##// END OF EJS Templates
subrepo: add tests for git rogue ssh urls (SEC)...
subrepo: add tests for git rogue ssh urls (SEC) 'ssh://' has an exploit that will pass the url blindly to the ssh command, allowing a malicious person to have a subrepo with '-oProxyCommand' which could run arbitrary code on a user's machine. In addition, at least on Windows, a pipe '|' is able to execute arbitrary commands. When this happens, let's throw a big abort into the user's face so that they can inspect what's going on.
Sean Farley -
r33731:db83a1df stable
Show More
Name Size Modified Last Commit Author
/ mercurial
cext
cffi
default.d
help
hgweb
httpclient
pure
templates
__init__.py Loading ...
ancestor.py Loading ...
archival.py Loading ...
bdiff.c Loading ...
bdiff.h Loading ...
bitmanipulation.h Loading ...
bookmarks.py Loading ...
branchmap.py Loading ...
bundle2.py Loading ...
bundlerepo.py Loading ...
byterange.py Loading ...
changegroup.py Loading ...
changelog.py Loading ...
chgserver.py Loading ...
cmdutil.py Loading ...
color.py Loading ...
commands.py Loading ...
commandserver.py Loading ...
compat.h Loading ...
config.py Loading ...
configitems.py Loading ...
context.py Loading ...
copies.py Loading ...
crecord.py Loading ...
dagop.py Loading ...
dagparser.py Loading ...
dagutil.py Loading ...
debugcommands.py Loading ...
destutil.py Loading ...
dirstate.py Loading ...
dirstateguard.py Loading ...
discovery.py Loading ...
dispatch.py Loading ...
dummycert.pem Loading ...
encoding.py Loading ...
error.py Loading ...
exchange.py Loading ...
exewrapper.c Loading ...
extensions.py Loading ...
fancyopts.py Loading ...
filelog.py Loading ...
filemerge.py Loading ...
fileset.py Loading ...
formatter.py Loading ...
graphmod.py Loading ...
hbisect.py Loading ...
help.py Loading ...
hg.py Loading ...
hook.py Loading ...
httpconnection.py Loading ...
httppeer.py Loading ...
i18n.py Loading ...
keepalive.py Loading ...
localrepo.py Loading ...
lock.py Loading ...
lsprof.py Loading ...
lsprofcalltree.py Loading ...
mail.py Loading ...
manifest.py Loading ...
match.py Loading ...
mdiff.py Loading ...
merge.py Loading ...
mergeutil.py Loading ...
minirst.py Loading ...
mpatch.c Loading ...
mpatch.h Loading ...
namespaces.py Loading ...
node.py Loading ...
obsolete.py Loading ...
obsutil.py Loading ...
parser.py Loading ...
patch.py Loading ...
pathutil.py Loading ...
peer.py Loading ...
phases.py Loading ...
policy.py Loading ...
posix.py Loading ...
profiling.py Loading ...
progress.py Loading ...
pushkey.py Loading ...
pvec.py Loading ...
pycompat.py Loading ...
rcutil.py Loading ...
registrar.py Loading ...
repair.py Loading ...
repoview.py Loading ...
revlog.py Loading ...
revset.py Loading ...
revsetlang.py Loading ...
scmposix.py Loading ...
scmutil.py Loading ...
scmwindows.py Loading ...
selectors2.py Loading ...
server.py Loading ...
setdiscovery.py Loading ...
similar.py Loading ...
simplemerge.py Loading ...
smartset.py Loading ...
sparse.py Loading ...
sshpeer.py Loading ...
sshserver.py Loading ...
sslutil.py Loading ...
statichttprepo.py Loading ...
statprof.py Loading ...
store.py Loading ...
streamclone.py Loading ...
subrepo.py Loading ...
tagmerge.py Loading ...
tags.py Loading ...
templatefilters.py Loading ...
templatekw.py Loading ...
templater.py Loading ...
transaction.py Loading ...
treediscovery.py Loading ...
txnutil.py Loading ...
ui.py Loading ...
unionrepo.py Loading ...
upgrade.py Loading ...
url.py Loading ...
util.py Loading ...
verify.py Loading ...
vfs.py Loading ...
win32.py Loading ...
windows.py Loading ...
wireproto.py Loading ...
worker.py Loading ...