upstream/mercurial-mirror Files · mercurial/lsprofcalltree.py

subrepo: set GIT_ALLOW_PROTOCOL to limit git clone protocols (SEC)...

subrepo: set GIT_ALLOW_PROTOCOL to limit git clone protocols (SEC) CVE-2016-3068 (1/1) Git's git-remote-ext remote helper provides an ext:: URL scheme that allows running arbitrary shell commands. This feature allows implementing simple git smart transports with a single shell shell command. However, git submodules could clone arbitrary URLs specified in the .gitmodules file. This was reported as CVE-2015-7545 and fixed in git v2.6.1. However, if a user directly clones a malicious ext URL, the git client will still run arbitrary shell commands. Mercurial is similarly effected. Mercurial allows specifying git repositories as subrepositories. Git ext:: URLs can be specified as Mercurial subrepositories allowing arbitrary shell commands to be run on `hg clone ...`. The Mercurial community would like to thank Blake Burkhart for reporting this issue. The description of the issue is copied from Blake's report. This commit changes submodules to pass the GIT_ALLOW_PROTOCOL env variable to git commands with the same list of allowed protocols that git submodule is using. When the GIT_ALLOW_PROTOCOL env variable is already set, we just pass it to git without modifications.

Gregory Szorc - - Load All Authors

File last commit:

r27618:5a988b3c default


                r28658:34d43cb8

stable

Download file

             lsprofcalltree.py
        
                    86 lines
            
             | 2.7 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / mercurial / lsprofcalltree.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      """

      lsprofcalltree.py - lsprof output which is readable by kcachegrind

      Authors:

          * David Allouche <david <at> allouche.net>

          * Jp Calderone & Itamar Shtull-Trauring

          * Johan Dahlin

      This software may be used and distributed according to the terms

      of the GNU General Public License, incorporated herein by reference.

      """

      from __future__ import absolute_import, print_function

      def label(code):

          if isinstance(code, str):

              return '~' + code    # built-in functions ('~' sorts at the end)

          else:

              return '%s %s:%d' % (code.co_name,

                                   code.co_filename,

                                   code.co_firstlineno)

      class KCacheGrind(object):

          def __init__(self, profiler):

              self.data = profiler.getstats()

              self.out_file = None

          def output(self, out_file):

              self.out_file = out_file

              print('events: Ticks', file=out_file)

              self._print_summary()

              for entry in self.data:

                  self._entry(entry)

          def _print_summary(self):

              max_cost = 0

              for entry in self.data:

                  totaltime = int(entry.totaltime * 1000)

                  max_cost = max(max_cost, totaltime)

              print('summary: %d' % max_cost, file=self.out_file)

          def _entry(self, entry):

              out_file = self.out_file

              code = entry.code

              if isinstance(code, str):

                  print('fi=~', file=out_file)

              else:

                  print('fi=%s' % code.co_filename, file=out_file)

              print('fn=%s' % label(code), file=out_file)

              inlinetime = int(entry.inlinetime * 1000)

              if isinstance(code, str):

                  print('0 ', inlinetime, file=out_file)

              else:

                  print('%d %d' % (code.co_firstlineno, inlinetime), file=out_file)

              # recursive calls are counted in entry.calls

              if entry.calls:

                  calls = entry.calls

              else:

                  calls = []

              if isinstance(code, str):

                  lineno = 0

              else:

                  lineno = code.co_firstlineno

              for subentry in calls:

                  self._subentry(lineno, subentry)

              print(file=out_file)

          def _subentry(self, lineno, subentry):

              out_file = self.out_file

              code = subentry.code

              print('cfn=%s' % label(code), file=out_file)

              if isinstance(code, str):

                  print('cfi=~', file=out_file)

                  print('calls=%d 0' % subentry.callcount, file=out_file)

              else:

                  print('cfi=%s' % code.co_filename, file=out_file)

                  print('calls=%d %d' % (

                      subentry.callcount, code.co_firstlineno), file=out_file)

              totaltime = int(subentry.totaltime * 1000)

              print('%d %d' % (lineno, totaltime), file=out_file)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				"""
				lsprofcalltree.py - lsprof output which is readable by kcachegrind

				Authors:
				* David Allouche <david <at> allouche.net>
				* Jp Calderone & Itamar Shtull-Trauring
				* Johan Dahlin

				This software may be used and distributed according to the terms
				of the GNU General Public License, incorporated herein by reference.
				"""

				from __future__ import absolute_import, print_function

				def label(code):
				if isinstance(code, str):
				return '~' + code # built-in functions ('~' sorts at the end)
				else:
				return '%s %s:%d' % (code.co_name,
				code.co_filename,
				code.co_firstlineno)

				class KCacheGrind(object):
				def __init__(self, profiler):
				self.data = profiler.getstats()
				self.out_file = None

				def output(self, out_file):
				self.out_file = out_file
				print('events: Ticks', file=out_file)
				self._print_summary()
				for entry in self.data:
				self._entry(entry)

				def _print_summary(self):
				max_cost = 0
				for entry in self.data:
				totaltime = int(entry.totaltime * 1000)
				max_cost = max(max_cost, totaltime)
				print('summary: %d' % max_cost, file=self.out_file)

				def _entry(self, entry):
				out_file = self.out_file

				code = entry.code
				if isinstance(code, str):
				print('fi=~', file=out_file)
				else:
				print('fi=%s' % code.co_filename, file=out_file)
				print('fn=%s' % label(code), file=out_file)

				inlinetime = int(entry.inlinetime * 1000)
				if isinstance(code, str):
				print('0 ', inlinetime, file=out_file)
				else:
				print('%d %d' % (code.co_firstlineno, inlinetime), file=out_file)

				# recursive calls are counted in entry.calls
				if entry.calls:
				calls = entry.calls
				else:
				calls = []

				if isinstance(code, str):
				lineno = 0
				else:
				lineno = code.co_firstlineno

				for subentry in calls:
				self._subentry(lineno, subentry)
				print(file=out_file)

				def _subentry(self, lineno, subentry):
				out_file = self.out_file
				code = subentry.code
				print('cfn=%s' % label(code), file=out_file)
				if isinstance(code, str):
				print('cfi=~', file=out_file)
				print('calls=%d 0' % subentry.callcount, file=out_file)
				else:
				print('cfi=%s' % code.co_filename, file=out_file)
				print('calls=%d %d' % (
				subentry.callcount, code.co_firstlineno), file=out_file)

				totaltime = int(subentry.totaltime * 1000)
				print('%d %d' % (lineno, totaltime), file=out_file)