Drop shellshock test; use recent examples in test/README.md
This commit is contained in:
parent
c14eb53445
commit
56ad0ad3cd
|
@ -6,7 +6,7 @@
|
|||
$ ./run.sh
|
||||
|
||||
usage: run.sh [-t test ...] image:tag [...]
|
||||
ie: run.sh debian:wheezy
|
||||
ie: run.sh debian:buster
|
||||
run.sh -t utc python:3
|
||||
run.sh -t utc python:3 -t python-hy
|
||||
|
||||
|
@ -14,54 +14,37 @@ This script processes the specified Docker images to test their running
|
|||
environments.
|
||||
```
|
||||
|
||||
Run all the tests that are applicable to the `debian:wheezy` image:
|
||||
Run all the tests that are applicable to the `debian:buster` image:
|
||||
|
||||
```console
|
||||
$ ./run.sh debian:wheezy
|
||||
testing debian:wheezy
|
||||
'utc' [1/2]...passed
|
||||
'cve-2014--shellshock' [2/2]...passed
|
||||
$ ./run.sh debian:buster
|
||||
testing debian:buster
|
||||
'utc' [1/4]...passed
|
||||
'no-hard-coded-passwords' [2/4]...passed
|
||||
'override-cmd' [3/4]...passed
|
||||
'debian-apt-get' [4/4]...passed
|
||||
```
|
||||
|
||||
Try to run just the `python-hy` test against the `debian:wheezy` image: (which doesn't contain Python)
|
||||
Try to run just the `python-hy` test against the `debian:buster` image: (which doesn't contain Python)
|
||||
|
||||
```console
|
||||
$ ./run.sh -t python-hy debian:wheezy
|
||||
testing debian:wheezy
|
||||
$ ./run.sh -t python-hy debian:buster
|
||||
testing debian:buster
|
||||
image has no tests...skipping
|
||||
```
|
||||
|
||||
Run the `utc` test against both the `python:3` and `python:2` images:
|
||||
Run the `utc` and `python-hy` tests against `python:3`, `pypy:3`, and `debian:buster`:
|
||||
|
||||
```console
|
||||
$ ./run.sh -t utc python:3 python:2
|
||||
testing python:3
|
||||
'utc' [1/1]...passed
|
||||
testing python:2
|
||||
'utc' [1/1]...passed
|
||||
```
|
||||
|
||||
Run the `utc` and `python-hy` tests against `python:3`, `python:2`, and `debian:wheezy`:
|
||||
|
||||
```console
|
||||
$ ./run.sh -t utc -t python-hy python:3 python:2 debian:wheezy
|
||||
$ ./run.sh -t utc -t python-hy python:3 pypy:3 debian:buster
|
||||
testing python:3
|
||||
'utc' [1/2]...passed
|
||||
'python-hy' [2/2]...passed
|
||||
testing python:2
|
||||
'utc' [1/2]...passed
|
||||
'python-hy' [2/2]...passed
|
||||
testing debian:wheezy
|
||||
'utc' [1/1]...passed
|
||||
```
|
||||
|
||||
Run the `python-hy` test against `python:3` and `pypy:3`:
|
||||
|
||||
```console
|
||||
$ ./run.sh -t python-hy python:3 pypy:3
|
||||
testing python:3
|
||||
'python-hy' [1/1]...passed
|
||||
testing pypy:3
|
||||
'python-hy' [1/1]...passed
|
||||
'utc' [1/2]...passed
|
||||
'python-hy' [2/2]...passed
|
||||
testing debian:buster
|
||||
'utc' [1/1]...passed
|
||||
```
|
||||
|
||||
## Writing Tests
|
||||
|
@ -153,7 +136,7 @@ This list of tests applies to every image minus combinations listed in `globalEx
|
|||
```bash
|
||||
globalTests+=(
|
||||
utc
|
||||
cve-2014--shellshock
|
||||
no-hard-coded-passwords
|
||||
)
|
||||
```
|
||||
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
globalTests+=(
|
||||
utc
|
||||
cve-2014--shellshock
|
||||
no-hard-coded-passwords
|
||||
override-cmd
|
||||
)
|
||||
|
@ -321,10 +320,8 @@ globalExcludeTests+=(
|
|||
[percona:psmdb_percona-rocksdb]=1
|
||||
|
||||
# windows!
|
||||
[:nanoserver_cve-2014--shellshock]=1
|
||||
[:nanoserver_no-hard-coded-passwords]=1
|
||||
[:nanoserver_utc]=1
|
||||
[:windowsservercore_cve-2014--shellshock]=1
|
||||
[:windowsservercore_no-hard-coded-passwords]=1
|
||||
[:windowsservercore_utc]=1
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ usage() {
|
|||
cat <<EOUSAGE
|
||||
|
||||
usage: $self [-t test ...] image:tag [...]
|
||||
ie: $self debian:stretch
|
||||
ie: $self debian:buster
|
||||
$self -t utc python:3
|
||||
$self -t utc python:3 -t python-hy
|
||||
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
# https://github.com/wreiske/shellshocker/blob/754798cd9a14903997faf3eacdfcf91044033719/shellshock_test.sh
|
||||
source shellshock_test.sh
|
|
@ -1 +0,0 @@
|
|||
../run-bash-in-container.sh
|
|
@ -1,15 +0,0 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
if ! docker run --rm --entrypoint bash "$1" -c 'true' &> /dev/null; then
|
||||
# die quietly and gracefully if this image doesn't have bash at all
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if ! docker run --rm --entrypoint bash "$1" -c 'command -v grep' &> /dev/null; then
|
||||
echo >&2 'skipping; image does not contain "grep"'
|
||||
exit 0
|
||||
fi
|
||||
|
||||
dir="$(readlink -f "$(dirname "$BASH_SOURCE")")"
|
||||
source "$dir/really-run.sh" "$@"
|
|
@ -1,82 +0,0 @@
|
|||
#!/bin/bash
|
||||
EXITCODE=0
|
||||
|
||||
# CVE-2014-6271
|
||||
CVE20146271=$(env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test" 2>&1 | grep 'vulnerable' | wc -l)
|
||||
|
||||
echo -n "CVE-2014-6271 (original shellshock): "
|
||||
if [ $CVE20146271 -gt 0 ]; then
|
||||
echo -e "\033[91mVULNERABLE\033[39m"
|
||||
EXITCODE=$((EXITCODE+1))
|
||||
else
|
||||
echo -e "\033[92mnot vulnerable\033[39m"
|
||||
fi
|
||||
|
||||
# CVE-2014-6277
|
||||
# it is fully mitigated by the environment function prefix passing avoidance
|
||||
CVE20146277=$((shellshocker="() { x() { _;}; x() { _;} <<a; }" bash -c date 2>/dev/null || echo vulnerable) | grep 'vulnerable' | wc -l)
|
||||
|
||||
echo -n "CVE-2014-6277 (segfault): "
|
||||
if [ $CVE20146277 -gt 0 ]; then
|
||||
echo -e "\033[91mVULNERABLE\033[39m"
|
||||
EXITCODE=$((EXITCODE+2))
|
||||
else
|
||||
echo -e "\033[92mnot vulnerable\033[39m"
|
||||
fi
|
||||
|
||||
# CVE-2014-6278
|
||||
CVE20146278=$(shellshocker='() { echo vulnerable; }' bash -c shellshocker 2>/dev/null | grep 'vulnerable' | wc -l)
|
||||
|
||||
echo -n "CVE-2014-6278 (Florian's patch): "
|
||||
if [ $CVE20146278 -gt 0 ]; then
|
||||
echo -e "\033[91mVULNERABLE\033[39m"
|
||||
EXITCODE=$((EXITCODE+4))
|
||||
else
|
||||
echo -e "\033[92mnot vulnerable\033[39m"
|
||||
fi
|
||||
|
||||
# CVE-2014-7169
|
||||
CVE20147169=$((cd /tmp; rm -f /tmp/echo; env X='() { (a)=>\' bash -c "echo echo nonvuln" 2>/dev/null; [[ "$(cat echo 2> /dev/null)" == "nonvuln" ]] && echo "vulnerable" 2> /dev/null) | grep 'vulnerable' | wc -l)
|
||||
|
||||
echo -n "CVE-2014-7169 (taviso bug): "
|
||||
if [ $CVE20147169 -gt 0 ]; then
|
||||
echo -e "\033[91mVULNERABLE\033[39m"
|
||||
EXITCODE=$((EXITCODE+8))
|
||||
else
|
||||
echo -e "\033[92mnot vulnerable\033[39m"
|
||||
fi
|
||||
|
||||
# CVE-2014-7186
|
||||
CVE20147186=$((bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' 2>/dev/null || echo "vulnerable") | grep 'vulnerable' | wc -l)
|
||||
|
||||
echo -n "CVE-2014-7186 (redir_stack bug): "
|
||||
if [ $CVE20147186 -gt 0 ]; then
|
||||
echo -e "\033[91mVULNERABLE\033[39m"
|
||||
EXITCODE=$((EXITCODE+16))
|
||||
else
|
||||
echo -e "\033[92mnot vulnerable\033[39m"
|
||||
fi
|
||||
|
||||
# CVE-2014-7187
|
||||
CVE20147187=$(((for x in {1..200}; do echo "for x$x in ; do :"; done; for x in {1..200}; do echo done; done) | bash || echo "vulnerable") | grep 'vulnerable' | wc -l)
|
||||
|
||||
echo -n "CVE-2014-7187 (nested loops off by one): "
|
||||
if [ $CVE20147187 -gt 0 ]; then
|
||||
echo -e "\033[91mVULNERABLE\033[39m"
|
||||
EXITCODE=$((EXITCODE+32))
|
||||
else
|
||||
echo -e "\033[92mnot vulnerable\033[39m"
|
||||
fi
|
||||
|
||||
# CVE-2014-////
|
||||
CVE2014=$(env X=' () { }; echo vulnerable' bash -c 'date' | grep 'vulnerable' | wc -l)
|
||||
|
||||
echo -n "CVE-2014-//// (exploit 3 on http://shellshocker.net/): "
|
||||
if [ $CVE2014 -gt 0 ]; then
|
||||
echo -e "\033[91mVULNERABLE\033[39m"
|
||||
EXITCODE=$((EXITCODE+64))
|
||||
else
|
||||
echo -e "\033[92mnot vulnerable\033[39m"
|
||||
fi
|
||||
|
||||
exit $EXITCODE
|
Loading…
Reference in a new issue