Mercurial > hg-stable
changeset 19721:d8ca6d965230
revset: add a whitelist of DoS-safe symbols
'Safe' here means that they can't be used for a DoS attack for any given input.
author | Alexander Plavin <alexander@plav.in> |
---|---|
date | Fri, 06 Sep 2013 13:30:56 +0400 |
parents | f0b992a9be9c |
children | bf15935b68a3 |
files | mercurial/revset.py |
diffstat | 1 files changed, 69 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/revset.py Wed Aug 07 01:21:31 2013 +0400 +++ b/mercurial/revset.py Fri Sep 06 13:30:56 2013 +0400 @@ -1599,6 +1599,75 @@ "_list": _list, } +# symbols which can't be used for a DoS attack for any given input +# (e.g. those which accept regexes as plain strings shouldn't be included) +# functions that just return a lot of changesets (like all) don't count here +safesymbols = set([ + "adds", + "all", + "ancestor", + "ancestors", + "_firstancestors", + "author", + "bisect", + "bisected", + "bookmark", + "branch", + "branchpoint", + "bumped", + "bundle", + "children", + "closed", + "converted", + "date", + "desc", + "descendants", + "_firstdescendants", + "destination", + "divergent", + "draft", + "extinct", + "extra", + "file", + "filelog", + "first", + "follow", + "_followfirst", + "head", + "heads", + "hidden", + "id", + "keyword", + "last", + "limit", + "_matchfiles", + "max", + "merge", + "min", + "modifies", + "obsolete", + "origin", + "outgoing", + "p1", + "p2", + "parents", + "present", + "public", + "remote", + "removes", + "rev", + "reverse", + "roots", + "sort", + "secret", + "matching", + "tag", + "tagged", + "user", + "unstable", + "_list", +]) + methods = { "range": rangeset, "dagrange": dagrange,