upstream/mercurial-mirror Files · tests/hghave

convert: test for shell injection in git calls (SEC)...

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.

Gregory Szorc - - Load All Authors

File last commit:

r28283:54444499 default


                r28663:ae279d4a

3.7.3 stable

Download file

             hghave
        
                    64 lines
            
             | 1.7 KiB
            
                | text/plain
            
             |
                TextLexer

/ tests / hghave

History | Annotation | Raw |Copy content |Copy permalink

				#!/usr/bin/env python
				"""Test the running system for features availability. Exit with zero
				if all features are there, non-zero otherwise. If a feature name is
				prefixed with "no-", the absence of feature is tested.
				"""
				import optparse
				import os, sys
				import hghave

				checks = hghave.checks

				def list_features():
				for name, feature in sorted(checks.iteritems()):
				desc = feature[1]
				print name + ':', desc

				def test_features():
				failed = 0
				for name, feature in checks.iteritems():
				check, _ = feature
				try:
				check()
				except Exception, e:
				print "feature %s failed: %s" % (name, e)
				failed += 1
				return failed

				parser = optparse.OptionParser("%prog [options] [features]")
				parser.add_option("--test-features", action="store_true",
				help="test available features")
				parser.add_option("--list-features", action="store_true",
				help="list available features")

				def _loadaddon():
				if 'TESTDIR' in os.environ:
				# loading from '.' isn't needed, because `hghave` should be
				# running at TESTTMP in this case
				path = os.environ['TESTDIR']
				else:
				path = '.'

				if not os.path.exists(os.path.join(path, 'hghaveaddon.py')):
				return

				sys.path.insert(0, path)
				try:
				import hghaveaddon
				except BaseException, inst:
				sys.stderr.write('failed to import hghaveaddon.py from %r: %s\n'
				% (path, inst))
				sys.exit(2)
				sys.path.pop(0)

				if __name__ == '__main__':
				options, args = parser.parse_args()
				_loadaddon()
				if options.list_features:
				list_features()
				sys.exit(0)

				if options.test_features:
				sys.exit(test_features())

				hghave.require(args)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages