##// END OF EJS Templates
convert: test for shell injection in git calls (SEC)...
convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.

File last commit:

r28049:c00f67c1 default
r28663:ae279d4a 3.7.3 stable
Show More
docchecker
54 lines | 1.2 KiB | text/plain | TextLexer
#!/usr/bin/env python
#
# docchecker - look for problematic markup
#
# Copyright 2016 timeless <timeless@mozdev.org> and others
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
import sys
import re
leadingline = re.compile(r'(^\s*)(\S.*)$')
hg_backtick = re.compile(r""":hg:`[^`]*'[^`]*`""")
hg_cramped = re.compile(r'\w:hg:`')
def check(line):
if hg_backtick.search(line):
print(line)
print("""warning: please avoid nesting ' in :hg:`...`""")
if hg_cramped.search(line):
print(line)
print('warning: please have a space before :hg:')
def work(file):
(llead, lline) = ('', '')
for line in file:
# this section unwraps lines
match = leadingline.match(line)
if not match:
check(lline)
(llead, lline) = ('', '')
continue
lead, line = match.group(1), match.group(2)
if (lead == llead):
if (lline != ''):
lline += ' ' + line
else:
lline = line
else:
check(lline)
(llead, lline) = (lead, line)
check(lline)
def main():
for f in sys.argv[1:]:
try:
with open(f) as file:
work(file)
except:
print("failed to process %s" % f)
main()