upstream/mercurial-mirror Files · tests/test-symlink-placeholder.t

convert: test for shell injection in git calls (SEC)...

convert: test for shell injection in git calls (SEC) CVE-2016-3069 (5/5) Before recent refactoring we were not escaping calls to git at all which made such injections possible. Let's have a test for that to avoid this problem in the future. Reported by Blake Burkhart.

Matt Mackall - - Load All Authors

File last commit:

r22046:7a9cbb31 default


                r28663:ae279d4a

3.7.3 stable

Download file

             test-symlink-placeholder.t
        
                    79 lines
            
             | 1.9 KiB
            
                | text/troff
            
             |
                Tads3Lexer
            
             / tests / test-symlink-placeholder.t
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      #require symlink

      Create extension that can disable symlink support:

        $ cat > nolink.py <<EOF

        > from mercurial import extensions, util

        > def setflags(orig, f, l, x):

        >     pass

        > def checklink(orig, path):

        >     return False

        > def extsetup(ui):

        >     extensions.wrapfunction(util, 'setflags', setflags)

        >     extensions.wrapfunction(util, 'checklink', checklink)

        > EOF

        $ hg init unix-repo

        $ cd unix-repo

        $ echo foo > a

        $ ln -s a b

        $ hg ci -Am0

        adding a

        adding b

        $ cd ..

      Simulate a checkout shared on NFS/Samba:

        $ hg clone -q unix-repo shared

        $ cd shared

        $ rm b

        $ echo foo > b

        $ hg --config extensions.n=$TESTTMP/nolink.py status --debug

        ignoring suspect symlink placeholder "b"

      Make a clone using placeholders:

        $ hg --config extensions.n=$TESTTMP/nolink.py clone . ../win-repo

        updating to branch default

        2 files updated, 0 files merged, 0 files removed, 0 files unresolved

        $ cd ../win-repo

        $ cat b

        a (no-eol)

        $ hg --config extensions.n=$TESTTMP/nolink.py st --debug

      Empty placeholder:

        $ rm b

        $ touch b

        $ hg --config extensions.n=$TESTTMP/nolink.py st --debug

        ignoring suspect symlink placeholder "b"

      Write binary data to the placeholder:

        >>> open('b', 'w').write('this is a binary\0')

        $ hg --config extensions.n=$TESTTMP/nolink.py st --debug

        ignoring suspect symlink placeholder "b"

      Write a long string to the placeholder:

        >>> open('b', 'w').write('this' * 1000)

        $ hg --config extensions.n=$TESTTMP/nolink.py st --debug

        ignoring suspect symlink placeholder "b"

      Commit shouldn't succeed:

        $ hg --config extensions.n=$TESTTMP/nolink.py ci -m1

        nothing changed

        [1]

      Write a valid string to the placeholder:

        >>> open('b', 'w').write('this')

        $ hg --config extensions.n=$TESTTMP/nolink.py st --debug

        M b

        $ hg --config extensions.n=$TESTTMP/nolink.py ci -m1

        $ hg manifest tip --verbose

        644   a

        644 @ b

        $ cd ..

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				#require symlink

				Create extension that can disable symlink support:

				$ cat > nolink.py <<EOF
				> from mercurial import extensions, util
				> def setflags(orig, f, l, x):
				> pass
				> def checklink(orig, path):
				> return False
				> def extsetup(ui):
				> extensions.wrapfunction(util, 'setflags', setflags)
				> extensions.wrapfunction(util, 'checklink', checklink)
				> EOF

				$ hg init unix-repo
				$ cd unix-repo
				$ echo foo > a
				$ ln -s a b
				$ hg ci -Am0
				adding a
				adding b
				$ cd ..

				Simulate a checkout shared on NFS/Samba:

				$ hg clone -q unix-repo shared
				$ cd shared
				$ rm b
				$ echo foo > b
				$ hg --config extensions.n=$TESTTMP/nolink.py status --debug
				ignoring suspect symlink placeholder "b"

				Make a clone using placeholders:

				$ hg --config extensions.n=$TESTTMP/nolink.py clone . ../win-repo
				updating to branch default
				2 files updated, 0 files merged, 0 files removed, 0 files unresolved
				$ cd ../win-repo
				$ cat b
				a (no-eol)
				$ hg --config extensions.n=$TESTTMP/nolink.py st --debug

				Empty placeholder:

				$ rm b
				$ touch b
				$ hg --config extensions.n=$TESTTMP/nolink.py st --debug
				ignoring suspect symlink placeholder "b"

				Write binary data to the placeholder:

				>>> open('b', 'w').write('this is a binary\0')
				$ hg --config extensions.n=$TESTTMP/nolink.py st --debug
				ignoring suspect symlink placeholder "b"

				Write a long string to the placeholder:

				>>> open('b', 'w').write('this' * 1000)
				$ hg --config extensions.n=$TESTTMP/nolink.py st --debug
				ignoring suspect symlink placeholder "b"

				Commit shouldn't succeed:

				$ hg --config extensions.n=$TESTTMP/nolink.py ci -m1
				nothing changed
				[1]

				Write a valid string to the placeholder:

				>>> open('b', 'w').write('this')
				$ hg --config extensions.n=$TESTTMP/nolink.py st --debug
				M b
				$ hg --config extensions.n=$TESTTMP/nolink.py ci -m1
				$ hg manifest tip --verbose
				644 a
				644 @ b

				$ cd ..