##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.
Gregory Szorc - - Load All Authors

File last commit:

r31847:39d36c2d default
r32050:77eaf953 4.1.3 stable
Show More
python-zstandard.h
178 lines | 3.7 KiB | text/x-c | CLexer
/ contrib / python-zstandard / c-ext / python-zstandard.h
History | Annotation | Raw |Copy content |Copy permalink
/**
* Copyright (c) 2016-present, Gregory Szorc
* All rights reserved.
*
* This software may be modified and distributed under the terms
* of the BSD license. See the LICENSE file for details.
*/
#define PY_SSIZE_T_CLEAN
#include <Python.h>
#define ZSTD_STATIC_LINKING_ONLY
#define ZDICT_STATIC_LINKING_ONLY
#include "mem.h"
#include "zstd.h"
#include "zdict.h"
#define PYTHON_ZSTANDARD_VERSION "0.6.0"
typedef enum {
compressorobj_flush_finish,
compressorobj_flush_block,
} CompressorObj_Flush;
typedef struct {
PyObject_HEAD
unsigned windowLog;
unsigned chainLog;
unsigned hashLog;
unsigned searchLog;
unsigned searchLength;
unsigned targetLength;
ZSTD_strategy strategy;
} CompressionParametersObject;
extern PyTypeObject CompressionParametersType;
typedef struct {
PyObject_HEAD
unsigned selectivityLevel;
int compressionLevel;
unsigned notificationLevel;
unsigned dictID;
} DictParametersObject;
extern PyTypeObject DictParametersType;
typedef struct {
PyObject_HEAD
void* dictData;
size_t dictSize;
} ZstdCompressionDict;
extern PyTypeObject ZstdCompressionDictType;
typedef struct {
PyObject_HEAD
int compressionLevel;
ZstdCompressionDict* dict;
ZSTD_CCtx* cctx;
ZSTD_CDict* cdict;
CompressionParametersObject* cparams;
ZSTD_frameParameters fparams;
} ZstdCompressor;
extern PyTypeObject ZstdCompressorType;
typedef struct {
PyObject_HEAD
ZstdCompressor* compressor;
ZSTD_CStream* cstream;
ZSTD_outBuffer output;
int finished;
} ZstdCompressionObj;
extern PyTypeObject ZstdCompressionObjType;
typedef struct {
PyObject_HEAD
ZstdCompressor* compressor;
PyObject* writer;
Py_ssize_t sourceSize;
size_t outSize;
ZSTD_CStream* cstream;
int entered;
} ZstdCompressionWriter;
extern PyTypeObject ZstdCompressionWriterType;
typedef struct {
PyObject_HEAD
ZstdCompressor* compressor;
PyObject* reader;
Py_buffer* buffer;
Py_ssize_t bufferOffset;
Py_ssize_t sourceSize;
size_t inSize;
size_t outSize;
ZSTD_CStream* cstream;
ZSTD_inBuffer input;
ZSTD_outBuffer output;
int finishedOutput;
int finishedInput;
PyObject* readResult;
} ZstdCompressorIterator;
extern PyTypeObject ZstdCompressorIteratorType;
typedef struct {
PyObject_HEAD
ZSTD_DCtx* refdctx;
ZstdCompressionDict* dict;
ZSTD_DDict* ddict;
} ZstdDecompressor;
extern PyTypeObject ZstdDecompressorType;
typedef struct {
PyObject_HEAD
ZstdDecompressor* decompressor;
ZSTD_DStream* dstream;
int finished;
} ZstdDecompressionObj;
extern PyTypeObject ZstdDecompressionObjType;
typedef struct {
PyObject_HEAD
ZstdDecompressor* decompressor;
PyObject* writer;
size_t outSize;
ZSTD_DStream* dstream;
int entered;
} ZstdDecompressionWriter;
extern PyTypeObject ZstdDecompressionWriterType;
typedef struct {
PyObject_HEAD
ZstdDecompressor* decompressor;
PyObject* reader;
Py_buffer* buffer;
Py_ssize_t bufferOffset;
size_t inSize;
size_t outSize;
size_t skipBytes;
ZSTD_DStream* dstream;
ZSTD_inBuffer input;
ZSTD_outBuffer output;
Py_ssize_t readCount;
int finishedInput;
int finishedOutput;
} ZstdDecompressorIterator;
extern PyTypeObject ZstdDecompressorIteratorType;
typedef struct {
int errored;
PyObject* chunk;
} DecompressorIteratorResult;
void ztopy_compression_parameters(CompressionParametersObject* params, ZSTD_compressionParameters* zparams);
CompressionParametersObject* get_compression_parameters(PyObject* self, PyObject* args);
PyObject* estimate_compression_context_size(PyObject* self, PyObject* args);
ZSTD_CStream* CStream_from_ZstdCompressor(ZstdCompressor* compressor, Py_ssize_t sourceSize);
ZSTD_DStream* DStream_from_ZstdDecompressor(ZstdDecompressor* decompressor);
ZstdCompressionDict* train_dictionary(PyObject* self, PyObject* args, PyObject* kwargs);