fix: audit LOW fixes — rejection-path tests, wallpaper-fallback docs (v0.9.1)
Update PKGBUILD version / update-pkgver (push) Successful in 4s
Update PKGBUILD version / update-pkgver (push) Successful in 4s
- Test AccountsService-icon symlink rejection (users.rs) - Tests for wallpaper symlink/extension/size rejection (config.rs) - Fix stale 'bundled package wallpaper' fallback docs (README, example config) — bundled tier removed 2026-03-28, actual chain is two-tier
This commit is contained in:
@@ -145,6 +145,20 @@ mod tests {
|
||||
assert!(path.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn rejects_symlink_accountsservice_icon() {
|
||||
let dir = tempfile::tempdir().unwrap();
|
||||
let target = dir.path().join("secret");
|
||||
fs::write(&target, "secret content").unwrap();
|
||||
let icons_dir = dir.path().join("icons");
|
||||
fs::create_dir(&icons_dir).unwrap();
|
||||
let icon = icons_dir.join("testuser");
|
||||
std::os::unix::fs::symlink(&target, &icon).unwrap();
|
||||
// No ~/.face, so resolution falls through to the AccountsService branch
|
||||
let path = get_avatar_path_with(dir.path(), Some("testuser"), &icons_dir);
|
||||
assert!(path.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn returns_none_when_no_avatar() {
|
||||
let dir = tempfile::tempdir().unwrap();
|
||||
|
||||
Reference in New Issue
Block a user