run.sh -t utc -t python-hy python:3 python:2 debian:wheezy
+$ ./run.sh -t utc -t python-hy python:3 pypy:3 debian:buster
 testing python:3
 	'utc' [1/2]...passed
 	'python-hy' [2/2]...passed
-testing python:2
-	'utc' [1/2]...passed
-	'python-hy' [2/2]...passed
-testing debian:wheezy
-	'utc' [1/1]...passed
-```
-
-Run the `python-hy` test against `python:3` and `pypy:3`:
-
-```console
-$ ./run.sh -t python-hy python:3 pypy:3
-testing python:3
-	'python-hy' [1/1]...passed
 testing pypy:3
-	'python-hy' [1/1]...passed
+	'utc' [1/2]...passed
+	'python-hy' [2/2]...passed
+testing debian:buster
+	'utc' [1/1]...passed
 ```

 ## Writing Tests
@ -153,7 +136,7 @@ This list of tests applies to every image minus combinations listed in `globalEx
 ```bash
 globalTests+=(
 	utc
-	cve-2014--shellshock
+	no-hard-coded-passwords
 )
 ```

--- a/test/config.sh
+++ b/test/config.sh
@ -2,7 +2,6 @@

 globalTests+=(
 	utc
-	cve-2014--shellshock
 	no-hard-coded-passwords
 	override-cmd
 )
@ -321,10 +320,8 @@ globalExcludeTests+=(
 	[percona:psmdb_percona-rocksdb]=1

 	# windows!
-	[:nanoserver_cve-2014--shellshock]=1
 	[:nanoserver_no-hard-coded-passwords]=1
 	[:nanoserver_utc]=1
-	[:windowsservercore_cve-2014--shellshock]=1
 	[:windowsservercore_no-hard-coded-passwords]=1
 	[:windowsservercore_utc]=1

--- a/test/run.sh
+++ b/test/run.sh
@ -9,7 +9,7 @@ usage() {
 	cat <<EOUSAGE

 usage: $self [-t test ...] image:tag [...]
-   ie: $self debian:stretch
+   ie: $self debian:buster
       $self -t utc python:3
       $self -t utc python:3 -t python-hy

--- a/test/tests/cve-2014--shellshock/container.sh
+++ b/test/tests/cve-2014--shellshock/container.sh
@ -1,5 +0,0 @@
-#!/bin/bash
-set -e
-
-# https://github.com/wreiske/shellshocker/blob/754798cd9a14903997faf3eacdfcf91044033719/shellshock_test.sh
-source shellshock_test.sh
--- a/test/tests/cve-2014--shellshock/really-run.sh
+++ b/test/tests/cve-2014--shellshock/really-run.sh
@ -1 +0,0 @@
-../run-bash-in-container.sh
--- a/test/tests/cve-2014--shellshock/run.sh
+++ b/test/tests/cve-2014--shellshock/run.sh
@ -1,15 +0,0 @@
-#!/bin/bash
-set -e
-
-if ! docker run --rm --entrypoint bash "$1" -c 'true' &> /dev/null; then
-	# die quietly and gracefully if this image doesn't have bash at all
-	exit 0
-fi
-
-if ! docker run --rm --entrypoint bash "$1" -c 'command -v grep' &> /dev/null; then
-	echo >&2 'skipping; image does not contain "grep"'
-	exit 0
-fi
-
-dir="$(readlink -f "$(dirname "$BASH_SOURCE")")"
-source "$dir/really-run.sh" "$@"
--- a/test/tests/cve-2014--shellshock/shellshock_test.sh
+++ b/test/tests/cve-2014--shellshock/shellshock_test.sh
@ -1,82 +0,0 @@
-#!/bin/bash
-EXITCODE=0
-
-# CVE-2014-6271
-CVE20146271=$(env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test" 2>&1 | grep 'vulnerable' | wc -l)
-
-echo -n "CVE-2014-6271 (original shellshock): "
-if [ $CVE20146271 -gt 0 ]; then
-	echo -e "\033[91mVULNERABLE\033[39m"
-	EXITCODE=$((EXITCODE+1))
-else
-	echo -e "\033[92mnot vulnerable\033[39m"
-fi
-
-# CVE-2014-6277
-# it is fully mitigated by the environment function prefix passing avoidance
-CVE20146277=$((shellshocker="() { x() { _;}; x() { _;} <<a; }" bash -c date 2>/dev/null || echo vulnerable) | grep 'vulnerable' | wc -l)
-
-echo -n "CVE-2014-6277 (segfault): "
-if [ $CVE20146277 -gt 0 ]; then
-	echo -e "\033[91mVULNERABLE\033[39m"
-	EXITCODE=$((EXITCODE+2))
-else
-	echo -e "\033[92mnot vulnerable\033[39m"
-fi
-
-# CVE-2014-6278
-CVE20146278=$(shellshocker='() { echo vulnerable; }' bash -c shellshocker 2>/dev/null | grep 'vulnerable' | wc -l)
-
-echo -n "CVE-2014-6278 (Florian's patch): "
-if [ $CVE20146278 -gt 0 ]; then
-	echo -e "\033[91mVULNERABLE\033[39m"
-	EXITCODE=$((EXITCODE+4))
-else
-	echo -e "\033[92mnot vulnerable\033[39m"
-fi
-
-# CVE-2014-7169
-CVE20147169=$((cd /tmp; rm -f /tmp/echo; env X='() { (a)=>\' bash -c "echo echo nonvuln" 2>/dev/null; [[ "$(cat echo 2> /dev/null)" == "nonvuln" ]] && echo "vulnerable" 2> /dev/null) | grep 'vulnerable' | wc -l)
-
-echo -n "CVE-2014-7169 (taviso bug): "
-if [ $CVE20147169 -gt 0 ]; then
-	echo -e "\033[91mVULNERABLE\033[39m"
-	EXITCODE=$((EXITCODE+8))
-else
-	echo -e "\033[92mnot vulnerable\033[39m"
-fi
-
-# CVE-2014-7186
-CVE20147186=$((bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' 2>/dev/null || echo "vulnerable") | grep 'vulnerable' | wc -l)
-
-echo -n "CVE-2014-7186 (redir_stack bug): "
-if [ $CVE20147186 -gt 0 ]; then
-	echo -e "\033[91mVULNERABLE\033[39m"
-	EXITCODE=$((EXITCODE+16))
-else
-	echo -e "\033[92mnot vulnerable\033[39m"
-fi
-
-# CVE-2014-7187
-CVE20147187=$(((for x in {1..200}; do echo "for x$x in ; do :"; done; for x in {1..200}; do echo done; done) | bash || echo "vulnerable") | grep 'vulnerable' | wc -l)
-
-echo -n "CVE-2014-7187 (nested loops off by one): "
-if [ $CVE20147187 -gt 0 ]; then
-	echo -e "\033[91mVULNERABLE\033[39m"
-	EXITCODE=$((EXITCODE+32))
-else
-	echo -e "\033[92mnot vulnerable\033[39m"
-fi
-
-# CVE-2014-////
-CVE2014=$(env X=' () { }; echo vulnerable' bash -c 'date' | grep 'vulnerable' | wc -l)
-
-echo -n "CVE-2014-//// (exploit 3 on http://shellshocker.net/): "
-if [ $CVE2014 -gt 0 ]; then
-	echo -e "\033[91mVULNERABLE\033[39m"
-	EXITCODE=$((EXITCODE+64))
-else
-	echo -e "\033[92mnot vulnerable\033[39m"
-fi
-
-exit $EXITCODE