egutierrez
f875a98acf
40 tests cubriendo: - file: deny-by-default, path traversal, symlink escape, prefix confusion - ssh: allowlist, blocklist, sintaxis shell (pipes, subshells, redirects) - http: SSRF (loopback, IPs privadas, link-local, metadata), dominios - matrix: room authorization allowlist Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
101 lines
2.9 KiB
Go
101 lines
2.9 KiB
Go
package file
|
|
|
|
import (
|
|
"context"
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
|
|
"github.com/enmanuel/agents/internal/config"
|
|
"github.com/enmanuel/agents/tools"
|
|
)
|
|
|
|
func TestNewReadFile_DenyByDefault(t *testing.T) {
|
|
tool := NewReadFile(config.FileOpsCfg{AllowedPaths: []string{}})
|
|
result := tool.Exec(context.Background(), map[string]any{"path": "/etc/hosts"})
|
|
if result.Err == nil {
|
|
t.Fatal("expected error when AllowedPaths is empty, got nil")
|
|
}
|
|
}
|
|
|
|
func TestNewReadFile_AllowedPath(t *testing.T) {
|
|
tmp := t.TempDir()
|
|
f := filepath.Join(tmp, "test.txt")
|
|
os.WriteFile(f, []byte("hello"), 0644)
|
|
|
|
tool := NewReadFile(config.FileOpsCfg{AllowedPaths: []string{tmp}})
|
|
result := tool.Exec(context.Background(), map[string]any{"path": f})
|
|
if result.Err != nil {
|
|
t.Fatalf("expected success, got: %v", result.Err)
|
|
}
|
|
if result.Output != "hello" {
|
|
t.Fatalf("expected 'hello', got %q", result.Output)
|
|
}
|
|
}
|
|
|
|
func TestNewReadFile_PathTraversal(t *testing.T) {
|
|
tmp := t.TempDir()
|
|
// Try to escape via ../
|
|
tool := NewReadFile(config.FileOpsCfg{AllowedPaths: []string{tmp}})
|
|
result := tool.Exec(context.Background(), map[string]any{
|
|
"path": filepath.Join(tmp, "..", "..", "etc", "hosts"),
|
|
})
|
|
if result.Err == nil {
|
|
t.Fatal("expected error for path traversal, got nil")
|
|
}
|
|
}
|
|
|
|
func TestNewReadFile_PathOutsideAllowed(t *testing.T) {
|
|
tmp := t.TempDir()
|
|
tool := NewReadFile(config.FileOpsCfg{AllowedPaths: []string{tmp}})
|
|
result := tool.Exec(context.Background(), map[string]any{"path": "/etc/hosts"})
|
|
if result.Err == nil {
|
|
t.Fatal("expected error for path outside allowed, got nil")
|
|
}
|
|
}
|
|
|
|
func TestNewReadFile_SymlinkEscape(t *testing.T) {
|
|
tmp := t.TempDir()
|
|
link := filepath.Join(tmp, "escape")
|
|
os.Symlink("/etc", link)
|
|
|
|
tool := NewReadFile(config.FileOpsCfg{AllowedPaths: []string{tmp}})
|
|
result := tool.Exec(context.Background(), map[string]any{
|
|
"path": filepath.Join(link, "hosts"),
|
|
})
|
|
if result.Err == nil {
|
|
t.Fatal("expected error for symlink escape, got nil")
|
|
}
|
|
}
|
|
|
|
func TestNewReadFile_EmptyPath(t *testing.T) {
|
|
tool := NewReadFile(config.FileOpsCfg{AllowedPaths: []string{"/tmp"}})
|
|
result := tool.Exec(context.Background(), map[string]any{"path": ""})
|
|
if result.Err == nil {
|
|
t.Fatal("expected error for empty path")
|
|
}
|
|
}
|
|
|
|
func TestNewReadFile_PrefixConfusion(t *testing.T) {
|
|
// /opt should not match /opt1234
|
|
tool := NewReadFile(config.FileOpsCfg{AllowedPaths: []string{"/opt"}})
|
|
result := tool.Exec(context.Background(), map[string]any{"path": "/opt1234/file.txt"})
|
|
if result.Err == nil {
|
|
t.Fatal("expected error: /opt should not match /opt1234")
|
|
}
|
|
}
|
|
|
|
func TestValidatePath_ExactMatch(t *testing.T) {
|
|
tmp := t.TempDir()
|
|
if err := validatePath(tmp, []string{tmp}); err != nil {
|
|
t.Fatalf("exact match should be allowed: %v", err)
|
|
}
|
|
}
|
|
|
|
func TestGetString_MissingKey(t *testing.T) {
|
|
val := tools.GetString(map[string]any{}, "missing")
|
|
if val != "" {
|
|
t.Fatalf("expected empty, got %q", val)
|
|
}
|
|
}
|