upstream/mercurial-mirror Files · contrib/check-py3-compat.py

convert: test for shell injection in git calls (SEC)...

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.

Gregory Szorc - - Load All Authors

File last commit:

r28584:d69172dd default


                r28663:ae279d4a

3.7.3 stable

Download file

             check-py3-compat.py
        
                    43 lines
            
             | 1.2 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / contrib / check-py3-compat.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      #!/usr/bin/env python

      #

      # check-py3-compat - check Python 3 compatibility of Mercurial files

      #

      # Copyright 2015 Gregory Szorc <gregory.szorc@gmail.com>

      #

      # This software may be used and distributed according to the terms of the

      # GNU General Public License version 2 or any later version.

      from __future__ import absolute_import, print_function

      import ast

      import sys

      def check_compat(f):

          """Check Python 3 compatibility for a file."""

          with open(f, 'rb') as fh:

              content = fh.read()

          # Ignore empty files.

          if not content.strip():

              return

          root = ast.parse(content)

          futures = set()

          haveprint = False

          for node in ast.walk(root):

              if isinstance(node, ast.ImportFrom):

                  if node.module == '__future__':

                      futures |= set(n.name for n in node.names)

              elif isinstance(node, ast.Print):

                  haveprint = True

          if 'absolute_import' not in futures:

              print('%s not using absolute_import' % f)

          if haveprint and 'print_function' not in futures:

              print('%s requires print_function' % f)

      if __name__ == '__main__':

          for f in sys.argv[1:]:

              check_compat(f)

          sys.exit(0)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				#!/usr/bin/env python
				#
				# check-py3-compat - check Python 3 compatibility of Mercurial files
				#
				# Copyright 2015 Gregory Szorc <gregory.szorc@gmail.com>
				#
				# This software may be used and distributed according to the terms of the
				# GNU General Public License version 2 or any later version.

				from __future__ import absolute_import, print_function

				import ast
				import sys

				def check_compat(f):
				"""Check Python 3 compatibility for a file."""
				with open(f, 'rb') as fh:
				content = fh.read()

				# Ignore empty files.
				if not content.strip():
				return

				root = ast.parse(content)
				futures = set()
				haveprint = False
				for node in ast.walk(root):
				if isinstance(node, ast.ImportFrom):
				if node.module == '__future__':
				futures \|= set(n.name for n in node.names)
				elif isinstance(node, ast.Print):
				haveprint = True

				if 'absolute_import' not in futures:
				print('%s not using absolute_import' % f)
				if haveprint and 'print_function' not in futures:
				print('%s requires print_function' % f)

				if __name__ == '__main__':
				for f in sys.argv[1:]:
				check_compat(f)

				sys.exit(0)