From 0b29b7f95253d645475f4cc66a74f653437fa72d Mon Sep 17 00:00:00 2001
From: Greg Steuck <blackgnezdo@gmail.com>
Date: Tue, 27 Nov 2018 04:16:05 -0800
Subject: prog: prevent sandbox escaping files from entering s.files

---
 prog/rand_test.go | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 prog/rand_test.go

(limited to 'prog/rand_test.go')

diff --git a/prog/rand_test.go b/prog/rand_test.go
new file mode 100644
index 000000000..1771a0052
--- /dev/null
+++ b/prog/rand_test.go
@@ -0,0 +1,26 @@
+// Copyright 2018 syzkaller project authors. All rights reserved.
+// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
+
+package prog
+
+import (
+	"math/rand"
+	"testing"
+)
+
+func TestNotEscaping(t *testing.T) {
+	r := newRand(nil, rand.NewSource(0))
+	s := &state{
+		files: map[string]bool{"./file0": true},
+	}
+	bound := 1000000
+	if testing.Short() {
+		bound = 1000
+	}
+	for i := 0; i < bound; i++ {
+		fn := r.filenameImpl(s)
+		if escapingFilename(fn) {
+			t.Errorf("sandbox escaping file name %q", fn)
+		}
+	}
+}
-- 
cgit mrf-deployment