From Code to Community: Sponsoring The Perl and Raku Conference 2025 Learn more

SIDNEY / Mail-SpamAssassin-4.0.1-rc1r-TRIAL / t / a02_a_init.pm 

            

              
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263

              
# SATest with unused functions removed
# remove all references to spamc and spamd
# removed unused end block and untaint_cmd function
# remove read_config and a bit more
# remove call to tempdir, put it in the test
package main;
require v5.14.0;
# use strict;
# use warnings;
# use re 'taint';
use Cwd;
use Config;
use File::Basename;
use File::Copy;
use File::Path;
use File::Spec;
use File::Temp qw(tempdir);
use Test::Builder ();
use Test::More    ();
use POSIX qw(WIFEXITED WIFSIGNALED WIFSTOPPED WEXITSTATUS WTERMSIG WSTOPSIG);
use vars qw($RUNNING_ON_WINDOWS
            $SKIP_SETUID_NOBODY_TESTS $SKIP_DNSBL_TESTS
            $have_inet4 $have_inet6
            $workdir $siterules $localrules $userrules $userstate
            $keep_workdir $mainpid);
my $sa_code_dir;
BEGIN {
  require Exporter;
  use vars qw(@ISA @EXPORT @EXPORT_OK);
  @ISA = qw(Exporter);
  @EXPORT = qw($have_inet4 $have_inet6);
  $RUNNING_ON_WINDOWS = ($^O =~ /^(mswin|dos|os2)/oi);
  $SKIP_SETUID_NOBODY_TESTS = 0;
  $SKIP_DNSBL_TESTS = 0;
  $have_inet4 = eval {
    require IO::Socket::INET;
    my $sock = IO::Socket::INET->new(LocalAddr => '127.0.0.1', Proto => 'udp');
    $sock->close or die "error closing inet socket: $!"  if $sock;
    $sock ? 1 : undef;
  };
  $have_inet6 = eval {
    require IO::Socket::INET6;
    my $sock = IO::Socket::INET6->new(LocalAddr => '::1', Proto => 'udp');
    $sock->close or die "error closing inet6 socket: $!"  if $sock;
    $sock ? 1 : undef;
  };
  # Clean PATH so taint doesn't complain
  if (!$RUNNING_ON_WINDOWS) {
    $ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
    # Remove tainted envs, at least ENV used in FreeBSD
    delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
  } else {
    # Windows might need non-system directories in PATH to run a Perl installation
    # The best we can do is clean out obviously bad stuff such as relative paths or \..\
    my @pathdirs = split(';', $ENV{'PATH'});
    $ENV{'PATH'} =
      join(';', # filter for only dirs that are canonical absolute paths that exist
        map {
              my $pathdir = $_;
              $pathdir =~ s/\\*\z//;
              my $abspathdir = File::Spec->canonpath(Cwd::realpath($pathdir)) if (-d $pathdir);
              if (defined $abspathdir) {
                $abspathdir  =~ /^(.*)\z/s;
                $abspathdir = $1; # untaint it
              }
              ((defined $abspathdir) and (lc $pathdir eq lc $abspathdir))?($abspathdir):()
            }
          @pathdirs);
  }
   
  # Fix INC to point to absolute path of built SA
  if (-e 't/test_dir') { $sa_code_dir = 'blib/lib'; }
  elsif (-e 'test_dir') { $sa_code_dir = '../blib/lib'; }
  else { die "FATAL: not in or below test directory?\n"; }
  File::Spec->rel2abs($sa_code_dir) =~ /^(.*)\z/s;
  $sa_code_dir = $1;
  if (not -d $sa_code_dir) {
    die "FATAL: not in expected directory relative to built code tree?\n";
  }
}
# use is run at compile time, but after the variable has been computed in the BEGIN block
use lib $sa_code_dir;
sub sa_t_init {
  my $tname = shift;
  $mainpid = $$;
  if ($config{PERL_PATH}) {
    $perl_path = $config{PERL_PATH};
  }
  elsif ($^X =~ m|^/|) {
    $perl_path = $^X;
  }
  else {
    $perl_path = $Config{perlpath};
    $perl_path =~ s|/[^/]*$|/$^X|;
  }
  $perl_cmd  = $perl_path;
  # propagate $PERL5OPT; seems to be necessary, at least for the common idiom of
  # "PERL5OPT=-MFoo::Bar ./test.t"
  if ($ENV{'PERL5OPT'}) {
    my $o = $ENV{'PERL5OPT'};
    if ($o =~ /(Devel::Cover)/) {
      warn "# setting TEST_PERL_TAINT=no to avoid lack of taint-safety in $1\n";
      $ENV{'TEST_PERL_TAINT'} = 'no';
    }
    $perl_cmd .= " \"$o\"";
  }
  $perl_cmd .= " -T" if !defined($ENV{'TEST_PERL_TAINT'}) or $ENV{'TEST_PERL_TAINT'} ne 'no';
  $perl_cmd .= " -w" if !defined($ENV{'TEST_PERL_WARN'})  or $ENV{'TEST_PERL_WARN'}  ne 'no';
  # Copy directories in PERL5LIB into -I options in perl_cmd because -T suppresses use of PERL5LIB in call to ./spamassassin
  # If PERL5LIB is empty copy @INC instead because on some platforms like FreeBSD MakeMaker clears PER5LIB and sets @INC
  # Filter out relative paths, and canonicalize so no symlinks or /../ will be left in untainted result as a nod to security
  # Since this is only used to run tests, the security considerations are not as strict as with more general situations.
  my @pathdirs = @INC;
  if ($ENV{'PERL5LIB'}) {
    @pathdirs = split($Config{path_sep}, $ENV{'PERL5LIB'});
  }
  my $inc_opts =
    join(' -I', # filter for only dirs that are absolute paths that exist, then canonicalize them
      map {
            my $pathdir = $_;
            my $canonpathdir = File::Spec->canonpath(Cwd::realpath($pathdir)) if ((-d $pathdir) and File::Spec->file_name_is_absolute($pathdir));
            if (defined $canonpathdir) {
               $canonpathdir =~ /^(.*)\z/s;
               $canonpathdir = $1; # untaint it
            }
            ((defined $canonpathdir))?($canonpathdir):()
          }
         @pathdirs);
  $perl_cmd .= " -I$inc_opts" if ($inc_opts);
   
  # To work in Windows, the perl scripts have to be launched by $perl_cmd and
  # the ones that are exe files have to be directly called in the command lines
   
  $scr = $ENV{'SPAMASSASSIN_SCRIPT'};
  $scr ||= "$perl_cmd ../spamassassin.raw";
  $salearn = $ENV{'SALEARN_SCRIPT'};
  $salearn ||= "$perl_cmd ../sa-learn.raw";
  $saawl = $ENV{'SAAWL_SCRIPT'};
  $saawl ||= "$perl_cmd ../sa-awl";
  (-f "t/test_dir") && chdir("t");        # run from ..
  -f "test_dir"  or die "FATAL: not in test directory?\n";
  mkdir ("log", 0755);
  -d "log" or die "FATAL: failed to create log dir\n";
  chmod (0755, "log"); # set in case log already exists with wrong permissions
  if (!$RUNNING_ON_WINDOWS) {
    untaint_system("chacl -B log 2>/dev/null || setfacl -b log 2>/dev/null"); # remove acls that confuse test
  }
  # clean old workdir if sa_t_init called multiple times
  if (defined $workdir) {
    if (!$keep_workdir) {
      rmtree($workdir);
    }
  }
  ##########
  ### Test return here but keep some code that comes after to be compiled
  return if $tname;
  # # individual work directory to make parallel tests possible
  # $workdir = tempdir("$tname.XXXXXX", DIR => "log");
  # die "FATAL: failed to create workdir: $!" unless -d $workdir;
  # chmod (0755, $workdir); # sometimes tempdir() ignores umask
  # $keep_workdir = 0;
  # # $siterules contains all stock *.pre files
  # $siterules = "$workdir/siterules";
  # # $localrules contains all stock *.cf files
  # $localrules = "$workdir/localrules";
  # # $userrules contains user rules
  # $userrules = "$workdir/user.cf";
  # # user_state directory
  # $userstate = "$workdir/user_state";
  # mkdir($siterules) or die "FATAL: failed to create $siterules\n";
  # mkdir($localrules) or die "FATAL: failed to create $localrules\n";
  # open(OUT, ">$userrules") or die "FATAL: failed to create $userrules\n";
  # close(OUT);
  # mkdir($userstate) or die "FATAL: failed to create $userstate\n";
  # $scr_localrules_args =   " --siteconfigpath $siterules";
  # $salearn_localrules_args =   " --siteconfigpath $siterules";
  # $scr_cf_args = "-C $localrules";
  # $scr_pref_args = "-p $userrules";
  # $salearn_cf_args = "-C $localrules";
  # $salearn_pref_args = "-p $userrules";
  # $scr_test_args = "";
  # $salearn_test_args = "";
  # $set_user_prefs = 0;
  # $default_cf_lines = "
  #   bayes_path ./$userstate/bayes
  #   auto_welcomelist_path ./$userstate/auto-welcomelist
  # ";
  # if running as root, ensure "nobody" can write to it too
  # if ($> == 0) {
  #   $tmp_dir_mode = 0777;
  #   umask 022;  # ensure correct permissions on files and dirs created here
  #   # Bug 5529 initial fix: For now don't run a test as root if it has a problem resuting from setuid nobody
  #   # FIXME: Eventually we can actually test setuid nobody and accessing ./log to make this test more fine grained
  #   #  and we can create an accessible temp dir that some of the tests can use. But for now just skip those tests.
  #   $SKIP_SETUID_NOBODY_TESTS = 1;
  # } else {
  #   $tmp_dir_mode = 0755;
  # }
  # for $tainted (<../rules/*.pm>, <../rules/*.pre>, <../rules/languages>) {
  #   $tainted =~ /(.*)/;
  #   my $file = $1;
  #   $base = basename $file;
  #   copy ($file, "$siterules/$base")
  #     or warn "cannot copy $file to $siterules/$base: $!";
  # }
  # for $tainted (<../rules/*.cf>) {
  #   $tainted =~ /(.*)/;
  #   my $file = $1;
  #   $base = basename $file;
  #   copy ($file, "$localrules/$base")
  #     or warn "cannot copy $file to $localrules/$base: $!";
  # }
}
# Simple version of untaint_var for internal use
sub untaint_var {
    local($1);
    $_[0] =~ /^(.*)\z/s;
    return $1;
}
# untainted system()
sub untaint_system {
    my @args;
    push @args, untaint_var($_) foreach (@_);
    return system(@args);
}
1;