Gi~RdZddlZddlmcmZddlZddlm Z GddZ dS)危险命令检测测试。N)is_dangerous_commandcBeZdZdZdZdZdZdZdZdZ dZ d Z d S) TestDangerousCommandDetectionrcFd}t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d }t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d }t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d }t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d S) u安全命令不被标记。zls -laFisz0%(py4)s {%(py4)s = %(py0)s(%(py2)s) } is %(py7)srpy0py2py4py7assert %(py9)spy9Nz cat file.txtz echo hellopwd r @pytest_ar_call_reprcompare @py_builtinslocals_should_repr_global_name _safereprAssertionError_format_explanationself @py_assert1 @py_assert3 @py_assert6 @py_assert5 @py_format8 @py_format10s //root/projects/qq-shell/tests/test_guardrail.pytest_safe_commandsz0TestDangerousCommandDetection.test_safe_commands s$,6#H--66-6666666666-666666666666#66666#666666H6666-666666666666666666666666666666666$2<#N33#$566>$>6$>>>>>>>>>>6$>>>>>>>>>>>>#>>>>>#>>>>>>$5>>>>6>>>>$>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>r&cvd}t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d }t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d }t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d S) u检测命令注入。zsh -c 'rm -rf /'Trr rr rrNzbash -c 'evil'zecho 'rm -rf' | bashrrs r$ test_command_injection_detectionz>TestDangerousCommandDetection.test_command_injection_detection!s$6?#$677?4?74??????????74????????????#?????#??????$6????7????4?????????????????????????????$4=#$455==5==========5============#=====#======$4====5=================================$:C#$:;;CtC;tCCCCCCCCCC;tCCCCCCCCCCCC#CCCCC#CCCCCC$:CCCC;CCCCtCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCr&cvd}t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d }t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d }t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d S) u检测磁盘操作。zdd if=/dev/zero of=/dev/sdaTrr rr rrNzmkfs.ext4 /dev/sda1zfdisk /dev/sdarrs r$test_disk_operations_detectionzTestDangerousCommandDetection.test_system_operations_detection-s$2;#N33;t;3t;;;;;;;;;;3t;;;;;;;;;;;;#;;;;;#;;;;;;N;;;;3;;;;t;;;;;;;;;;;;;;;;;;;;;;;;;;;;;$,5#H--55-5555555555-555555555555#55555#555555H5555-555555555555555555555555555555555$1:#M22:d:2d::::::::::2d::::::::::::#:::::#::::::M::::2::::d:::::::::::::::::::::::::::::::r&cd}t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d }t|}d}||u}|stjd|fd||fdtjvstjtrtjtndtj|tj|tj|dz}dd|iz}ttj|d x}x}x}}d S) u!单独删除文件是安全的。z rm file.txtFrr rr rrNzrm -i file.txtrrs r$test_safe_rm_single_filez6TestDangerousCommandDetection.test_safe_rm_single_file3s$1;#M22;e;2e;;;;;;;;;;2e;;;;;;;;;;;;#;;;;;#;;;;;;M;;;;2;;;;e;;;;;;;;;;;;;;;;;;;;;;;;;;;;;$4>#$455>>5>>>>>>>>>>5>>>>>>>>>>>>#>>>>>#>>>>>>$4>>>>5>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>r&N) __name__ __module__ __qualname____doc__r%r(r*r,r.r0r3r5r&r$rrs%%444;;; AAA ??? DDD >>> ;;; ?????r&r) r9builtinsr_pytest.assertion.rewrite assertionrewriterpytestbutler.security.guardrailrrr:r&r$rAsr!! ::::::/?/?/?/?/?/?/?/?/?/?r&