Mercurial > hg-stable
changeset 34832:d6009d1488e8
tests: add test demonstrating regression in path audit
D785 regressed behavior in path auditing: files can be deleted if they have a
path that conflicts with a filename from a malicious remote or bundle.
This test demonstrates the problem - the file should not have been deleted.
Differential Revision: https://phab.mercurial-scm.org/D1156
author | Mark Thomas <mbthomas@fb.com> |
---|---|
date | Tue, 17 Oct 2017 08:07:43 -0700 |
parents | 44c4ed4ad032 |
children | 07bbb208a924 |
files | tests/test-audit-path.t |
diffstat | 1 files changed, 5 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/tests/test-audit-path.t Fri Oct 13 23:00:31 2017 +0200 +++ b/tests/test-audit-path.t Tue Oct 17 08:07:43 2017 -0700 @@ -119,9 +119,14 @@ $ hg manifest -r3 ../test + $ mkdir ../test + $ echo data > ../test/file $ hg update -Cr3 abort: path contains illegal component: ../test (glob) [255] + $ cat ../test/file + cat: ../test/file: No such file or directory + [1] attack /tmp/test