test: add regression guard for recursive chmod dirfd-relative traversal

mattsu2020 · mattsu2020 · commit 6ce14f121847 · 2025-12-05T18:12:36.000+09:00
Add a check in check-safe-traversal.sh to ensure recursive chmod operations use dirfd-relative openat calls instead of AT_FDCWD with multi-component paths, preventing potential race conditions. Ignore the corresponding Rust test as it is now covered by this shell script guard.
diff --git a/tests/by-util/test_chmod.rs b/tests/by-util/test_chmod.rs
@@ -1283,6 +1283,7 @@ fn test_chmod_non_utf8_paths() {
 
 #[cfg(all(target_os = "linux", feature = "chmod"))]
 #[test]
+#[ignore = "covered by util/check-safe-traversal.sh"]
 fn test_chmod_recursive_uses_dirfd_for_subdirs() {
     use std::process::Command;
     use uutests::get_tests_binary;
diff --git a/util/check-safe-traversal.sh b/util/check-safe-traversal.sh
@@ -173,6 +173,11 @@ fi
 if echo "$AVAILABLE_UTILS" | grep -q "chmod"; then
     cp -r test_dir test_chmod
     check_utility "chmod" "openat,fchmodat,newfstatat,chmod" "openat fchmodat" "-R 755 test_chmod" "recursive_chmod"
+
+    # Additional regression guard: ensure recursion uses dirfd-relative openat, not AT_FDCWD with a multi-component path
+    if grep -q 'openat(AT_FDCWD, "test_chmod/' strace_chmod_recursive_chmod.log; then
+        fail_immediately "chmod recursed using AT_FDCWD with a multi-component path; expected dirfd-relative openat"
+    fi
 fi
 
 # Test chown - should use openat, fchownat, newfstatat
