Show More
| @@ -1,8 +1,12 b'' | |||||
| 1 | import os, errno, stat |
|
1 | import os, errno, stat | |
| 2 |
|
2 | |||
|
|
3 | import encoding | |||
| 3 | import util |
|
4 | import util | |
| 4 | from i18n import _ |
|
5 | from i18n import _ | |
| 5 |
|
6 | |||
|
|
7 | def _lowerclean(s): | |||
|
|
8 | return encoding.hfsignoreclean(s.lower()) | |||
|
|
9 | ||||
| 6 | class pathauditor(object): |
|
10 | class pathauditor(object): | |
| 7 | '''ensure that a filesystem path contains no banned components. |
|
11 | '''ensure that a filesystem path contains no banned components. | |
| 8 | the following properties of a path are checked: |
|
12 | the following properties of a path are checked: | |
| @@ -39,11 +43,11 b' class pathauditor(object):' | |||||
| 39 | raise util.Abort(_("path ends in directory separator: %s") % path) |
|
43 | raise util.Abort(_("path ends in directory separator: %s") % path) | |
| 40 | parts = util.splitpath(path) |
|
44 | parts = util.splitpath(path) | |
| 41 | if (os.path.splitdrive(path)[0] |
|
45 | if (os.path.splitdrive(path)[0] | |
| 42 |
or parts[0] |
|
46 | or _lowerclean(parts[0]) in ('.hg', '.hg.', '') | |
| 43 | or os.pardir in parts): |
|
47 | or os.pardir in parts): | |
| 44 | raise util.Abort(_("path contains illegal component: %s") % path) |
|
48 | raise util.Abort(_("path contains illegal component: %s") % path) | |
| 45 |
if '.hg' in path |
|
49 | if '.hg' in _lowerclean(path): | |
| 46 | lparts = [p.lower() for p in parts] |
|
50 | lparts = [_lowerclean(p.lower()) for p in parts] | |
| 47 | for p in '.hg', '.hg.': |
|
51 | for p in '.hg', '.hg.': | |
| 48 | if p in lparts[1:]: |
|
52 | if p in lparts[1:]: | |
| 49 | pos = lparts.index(p) |
|
53 | pos = lparts.index(p) | |
| @@ -457,4 +457,21 b' commit copy' | |||||
| 457 | 0 0 6 ..... 0 26d3ca0dfd18 000000000000 000000000000 (re) |
|
457 | 0 0 6 ..... 0 26d3ca0dfd18 000000000000 000000000000 (re) | |
| 458 | 1 6 7 ..... 1 d267bddd54f7 26d3ca0dfd18 000000000000 (re) |
|
458 | 1 6 7 ..... 1 d267bddd54f7 26d3ca0dfd18 000000000000 (re) | |
| 459 |
|
459 | |||
|
|
460 | verify pathauditor blocks evil filepaths | |||
|
|
461 | $ cat > evil-commit.py <<EOF | |||
|
|
462 | > from mercurial import ui, hg, context, node | |||
|
|
463 | > notrc = u".h\u200cg".encode('utf-8') + '/hgrc' | |||
|
|
464 | > u = ui.ui() | |||
|
|
465 | > r = hg.repository(u, '.') | |||
|
|
466 | > def filectxfn(repo, memctx, path): | |||
|
|
467 | > return context.memfilectx(repo, path, '[hooks]\nupdate = echo owned') | |||
|
|
468 | > c = context.memctx(r, [r['tip'].node(), node.nullid], | |||
|
|
469 | > 'evil', [notrc], filectxfn, 0) | |||
|
|
470 | > r.commitctx(c) | |||
|
|
471 | > EOF | |||
|
|
472 | $ $PYTHON evil-commit.py | |||
|
|
473 | $ hg co --clean tip | |||
|
|
474 | abort: path contains illegal component: .h\xe2\x80\x8cg/hgrc (esc) | |||
|
|
475 | [255] | |||
|
|
476 | ||||
| 460 | $ cd .. |
|
477 | $ cd .. | |
General Comments 0
You need to be logged in to leave comments.
Login now