upstream/mercurial-mirror Files · contrib/python-zstandard/zstd/common/error_private.c

dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...

dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

Gregory Szorc - - Load All Authors

File last commit:

r30434:2e484bde default


                r32050:77eaf953

4.1.3 stable

Download file

             error_private.c
        
                    43 lines
            
             | 2.3 KiB
            
                | text/x-c
            
             |
                CLexer
            
             / contrib / python-zstandard / zstd / common / error_private.c
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      /**

       * Copyright (c) 2016-present, Yann Collet, Facebook, Inc.

       * All rights reserved.

       *

       * This source code is licensed under the BSD-style license found in the

       * LICENSE file in the root directory of this source tree. An additional grant

       * of patent rights can be found in the PATENTS file in the same directory.

       */

      /* The purpose of this file is to have a single list of error strings embedded in binary */

      #include "error_private.h"

      const char* ERR_getErrorString(ERR_enum code)

      {

          static const char* const notErrorCode = "Unspecified error code";

          switch( code )

          {

          case PREFIX(no_error): return "No error detected";

          case PREFIX(GENERIC):  return "Error (generic)";

          case PREFIX(prefix_unknown): return "Unknown frame descriptor";

          case PREFIX(version_unsupported): return "Version not supported";

          case PREFIX(parameter_unknown): return "Unknown parameter type";

          case PREFIX(frameParameter_unsupported): return "Unsupported frame parameter";

          case PREFIX(frameParameter_unsupportedBy32bits): return "Frame parameter unsupported in 32-bits mode";

          case PREFIX(frameParameter_windowTooLarge): return "Frame requires too much memory for decoding";

          case PREFIX(compressionParameter_unsupported): return "Compression parameter is out of bound";

          case PREFIX(init_missing): return "Context should be init first";

          case PREFIX(memory_allocation): return "Allocation error : not enough memory";

          case PREFIX(stage_wrong): return "Operation not authorized at current processing stage";

          case PREFIX(dstSize_tooSmall): return "Destination buffer is too small";

          case PREFIX(srcSize_wrong): return "Src size incorrect";

          case PREFIX(corruption_detected): return "Corrupted block detected";

          case PREFIX(checksum_wrong): return "Restored data doesn't match checksum";

          case PREFIX(tableLog_tooLarge): return "tableLog requires too much memory : unsupported";

          case PREFIX(maxSymbolValue_tooLarge): return "Unsupported max Symbol Value : too large";

          case PREFIX(maxSymbolValue_tooSmall): return "Specified maxSymbolValue is too small";

          case PREFIX(dictionary_corrupted): return "Dictionary is corrupted";

          case PREFIX(dictionary_wrong): return "Dictionary mismatch";

          case PREFIX(maxCode):

          default: return notErrorCode;

          }

      }

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				/**
				* Copyright (c) 2016-present, Yann Collet, Facebook, Inc.
				* All rights reserved.
				*
				* This source code is licensed under the BSD-style license found in the
				* LICENSE file in the root directory of this source tree. An additional grant
				* of patent rights can be found in the PATENTS file in the same directory.
				*/

				/* The purpose of this file is to have a single list of error strings embedded in binary */

				#include "error_private.h"

				const char* ERR_getErrorString(ERR_enum code)
				{
				static const char* const notErrorCode = "Unspecified error code";
				switch( code )
				{
				case PREFIX(no_error): return "No error detected";
				case PREFIX(GENERIC): return "Error (generic)";
				case PREFIX(prefix_unknown): return "Unknown frame descriptor";
				case PREFIX(version_unsupported): return "Version not supported";
				case PREFIX(parameter_unknown): return "Unknown parameter type";
				case PREFIX(frameParameter_unsupported): return "Unsupported frame parameter";
				case PREFIX(frameParameter_unsupportedBy32bits): return "Frame parameter unsupported in 32-bits mode";
				case PREFIX(frameParameter_windowTooLarge): return "Frame requires too much memory for decoding";
				case PREFIX(compressionParameter_unsupported): return "Compression parameter is out of bound";
				case PREFIX(init_missing): return "Context should be init first";
				case PREFIX(memory_allocation): return "Allocation error : not enough memory";
				case PREFIX(stage_wrong): return "Operation not authorized at current processing stage";
				case PREFIX(dstSize_tooSmall): return "Destination buffer is too small";
				case PREFIX(srcSize_wrong): return "Src size incorrect";
				case PREFIX(corruption_detected): return "Corrupted block detected";
				case PREFIX(checksum_wrong): return "Restored data doesn't match checksum";
				case PREFIX(tableLog_tooLarge): return "tableLog requires too much memory : unsupported";
				case PREFIX(maxSymbolValue_tooLarge): return "Unsupported max Symbol Value : too large";
				case PREFIX(maxSymbolValue_tooSmall): return "Specified maxSymbolValue is too small";
				case PREFIX(dictionary_corrupted): return "Dictionary is corrupted";
				case PREFIX(dictionary_wrong): return "Dictionary mismatch";
				case PREFIX(maxCode):
				default: return notErrorCode;
				}
				}