# HG changeset patch
# User Gregory Szorc <gregory.szorc@gmail.com>
# Date 2018-09-11 17:59:21
# Node ID ce20caecacbd23bfbb02ca2fcb014d5e93ca3bdb
# Parent  8d8e61df82597fbe2a65e1a15442019107f852c7

narrow: validate patterns on incoming bundle2 part

The remote data is untrusted and needs to be validated for
pattern conformance.

Differential Revision: https://phab.mercurial-scm.org/D4525

diff --git a/hgext/narrow/narrowbundle2.py b/hgext/narrow/narrowbundle2.py
--- a/hgext/narrow/narrowbundle2.py
+++ b/hgext/narrow/narrowbundle2.py
@@ -195,6 +195,9 @@ def getbundlechangegrouppart_narrow(bund
 def _handlechangespec_2(op, inpart):
     includepats = set(inpart.params.get(_SPECPART_INCLUDE, '').splitlines())
     excludepats = set(inpart.params.get(_SPECPART_EXCLUDE, '').splitlines())
+    narrowspec.validatepatterns(includepats)
+    narrowspec.validatepatterns(excludepats)
+
     if not repository.NARROW_REQUIREMENT in op.repo.requirements:
         op.repo.requirements.add(repository.NARROW_REQUIREMENT)
         op.repo._writerequirements()