##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

convert: test for shell injection in git calls (SEC)...
convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
Matt Mackall - - Load All Authors

File last commit:

r25472:4d2b9b30 default
r28663:ae279d4a 3.7.3 stable
Show More
test-websub.t
36 lines | 893 B | text/troff | Tads3Lexer
/ tests / test-websub.t
History | Source | Raw |Copy content |Copy permalink
Matt Mackall
tests: replace exit 80 with #require
 r22046 #require serve
Angel Ezquerra
extensions: obsolete and remove interhg extension...
 r18629
$ hg init test
$ cd test
$ cat > .hg/hgrc <<EOF
> [extensions]
> # this is only necessary to check that the mapping from
> # interhg to websub works
> interhg =
>
> [websub]
> issues = s|Issue(\d+)|<a href="http://bts.example.org/issue\1">Issue\1</a>|
>
> [interhg]
> # check that we maintain some interhg backwards compatibility...
> # yes, 'x' is a weird delimiter...
> markbugs = sxbugx<i class="\x">bug</i>x
> EOF
$ touch foo
$ hg add foo
$ hg commit -d '1 0' -m 'Issue123: fixed the bug!'
$ hg serve -n test -p $HGPORT -d --pid-file=hg.pid -A access.log -E errors.log
$ cat hg.pid >> $DAEMON_PIDS
log
Matt Mackall
tests: drop explicit $TESTDIR from executables...
 r25472 $ get-with-headers.py localhost:$HGPORT "rev/tip" | grep bts
Angel Ezquerra
extensions: obsolete and remove interhg extension...
 r18629 <div class="description"><a href="http://bts.example.org/issue123">Issue123</a>: fixed the <i class="x">bug</i>!</div>
errors
$ cat errors.log
$ cd ..