##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

convert: test for shell injection in git calls (SEC)...
convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.
Matt Mackall - - Load All Authors

File last commit:

r26420:2fc86d92 default
r28663:ae279d4a 3.7.3 stable
Show More
test-issue2137.t
56 lines | 1.5 KiB | text/troff | Tads3Lexer
/ tests / test-issue2137.t
History | Annotation | Raw |Copy content |Copy permalink
https://bz.mercurial-scm.org/2137
Setup:
create a little extension that has 3 side-effects:
1) ensure changelog data is not inlined
2) make revlog to use lazyparser
3) test that repo.lookup() works
1 and 2 are preconditions for the bug; 3 is the bug.
$ cat > commitwrapper.py <<EOF
> from mercurial import extensions, node, revlog
>
> def reposetup(ui, repo):
> class wraprepo(repo.__class__):
> def commit(self, *args, **kwargs):
> result = super(wraprepo, self).commit(*args, **kwargs)
> tip1 = node.short(repo.changelog.tip())
> tip2 = node.short(repo.lookup(tip1))
> assert tip1 == tip2
> ui.write('new tip: %s\n' % tip1)
> return result
> repo.__class__ = wraprepo
>
> def extsetup(ui):
> revlog._maxinline = 8 # split out 00changelog.d early
> revlog._prereadsize = 8 # use revlog.lazyparser
> EOF
$ cat >> $HGRCPATH <<EOF
> [extensions]
> commitwrapper = `pwd`/commitwrapper.py
> EOF
$ hg init repo1
$ cd repo1
$ echo a > a
$ hg commit -A -m'add a with a long commit message to make the changelog a bit bigger'
adding a
new tip: 553596fad57b
Test that new changesets are visible to repo.lookup():
$ echo a >> a
$ hg commit -m'one more commit to demonstrate the bug'
new tip: 799ae3599e0e
$ hg tip
changeset: 1:799ae3599e0e
tag: tip
user: test
date: Thu Jan 01 00:00:00 1970 +0000
summary: one more commit to demonstrate the bug
$ cd ..