subrepo: add tests for hg rogue ssh urls (SEC)
'ssh://' has an exploit that will pass the url blindly to the ssh
command, allowing a malicious person to have a subrepo with
'-oProxyCommand' which could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' is able to execute arbitrary
commands.
When this happens, let's throw a big abort into the user's face so that
they can inspect what's going on.
# Extract version number into 4 parts, some of which may be empty:
#
# version: the numeric part of the most recent tag. Will always look like 1.3.
#
# type: if an rc build, "rc", otherwise empty
#
# distance: the distance from the nearest tag, or empty if built from a tag
#
# node: the node|short hg was built from, or empty if built from a tag
gethgversion() {
make cleanbutpackages
make local || make local PURE=--pure
HG="$PWD/hg"
$HG version > /dev/null || { echo 'abort: hg version failed!'; exit 1 ; }
hgversion=`$HG version | sed -ne 's/.*(version \(.*\))$/\1/p'`
if echo $hgversion | grep + > /dev/null 2>&1 ; then
tmp=`echo $hgversion | cut -d+ -f 2`
hgversion=`echo $hgversion | cut -d+ -f 1`
distance=`echo $tmp | cut -d- -f 1`
node=`echo $tmp | cut -d- -f 2`
else
distance=''
node=''
fi
if echo $hgversion | grep -- '-' > /dev/null 2>&1; then
version=`echo $hgversion | cut -d- -f1`
type=`echo $hgversion | cut -d- -f2`
else
version=$hgversion
type=''
fi
}