upstream/mercurial-mirror Files · tests/test-diff-binary-file.t

dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...

dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

Alexander Fomin - - Load All Authors

File last commit:

r31822:fde4822b default


                r32050:77eaf953

4.1.3 stable

Download file

             test-diff-binary-file.t
        
                    77 lines
            
             | 2.9 KiB
            
                | text/troff
            
             |
                Tads3Lexer
            
             / tests / test-diff-binary-file.t
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

        $ hg init a

        $ cd a

        $ cp "$TESTDIR/binfile.bin" .

        $ hg add binfile.bin

        $ hg ci -m 'add binfile.bin'

        $ echo >> binfile.bin

        $ hg ci -m 'change binfile.bin'

        $ hg revert -r 0 binfile.bin

        $ hg ci -m 'revert binfile.bin'

        $ hg cp binfile.bin nonbinfile

        $ echo text > nonbinfile

        $ hg ci -m 'make non-binary copy of binary file'

        $ hg diff --nodates -r 0 -r 1

        diff -r 48b371597640 -r acea2ab458c8 binfile.bin

        Binary file binfile.bin has changed

        $ hg diff --nodates -r 0 -r 2

        $ hg diff --git -r 0 -r 1

        diff --git a/binfile.bin b/binfile.bin

        index 37ba3d1c6f17137d9c5f5776fa040caf5fe73ff9..58dc31a9e2f40f74ff3b45903f7d620b8e5b7356

        GIT binary patch

        literal 594

        zc$@)J0<HatP)<h;3K|Lk000e1NJLTq000mG000mO0ssI2kdbIM00009a7bBm000XU

        z000XU0RWnu7ytkO2XskIMF-Uh9TW;VpMjwv0005-Nkl<ZD9@FWPs=e;7{<>W$NUkd

        zX$nnYLt$-$V!?uy+1V%`z&Eh=ah|duER<4|QWhju3gb^nF*8iYobxWG-qqXl=2~5M

        z*IoDB)sG^CfNuoBmqLTVU^<;@nwHP!1wrWd`{(mHo6VNXWtyh{alzqmsH*yYzpvLT

        zLdY<T=ks|woh-`&01!ej#(xbV1f|pI*=%;d-%F*E*X#ZH`4I%6SS+$EJDE&ct=8po

        ziN#{?_j|kD%Cd|oiqds`xm@;oJ-^?NG3Gdqrs?5u*zI;{nogxsx~^|Fn^Y?Gdc6<;

        zfMJ+iF1J`LMx&A2?dEwNW8ClebzPTbIh{@$hS6*`kH@1d%Lo7fA#}N1)oN7`gm$~V

        z+wDx#)OFqMcE{s!JN0-xhG8ItAjVkJwEcb`3WWlJfU2r?;Pd%dmR+q@mSri5q9_W-

        zaR2~ECX?B2w+zELozC0s*6Z~|QG^f{3I#<`?)Q7U-JZ|q5W;9Q8i_=pBuSzunx=U;

        z9C)5jBoYw9^?EHyQl(M}1OlQcCX>lXB*ODN003Z&P17_@)3Pi=i0wb04<W?v-u}7K

        zXmmQA+wDgE!qR9o8jr`%=ab_&uh(l?R=r;Tjiqon91I2-hIu?57~@*4h7h9uORK#=

        gQItJW-{SoTm)8|5##k|m00000NkvXXu0mjf3JwksH2?qr

        $ hg diff --git -r 0 -r 2

        $ hg diff --config diff.nobinary=True --git -r 0 -r 1

        diff --git a/binfile.bin b/binfile.bin

        Binary file binfile.bin has changed

        $ HGPLAIN=1 hg diff --config diff.nobinary=True --git -r 0 -r 1

        diff --git a/binfile.bin b/binfile.bin

        index 37ba3d1c6f17137d9c5f5776fa040caf5fe73ff9..58dc31a9e2f40f74ff3b45903f7d620b8e5b7356

        GIT binary patch

        literal 594

        zc$@)J0<HatP)<h;3K|Lk000e1NJLTq000mG000mO0ssI2kdbIM00009a7bBm000XU

        z000XU0RWnu7ytkO2XskIMF-Uh9TW;VpMjwv0005-Nkl<ZD9@FWPs=e;7{<>W$NUkd

        zX$nnYLt$-$V!?uy+1V%`z&Eh=ah|duER<4|QWhju3gb^nF*8iYobxWG-qqXl=2~5M

        z*IoDB)sG^CfNuoBmqLTVU^<;@nwHP!1wrWd`{(mHo6VNXWtyh{alzqmsH*yYzpvLT

        zLdY<T=ks|woh-`&01!ej#(xbV1f|pI*=%;d-%F*E*X#ZH`4I%6SS+$EJDE&ct=8po

        ziN#{?_j|kD%Cd|oiqds`xm@;oJ-^?NG3Gdqrs?5u*zI;{nogxsx~^|Fn^Y?Gdc6<;

        zfMJ+iF1J`LMx&A2?dEwNW8ClebzPTbIh{@$hS6*`kH@1d%Lo7fA#}N1)oN7`gm$~V

        z+wDx#)OFqMcE{s!JN0-xhG8ItAjVkJwEcb`3WWlJfU2r?;Pd%dmR+q@mSri5q9_W-

        zaR2~ECX?B2w+zELozC0s*6Z~|QG^f{3I#<`?)Q7U-JZ|q5W;9Q8i_=pBuSzunx=U;

        z9C)5jBoYw9^?EHyQl(M}1OlQcCX>lXB*ODN003Z&P17_@)3Pi=i0wb04<W?v-u}7K

        zXmmQA+wDgE!qR9o8jr`%=ab_&uh(l?R=r;Tjiqon91I2-hIu?57~@*4h7h9uORK#=

        gQItJW-{SoTm)8|5##k|m00000NkvXXu0mjf3JwksH2?qr

        $ hg diff --git -r 2 -r 3

        diff --git a/binfile.bin b/nonbinfile

        copy from binfile.bin

        copy to nonbinfile

        index 37ba3d1c6f17137d9c5f5776fa040caf5fe73ff9..8e27be7d6154a1f68ea9160ef0e18691d20560dc

        GIT binary patch

        literal 5

        Mc$_OqttjCF00uV!&;S4c

        $ cd ..

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				$ hg init a
				$ cd a
				$ cp "$TESTDIR/binfile.bin" .
				$ hg add binfile.bin
				$ hg ci -m 'add binfile.bin'

				$ echo >> binfile.bin
				$ hg ci -m 'change binfile.bin'

				$ hg revert -r 0 binfile.bin
				$ hg ci -m 'revert binfile.bin'
				$ hg cp binfile.bin nonbinfile
				$ echo text > nonbinfile
				$ hg ci -m 'make non-binary copy of binary file'

				$ hg diff --nodates -r 0 -r 1
				diff -r 48b371597640 -r acea2ab458c8 binfile.bin
				Binary file binfile.bin has changed

				$ hg diff --nodates -r 0 -r 2

				$ hg diff --git -r 0 -r 1
				diff --git a/binfile.bin b/binfile.bin
				index 37ba3d1c6f17137d9c5f5776fa040caf5fe73ff9..58dc31a9e2f40f74ff3b45903f7d620b8e5b7356
				GIT binary patch
				literal 594
				zc$@)J0<HatP)<h;3K\|Lk000e1NJLTq000mG000mO0ssI2kdbIM00009a7bBm000XU
				z000XU0RWnu7ytkO2XskIMF-Uh9TW;VpMjwv0005-Nkl<ZD9@FWPs=e;7{<>W$NUkd
				zX$nnYLt$-$V!?uy+1V%`z&Eh=ah\|duER<4\|QWhju3gb^nF*8iYobxWG-qqXl=2~5M
				zIoDB)sG^CfNuoBmqLTVU^<;@nwHP!1wrWd`{(mHo6VNXWtyh{alzqmsHyYzpvLT
				zLdY<T=ks\|woh-`&01!ej#(xbV1f\|pI=%;d-%FE*X#ZH`4I%6SS+$EJDE&ct=8po
				ziN#{?_j\|kD%Cd\|oiqds`xm@;oJ-^?NG3Gdqrs?5u*zI;{nogxsx~^\|Fn^Y?Gdc6<;
				zfMJ+iF1J`LMx&A2?dEwNW8ClebzPTbIh{@$hS6*`kH@1d%Lo7fA#}N1)oN7`gm$~V
				z+wDx#)OFqMcE{s!JN0-xhG8ItAjVkJwEcb`3WWlJfU2r?;Pd%dmR+q@mSri5q9_W-
				zaR2~ECX?B2w+zELozC0s*6Z~\|QG^f{3I#<`?)Q7U-JZ\|q5W;9Q8i_=pBuSzunx=U;
				z9C)5jBoYw9^?EHyQl(M}1OlQcCX>lXB*ODN003Z&P17_@)3Pi=i0wb04<W?v-u}7K
				zXmmQA+wDgE!qR9o8jr`%=ab_&uh(l?R=r;Tjiqon91I2-hIu?57~@*4h7h9uORK#=
				gQItJW-{SoTm)8\|5##k\|m00000NkvXXu0mjf3JwksH2?qr


				$ hg diff --git -r 0 -r 2

				$ hg diff --config diff.nobinary=True --git -r 0 -r 1
				diff --git a/binfile.bin b/binfile.bin
				Binary file binfile.bin has changed

				$ HGPLAIN=1 hg diff --config diff.nobinary=True --git -r 0 -r 1
				diff --git a/binfile.bin b/binfile.bin
				index 37ba3d1c6f17137d9c5f5776fa040caf5fe73ff9..58dc31a9e2f40f74ff3b45903f7d620b8e5b7356
				GIT binary patch
				literal 594
				zc$@)J0<HatP)<h;3K\|Lk000e1NJLTq000mG000mO0ssI2kdbIM00009a7bBm000XU
				z000XU0RWnu7ytkO2XskIMF-Uh9TW;VpMjwv0005-Nkl<ZD9@FWPs=e;7{<>W$NUkd
				zX$nnYLt$-$V!?uy+1V%`z&Eh=ah\|duER<4\|QWhju3gb^nF*8iYobxWG-qqXl=2~5M
				zIoDB)sG^CfNuoBmqLTVU^<;@nwHP!1wrWd`{(mHo6VNXWtyh{alzqmsHyYzpvLT
				zLdY<T=ks\|woh-`&01!ej#(xbV1f\|pI=%;d-%FE*X#ZH`4I%6SS+$EJDE&ct=8po
				ziN#{?_j\|kD%Cd\|oiqds`xm@;oJ-^?NG3Gdqrs?5u*zI;{nogxsx~^\|Fn^Y?Gdc6<;
				zfMJ+iF1J`LMx&A2?dEwNW8ClebzPTbIh{@$hS6*`kH@1d%Lo7fA#}N1)oN7`gm$~V
				z+wDx#)OFqMcE{s!JN0-xhG8ItAjVkJwEcb`3WWlJfU2r?;Pd%dmR+q@mSri5q9_W-
				zaR2~ECX?B2w+zELozC0s*6Z~\|QG^f{3I#<`?)Q7U-JZ\|q5W;9Q8i_=pBuSzunx=U;
				z9C)5jBoYw9^?EHyQl(M}1OlQcCX>lXB*ODN003Z&P17_@)3Pi=i0wb04<W?v-u}7K
				zXmmQA+wDgE!qR9o8jr`%=ab_&uh(l?R=r;Tjiqon91I2-hIu?57~@*4h7h9uORK#=
				gQItJW-{SoTm)8\|5##k\|m00000NkvXXu0mjf3JwksH2?qr



				$ hg diff --git -r 2 -r 3
				diff --git a/binfile.bin b/nonbinfile
				copy from binfile.bin
				copy to nonbinfile
				index 37ba3d1c6f17137d9c5f5776fa040caf5fe73ff9..8e27be7d6154a1f68ea9160ef0e18691d20560dc
				GIT binary patch
				literal 5
				Mc$_OqttjCF00uV!&;S4c


				$ cd ..