upstream/mercurial-mirror Files · tests/filterpyflakes.py

convert: test for shell injection in git calls (SEC)...

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.

Gregory Szorc - - Load All Authors

File last commit:

r27285:aef5b606 default


                r28663:ae279d4a

3.7.3 stable

Download file

             filterpyflakes.py
        
                    61 lines
            
             | 1.8 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / tests / filterpyflakes.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      #!/usr/bin/env python

      # Filter output by pyflakes to control which warnings we check

      from __future__ import absolute_import

      import re

      import sys

      def makekey(typeandline):

          """

          for sorting lines by: msgtype, path/to/file, lineno, message

          typeandline is a sequence of a message type and the entire message line

          the message line format is path/to/file:line: message

          >>> makekey((3, 'example.py:36: any message'))

          (3, 'example.py', 36, ' any message')

          >>> makekey((7, 'path/to/file.py:68: dummy message'))

          (7, 'path/to/file.py', 68, ' dummy message')

          >>> makekey((2, 'fn:88: m')) > makekey((2, 'fn:9: m'))

          True

          """

          msgtype, line = typeandline

          fname, line, message = line.split(":", 2)

          # line as int for ordering 9 before 88

          return msgtype, fname, int(line), message

      lines = []

      for line in sys.stdin:

          # We whitelist tests (see more messages in pyflakes.messages)

          pats = [

                  (r"imported but unused", None),

                  (r"local variable '.*' is assigned to but never used", None),

                  (r"unable to detect undefined names", None),

                  (r"undefined name '.*'",

                   r"undefined name '(WindowsError|memoryview)'")

                 ]

          for msgtype, (pat, excl) in enumerate(pats):

              if re.search(pat, line) and (not excl or not re.search(excl, line)):

                  break # pattern matches

          else:

              continue # no pattern matched, next line

          fn = line.split(':', 1)[0]

          f = open(fn)

          data = f.read()

          f.close()

          if 'no-' 'check-code' in data:

              continue

          lines.append((msgtype, line))

      for msgtype, line in sorted(lines, key=makekey):

          sys.stdout.write(line)

      print

      # self test of "undefined name" detection for other than 'memoryview'

      if False:

          print undefinedname

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				#!/usr/bin/env python

				# Filter output by pyflakes to control which warnings we check

				from __future__ import absolute_import

				import re
				import sys

				def makekey(typeandline):
				"""
				for sorting lines by: msgtype, path/to/file, lineno, message

				typeandline is a sequence of a message type and the entire message line
				the message line format is path/to/file:line: message

				>>> makekey((3, 'example.py:36: any message'))
				(3, 'example.py', 36, ' any message')
				>>> makekey((7, 'path/to/file.py:68: dummy message'))
				(7, 'path/to/file.py', 68, ' dummy message')
				>>> makekey((2, 'fn:88: m')) > makekey((2, 'fn:9: m'))
				True
				"""

				msgtype, line = typeandline
				fname, line, message = line.split(":", 2)
				# line as int for ordering 9 before 88
				return msgtype, fname, int(line), message


				lines = []
				for line in sys.stdin:
				# We whitelist tests (see more messages in pyflakes.messages)
				pats = [
				(r"imported but unused", None),
				(r"local variable '.*' is assigned to but never used", None),
				(r"unable to detect undefined names", None),
				(r"undefined name '.*'",
				r"undefined name '(WindowsError\|memoryview)'")
				]

				for msgtype, (pat, excl) in enumerate(pats):
				if re.search(pat, line) and (not excl or not re.search(excl, line)):
				break # pattern matches
				else:
				continue # no pattern matched, next line
				fn = line.split(':', 1)[0]
				f = open(fn)
				data = f.read()
				f.close()
				if 'no-' 'check-code' in data:
				continue
				lines.append((msgtype, line))

				for msgtype, line in sorted(lines, key=makekey):
				sys.stdout.write(line)
				print

				# self test of "undefined name" detection for other than 'memoryview'
				if False:
				print undefinedname