revset: explicitely tag alias arguments for expansion The current revset alias expansion code works like: 1- Get the replacement tree 2- Substitute the variables in the replacement tree 3- Expand the replacement tree It makes it easy to substitute alias arguments because the placeholders are always replaced before the updated replacement tree is expanded again. Unfortunately, to fix other alias expansion issues, we need to reorder the sequence and delay the argument substitution. To solve this, a new "virtual" construct called _aliasarg() is introduced and injected when parsing the aliases definitions. Only _aliasarg() will be substituted in the argument expansion phase instead of all regular matching string. We also check user inputs do not contain unexpected _aliasarg() instances to avoid argument injections.

--- a/tests/test-revset.t	Mon May 21 14:24:24 2012 -0500
+++ b/tests/test-revset.t	Sat May 19 17:18:29 2012 +0200
@@ -558,6 +558,19 @@
   abort: unknown revision '$1'!
   [255]
 
+  $ echo 'injectparamasstring2 = max(_aliasarg("$1"))' >> .hg/hgrc
+  $ echo 'callinjection2($1) = descendants(injectparamasstring2)' >> .hg/hgrc
+  $ try 'callinjection2(2:5)'
+  (func
+    ('symbol', 'callinjection2')
+    (range
+      ('symbol', '2')
+      ('symbol', '5')))
+  hg: parse error: not a function: _aliasarg
+  [255]
+  >>> data = file('.hg/hgrc', 'rb').read()
+  >>> file('.hg/hgrc', 'wb').write(data.replace('_aliasarg', ''))
+
   $ try 'd(2:5)'
   (func
     ('symbol', 'd')