##// END OF EJS Templates
convert: test for shell injection in git calls (SEC)...
Mateusz Kwapich -
r28663:ae279d4a 3.7.3 stable
parent child Browse files
Show More
@@ -729,3 +729,20 b' damage git repository by renaming a tree'
729 729 $ mv git-repo4/.git/objects/$TREE_OBJ git-repo4/.git/objects/$TREE_OBJ.tmp
730 730 $ hg convert git-repo4 git-repo4-broken-hg 2>&1 | grep 'abort:'
731 731 abort: cannot read changes in 1c0ce3c5886f83a1d78a7b517cdff5cf9ca17bdd
732
733 test for escaping the repo name (CVE-2016-3069)
734
735 $ git init '`echo pwned >COMMAND-INJECTION`'
736 Initialized empty Git repository in $TESTTMP/`echo pwned >COMMAND-INJECTION`/.git/
737 $ cd '`echo pwned >COMMAND-INJECTION`'
738 $ git commit -q --allow-empty -m 'empty'
739 $ cd ..
740 $ hg convert '`echo pwned >COMMAND-INJECTION`' 'converted'
741 initializing destination converted repository
742 scanning source...
743 sorting...
744 converting...
745 0 empty
746 updating bookmarks
747 $ test -f COMMAND-INJECTION
748 [1]
General Comments 0
You need to be logged in to leave comments. Login now