Mercurial Mercurial > hg-stable / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-subrepo-git.t
branchstable
changeset 29256 1f8b861ba15c
parent 28939 ce01b4810aef
child 29257 a9764ab80e11
equal deleted inserted replaced
29255:b0b85d8695cb 29256:1f8b861ba15c 
  1133   ? s/snake.python.orig
 
  1133   ? s/snake.python.orig
 
  1134 
  1134 
  1135 test for Git CVE-2016-3068
 
  1135 test for Git CVE-2016-3068
 
  1136   $ hg init malicious-subrepository
 
  1136   $ hg init malicious-subrepository
 
  1137   $ cd malicious-subrepository
 
  1137   $ cd malicious-subrepository
 
  1138   $ echo "s = [git]ext::sh -c echo% pwned% >&2" > .hgsub
 
  1138   $ echo "s = [git]ext::sh -c echo% pwned% >pwned.txt" > .hgsub
 
  1139   $ git init s
 
  1139   $ git init s
 
  1140   Initialized empty Git repository in $TESTTMP/tc/malicious-subrepository/s/.git/
 
  1140   Initialized empty Git repository in $TESTTMP/tc/malicious-subrepository/s/.git/
 
  1141   $ cd s
 
  1141   $ cd s
 
  1142   $ git commit --allow-empty -m 'empty'
 
  1142   $ git commit --allow-empty -m 'empty'
 
  1143   [master (root-commit) 153f934] empty
 
  1143   [master (root-commit) 153f934] empty
 
  1144   $ cd ..
 
  1144   $ cd ..
 
  1145   $ hg add .hgsub
 
  1145   $ hg add .hgsub
 
  1146   $ hg commit -m "add subrepo"
 
  1146   $ hg commit -m "add subrepo"
 
  1147   $ cd ..
 
  1147   $ cd ..
 
       
  1148   $ rm -f pwned.txt
 
  1148   $ env -u GIT_ALLOW_PROTOCOL hg clone malicious-subrepository malicious-subrepository-protected
 
  1149   $ env -u GIT_ALLOW_PROTOCOL hg clone malicious-subrepository malicious-subrepository-protected
 
  1149   Cloning into '$TESTTMP/tc/malicious-subrepository-protected/s'... (glob)
 
  1150   Cloning into '$TESTTMP/tc/malicious-subrepository-protected/s'... (glob)
 
  1150   fatal: transport 'ext' not allowed
 
  1151   fatal: transport 'ext' not allowed
 
  1151   updating to branch default
 
  1152   updating to branch default
 
  1152   cloning subrepo s from ext::sh -c echo% pwned% >&2
 
  1153   cloning subrepo s from ext::sh -c echo% pwned% >pwned.txt
 
  1153   abort: git clone error 128 in s (in subrepo s)
 
  1154   abort: git clone error 128 in s (in subrepo s)
 
  1154   [255]
 
  1155   [255]
 
       
  1156   $ test -f pwned.txt && cat pwned.txt || true
 
  1155 
  1157 
  1156 whitelisting of ext should be respected (that's the git submodule behaviour)
 
  1158 whitelisting of ext should be respected (that's the git submodule behaviour)
 
       
  1159   $ rm -f pwned.txt
 
  1157   $ env GIT_ALLOW_PROTOCOL=ext hg clone malicious-subrepository malicious-subrepository-clone-allowed
 
  1160   $ env GIT_ALLOW_PROTOCOL=ext hg clone malicious-subrepository malicious-subrepository-clone-allowed
 
  1158   Cloning into '$TESTTMP/tc/malicious-subrepository-clone-allowed/s'... (glob)
 
  1161   Cloning into '$TESTTMP/tc/malicious-subrepository-clone-allowed/s'... (glob)
 
  1159   pwned
 
       
  1160   fatal: Could not read from remote repository.
 
  1162   fatal: Could not read from remote repository.
 
  1161   
  1163   
  1162   Please make sure you have the correct access rights
 
  1164   Please make sure you have the correct access rights
 
  1163   and the repository exists.
 
  1165   and the repository exists.
 
  1164   updating to branch default
 
  1166   updating to branch default
 
  1165   cloning subrepo s from ext::sh -c echo% pwned% >&2
 
  1167   cloning subrepo s from ext::sh -c echo% pwned% >pwned.txt
 
  1166   abort: git clone error 128 in s (in subrepo s)
 
  1168   abort: git clone error 128 in s (in subrepo s)
 
  1167   [255]
 
  1169   [255]
 
       
  1170   $ cat pwned.txt
 
       
  1171   pwned
hg-stable