##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

convert: test for shell injection in git calls (SEC)...
convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
timeless@mozdev.org - - Load All Authors

File last commit:

r17486:73e3e368 default
r28663:ae279d4a 3.7.3 stable
Show More
test-diff-issue2761.t
23 lines | 442 B | text/troff | Tads3Lexer
/ tests / test-diff-issue2761.t
History | Annotation | Raw |Copy content |Copy permalink
Test issue2761
$ hg init
$ touch to-be-deleted
$ hg add
adding to-be-deleted
$ hg ci -m first
$ echo a > to-be-deleted
$ hg ci -m second
$ rm to-be-deleted
$ hg diff -r 0
Same issue, different code path
$ hg up -C
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ touch does-not-exist-in-1
$ hg add
adding does-not-exist-in-1
$ hg ci -m third
$ rm does-not-exist-in-1
$ hg diff -r 1