Mercurial > hg
comparison tests/test-subrepo-git.t @ 29328:60621cecc8c5
merge with stable
| author | Matt Mackall <mpm@selenic.com> |
|---|---|
| date | Thu, 09 Jun 2016 13:47:42 -0500 |
| parents | 3879d02cd1cc 9b4f0ad02f51 |
| children | a145161debed |
comparison
equal
deleted
inserted
replaced
| 29327:baab9ea4426c | 29328:60621cecc8c5 |
|---|---|
| 1133 ? s/snake.python.orig | 1133 ? s/snake.python.orig |
| 1134 | 1134 |
| 1135 test for Git CVE-2016-3068 | 1135 test for Git CVE-2016-3068 |
| 1136 $ hg init malicious-subrepository | 1136 $ hg init malicious-subrepository |
| 1137 $ cd malicious-subrepository | 1137 $ cd malicious-subrepository |
| 1138 $ echo "s = [git]ext::sh -c echo% pwned% >&2" > .hgsub | 1138 $ echo "s = [git]ext::sh -c echo% pwned:% \$PWNED_MSG% >pwned.txt" > .hgsub |
| 1139 $ git init s | 1139 $ git init s |
| 1140 Initialized empty Git repository in $TESTTMP/tc/malicious-subrepository/s/.git/ | 1140 Initialized empty Git repository in $TESTTMP/tc/malicious-subrepository/s/.git/ |
| 1141 $ cd s | 1141 $ cd s |
| 1142 $ git commit --allow-empty -m 'empty' | 1142 $ git commit --allow-empty -m 'empty' |
| 1143 [master (root-commit) 153f934] empty | 1143 [master (root-commit) 153f934] empty |
| 1144 $ cd .. | 1144 $ cd .. |
| 1145 $ hg add .hgsub | 1145 $ hg add .hgsub |
| 1146 $ hg commit -m "add subrepo" | 1146 $ hg commit -m "add subrepo" |
| 1147 $ cd .. | 1147 $ cd .. |
| 1148 $ rm -f pwned.txt | |
| 1148 $ unset GIT_ALLOW_PROTOCOL | 1149 $ unset GIT_ALLOW_PROTOCOL |
| 1149 $ hg clone malicious-subrepository malicious-subrepository-protected | 1150 $ PWNED_MSG="your git is too old or mercurial has regressed" hg clone \ |
| 1151 > malicious-subrepository malicious-subrepository-protected | |
| 1150 Cloning into '$TESTTMP/tc/malicious-subrepository-protected/s'... (glob) | 1152 Cloning into '$TESTTMP/tc/malicious-subrepository-protected/s'... (glob) |
| 1151 fatal: transport 'ext' not allowed | 1153 fatal: transport 'ext' not allowed |
| 1152 updating to branch default | 1154 updating to branch default |
| 1153 cloning subrepo s from ext::sh -c echo% pwned% >&2 | 1155 cloning subrepo s from ext::sh -c echo% pwned:% $PWNED_MSG% >pwned.txt |
| 1154 abort: git clone error 128 in s (in subrepo s) | 1156 abort: git clone error 128 in s (in subrepo s) |
| 1155 [255] | 1157 [255] |
| 1158 $ f -Dq pwned.txt | |
| 1159 pwned.txt: file not found | |
| 1156 | 1160 |
| 1157 whitelisting of ext should be respected (that's the git submodule behaviour) | 1161 whitelisting of ext should be respected (that's the git submodule behaviour) |
| 1158 $ env GIT_ALLOW_PROTOCOL=ext hg clone malicious-subrepository malicious-subrepository-clone-allowed | 1162 $ rm -f pwned.txt |
| 1163 $ env GIT_ALLOW_PROTOCOL=ext PWNED_MSG="you asked for it" hg clone \ | |
| 1164 > malicious-subrepository malicious-subrepository-clone-allowed | |
| 1159 Cloning into '$TESTTMP/tc/malicious-subrepository-clone-allowed/s'... (glob) | 1165 Cloning into '$TESTTMP/tc/malicious-subrepository-clone-allowed/s'... (glob) |
| 1160 pwned | |
| 1161 fatal: Could not read from remote repository. | 1166 fatal: Could not read from remote repository. |
| 1162 | 1167 |
| 1163 Please make sure you have the correct access rights | 1168 Please make sure you have the correct access rights |
| 1164 and the repository exists. | 1169 and the repository exists. |
| 1165 updating to branch default | 1170 updating to branch default |
| 1166 cloning subrepo s from ext::sh -c echo% pwned% >&2 | 1171 cloning subrepo s from ext::sh -c echo% pwned:% $PWNED_MSG% >pwned.txt |
| 1167 abort: git clone error 128 in s (in subrepo s) | 1172 abort: git clone error 128 in s (in subrepo s) |
| 1168 [255] | 1173 [255] |
| 1174 $ f -Dq pwned.txt | |
| 1175 pwned: you asked for it |