equal
deleted
inserted
replaced
113 ui.warn(_("warning: removing potentially hostile 'hgrc' " |
113 ui.warn(_("warning: removing potentially hostile 'hgrc' " |
114 "in '%s'\n") % vfs.join(dirname)) |
114 "in '%s'\n") % vfs.join(dirname)) |
115 vfs.unlink(vfs.reljoin(dirname, f)) |
115 vfs.unlink(vfs.reljoin(dirname, f)) |
116 |
116 |
117 def _auditsubrepopath(repo, path): |
117 def _auditsubrepopath(repo, path): |
|
118 # sanity check for potentially unsafe paths such as '~' and '$FOO' |
|
119 if path.startswith('~') or '$' in path or util.expandpath(path) != path: |
|
120 raise error.Abort(_('subrepo path contains illegal component: %s') |
|
121 % path) |
118 # auditor doesn't check if the path itself is a symlink |
122 # auditor doesn't check if the path itself is a symlink |
119 pathutil.pathauditor(repo.root)(path) |
123 pathutil.pathauditor(repo.root)(path) |
120 if repo.wvfs.islink(path): |
124 if repo.wvfs.islink(path): |
121 raise error.Abort(_("subrepo '%s' traverses symbolic link") % path) |
125 raise error.Abort(_("subrepo '%s' traverses symbolic link") % path) |
122 |
126 |