Skip to content

Commit 0da5c5b

Browse files
dwnusbaumdwnusbaum
committed
Update tests for recent security fixes to pass on Windows
1 parent 71c3f0a commit 0da5c5b

File tree

1 file changed

+4
-1
lines changed

1 file changed

+4
-1
lines changed

src/test/java/org/jenkinsci/plugins/workflow/multibranch/ReadTrustedStepTest.java

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -232,12 +232,13 @@ public void pathTraversalRejected() throws Exception {
232232

233233
WorkflowRun b = p.getLastBuild();
234234
assertEquals(1, b.getNumber());
235-
r.assertLogContains("secrets/master.key references a file that is not inside " + r.jenkins.getWorkspaceFor(p).getRemote(), b);
235+
r.assertLogContains("master.key references a file that is not inside " + r.jenkins.getWorkspaceFor(p).getRemote(), b);
236236
}
237237

238238
@Issue("SECURITY-2491")
239239
@Test
240240
public void symlinksInReadTrustedCannotEscapeWorkspaceContext() throws Exception {
241+
assumeFalse(Functions.isWindows()); // On Windows, the symlink is treated as a regular file, so there is no vulnerability, but the behavior is different.
241242
SCMBinder.USE_HEAVYWEIGHT_CHECKOUT = true;
242243
sampleRepo.init();
243244
sampleRepo.write("Jenkinsfile", "node { checkout scm; echo \"${readTrusted 'secrets/master.key'}\"}");
@@ -259,6 +260,7 @@ public void symlinksInReadTrustedCannotEscapeWorkspaceContext() throws Exception
259260
@Issue("SECURITY-2491")
260261
@Test
261262
public void symlinksInUntrustedRevisionCannotEscapeWorkspace() throws Exception {
263+
assumeFalse(Functions.isWindows()); // On Windows, the symlink is treated as a regular file, so there is no vulnerability, but the behavior is different.
262264
SCMBinder.USE_HEAVYWEIGHT_CHECKOUT = true;
263265
sampleRepo.init();
264266
sampleRepo.write("Jenkinsfile", "node { checkout scm; echo \"${readTrusted 'secrets/master.key'}\"}");
@@ -286,6 +288,7 @@ public void symlinksInUntrustedRevisionCannotEscapeWorkspace() throws Exception
286288
@Issue("SECURITY-2491")
287289
@Test
288290
public void symlinksInNonMultibranchCannotEscapeWorkspaceContextViaReadTrusted() throws Exception {
291+
assumeFalse(Functions.isWindows()); // On Windows, the symlink is treated as a regular file, so there is no vulnerability, but the behavior is different.
289292
SCMBinder.USE_HEAVYWEIGHT_CHECKOUT = true;
290293
sampleRepo.init();
291294
sampleRepo.write("Jenkinsfile", "echo \"${readTrusted 'master.key'}\"");

0 commit comments

Comments
 (0)