From 0091214d2f2b489f4d38464c8d217cd7f5aba50a Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@redhat.com>
Date: Tue, 14 Nov 2023 11:59:18 +0200
Subject: [PATCH] Add a test-case for invalid intermediate symlink owner
 (CVE-2021-35939)

This should've been in commit 96ec957e281220f8e137a2d5eb23b83a6377d556
but back then we didn't have a good way to test ownership matters.
---
 tests/rpmi.at | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/tests/rpmi.at b/tests/rpmi.at
index 94d8967b12..95b4497be7 100644
--- a/tests/rpmi.at
+++ b/tests/rpmi.at
@@ -1539,3 +1539,24 @@ plong
 [ignore])
 
 RPMTEST_CLEANUP
+
+AT_SETUP([install on invalid symlinked directory])
+AT_KEYWORDS([install])
+RPMDB_INIT
+
+runroot rpmbuild --quiet -bb \
+          /data/SPECS/replacetest.spec
+
+RPMTEST_CHECK([
+runroot_other mv /opt /opt.was
+runroot_other ln -s /opt.was /opt
+runroot_other chown -h nobody:nobody /opt
+runroot --setenv SOURCE_DATE_EPOCH 1699955855 rpm -U /build/RPMS/noarch/replacetest-1.0-1.noarch.rpm
+],
+[1],
+[],
+[error: failed to open dir opt of /opt/: Not a directory
+error: unpacking of archive failed on file /opt/foo;6553448f: cpio: open failed - Not a directory
+error: replacetest-1.0-1.noarch: install failed
+])
+RPMTEST_CLEANUP