From 7bb78f8099770433d7b182fa0f80bd60b0c30aae Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Mon, 11 Jan 2021 12:25:50 +0000
Subject: [PATCH] tests: Exercise --env-fd

Signed-off-by: Simon McVittie <smcv@collabora.com>
Part-of: https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2
---
 tests/test-override.sh | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/tests/test-override.sh b/tests/test-override.sh
index 3f5a12c1..56be1217 100755
--- a/tests/test-override.sh
+++ b/tests/test-override.sh
@@ -65,14 +65,16 @@ reset_overrides
 
 ${FLATPAK} override --user --env=FOO=BAR org.test.Hello
 ${FLATPAK} override --user --env=BAR= org.test.Hello
-# TODO: A future commit will add a way to avoid this ever being present in argv
-${FLATPAK} override --user --env=SECRET_TOKEN=3047225e-5e38-4357-b21c-eac83b7e8ea6 org.test.Hello
+# --env-fd with terminating \0 (strictly as documented).
+printf '%s\0' "SECRET_TOKEN=3047225e-5e38-4357-b21c-eac83b7e8ea6" > env.3
+# --env-fd without terminating \0 (which we also accept).
 # TMPDIR and TZDIR are filtered out by ld.so for setuid processes,
 # so setting these gives us a way to verify that we can pass them through
 # a setuid bwrap (without special-casing them, as we previously did for
 # TMPDIR).
-${FLATPAK} override --user --env=TMPDIR=/nonexistent/tmp org.test.Hello
-${FLATPAK} override --user --env=TZDIR=/nonexistent/tz org.test.Hello
+printf '%s\0%s' "TMPDIR=/nonexistent/tmp" "TZDIR=/nonexistent/tz" > env.4
+${FLATPAK} override --user --env-fd=3 --env-fd=4 org.test.Hello \
+    3<env.3 4<env.4
 ${FLATPAK} override --user --show org.test.Hello > override
 
 assert_file_has_content override "^\[Environment\]$"
@@ -118,11 +120,11 @@ else
   ${FLATPAK} run --command=bash \
       --env=FOO=BAR \
       --env=BAR= \
-      --env=SECRET_TOKEN=3047225e-5e38-4357-b21c-eac83b7e8ea6 \
-      --env=TMPDIR=/nonexistent/tmp \
-      --env=TZDIR=/nonexistent/tz \
+      --env-fd=3 \
+      --env-fd=4 \
       org.test.Hello \
-      -c 'echo "FOO=$FOO"; echo "BAR=$BAR"; echo "SECRET_TOKEN=$SECRET_TOKEN"; echo "TMPDIR=$TMPDIR"; echo "TZDIR=$TZDIR"' > out
+      -c 'echo "FOO=$FOO"; echo "BAR=$BAR"; echo "SECRET_TOKEN=$SECRET_TOKEN"; echo "TMPDIR=$TMPDIR"; echo "TZDIR=$TZDIR"' \
+      3<env.3 4<env.4 > out
   # The versions from `flatpak run` overrule `flatpak override`
   assert_file_has_content out '^FOO=BAR$'
   assert_file_has_content out '^BAR=$'