##// END OF EJS Templates
subrepo: add tests for svn rogue ssh urls (SEC)...
subrepo: add tests for svn rogue ssh urls (SEC) 'ssh://' has an exploit that will pass the url blindly to the ssh command, allowing a malicious person to have a subrepo with '-oProxyCommand' which could run arbitrary code on a user's machine. In addition, at least on Windows, a pipe '|' is able to execute arbitrary commands. When this happens, let's throw a big abort into the user's face so that they can inspect what's going on.
Sean Farley -
r33730:60ee7af2 stable
Show More
Name Size Modified Last Commit Author
/ mercurial / cext
__init__.py Loading ...
base85.c Loading ...
bdiff.c Loading ...
diffhelpers.c Loading ...
dirs.c Loading ...
manifest.c Loading ...
mpatch.c Loading ...
osutil.c Loading ...
parsers.c Loading ...
pathencode.c Loading ...
revlog.c Loading ...
util.h Loading ...