032d475fba
Complete lint remediation addressing errcheck, gosec, and staticcheck violations across backend test files. Tighten pre-commit configuration to prevent future blind spots. Key Changes: - Fix 61 Go linting issues (errcheck, gosec G115/G301/G304/G306, bodyclose) - Add proper error handling for json.Unmarshal, os.Setenv, db.Close(), w.Write() - Fix gosec G115 integer overflow with strconv.FormatUint - Add #nosec annotations with justifications for test fixtures - Fix SecurityService goroutine leaks (add Close() calls) - Fix CrowdSec tar.gz non-deterministic ordering with sorted keys Pre-commit Hardening: - Remove test file exclusion from golangci-lint hook - Add gosec to .golangci-fast.yml with critical checks (G101, G110, G305) - Replace broad .golangci.yml exclusions with targeted path-specific rules - Test files now linted on every commit Test Fixes: - Fix emergency route count assertions (1→2 for dual-port setup) - Fix DNS provider service tests with proper mock setup - Fix certificate service tests with deterministic behavior Backend: 27 packages pass, 83.5% coverage Frontend: 0 lint warnings, 0 TypeScript errors Pre-commit: All 14 hooks pass (~37s)
67 lines
2.1 KiB
Go
67 lines
2.1 KiB
Go
package handlers
|
|
|
|
import (
|
|
"bytes"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"os"
|
|
"path/filepath"
|
|
"regexp"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/Wikid82/charon/backend/internal/logger"
|
|
"github.com/Wikid82/charon/backend/internal/services"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
func TestBackupHandlerSanitizesFilename(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
tmpDir := t.TempDir()
|
|
// prepare a fake "database"
|
|
dbPath := filepath.Join(tmpDir, "db.sqlite")
|
|
// #nosec G306 -- Test fixture file with standard permissions
|
|
if err := os.WriteFile(dbPath, []byte("db"), 0o644); err != nil {
|
|
t.Fatalf("failed to create tmp db: %v", err)
|
|
}
|
|
|
|
svc := &services.BackupService{DataDir: tmpDir, BackupDir: tmpDir, DatabaseName: "db.sqlite", Cron: nil}
|
|
h := NewBackupHandler(svc)
|
|
|
|
// Create a gin test context and use it to call handler directly
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
// Ensure request-scoped logger is present and writes to our buffer
|
|
c.Set("logger", logger.WithFields(map[string]any{"test": "1"}))
|
|
|
|
// initialize logger to buffer
|
|
buf := &bytes.Buffer{}
|
|
logger.Init(true, buf)
|
|
|
|
// Create a malicious filename with newline and path components
|
|
malicious := "../evil\nname"
|
|
c.Request = httptest.NewRequest(http.MethodGet, "/backups/"+strings.ReplaceAll(malicious, "\n", "%0A")+"/restore", http.NoBody)
|
|
// Call handler directly with the test context
|
|
h.Restore(c)
|
|
|
|
out := buf.String()
|
|
// Optionally we could assert on the response status code here if needed
|
|
textRegex := regexp.MustCompile(`filename=?"?([^"\s]*)"?`)
|
|
jsonRegex := regexp.MustCompile(`"filename":"([^"]*)"`)
|
|
var loggedFilename string
|
|
if m := textRegex.FindStringSubmatch(out); len(m) == 2 {
|
|
loggedFilename = m[1]
|
|
} else if m := jsonRegex.FindStringSubmatch(out); len(m) == 2 {
|
|
loggedFilename = m[1]
|
|
} else {
|
|
t.Fatalf("could not extract filename from logs: %s", out)
|
|
}
|
|
|
|
if strings.Contains(loggedFilename, "\n") || strings.Contains(loggedFilename, "\r") {
|
|
t.Fatalf("log filename contained raw newline: %q", loggedFilename)
|
|
}
|
|
if strings.Contains(loggedFilename, "..") {
|
|
t.Fatalf("log filename contained path traversals in filename: %q", loggedFilename)
|
|
}
|
|
}
|