##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

convert: test for shell injection in git calls (SEC)...
convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
Augie Fackler - - Load All Authors

File last commit:

r21812:73e4a02e default
r28663:ae279d4a 3.7.3 stable
Show More
hg
43 lines | 1.1 KiB | text/plain | TextLexer
/ hg
History | Annotation | Raw |Copy content |Copy permalink
#!/usr/bin/env python
#
# mercurial - scalable distributed SCM
#
# Copyright 2005-2007 Matt Mackall <mpm@selenic.com>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
import os
import sys
if os.environ.get('HGUNICODEPEDANTRY', False):
reload(sys)
sys.setdefaultencoding("undefined")
libdir = '@LIBDIR@'
if libdir != '@' 'LIBDIR' '@':
if not os.path.isabs(libdir):
libdir = os.path.join(os.path.dirname(os.path.realpath(__file__)),
libdir)
libdir = os.path.abspath(libdir)
sys.path.insert(0, libdir)
# enable importing on demand to reduce startup time
try:
from mercurial import demandimport; demandimport.enable()
except ImportError:
import sys
sys.stderr.write("abort: couldn't find mercurial libraries in [%s]\n" %
' '.join(sys.path))
sys.stderr.write("(check your install and PYTHONPATH)\n")
sys.exit(-1)
import mercurial.util
import mercurial.dispatch
for fp in (sys.stdin, sys.stdout, sys.stderr):
mercurial.util.setbinary(fp)
mercurial.dispatch.run()