Mercurial > hg
comparison tests/test-revlog.t @ 28656:b6ed2505d6cf stable
parsers: fix list sizing rounding error (SEC)
CVE-2016-3630 (1/2)
This addresses part of a vulnerability in application of binary
deltas.
author | Matt Mackall <mpm@selenic.com> |
---|---|
date | Wed, 16 Mar 2016 17:29:29 -0700 |
parents | |
children | f736f98e16ca |
comparison
equal
deleted
inserted
replaced
28632:a2c2dd399f3b | 28656:b6ed2505d6cf |
---|---|
1 Test for CVE-2016-3630 | |
2 | |
3 $ hg init | |
4 | |
5 >>> open("a.i", "w").write( | |
6 ... """eJxjYGZgZIAAYQYGxhgom+k/FMx8YKx9ZUaKSOyqo4cnuKb8mbqHV5cBCVTMWb1Cwqkhe4Gsg9AD | |
7 ... Joa3dYtcYYYBAQ8Qr4OqZAYRICPTSr5WKd/42rV36d+8/VmrNpv7NP1jQAXrQE4BqQUARngwVA==""" | |
8 ... .decode("base64").decode("zlib")) | |
9 | |
10 $ hg debugindex a.i | |
11 rev offset length delta linkrev nodeid p1 p2 | |
12 0 0 19 -1 2 99e0332bd498 000000000000 000000000000 | |
13 1 19 12 0 3 6674f57a23d8 99e0332bd498 000000000000 | |
14 $ hg debugdata a.i 1 2>&1 | grep decoded | |
15 mpatch.mpatchError: patch cannot be decoded |